from:"Gianluca Cecchi"

[CentOS] CentOS Virt SIG and packages' priority problems?

2024-03-14 Thread Gianluca Cecchi

Hello,
some days ago I followed these instructions
https://sigs.centos.org/virt/tdx/host/
and after enabling the repo I installed the tdx necessary bits as
indicated, with the command

dnf install kernel-tdx qemu-kvm-tdx libvirt-tdx

This gave me:

libvirt 9.5.0-1.el9s
qemu-kvm 8.0.0-15.el9s
kernel 5.14.0-395.el9s

But now if I run a usual "dnf update" I'm proposed "standard" libvirt
and qemu-kvm sw stack,
I think because of their version apparently greater (10 vs 9.5 and 8.2 vs 8.0):

Upgrading:
 libvirt   x86_64
  10.0.0-4.el9   appstream
23 k
 libvirt-clientx86_64
  10.0.0-4.el9   appstream
   438 k
 libvirt-client-qemu   x86_64
  10.0.0-4.el9   appstream
47 k
 libvirt-daemonx86_64
  10.0.0-4.el9   appstream
   213 k
 libvirt-daemon-common x86_64
  10.0.0-4.el9   appstream
   139 k
 libvirt-daemon-config-network x86_64
  10.0.0-4.el9   appstream
29 k
 libvirt-daemon-config-nwfilterx86_64
  10.0.0-4.el9   appstream
42 k
 libvirt-daemon-driver-interface   x86_64
  10.0.0-4.el9   appstream
   219 k
 libvirt-daemon-driver-network x86_64
  10.0.0-4.el9   appstream
   260 k
 libvirt-daemon-driver-nodedev x86_64
  10.0.0-4.el9   appstream
   240 k
 libvirt-daemon-driver-nwfilterx86_64
  10.0.0-4.el9   appstream
   255 k
 libvirt-daemon-driver-qemux86_64
  10.0.0-4.el9   appstream
   976 k
 libvirt-daemon-driver-secret  x86_64
  10.0.0-4.el9   appstream
   216 k
 libvirt-daemon-driver-storage x86_64
  10.0.0-4.el9   appstream
23 k
 libvirt-daemon-driver-storage-corex86_64
  10.0.0-4.el9   appstream
   276 k
 libvirt-daemon-driver-storage-diskx86_64
  10.0.0-4.el9   appstream
38 k
 libvirt-daemon-driver-storage-iscsi   x86_64
  10.0.0-4.el9   appstream
35 k
 libvirt-daemon-driver-storage-logical x86_64
  10.0.0-4.el9   appstream
39 k
 libvirt-daemon-driver-storage-mpath   x86_64
  10.0.0-4.el9   appstream
32 k
 libvirt-daemon-driver-storage-rbd x86_64
  10.0.0-4.el9   appstream
43 k
 libvirt-daemon-driver-storage-scsix86_64
  10.0.0-4.el9   appstream
35 k
 libvirt-daemon-lock   x86_64
  10.0.0-4.el9   appstream
64 k
 libvirt-daemon-logx86_64
  10.0.0-4.el9   appstream
69 k
 libvirt-daemon-plugin-lockd   x86_64
  10.0.0-4.el9   appstream
38 k
 libvirt-daemon-proxy  x86_64
  10.0.0-4.el9   appstream
   211 k
 libvirt-libs  x86_64
  10.0.0-4.el9   appstream
   4.9 M
 python3-libvirt   x86_64
  10.0.0-1.el9   appstream
   339 k
 qemu-img  x86_64
  17:8.2.0-6.el9 appstream
   2.5 M
 qemu-kvm  x86_64
  17:8.2.0-6.el9 appstream
68 k
 qemu-kvm-audio-pa x86_64
  17:8.2.0-6.el9 appstream
81 k
 qemu-kvm-block-blkio  x86_64
  17:8.2.0-6.el9 appstream
84 k
 qemu-kvm-block-rbdx86_64
  17:8.2.0-6.el9 appstream
86 k
 qemu-kvm-common   x86_64

Re: [CentOS] no video with Aspeed (ast module) and latest kernel

2024-01-10 Thread Gianluca Cecchi

On Wed, Jan 10, 2024 at 5:15 PM Gianluca Cecchi 
wrote:

> Hello,
> I have a CentOS Stream 9 server.
> It is an Intel D50DNP1SBB one with:
>
> 02:00.0 VGA compatible controller: ASPEED Technology, Inc. ASPEED Graphics
> Family (rev 52) (prog-if 00 [VGA controller])
> DeviceName: ASPEED AST2600
> Subsystem: ASPEED Technology, Inc. ASPEED Graphics Family
> Flags: medium devsel, IRQ 16, NUMA node 0, IOMMU group 42
> Memory at 9400 (32-bit, non-prefetchable) [size=16M]
> Memory at 9500 (32-bit, non-prefetchable) [size=256K]
> I/O ports at 1000 [size=128]
> Capabilities: [40] Power Management version 3
> Capabilities: [50] MSI: Enable- Count=1/4 Maskable- 64bit+
> Kernel driver in use: ast
> Kernel modules: ast
>
> Under kernel 5.14.0-386.el9.x86_64 I'm able to connect via bmc without any
> problem both in text mode (multi-user.target) and graphical
> (graphical.target).
> Both with and without Wayland enabled in /etc/gdm/custom.conf
>
> This morning I updated the system and the kernel is now
> 5.14.0-404.el9.x86_64, and I'm not able to see the console in any of the 3
> configurations above in my bmc kvm remote terminal. Ssh connection to the
> system is ok without problem.
>

solved addin at the end of GRUB_CMDLINE_LINUX line in /etc/default/grub
rdblacklist=ast ast.modeset=0
and then
grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
reboot
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] no video with Aspeed (ast module) and latest kernel

2024-01-10 Thread Gianluca Cecchi

Hello,
I have a CentOS Stream 9 server.
It is an Intel D50DNP1SBB one with:

02:00.0 VGA compatible controller: ASPEED Technology, Inc. ASPEED Graphics
Family (rev 52) (prog-if 00 [VGA controller])
DeviceName: ASPEED AST2600
Subsystem: ASPEED Technology, Inc. ASPEED Graphics Family
Flags: medium devsel, IRQ 16, NUMA node 0, IOMMU group 42
Memory at 9400 (32-bit, non-prefetchable) [size=16M]
Memory at 9500 (32-bit, non-prefetchable) [size=256K]
I/O ports at 1000 [size=128]
Capabilities: [40] Power Management version 3
Capabilities: [50] MSI: Enable- Count=1/4 Maskable- 64bit+
Kernel driver in use: ast
Kernel modules: ast

Under kernel 5.14.0-386.el9.x86_64 I'm able to connect via bmc without any
problem both in text mode (multi-user.target) and graphical
(graphical.target).
Both with and without Wayland enabled in /etc/gdm/custom.conf

This morning I updated the system and the kernel is now
5.14.0-404.el9.x86_64, and I'm not able to see the console in any of the 3
configurations above in my bmc kvm remote terminal. Ssh connection to the
system is ok without problem.
Inside the remote kvm console I see the grub menu, I see the scrolling
kernel boot sequence (I removed rhgb quiet options), but at the end my
remote kvm display square disappears.
How can I debug? Can I disable DRM for the ast kernel module? or start with
vesa in any way?

screenshot with 5.14.0-386.el9.x86_6:
https://drive.google.com/file/d/1VoDYAYLOIrErOGVNXgR8wNypzxyjd7k8/view?usp=sharing

screenshot with 5.14.0-404.el9.x86_64:
https://drive.google.com/file/d/1UClBOXHIjxc4rqiKW0wbMwIYKlrB_kGn/view?usp=sharing

Thanks in advance,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] where is glib-devl x86-64?

2023-03-21 Thread Gianluca Cecchi

On Tue, Mar 21, 2023 at 11:11 PM Fred  wrote:

> that's what I thought at first, but there is no gimp-devel either
> installed, or available.
>
> Fred
>
>
I don't have right now a Rocky Linux 9.x system at hand, but from what I've
seen, you should install the gimp-devel-tools package

 $ rpm -qpi ./gimp-devel-tools-2.99.8-3.el9.x86_64.rpm
warning: ./gimp-devel-tools-2.99.8-3.el9.x86_64.rpm: Header V4 RSA/SHA256
Signature, key ID 350d275d: NOKEY
Name: gimp-devel-tools
Epoch   : 2
Version : 2.99.8
Release : 3.el9
Architecture: x86_64
Install Date: (not installed)
Group   : Unspecified
Size: 26612
License : LGPLv3+
Signature   : RSA/SHA256, Mon 31 Oct 2022 10:56:19 PM CET, Key ID
702d426d350d275d
Source RPM  : gimp-2.99.8-3.el9.src.rpm
Build Date  : Mon 31 Oct 2022 10:34:33 PM CET
Build Host  : pb-9e56c5ea-a265-4012-a7b6-4abde563b600-b-x86-64
Packager: Rocky Linux Build System (Peridot) 
Vendor  : Rocky Enterprise Software Foundation
URL : http://www.gimp.org/
Summary : GIMP plugin and extension development tools
Description :
The gimp-devel-tools package contains gimptool, a helper program to
build GNU Image Manipulation Program (GIMP) plug-ins and extensions.

Have you already installed it? Can you try in case and then re-run the
autogen.sh?

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel updates do not boot - always boots oldest kernel

2023-03-15 Thread Gianluca Cecchi

>
>
> > I have only changed GRUB_DEFAULT from "saved" to "0"
> >
> > I have also run
> >
> > /usr/sbin/grub2-mkconfig -o /boot/efi/EFI/centos/grub.cfg
>
> I may be wrong here but IIRC, using grub2-mkconfig as described in the
> Grub docs didn't work for me when I tried to use it years ago.
>
> I think you have to find out what is done when installing kernels and try
> to find out where it goes wrong in your case. When you look at 'rpm -q
> --scripts kernel' you can see that new kernels are registered with the
> script '/usr/sbin/new-kernel-pkg'. I suggest to analyze what it does
> exactly. I think it calls 'grubby' to do further work...
>
> Regards,
> Simon
>
>
If not already done, you can also go through the official documentation
page for working with Grub 2 on RH EL 7 and the different commands it is
reporting, both for bios and UEFU based systems.:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-working_with_the_grub_2_boot_loader

Eventually trying and managing before with some commands on another UEFI
based system/vm that is more practical to use for you, as the target one is
a remote system, as you wrote
HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to clear out /var/cache?

2021-12-30 Thread Gianluca Cecchi

Il Ven 31 Dic 2021, 03:39 Fred  ha scritto:
[snip]

>
>
> > --On Thursday, December 30, 2021 6:20 PM -0500 Fred <
> fred.fre...@gmail.com>
> >
> > wrote:
> >
> > > Mine has hit over 3 gigs, making it one of the larger directories in /,
> > > which is running low on space. I've hit all the low-hanging fruit I can
> > > find and now I come to things like /var/cache, and I don't know what to
> > do
> > > about such.
> >
>

If you go into /var/cache and run
du -sh *
you should see which subdirectories take more space and so on going through
their subdirectories... to pinpoint the main specific  component
responsible of the space occupation..

With the * in the command above you don't catch elements (files or
directories) beginning with a . but I don't think there are normally this
kind of objects... Just in case you can run a
ll -a
to be sure of that..
Hih,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Troubles expanding file system.

2021-09-02 Thread Gianluca Cecchi

On Thu, Sep 2, 2021 at 7:16 PM Jeff Boyce  wrote:

>
> >
> > 6.  I suspect that I need to rescan the devices on Sequoia so that it
> > recognizes the increased space that has been allocated from the extended
> > the logical volume.  But when I did that (command below) it came back
> > with a no such file or directory.
> >
> > echo 1 > /sys/class/block/vde1/device/rescan
> >
> Not sure that would do anything.
>
> https://lists.centos.org/mailman/listinfo/centos

What are the CentOS versions of your host and guest?
As far as I know, virtio disks have never supported rescan from inside the
guest and so there isn't the corresponding "rescan" special file.
I found this old, but interesting thread:
https://forum.proxmox.com/threads/extend-rescan-virtio-disk-in-guest-vm.7989/

Can you confirm your host libvirt version and your guest kernel are ok with
what is referred?
In case you could try with the qemu monitor command.

See also here for a reference of possible qemu monitor commands:
https://qemu-project.gitlab.io/qemu/interop/qemu-qmp-ref.html

And here for consideration regarding RH EL 6 host:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/virtualization_administration_guide/sub-sect-domain_commands-using_blockresize_to_change_the_size_of_a_domain_path

Also here you find reference of command to issue, but somehow the syntax
changes depending on components' versions:
https://www.humblec.com/is-it-possible-to-do-online-resizing-of-guest-block-devices-or-without-shutdown/

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Microsoft Teams on CentOS 7. Does the latest version work?

2021-07-15 Thread Gianluca Cecchi

On Tue, Jul 13, 2021 at 2:03 PM Toralf Lund  wrote:

> Does anyone else run Microsoft Teams on CentOS 7?
>
> I've used it for a while now, and it's generally worked reasonably well.
> However, after upgrading to the latest version from the Microsoft repos,
> it doesn't start up properly. Processes start and remain active until I
> give up and kill them, but I can't see a window or a tray icon or anything.
>
> Has anyone else seen this? Is there anything I can do to make the GUI
> appear?
>
> This is not a big deal as everything just works fine if I revert to the
> previous release, but it would be interesting to know if this is a
> general problem with the software, or I have some weird issue with my
> system.
>
> The release that doesn't work is 1.4.00.13653. The one that does is
> 1.4.00.7556.
>
> - Toralf
>
>
>
At the end I think you have something broken with your repo config or you
installed forcing something.
The repo should be:

[teams]
name=teams
baseurl=https://packages.microsoft.com/yumrepos/ms-teams
enabled=1
gpgcheck=1
gpgkey=https://packages.microsoft.com/keys/microsoft.asc

On a system with Fedora 34 I run without problems
teams-1.4.00.13653-1.x86_64 using that repo.
Unfortunately the repo itself is distro agnostic in the sense that I see
the flat baseurl=https://packages.microsoft.com/yumrepos/ms-teams inside it
and there is no check about distro
(this I think was the note about "not understanding how to package
software" pointed out by Phil)

If I go to an updated CentOS 7.9 system without teams and put the repo file
I get this, as other detailed before:

yum install teams
. . .
Resolving Dependencies
--> Running transaction check
---> Package teams.x86_64 0:1.4.00.13653-1 will be installed
--> Processing Dependency: libstdc++.so.6(CXXABI_1.3.8)(64bit) for package:
teams-1.4.00.13653-1.x86_64
--> Processing Dependency: libstdc++.so.6(CXXABI_1.3.9)(64bit) for package:
teams-1.4.00.13653-1.x86_64
--> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4.20)(64bit) for
package: teams-1.4.00.13653-1.x86_64
--> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4.21)(64bit) for
package: teams-1.4.00.13653-1.x86_64
--> Processing Dependency: libstdc++.so.6(GLIBCXX_3.4.22)(64bit) for
package: teams-1.4.00.13653-1.x86_64
--> Finished Dependency Resolution
Error: Package: teams-1.4.00.13653-1.x86_64 (teams)
   Requires: libstdc++.so.6(GLIBCXX_3.4.20)(64bit)
Error: Package: teams-1.4.00.13653-1.x86_64 (teams)
   Requires: libstdc++.so.6(CXXABI_1.3.9)(64bit)
Error: Package: teams-1.4.00.13653-1.x86_64 (teams)
   Requires: libstdc++.so.6(GLIBCXX_3.4.21)(64bit)
Error: Package: teams-1.4.00.13653-1.x86_64 (teams)
   Requires: libstdc++.so.6(CXXABI_1.3.8)(64bit)
Error: Package: teams-1.4.00.13653-1.x86_64 (teams)
   Requires: libstdc++.so.6(GLIBCXX_3.4.22)(64bit)
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest

But I can run:
yum install teams-1.4.00.7556-1
. . .
Resolving Dependencies
--> Running transaction check
---> Package teams.x86_64 0:1.4.00.7556-1 will be installed
--> Finished Dependency Resolution

Dependencies Resolved

I don't know if there is a yum option or config parameter to say yum to
choose the best version, without depsolve problems, even if not the latest
available (in this case teams-1.4.00.7556-1) among the ones found inside a
repo
For sure they could have at least created with minimal effort a tree
structure with distro versions and links to corresponding rpm packages, and
then use the distroversion and not flat url inside the repo file.
And inside the directory for el7 the latest package would have been
teams-1.4.00.7556-1, while on CentOS 8 and Fedora I would find also the
teams-1.4.00.13653-1

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Difference between shimx64-centos.efi and shimx64.efi

2021-02-16 Thread Gianluca Cecchi

Hello,
in shim-x64-15-15.el8_2.x86_64.rpm of CentOS 8.3 I see the two files:

./boot/efi/EFI/centos/shimx64-centos.efi
./boot/efi/EFI/centos/shimx64.efi

# ll boot/efi/EFI/centos/shim*
-rwx--. 1 root root 1238416 Aug  1  2020
boot/efi/EFI/centos/shimx64-centos.efi
-rwx--. 1 root root 1244496 Aug  1  2020 boot/efi/EFI/centos/shimx64.efi

What is the difference?
Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Challenging times in trying to access oracle Linux documentation

2021-02-04 Thread Gianluca Cecchi

On Thu, Feb 4, 2021 at 1:04 PM Shamim Shahriar 
wrote:

>
>
> Has anyone experienced that or is it me having the issue? If I have to pay
> subscription, why not continue with RHEL subscription anyway?
>
> Would appreciate if someone could please confirm.

Do you have a link that doesn't work?
It seems I'm able to go here without any login authentication:
https://docs.oracle.com/en/operating-systems/oracle-linux/8/install/

and in general (for 6 and 7 too) here:
https://docs.oracle.com/en/operating-systems/oracle-linux/

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to do virtual IP on NetworkManager

2021-01-18 Thread Gianluca Cecchi

On Mon, Jan 18, 2021 at 6:51 PM Simon Matter  wrote:

>
> Hi Gianluca,
>
> Am I right that what you describe doesn't add an alias device like eth0:1
> but adds the additional IP address to the eth0 device?
>

Yes, in fact after adding it I see this kind of thing (with my ip test
addressing on eth1):

# ip a
. . .
3: eth1:  mtu 1500 qdisc pfifo_fast state
UP group default qlen 1000
link/ether 52:54:00:61:73:d4 brd ff:ff:ff:ff:ff:ff
inet 192.168.124.102/24 brd 192.168.124.255 scope global noprefixroute
eth1
   valid_lft forever preferred_lft forever
inet 192.168.124.152/24 brd 192.168.124.255 scope global secondary
noprefixroute eth1
   valid_lft forever preferred_lft forever

> Apart from that, when running with NetworkManager, can one still add a
> temporary eth0:1 alias (with ifconfig/ip), use it and remove it again, or
> does NM somehow prevent this?
>
> Regards,
> Simon
>
>
>
I think it is not managed by NM. I didn't find anything in its documentation
Probably to have it configured you need to setup the desired
interfaces/connections using
NM_CONTROLLED=no
in its configuration and use the classic network service
Also because the eth0:1 ip aliasing way is deprecated
https://www.kernel.org/doc/html/latest/networking/alias.html
and perhaps NM uses only iproute2...

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to do virtual IP on NetworkManager

2021-01-18 Thread Gianluca Cecchi

On Mon, Jan 18, 2021 at 2:56 PM Jerry Geis  wrote:

> Hi All,
>
> I use virtual IP from time to time on CentOS 7. just take something like
> eth0 and make eth0:1 put in there the IP and subnet and bring up the new IP
> and it works.
>
> How do I do that with NetworkManager on the command line (assuming all
> static IP information)
> I do something like this from nmcli to set the static address:
> nmcli connection modify eth0 ipv4.method manual ipv6.method ignore
> autoconnect yes ipv4.addr 192.168.1.8/24 gw4 192.168.1.1 ipv4.dns 8.8.8.8
>
> How then do I add a virtual IP?
>
> Thanks
>
> Jerry


With nmcli you should use:
nmcli con mod eth0 +ipv4.addresses 192.168.1.X/24

This would modify your existing ifcfg-eth0 adding the lines:

IPADDR1=192.168.1.X
PREFIX1=24

To have the new setting applied and your new ip alias up and running you
can then use

nmcli dev reapply eth0
(supposing the device name bound to the connection is eth0)

You can also manually modify the file adding the two lines above and then
run:
nmcli con reload
nmcli dev reapply eth0

I think you should not lose your connection, but always test on a non
production machine with the same os version... just for safety
HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Stream suitability as a production webserver

2021-01-06 Thread Gianluca Cecchi

On Wed, Jan 6, 2021 at 7:59 PM Stephen John Smoogen 
wrote:

>
> OK it looks like whatever I say is going to be taken to extremes so this
> will be my last email on this.
>
> I am not saying Tomcat is a dead technology. It is a technology which has
> certain use cases and deployments which the people I knew who used it are
> replacing with a different technology/service.
>
> EOF
>
>
>
My considerations were only to balance the phrase "The various places that
I worked previously or have contacts with have killed it off" and to
enforce that Tomcat could still have its place nowadays; no intention to
contrast you personally.
Sorry if they gave this impression.
And in fact you correctly wrote down "I honestly have no idea how much
Tomcat is used anymore." and "That is just an anecdata".

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Stream suitability as a production webserver

2021-01-06 Thread Gianluca Cecchi

On Wed, Jan 6, 2021 at 7:43 PM Stephen John Smoogen 
wrote:

>
> I honestly have no idea how much Tomcat is used anymore. The various places
> that I worked previously or have contacts with have killed it off by moving
> whatever used it to external cloud services versus JBOSS or anything else.
> That is just an anecdata but it is all I have on the subject.
>
>
Red Hat still has one of its offering based on Apache and Tomcat, named
JBoss Web Server:
https://www.redhat.com/en/technologies/jboss-middleware/web-server

and the latest update available (5.4, based on upstream Tomcat 9) in
November 2020, had the bits for RH EL 6, 7 and 8.
See also docs entry page here:
https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.4/

So it is non considered a dead technology, even for business use cases

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Question on nmcli CentOS 8

2020-12-11 Thread Gianluca Cecchi

On Fri, Dec 11, 2020 at 9:20 PM Jerry Geis  wrote:

> I am trying to modify the current eth0 with nmcli
>
> I ran this:
> nmcli con mod eth0 ipv4.addr 192.168.1.15/22 gw4 192.168.1.1 ipv4.dns
> 192.168.1.14
>
> and now nmcli shows (two ipv4) addresses.
>
>inet4 192.168.1.15/22
> inet4 192.168.2.212/22
>
> I think the original connection was DHCP... the 2.212 item listed.
>
> So I want to change the original DHCP to a static network - how do I do
> that?
> I only want the one address not two.
>
> So now I need to "remove" both or all and add the 1 I want as static ? how
> do I do that?
>
> Thanks,
>
> Jerry



Supposing you don't need ipv6 and you are on console not having problems of
loosing connectivity I would do

nmcli con mod eth0 ipv4.method manual ipv6.method ignore autoconnect yes
ipv4.addresses 192.168.1.15/22 gw4 192.168.1.1 ipv4.dns 192.168.1.14
nmcli dev dis eth0
nmcli con up eth0

just tried on a CentOS 8.1 with Network Manager and configured with dhcp.
HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] 8-stream dnf overly verbose

2020-12-11 Thread Gianluca Cecchi

On Fri, Dec 11, 2020 at 5:13 PM Matthew Miller  wrote:

> On Fri, Dec 11, 2020 at 03:53:04PM +, Randal, Phil wrote:
> > Funnily enough mere mortals like me aren't allowed to view that bug
> report.
>
> Are you sure? I am able to see it without logging in.
>
>
> > I've filed a bug: https://bugzilla.redhat.com/show_bug.cgi?id=1906839
> > on CentOS Stream distribution.
>
>
Some minutes ago I was also not able to access the bug. Now I'm able. So
someone has changed the accessibility.
Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] I'm looking forward to the future of CentOS Stream

2020-12-11 Thread Gianluca Cecchi

On Fri, Dec 11, 2020 at 4:33 PM Matthew Miller  wrote:

> On Fri, Dec 11, 2020 at 12:23:59AM -0800, Gordon Messmer wrote:
> > >This is not a production operating system."
> > Does he say that CentOS is a production operating system?
> >
> > As far as I know, Red Hat has never endorsed running CentOS in
> > production, so I don't understand why it's significant that they
> > also don't endorse running CentOS Stream in production.
>
> Yeah, I too think this is important context. I don't think you'll ever find
> anyone from the business side ever even suggesting that they think CentOS
> Linux, the rebuild, was *ever* something Red Hat recommended to run in
> production.
>
>
>
>
In early 2000 I don't think you'll ever find anyone from the business side
ever even suggesting that they think Linux (in general) was *ever*
something vendors recommended to run in production... but here we are now
;-)
And bye bye to AIX, HP-UX, Sun Solaris, Digital Unix, Tru64 Unix (only to
mention the OSes I had been involved in at different levels); and I would
like to notice that each one of those had its strong points anyway and let
me learn much.

Business men joked with me when I asked about considering Linux in some
context and they replied "Eh, Linus? The cartoon guy?"

So what?

Please leave business to business
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is Oracle a real alternative to Centos?

2020-12-10 Thread Gianluca Cecchi

On Thu, Dec 10, 2020 at 5:31 PM Frank Cox  wrote:

>
>
> Ok, thanks!
>
> I think I'll play with it in a Virtual Box installation and see what goes
> on.
>
> It does look interesting.  It's just, you know... Oracle
>
>
>
But also Virtual Box is just, you know... Oracle...  ;-)

Sorry, I couldn't resist

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Current CentOS Stream already the downstream of the upcoming RH EL 8.4?

2020-12-10 Thread Gianluca Cecchi

RH EL 8.3 released at the end of October 2020.
Planned 8.4 would be at the end of April 2021.
Now that CentOS has bridged the gap with 8.3 + updates, can we tell that
what is going into Stream right now will begin to be the upcoming RH EL 8.4
and so that in the next five months we will get a real scenario of what is
planned up to 2024?

Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] https://blog.centos.org/2020/12/future-is-centos-stream/

2020-12-10 Thread Gianluca Cecchi

On Thu, Dec 10, 2020 at 3:29 PM Lamar Owen  wrote:

> On 12/9/20 9:37 PM, Akemi Yagi wrote:
> > On Wed, Dec 9, 2020 at 6:07 PM Lamar Owen  wrote:
> >
> >> So, I want to address this part a bit.  In MANY cases, it's not a
> >> third-party driver that ELrepo packages; it's an in-kernel driver that
> >> Red Hat has decided to disable.  Such as the megaraid_sas driver I need
> >> for my servers.
> > And just to give you some more examples -- ELRepo offers DUD (driver
> > update disk) images for the devices whose support has been dropped in
> > RHEL 8:
> >
> > https://elrepo.org/linux/dud/el8/x86_64/
>
>
> And those DUDs are very much appreciated.  That's how I got the install
> of C8 on those R710s in the first place, after all!
>
>
Me too installing CentOS 8 as hypervisor on Dell M610 with oVirt 4.4.3 (not
possible to use it as ovirt-node-ng due to the missing kernel mode and
impossibility to inject DUD in oVirt NG Node): now upgrading to 8.3 using
kmod-megaraid_sas-07.714.04.00-1.el8_3.elrepo.x86_64
Thanks!

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is Oracle a real alternative to Centos?

2020-12-09 Thread Gianluca Cecchi

On Wed, Dec 9, 2020 at 10:05 AM Karl Vogel  wrote:
[snip]

>
> FWIW, my 6.10 installation had this in /etc/redhat-release:
> Red Hat Enterprise Linux Server release 6.10 (Santiago)
>
>
Only to point out that while in CentOS (8.3, but the same in 7.x) the
situation is like this:

[g.cecchi@skull8 ~]$ ll /etc/redhat-release /etc/centos-release
-rw-r--r-- 1 root root 30 Nov 10 16:49 /etc/centos-release
lrwxrwxrwx 1 root root 14 Nov 10 16:49 /etc/redhat-release -> centos-release
[g.cecchi@skull8 ~]$

[g.cecchi@skull8 ~]$ cat /etc/centos-release
CentOS Linux release 8.3.2011

in Oracle Linux (eg 7.7) you get two different files:

$ ll /etc/redhat-release /etc/oracle-release
-rw-r--r-- 1 root root 32 Aug  8  2019 /etc/oracle-release
-rw-r--r-- 1 root root 52 Aug  8  2019 /etc/redhat-release

$ cat /etc/redhat-release
Red Hat Enterprise Linux Server release 7.7 (Maipo)

$ cat /etc/oracle-release
Oracle Linux Server release 7.7

This is generally done so that sw pieces officially certified only on
upstream enterprise vendor and that test contents of the redhat-release
file are satisfied.
Using the lsb_release command on an Oracle Linux 7.6 machine:

# lsb_release -a
LSB Version: :core-4.1-amd64:core-4.1-noarch
Distributor ID: OracleServer
Description: Oracle Linux Server release 7.6
Release: 7.6
Codename: n/a
#


Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Using anaconda gui without mouse

2020-11-13 Thread Gianluca Cecchi

Hi,
I should use Anaconda gui in CentOS 8.2 graphical way but the idrac doesn't
map the mouse.
What are the shortcuts for using only a keyboard?
In particular it seems I'm blocked in the partitions page
Any time I select one and press enter to configure the right side
details/parameters, I don't find a way then to come back to the left side
and move up/down to select another partition and configure its parameters.

I would like to use it and not text install.

Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] UID/GID CentOS 6 to CentOS 7

2020-10-22 Thread Gianluca Cecchi

On Thu, Oct 22, 2020 at 2:12 PM Thomas Plant  wrote:

> Hi,
>
> we are upgrading some servers from C6 to C7 with a lot of user accounts
> on them (UID>=500).
> CentOS 7 has MIN_UID/MIN_GID 1000, Centos 6 has 500 in login.defs.
>
> Can I change in /etc/login.defs MIN_UID/MIN_GID to 500 for C7? So I
> could just grep the users out from passwd/shadow/group files and append
> them to the Centos7 passwd/shadow/group files.
> Can this do any damage to CentOS7 later on? Thinking about updates
>
> Thanks,
> Thomas

reading official doc here for upstream:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/system_administrators_guide/ch-managing_users_and_groups

"
Important

The default range of IDs for system and normal users has been changed in
Red Hat Enterprise Linux 7 from earlier releases. Previously, UID 1-499 was
used for system users and values above for normal users. The default range
for system users is now 1-999. This change might cause problems when
migrating to Red Hat Enterprise Linux 7 with existing users having UIDs and
GIDs between 500 and 999. The default ranges of UID and GID can be changed
in the /etc/login.defs file.
"

and also here:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/migration_planning_guide/chap-red_hat_enterprise_linux-migration_planning_guide-major_changes_and_migration_considerations#sect-Red_Hat_Enterprise_Linux-Migration_Planning_Guide-System_Management-Changes-to-system-accounts

"
The default ranges of UID and GID can be manually changed in the
/etc/login.defs file.
"
It seems you can safely change the settings in your CentOS 7 system. I
think no new effective system users/groups already occupying the new range
slots...
HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [CentOS-devel] CentOS 7 (2009) in progress

2020-09-30 Thread Gianluca Cecchi

On Tue, Sep 29, 2020 at 4:38 PM Johnny Hughes  wrote:

> OK all .. RHEL 7.9 source code updated today.
>
> I am currently working to start the build of CentOS 7 based on that
> [CentOS 7 (2009) ].
>
>
In practice your message was the first announcement of final RH EL 7.9
being released. Even on customer portal and other Red Hat resource pages it
was not listed... ;-)

Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Off Topic bash question

2020-07-23 Thread Gianluca Cecchi

On Thu, Jul 23, 2020 at 4:25 PM Anand Buddhdev  wrote:

> On 23/07/2020 15:46, Jerry Geis wrote:
>
> Hi Jerry,
>
> See below, inline, for some comments.
>
>
> > while read -r LINE
> > do
> > NODENAME=`   echo $LINE | cut -f 1 -d ','`
>
> NODENAME=$(cut -d, -f1 <<< $LINE)
>
> Notes: use $( instead of backticks. There's no need to quote the comma.
> Write less and write concisely.
>
> > IP=` echo $LINE | cut -f 2 -d ','`
>
> IP=$(cut -d, -f2 <<< $LINE)
>
> > names[index]="$NODENAME"
> > ip[index]="$IP"
>
>
I would add these considerations:
1) -r means to not consider \ character as an escape character so possibly
is not important to use it in your scenario
2) read support multiple variables parsing
3) read word separation (default space) can be modified using IFS (internal
field separator)

So I would change the script this way, together with other considerations

#!/bin/bash
#
IFS=','

index=0
total=0
names=()
ip=()
#while read -r LINE
while read NODENAME IP
do
#NODENAME=$(echo $LINE | cut -f 1 -d ',')
#IP=$(echo $LINE | cut -f 2 -d ',')
names[$((index++))]="$NODENAME"
ip[$((index++))]="$IP"
((total))
done < /tmp/list.txt

to verify you can add something like:

for i in ${names[@]} ${ip[@]}
do
echo $i
done

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache umask

2020-07-15 Thread Gianluca Cecchi

On Wed, Jul 15, 2020 at 2:39 AM Emmett Culley via CentOS 
wrote:

>
> Thanks for the info.  I hadn't seen that before nor many of the links.  I
> had seen the suggested systemd fix, but have never been able got them to
> work. And I've tried many combinations.  Still no luck.
>
> There has to be a way to get this done.
>
> Emmett
>
>
Hi,
what is the original need? Could it be that you can accomplish the desired
effect using ACL on particular directories/files?

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] X11 issue on CentOS 8

2020-07-10 Thread Gianluca Cecchi

On Fri, Jul 10, 2020 at 2:48 AM Jerry Geis  wrote:

> So what I thought was happening is not. Files are being read.
>
> The issue is /var/log/messages shows the 3840x2160 resolution - but when I
> goto the Settings->Display the highest resolution is 1920x1080.
>
>
I think you should find more information inside /var/log/Xorg.0.log.
What does it print about 3840x2160 modes? The same as in messages or
something like "Not using mode"?
BTW: what is the video card you are using and the corresponding driver?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Amd es1000

2020-06-18 Thread Gianluca Cecchi

On Thu, Jun 18, 2020 at 6:50 PM paride desimone  wrote:

> I have installed in graphic mode, but I have not install gui.
> I try to install X afterward, because I have buied the Sander Van Vugt
> book:  "red hat rhcsa 8 ex200". In this book, Sander, write that the exam
> ex200 is in gui mode and not in text.
> Ok I try to reinstall and pass your information to grub. Amd is a
> nightmare for the gpu in linux.
>
>
>
If you were able to install in graphic mode you can also install as before
without any additional kernel command line option but specifying
"Workstation" or "Server with GUI" in the Base Environment pane and try and
see if it automagically configure the Xorg resolution and such in a good /
usable way...

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Amd es1000

2020-06-17 Thread Gianluca Cecchi

On Wed, Jun 17, 2020 at 6:13 PM paride desimone  wrote:

> Uhm, X dont't start :-(
>
>
I overlooked your post... my suggestions was for installation phase, but
you did install apparently.. did you install in graphic mode or by other
text based means (kickstart, pxe, ecc)? Or perhaps you installed xorg
related packages afterward?
Can you post your logs and the related errors?
Do you have gdm login at boot or not at all?

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Amd es1000

2020-06-17 Thread Gianluca Cecchi

On Wed, Jun 17, 2020 at 1:56 PM paride desimone  wrote:

> Hi, i have a proliant dl380 g5, with an amd as1000. I try to install
> centos8 with gui, but when try to start the new installed system, the
> xserver don't start. There is a throuble with the amd es1000 driver. This
> grafic card, seems not supported more from amd.
> I need a minimalistic gui for study for rhcsa certification.
> The gui is mandatory for the exam.
>
> Any help?
>
> Paride
>
>
for a different system, but with low end graphic card too, I had success
going to graphical target during installation modifying the initial kernel
line removing the "quiet" word and adding

inst.xdriver=fbdev inst.resolution=1024x768

PS: 1024x768 is the lowest resolution usable.

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Accounting package recommendations

2020-06-09 Thread Gianluca Cecchi

On Tue, Jun 9, 2020 at 7:22 PM Rudi Ahlers  wrote:

> Hi,
>
> I am looking for an offline accounting package recommendation, please.
> I enjoyed using Xero accounting, but need something that's offline,
> and where the data remains my property. Having used Quickbooks on
> Windows in the past, I am looking for something similar.
>
> Any recommendations?
>
> --
> Kind Regards
> Rudi Ahlers
> Website: http://www.rudiahlers.co.za
>
>
In the past (more than 10 years ago...) I had to work with Sql Ledger and
in its forum/mailing list often Quickbooks was cited.
I enjoyed it because of being GPL, using perl and PostgreSQL as a
background database.
It seems a still developed piece of software. Here the home page:
https://www.sql-ledger.com/
I don't know if it is too much for your needs. It offers also support in
case of need.
One useful page to compare accounting software functionalities offered
could be this one too:
https://en.wikipedia.org/wiki/Comparison_of_accounting_software

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Cloud Image building (like CentOS is doing it)

2020-04-02 Thread Gianluca Cecchi

On Thu, Apr 2, 2020 at 12:20 PM Nicolas Ghirlanda <
nicolas.ghirla...@everyware.ch> wrote:

> Hello,
>
> I was not able to find information about how CentOS is building its
> Cloud Images.
>
>
> I know packer etc are able to do it, but I am interested in how CentOS
> is building its own images as we like to adapt that for our Openstack
> Cloud.
>
>
> thanks for any hints
>

Hi,
not the direct answer to your question, but as you wrote about welcome
hints...

couldn't it be simpler to take one of the images officially provided by the
CentOS project and then use one of:

1) diskimage-builder
https://docs.openstack.org/diskimage-builder/latest/

2) guestfish / guestmount
https://docs.openstack.org/image-guide/modify-images.html

3) virt-customize
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-guest_virtual_machine_disk_access_with_offline_tools-using_virt_customize

Or do you have any particular needs?
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Virt-manager question

2020-03-02 Thread Gianluca Cecchi

On Mon, Mar 2, 2020 at 3:43 PM Jerry Geis  wrote:

> Hi All - I am using virt-manager on CentOS 7.
>
> My definition had a CDROM, my first install did not have the network active
> so it failed.
> I have activated the network. now when I boot - I not longer see the
> CDROM start to install.
>
> How do I get that back ? My OS is still not installed.
>
> Thanks,
>
> Jerry
>
>
I think it would be useful for you to read this chapter of Virtualization
Deployment and Administration Guide for RH EL 7:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/virtualization_deployment_and_administration_guide/sect-managing_guests_with_the_virtual_machine_manager_virt_manager-the_virtual_hardware_details_window


You find there how to attach cd and set it in thre priority chain of boot
device and you can enable asking for boot device when you press ESC key

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Renaming virtio devices names on CentOS 8 VM guest

2020-02-21 Thread Gianluca Cecchi

On Fri, Feb 21, 2020 at 10:57 AM Chris Card  wrote:

> I have built a CentOS 8 base image from a kickstart, for use in OpenStack.
> This image boots fine but the problem I have is that I can't stop udev
> from renaming the network device from eth0 to ens.
> I have /etc/sysconfig/network-scripts/ifcfg-eth0 with the correct HWADDR
> defined in it, and have set net.ifnames=0 and biosdevname=0 in the grub
> configuration, but nothing I have tried has stopped the renaming.
> I found this bug: https://bugzilla.redhat.com/show_bug.cgi?id=1660179
> which describes the same situation, but the comments in the bug didn't help.
> I'd like to keep the eth* device names because we have various heat
> templates and other scripts which assume that the network devices are
> called eth0, eth1 etc.
> Any ideas? Is this even possible with a CentOS 8 VM guest?
>
> Chris
>
>
It is strongly discouraged, for Openstack and when you have more than one
adapter. See here if you have access:
https://access.redhat.com/solutions/2435891

Anyway perhaps you could manage order of names customizing
/usr/lib/systemd/network/99-default.link
At least as described here:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/configuring_and_managing_networking/consistent-network-interface-device-naming_configuring-and-managing-networking
but I never tried it
HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can I configure CentOS 8.1 1911 as an Active Directory Domain Controller like a Windows Server?

2020-01-22 Thread Gianluca Cecchi

On Wed, Jan 22, 2020 at 2:50 PM Turritopsis Dohrnii Teo En Ming <
teo.en.ming.smartph...@gmail.com> wrote:

> Hi,
>
> Thank you for your prompt reply.
>
> The guide which you have shared looks very detailed.
>
> I have also found another guide at samba.org but not very sure whether
> it is good.
>
> Title: Setting up Samba as an Active Directory Domain Controller
>
> Link:
> https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
>
>
>
Take note that on the link I provided there is the statement that it is not
supported (on Red Hat) with the role of AD DC.
I don't know if it is more a limitation for support effort by Red Hat or at
all, also because here you can find a note for Ubuntu where it states it
does support that role on Samba4:
https://www.tecmint.com/install-samba4-active-directory-ubuntu/

So if you are "forced" to use CentOS you can try to inter-mix the
information provided by the two links and see if it works.
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can I configure CentOS 8.1 1911 as an Active Directory Domain Controller like a Windows Server?

2020-01-22 Thread Gianluca Cecchi

On Wed, Jan 22, 2020 at 2:32 PM Turritopsis Dohrnii Teo En Ming <
teo.en.ming.smartph...@gmail.com> wrote:

> Good evening from Singapore,
>
> Can I configure CentOS 8.1 1911 as an Active Directory Domain
> Controller like a Windows Server?
>
> Are there any good guides or tutorials on how to do this?
>
> Thank you very much.
>
>
I would start here:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/deploying_different_types_of_servers/assembly_using-samba-as-a-server_deploying-different-types-of-servers

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [CentOS-announce] Release for CentOS Linux 8 (1911)

2020-01-16 Thread Gianluca Cecchi

On Thu, Jan 16, 2020 at 11:08 PM Peter  wrote:

> On 17/01/20 8:06 am, Lamar Owen wrote:
> > On 1/16/20 6:49 AM, Peter wrote:
> >> On 16/01/20 4:14 am, Brian Stinson wrote:
> >>> Release for CentOS Linux 8 (1911)
> >>>
> >>> We are pleased to announce the general availability of CentOS Linux 8.
> >>
> >> CentOS 8 was released in September 2019.  Don't you mean 8.1?
> > No, they mean CentOS 8 (1911).  This was hashed to death back in early
> > CentOS 7 days, so shouldn't need rehashing again..
>
> No, the hashing ove back then had nothing to do with dropping the minor
> release number.  Doing that now is just making things way too confusing.
>
> Back then the vast majority of the community showed disapproval for even
> that new naming scheme, but the wishes of the community were ignored and
> the new naming scheme went ahead anyways.  I doubt anything different
> will happen now.
>
> > Yeah, I know most people are going to call it 8.1,
>
> That's because it *is* 8.1 and calling it 8 (1911) is just confusing and
> ridiculous.
>
>
> Peter
>

I think that the e-mail subject of the announcement could be a bit
misleading.
Also for 7.x the subject for the latest one, posted by Johnny, was:

"Release for CentOS Linux 7 (1908) on the x86_64  Architecture"

Actually at CentOS 7 time, after some discussions, developers accepted to
have both "numbers" inside release information.

For example on running systems you have

- for 7.x
On 7.6:
# cat /etc/centos-release
CentOS Linux release 7.6.1810 (Core)

# lsb_release -r
Release: 7.6.1810

On 7.7:
# cat /etc/centos-release
CentOS Linux release 7.7.1908 (Core)

# lsb_release -r
Release: 7.7.1908

And this has been maintained in 8.x too:
On 8.0:
# cat /etc/centos-release
CentOS Linux release 8.0.1905 (Core)

# lsb_release -r
Release: 8.0.1905

On the just released 8.1
# cat /etc/centos-release
CentOS Linux release 8.1.1911 (Core)

# lsb_release -r
Release: 8.1.1911

This is acceptable in my opinion from a final user point of view

I'm not sure but possibly the origin of the lng discussion thread was
this one from Karanbir, if interested:
https://lists.centos.org/pipermail/centos-devel/2014-June/010444.html

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Virtualizing on CentOS 8

2019-11-19 Thread Gianluca Cecchi

On Tue, Nov 19, 2019 at 2:23 PM Jerry Geis  wrote:

> So after much looking I found /usr/libexec/qemu-kvm.
> I got everything going except - how do I specify on the command line that I
> want a window console to pop up ?
> I want to see all the boot messages and then get a login prompt in a
> window.
> I'm sure I'm missing something easy.
> I tried the "-vga std" but that did not give me a console window.
>
>
>
The best way I think is:

- start guest in paused mode (the qemu-kvm process is instantiated and
console accessible)
virsh start vm_name --paused

-  attach to guest console (eg spice in my example below; if other guests
running, the port could be 5901, 5902 or another one)
remote-viewer spice://localhost:5900 &

- while keeping an eye to the console window resume the guest
virsh resume vm_name

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] DSA key not accepted on CentOS even after enabling

2019-10-17 Thread Gianluca Cecchi

Il Gio 17 Ott 2019, 18:15 Johnny Hughes  ha scritto:

> PubkeyAcceptedKeyTypes=+ssh-dss
>
> You also need that ^^ in their client if they are running on el8 machine
> as well .. i needed to put it in my ~/.ssh/config when connecting FROM
> an el8 machine to somewhere else.
>

Yes, true. Thanks for noticing, Johnny.
It's not my case in this particular situation, but I have already done it
on my Fedora 30 client in another context.
Gianluca

>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] DSA key not accepted on CentOS even after enabling

2019-10-17 Thread Gianluca Cecchi

Hello,
I have some users that connect to a server with their DSA key that is of
type ssh-dss.
I'm migrating (installing as new) the server where they connect to CentOS 8
+ updates.
I was not able to connect with the keys to this new server even after
having added, as found in several internet pages, this directive at the end
of /etc/ssh/sshd_config of the CentOS 8 server:

# Accept also DSA keys
PubkeyAcceptedKeyTypes=+ssh-dss

and
systemctl restart sshd

I kept getting in journal the message:
userauth_pubkey: key type ssh-dss not in PubkeyAcceptedKeyTypes [preauth]

I saw that the sshd process had started with the option
... -oPubkeyAcceptedKeyTypes=rsa-sha2-256,ecdsa-sha2-nistp256,
ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384,
ecdsa-sha2-nistp384-cert-...@openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521,
ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-ed25519,
ssh-ed25519-cert-...@openssh.com,ssh-rsa,ssh-rsa-cert-...@openssh.com

So I found the unit file for sshd that refers
to /etc/crypto-policies/back-ends/opensshserver.config
In the mean time I was able to reach my target going and editing the
/etc/sysconfig/sshd file adding the whole line obtained from the above and
adding ssh-dss

CRYPTO_POLICY='-oCiphers=aes256-...@openssh.com,
chacha20-poly1...@openssh.com,aes256-ctr,aes256-cbc,aes128-...@openssh.com,aes128-ctr,aes128-cbc
-oMACs=hmac-sha2-256-...@openssh.com,hmac-sha1-...@openssh.com,
umac-128-...@openssh.com,hmac-sha2-512-...@openssh.com
,hmac-sha2-256,hmac-sha1,umac-...@openssh.com,hmac-sha2-512
-oGSSAPIKexAlgorithms=gss-gex-sha1-,gss-group14-sha1- -oKexAlgorithms=
curve25519-sha...@libssh.org,ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
-oHostKeyAlgorithms=rsa-sha2-256,ecdsa-sha2-nistp256,
ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384,
ecdsa-sha2-nistp384-cert-...@openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521,
ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-ed25519,
ssh-ed25519-cert-...@openssh.com,ssh-rsa,ssh-rsa-cert-...@openssh.com
-oPubkeyAcceptedKeyTypes=rsa-sha2-256,ecdsa-sha2-nistp256,
ecdsa-sha2-nistp256-cert-...@openssh.com,ecdsa-sha2-nistp384,
ecdsa-sha2-nistp384-cert-...@openssh.com,rsa-sha2-512,ecdsa-sha2-nistp521,
ecdsa-sha2-nistp521-cert-...@openssh.com,ssh-ed25519,
ssh-ed25519-cert-...@openssh.com,ssh-rsa,ssh-rsa-cert-...@openssh.com
,ssh-dss'

and now it works with pubkey authentication based on DSA keys.
Not going to the querelle of OpenSSH 7 removing DSA keys and DSA vs RSA
(eg. some considerations by some years ago here:
https://security.stackexchange.com/questions/5096/rsa-vs-dsa-for-ssh-authentication-keys
),
any hint on smarter way to add?
I suppose further updates could change content
of  /etc/crypto-policies/back-ends/opensshserver.config that btw is part
of crypto-policies-20181217-6.git9a35207.el8.noarch and
not openssh-server-7.8p1-4.el8.x86_64

HIH others incurring in this problem and thanks in advance for any
insight/hint,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Giving full administrator privileges through sudo on production systems

2019-08-29 Thread Gianluca Cecchi

On Thu, Aug 29, 2019 at 6:05 PM Valeri Galtsev 
wrote:

>
>
> On 2019-08-29 10:53, Jonathan Billings wrote:
> > On Thu, Aug 29, 2019 at 10:25:50AM -0500, Valeri Galtsev wrote:
> >> root@point:/home/valeri # cd
> >> root@point:~ # whoami
> >> root
> >> root@point:~ # rm -rf /
> >> rm: "/" may not be removed
> >>
>

Sometimes the worst commands are those done not intentionally but due to
human error or underestimation: I remember one time on 1994 I executed
deltree  from c:\ on a Win 3.1 system and I had to reinstall the box...
perhaps a subliminal desire to install Linux...
So coming back to the initial question you can give sudo for all and the
user can be in / thinking to be in another directory and run a command like
 sudo find . -type f -exec rm -f {} \;
and the effects would not be nice at all
Or he/she can create a script that executes a change directory and then
remove/manipulate contents inside the destination directory and if he/she
doesn't test the return code of the "cd" command, and then actually the
removal actions will run from the current directory where the user is when
running the script...

Just to give two examples not to give unlimited / uncontrolled power to
anyone..

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ran across this process to upgrade from C6 to C7, will it work???

2019-08-29 Thread Gianluca Cecchi

On Thu, Aug 29, 2019 at 3:13 AM Jay Hart  wrote:

>
> Hence why I posted this. I figured it was either an older upgrade
> procedure that worked prior to
> C7, and that someone figured it would work with C7 the same as it did
> (assuming here) with C6...
>
> Jay
>
>
>
Just to give some history, both coming from Johnny Hughes posts:
- https://lists.centos.org/pipermail/centos/2016-May/159328.html
state in 2016 with git repos (now not available any more) with some
considerations and in particular:
"
These packages were supposed to be community maintained, but no one has
done the work to try to keep this updated.  I can TRY to do this (but
not for a while), but it would be better if someone from the community
would do it.
"

- https://lists.centos.org/pipermail/centos/2018-October/170381.html
state in 2018 as no one (yet?) felt to take the ownership
"
We would be very happy to publish those RPMs if we can get them to be
maintained by the community, and maintained in a consistent manner.
"

Possibly one of the reasons why it didn't take so much appeal was, as I
totally agree, still coming from the first post considerations:
"
I personally would never do an in place upgrade on a production machine.
 Call it a personal bias.
"
Lastly, as you can see from reading official documentation, upstream
limitations are very strong about set of packages that are supported to be
upgraded in place.
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/migration_planning_guide/chap-red_hat_enterprise_linux-migration_planning_guide-upgrading#migration-prepare_your_system_for_upgrade
"
Ensure only supported package groups are installed
...
"

and probably on your system you have many other packages / package groups
and the natural question would be what to do with them during the upgrade
in place process...

HIH feeding information,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 5 file system read only issue

2019-08-21 Thread Gianluca Cecchi

On Wed, Aug 21, 2019 at 3:35 PM Xinhuan Zheng 
wrote:

> Hello Everyone,
>
> We are using CentOS 5 system for certain application. Those are VM guests
> running in VMware. There is datastore issue occasionally, causing all file
> systems becoming read only file systems.
> - Xinhuan Zheng
>

Orthogonal consideration:
I don't know the version of vSphere you are using and if you are using or
not VMware Tools inside your guests.
But installing VMware tools in vSphere 4 or higher has the effect to change
disk timeout for the guest to 180 seconds, from its default of 30 seconds
(that I think is the same for RH EL/ CentOS 5,6,7)
This may or may not help you in case of short time storage problems.

Eg on a 6.5 infrastructure with an old legacy CentOS 5.9 VM I have
VMware Tools: Running, version:8305 (Unsupported older version)
and inside guest

# service vmware-tools status
vmtoolsd is running
#

# find /sys/class/scsi_generic/*/device/timeout -exec grep -H . '{}' \;
/sys/class/scsi_generic/sg0/device/timeout:180
/sys/class/scsi_generic/sg1/device/timeout:180
#

See also:
this if you have access to Red Hat Customer Portal (disk scsi timeout and
how to set it in  RH EL 5):
https://access.redhat.com/solutions/301963

Similar considerations for RH EL 6 and 7:
https://access.redhat.com/solutions/2470541

This publicly accessible for RHEL 5
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Online_Storage_Reconfiguration_Guide/task_controlling-scsi-command-timer-onlining-devices.html

this related to vSphere:
https://kb.vmware.com/s/article/1009465

this for APD (All Paths Down) timeout that defaults to 140 seconds for
block storage
https://kb.vmware.com/s/article/2032934

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] HERE document in docker script file

2019-04-30 Thread Gianluca Cecchi

On Tue, Apr 30, 2019 at 4:44 AM H  wrote:

> I am trying to use a HERE document in a docker script file to generate a
> text file but must be doing something wrong since I get a warning message
> that I did not expect:
>
> EOF: line 6: warning: here-document at line 0 delimited by end-of-file
> (wanted `EOF')
>
> This is the sample script I am testing in my docker file:
>
> RUN bash -c "$(/bin/echo -e "cat << 'EOF' | tee -a /test.txt \
> \n \
> \n  someting here \
> \n  something else here \
> \n")" \
> EOF
>
> Can anyone see what is wrong in the above statement?
>
> Thanks.
>
>
>
The second EOF should be before  the part ")" \ and not after, because it
has to represent the closure of the first one above

So it should be something like this (I have put /tmp/test.txt as I tested
as non root user that cannot write into /)

bash -c "$(/bin/echo -e "cat < \
\n something here \
\n
EOF
")"

I also removed the single apex from the first 'EOF'.

I get:

[g.cecchi@ope46 ~]$ ll /tmp/test.txt
ls: cannot access '/tmp/test.txt': No such file or directory

[g.cecchi@ope46 ~]$ bash -c "$(/bin/echo -e "cat < \n \
> \n something here \
> \n
> EOF
> ")"

 something here


[g.cecchi@ope46 ~]$ cat /tmp/test.txt

 something here

[g.cecchi@ope46 ~]$


HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to install Xorg X11 libXss runtime library

2019-04-16 Thread Gianluca Cecchi

On Tue, Apr 16, 2019 at 11:02 AM qw  wrote:

> Hi,
>
>
> I try to install vtune on centos7, which shows the following message:
>
>
> Xorg X11 libXss runtime library is not found. 'Graphical user interface'
> component of VTune Amplifier cannot be installed.
> The install program cannot detect the Xorg X11 libXss runtime library
> required by the graphical user interface of the product. Contact your
> system administrator to install the library or install the product on a
> compliant system. Otherwise, go back and unselect 'Graphical user
> interface' component.
>
>
> How to install Xorg X11 libXss runtime library?
>
>
> Thanks!
>
>
> yum install libXScrnSaver
is your friend and provides that library
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kickstart putting /boot on sda2 (anaconda partition enumeration)?

2019-04-04 Thread Gianluca Cecchi

On Wed, Apr 3, 2019 at 9:02 PM Bryce Evans  wrote:

> Does anyone know how anaconda partitioning enumerates disk partitions when
> specified in kickstart? I quickly browsed through the anaconda installer
> source on github but didn't see the relevant bits.
>
> I'm using the centOS 6.10 anaconda installer.
>
> Somehow I am ending up with my swap partition on sda1, /boot on sda2, and
> root on sda3. for $REASONS I want /boot to be the partition #1 (sda1)
>
> My kickstart storage config looks like this:
>
> bootloader --location=mbr --driveorder=sda,sdb
> zerombr
> ignoredisk --only-use=sda,sdb
> clearpart --all --drives=sda,sdb
> part raid.boot0 --size 1000 --ondrive=sda
> part raid.swap0 --size 8192 --ondrive=sda
> part raid.root0 --size 8000 --grow --ondrive=sda
> part raid.boot1 --size 1000 --ondrive=sdb
> part raid.swap1 --size 8192 --ondrive=sdb
> part raid.root1 --size 8000 --grow --ondrive=sdb
> raid /boot --fstype ext4 --device md0 --level=RAID1 raid.boot1 raid.boot0
> raid swap --fstype swap --device md1 --level=RAID1 raid.swap1 raid.swap0
> raid / --fstype ext4 --device md2 --level=RAID1 raid.root1 raid.root0
>



> I cannot specify the 'onpart=sda1' option because I use 'clearpart' in the
> script, and according to the docs:
> "If the clearpart command is used, then the --onpart command cannot be used
> on a logical partition."
>
> The partition table on disk ends up looking as such:
> bash-4.1# parted /dev/sda
> GNU Parted 2.1
> Using /dev/sda
> Welcome to GNU Parted! Type 'help' to view a list of commands.
> (parted) p
> Model: HP LOGICAL VOLUME (scsi)
> Disk /dev/sda: 480GB
> Sector size (logical/physical): 512B/512B
> Partition Table: msdos
>
> Number  Start   End SizeType File system  Flags
>  1  1049kB  8591MB  8590MB  primary   raid
>  2  8591MB  9640MB  1049MB  primary  ext4 boot, raid
>  3  9640MB  480GB   470GB   primary   raid
>
>
You write about "--onpart" not feasible due to logical partiitons, but it
seems you end up with 3 primary partitions?
Anyway, you could try something like this that I use (not with raid but it
could work) and in your case would be

part raid.boot0 --size 1000 --asprimary --ondisk sda
part raid.swap0 --size 8192 --asprimary --ondisk sda

(--ondisk and --ondrive should be equivalent... also in CentOS 7)
In my case both in CentOS 5 and 6 it always created the first specified on
sda1 and the second one on sda2

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to specify kernel version when restart kdump

2019-03-28 Thread Gianluca Cecchi

On Thu, Mar 28, 2019 at 9:24 AM Gianluca Cecchi 
wrote:

>
>
> 1) In CentOS 6 we have the classical SysV service
> file: /etc/rc.d/init.d/kdump
>
> Supposing you have just installed 2.6.32-642.13.1.el6.x86_64 kernel
>
> [snip]

>
> and at the end it runs this command if it doesn't find one:
> $MKDUMPRD $kdump_initrd $kdump_kver
>
> that tipically will translate in:
>
> /sbin/mkdumprd -d -f "/boot/initrd-2.6.32-642.13.1.el6.x86_64kdump.img"
>
>
The command line fo CentOS 6 clearly misses the kernel version to build
initrd file for, so the correct command should be:

/sbin/mkdumprd -d -f
"/boot/initrd-2.6.32-642.13.1.el6.x86_64kdump.img"  2.6.32-642.13.1.el6.x86_64

On a test system of mine with version 6.8:
# /sbin/mkdumprd -d -f "/boot/initrd-2.6.32-642.13.1.el6.x86_64kdump.img"
2.6.32-642.13.1.el6.x86_64
Warning: There might not be enough space to save a vmcore.
 The size of UUID=359ce627-f3b1-49a3-a9b9-f607435a40d9 should be
greater than 132250104 kilo bytes.
#

# ll /boot/initrd-2.6.32-642.13.1.el6.x86_64kdump.img
-rw--- 1 root root 7515358 Mar 28 09:52
/boot/initrd-2.6.32-642.13.1.el6.x86_64kdump.img
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to specify kernel version when restart kdump

2019-03-28 Thread Gianluca Cecchi

On Thu, Mar 28, 2019 at 6:55 AM wuzhouhui 
wrote:

> > -Original Messages-
> > From: "Benjamin Hauger" 
> > Sent Time: 2019-03-28 01:31:40 (Thursday)
> > To: wuzhouhui , centos@centos.org
> > Cc:
> > Subject: Re: [CentOS] How to specify kernel version when restart kdump
> >
> > What do you mean? Wouldn't the kernel version always be the actual
> > running version of the kernel that was booted?
> >
> Suppose the running kernel is 2.6.32, and then I installed kernel 3.10.0.
> The files under /boot includes (exclude some unimportant files):
>   initramfs-2.6.32.img
>   initramfs-3.10.0.img
>   vmlinuz-2.6.32
>   vmlinuz-3.10.0
>   initrd-2.6.32kdump.img
> We can see that there is no initrd-3.10.0kdump.img for newly installed
> kernel 3.10.0, and kdump will generate initrd-3.10.0kdump.img only when
> booted as kernel 3.10.0. However, I want kdump to generate
> initrd-3.10.0kdump.img
> now (the current running kernel is 2.6.32).
>
>
Your particolar versions seem quite strange because 2.6.32 lets me think
about CentOS 6 and 3.10.0 lets me think about CentOS 7.
Any way see below for some discussion, not tried by me, so in case please
use on test system before.

1) In CentOS 6 we have the classical SysV service
file: /etc/rc.d/init.d/kdump

Supposing you have just installed 2.6.32-642.13.1.el6.x86_64 kernel

Analyzing what it runs we have

DUMP_KERNELVER=""
MKDUMPRD_ARGS=""

. /etc/sysconfig/kdump
In my case:
KDUMP_BOOTDIR="/boot"

local running_kernel=`uname -r`
kdump_kver=`echo $running_kernel | sed 's/smp//g'`
MKDUMPRD="/sbin/mkdumprd -d -f $MKDUMPRD_ARGS"

kdump_initrd="${KDUMP_BOOTDIR}/initrd-${kdump_kver}kdump.img"

and at the end it runs this command if it doesn't find one:
$MKDUMPRD $kdump_initrd $kdump_kver

that tipically will translate in:

/sbin/mkdumprd -d -f "/boot/initrd-2.6.32-642.13.1.el6.x86_64kdump.img"


2) In CentOS 7 we have systemd unit files and for
kdump: /usr/lib/systemd/system/kdump.service

Supposing you have just installed 3.10.0-693.21.1.el7.x86_64

The script called actually it is /usr/bin/kdumpctl

See also fadump (firmware assisted dump) concepts in RHEL 7 / CentOS 7:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/7/html/kernel_administration_guide/kernel_crash_dump_guide

But I think you are x86_64 so kdump sttill applies
In kdumpctl we have something like this:

MKDUMPRD="/sbin/mkdumprd -f"
TARGET_INITRD=""

. /lib/kdump/kdump-lib.sh

. /etc/sysconfig/kdump

eval $(cat /proc/cmdline| grep "BOOT_IMAGE" | cut -d' ' -f1)
KDUMP_BOOTDIR="/boot"$(dirname $BOOT_IMAGE)

kdump_kver=`uname -r`
TARGET_INITRD="${KDUMP_BOOTDIR}/initramfs-${kdump_kver}kdump.img"

rebuild_kdump_initrd()
{
$MKDUMPRD $TARGET_INITRD $kdump_kver
if [ $? != 0 ]; then
echo "mkdumprd: failed to make kdump initrd" >&2
return 1
fi

return 0
}

So at the end the command will be:

$MKDUMPRD $TARGET_INITRD $kdump_kver

that in general should be something like this if you want to compile for
kernel 3.10.0-693.21.1.el7.x86_64 :

/sbin/mkdumprd -f /boot/initramfs-3.10.0-693.21.1.el7.x86_64kdump.img
3.10.0-693.21.1.el7.x86_64

HIH trying,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] perl-Net-SCP on Centos 7

2019-03-04 Thread Gianluca Cecchi

On Mon, Mar 4, 2019 at 11:29 AM Gianluca Cecchi 
wrote:

>
>
> On Mon, Mar 4, 2019 at 11:28 AM Gianluca Cecchi 
> wrote:
>
>> An older thread on CentOS pointed to this resource:
>> http://dries.eu/rpms/perl-Net-SCP-Expect/perl-Net-SCP-Expect
>>
>> HIH,
>> Gianluca
>>
>>>
>>>
> Sorry I missed the "Expect" in the rpm name
>
>
Pressed return too earlier...
But in the same repo there is:
http://dries.eu/rpms/perl-Net-SCP/perl-Net-SCP

that seems the same version I have in my Fedora 29
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] perl-Net-SCP on Centos 7

2019-03-04 Thread Gianluca Cecchi

On Mon, Mar 4, 2019 at 11:28 AM Gianluca Cecchi 
wrote:

> An older thread on CentOS pointed to this resource:
> http://dries.eu/rpms/perl-Net-SCP-Expect/perl-Net-SCP-Expect
>
> HIH,
> Gianluca
>
>>
>>
Sorry I missed the "Expect" in the rpm name
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] perl-Net-SCP on Centos 7

2019-03-04 Thread Gianluca Cecchi

An older thread on CentOS pointed to this resource:
http://dries.eu/rpms/perl-Net-SCP-Expect/perl-Net-SCP-Expect

HIH,
Gianluca

On Mon, Mar 4, 2019 at 11:03 AM Gary Stainburn <
gary.stainb...@ringways.co.uk> wrote:

> Hi All,
>
> My new server is now built and I'm rebuilding the various services.
> Falling
> at the first hurdle, my xinetd.conf service requrires perl-Net-SCP which
> doesn't appear to be available on C7.
>
> I could install CPAN and install it that way, but obviously I'd rather try
> to
> keep to RPM's if I can.  I've tried Google, but not really come up with a
> solution I'm happy with.
>
> Does anyone have any suggestions?  I've found a Fedora 29 RPM on RPMfind.
> Would that be close enough?
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Setting GDM resolution without knowing the monitor specs

2019-03-01 Thread Gianluca Cecchi

Il Ven 1 Mar 2019, 17:28 Warren Young  ha scritto:

> On Feb 21, 2019, at 4:42 PM, Gianluca Cecchi 
> wrote:
> >
> > Create a file 00-monitor.conf under /etc/x11/xorg.conf.d
> >
> > Something like this below, using conservative range values for horiz and
> > vert syncs
>
> This works fine here on our test monitors, with the exception that the
> first ‘x’ needs to be capitalized.
>
> Thanks again!
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos


Great!
Yes it was a typo.
Well done,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Setting GDM resolution without knowing the monitor specs

2019-02-21 Thread Gianluca Cecchi

On Thu, Feb 21, 2019 at 8:00 PM Warren Young  wrote:

> We had a complaint recently from a customer that received a server we
> shipped out that their monitor just showed a black screen.  It turns out
> that they’d hooked it up to an ancient POS with 800x600 as its best
> resolution, and gdm in CentOS 7 apparently assumes at least 1024x768.  It
> was apparently a major hassle for them to hunt down a reasonable monitor
> for us.
>
>
Hi, I would try the old days way at a lower level..

Create a file 00-monitor.conf under /etc/x11/xorg.conf.d

Something like this below, using conservative range values for horiz and
vert syncs

[root@desktop xorg.conf.d]# cat 00-monitor.conf
Section "Device"
Identifier"Default Video Device"
EndSection

Section "Monitor"
Identifier"Default Monitor"
HorizSync   30.0-62.0
VertRefresh 50.0-70.0
EndSection

Section "Screen"
Identifier"Default Screen"
Monitor"Default Monitor"
Device"Default Video Device"
DefaultDepth24
SubSection "Display"
Depth24
Modes "800x600"
EndSubSection
EndSection
[root@desktop xorg.conf.d]#

This way it should be forced to use 800x600 resolution, also because of
conservative values the vesa settings for higher resolutions should be out
of range.
I tried with a CentOS 7 VM in oVirt where by default it gets 1024x768 and
after these settings and reboot, both gdm and graphical sessions got 800x600

In Xorg.0.log I get

[15.554] (==) Using config directory: "/etc/X11/xorg.conf.d"
[15.554] (==) Using system config directory "/usr/share/X11/xorg.conf.d"
[15.558] (==) No Layout section.  Using the first Screen section.
[15.558] (**) |-->Screen "Default Screen" (0)
[15.558] (**) |   |-->Monitor "Default Monitor"
[15.559] (**) |   |-->Device "Default Video Device"
[15.559] (==) Automatically adding devices
[15.559] (==) Automatically enabling devices
[15.559] (==) Automatically adding GPU devices
. . .
[15.659] (II) qxl(0): Not using mode "1920x1200" (hsync out of range)
[15.659] (II) qxl(0): Not using mode "1920x1080" (hsync out of range)
[15.659] (II) qxl(0): Not using mode "1600x1200" (hsync out of range)
[15.659] (II) qxl(0): Not using mode "1680x1050" (hsync out of range)
[15.659] (II) qxl(0): Not using mode "1400x1050" (hsync out of range)
[15.659] (II) qxl(0): Not using mode "1280x1024" (hsync out of range)
[15.659] (II) qxl(0): Not using mode "640x480" (hsync out of range)
[15.659] (II) qxl(0): Printing probed modes for output Virtual-0
[15.659] (II) qxl(0): Modeline "800x600"x59.9   38.25  800 832 912
1024  600 603 607 624 -hsync +vsync (37.4 kHz UP)
[15.659] (II) qxl(0): Modeline "1024x768"x59.9   63.50  1024 1072 1176
1328  768 771 775 798 -hsync +vsync (47.8 kHz P)
. . .
[15.659] (--) Depth 24 pixmap format is 32 bpp
[15.662] (II) UXA(0): Driver registered support for the following
operations:
[15.662] (II) solid
[15.662] (II) copy
[15.662] (II) composite (RENDER acceleration)
[15.662] (II) put_image
[15.663] (II) qxl(0): RandR 1.2 enabled, ignore the following RandR
disabled message.
[15.664] resizing primary to 1024x768


HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] question about upgrade qemu and libvirtd

2019-02-15 Thread Gianluca Cecchi

On Fri, Feb 15, 2019 at 1:54 AM Jonathan Billings 
wrote:

> On Feb 14, 2019, at 18:23, rong zhao  wrote:
> >
> > Hi Team,
> >   I am not sure if I should put my question here, I have googled long
> > time, no explicit information found.
> >
> >   Background:
> >  We need to support KVM encryption and decided to use LUKS.
> >
> >  Refer to:https://libvirt.org/formatsecret.html#VolumeUsageType
> >
> >  libvirtd and KVM should be able to support LUKS format disk
> directly.
> >
> >  Unfortunately, seems that we need to use libvirt2.2+ and qemu
> > 2.6+, because our current qemu-kvm version does not support luks
> > format:
> >
> >  And our hypervisor's OS is CentOS 7.2 with libvirt 2.0 and qemu-kvm
> 1.5.3
> >
> >Question:
> >   Is there any safe way to upgrade to libvirt 2.2 and qemu 2.6?
> >   Safe way means: do not need to reboot hyper or VM, do not
> > impact VM types support .
> >
> > Any suggestion is welcome.
>
> The libvirt package was update to v2.0 in 7.3.  In the (only supported)
> latest release, it’s v4.5.0. Qemu remains at version 1.5.3.
>
> Nonetheless, you won’t be able to upgrade to newer versions without
> shutting down or migrating the VMs.
>
> —
> Jonathan Billings 
>
>
>
Apart from what already remarked by Jonathan about libvirt being 4.5.0 in
latest upstream CentOS 7.6, released at beginning of December 2018, you can
update to it and then attach to Virtualization SIG and get qemu-kvm-ev, as
shipped for example in RHV/oVirt. It should obsolete qemu-kvm if already
installed. Try on a test system.
Steps to do:

yum-config-manager --enable extras

Now with the command
yum list centos-release-\*

you will see something like:
. . .
centos-release-qemu-ev.noarch   1.0-4.el7.centos
extras
. . .
centos-release-virt-common.noarch   1-1.el7.centos
extras
. . .

and you can execute
yum install centos-release-qemu-ev
(that will bring in also centos-release-virt-common)
Then

yum install qemu-kvm-ev

and it will bring in qemu-kvm-ev in version 2.12.0-18.el7_6.3.1

More info on CentOS SIGs in general and Virtualization one in particular:
https://wiki.centos.org/SpecialInterestGroup
https://wiki.centos.org/SpecialInterestGroup/Virtualization

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to activate the network after an installation

2019-01-21 Thread Gianluca Cecchi

On Mon, Jan 21, 2019 at 11:40 AM Ralf Prengel 
wrote:

>
> Hallo,
>
> I can t find the switch to activate the network after an installation
> without gui.
> service network start doesn t work and I don t find any other commands.
>
> Thanks for a hint.
>
> Ralf
>
>
>
Possibly during install you set the network connection but you didn't check
the auto start check box, that is in the first label at the left of the
network configuration page for that interface.
If this is the case, if you are connected from console, and you defaulted
to use NetworkManager (you can verify with "systemctl status
NetworkManager"), these would be the commands:

You have devices and connections, that are different things; in my case an
automatic install has created a device named ens192 and also a connection
with the same name.

- device information
[root@c7 ~]# nmcli dev status
DEVICE  TYPE  STATE  CONNECTION
virbr0  bridgeconnected  virbr0
ens192  ethernet  connected  ens192
lo  loopback  unmanaged  --
virbr0-nic  tun   unmanaged  --
[root@c7 ~]#

Last column gives connection name; one device could have many connections
associated to it and you decide which is started in automatic for example

- connections information
[root@c7 ~]# nmcli con show
NAMEUUID  TYPEDEVICE
ens192  9fb1de04-fda3-4db9-820e-d266e151ac73  802-3-ethernet  ens192
virbr0  343ede6f-b7b0-4f73-a6f7-2bc9aee34d4a  bridge  virbr0
[root@c7 ~]#

- configuration of start type for the connection ens192
[root@c7 ~]# nmcli con show ens192 | grep -i connection.auto
connection.autoconnect: yes
connection.autoconnect-priority:0
connection.autoconnect-slaves:  -1 (default)
[root@c7 ~]#

- set to auto if it is not so yet
[root@c7 ~]# nmcli con mod ens192 autoconnect yes

- down and up
[root@c7 ~]# nmcli con down ens192
[root@c7 ~]# nmcli con up ens192

- reboot to verify that autoconnects

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] copy with bunzip2?

2019-01-08 Thread Gianluca Cecchi

On Tue, Jan 8, 2019 at 3:59 AM Frank Cox  wrote:

> I have several pdf files as .pdf.bz2, as seen here:
>
> a/1.pdf.bz2
> a/2.pdf.bz2
> a/b/3.pdf.bz2
> a/b/c/4.pdf.bz2
>
> I want to copy everything in and under directory a to another computer,
> but I want the files to be decompressed on the destination machine:
>
> a/1.pdf
> a/2.pdf
> a/b/3.pdf
> a/b/c/4.pdf
>
> I could just use rsync and run a bunch of bunzip2 commands on the
> destination after the copying is completed, but perhaps there's a better
> way that would decompress the files in transit instead?
>
>
Something like this below?
It requires something like ssh key access, otherwise for every file you
have to digit the password of the remote user... and also many ssh
commands...

for file in $(ls -1 a/*bz2)
do
   echo $file
   pdf_file=$(basename $file .bz2)
   echo $pdf_file
   bunzip2 -c $file | ssh remote_host "mkdir -p ${HOME}/b ; cat >
${HOME}/b/${pdf_file}"
done
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Grettings!

2018-11-19 Thread Gianluca Cecchi

On Mon, Nov 19, 2018 at 1:27 PM Glenio Cortes Himmen <
glenio.him...@gmail.com> wrote:

>
>
> Whats is CDE?
>
>
>
https://en.wikipedia.org/wiki/Common_Desktop_Environment

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Red Hat is Planning To Deprecate KDE on RHEL By 2024

2018-11-10 Thread Gianluca Cecchi

On Sat, Nov 10, 2018 at 7:36 PM Frank Cox  wrote:

> > Hi, based on the multitude of answers and options received, you can also
> > consider the magnificent old days CDE, now open sourced.
>
> CDE can actually be installed on Centos 7 through yum:
>
> https://copr.fedorainfracloud.org/coprs/dcantrel/cde/
>
> Just install the repo file and "yum install cde"
>
> That gives you CDE version 2.3.
>
> I installed it on an VirtualBox image that I use for testing stuff and it
> looks pretty cool.
>
>
Nice to know ;-)
Compiling it from surces needed some time and several dependencies... I
will try.
I see that there are Fedora 28/29 repos too.
Probably lacking dbus and other integrations, but nice to see it running


> I missed out on CDE when it was the current thing; I was still using MSDOS
> (and DesqView) until about 1998 when I decided that DOS wasn't going to cut
> it in the brave new world of the Internet (though it worked great for
> FidoNet) and got a Windows 98 machine.  Decided I didn't like that much
> either so a couple of months after that I reformatted it and installed Red
> Hat Linux, and I've been here ever since.
>

Optimal choice!
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Red Hat is Planning To Deprecate KDE on RHEL By 2024

2018-11-03 Thread Gianluca Cecchi

On Fri, Nov 2, 2018 at 9:03 PM Frank Cox  wrote:

> https://www.theregister.co.uk/2018/11/02/rhel_deprecates_kde/
>
> That's still several years in the future, of course.
>
> I use Mate on all of my machines rather than Gnome or KDE and I'm sure
> many of you fine folks do the same.
>
> But it's interesting nonetheless.
>

Hi, based on the multitude of answers and options received, you can also
consider the magnificent old days CDE, now open sourced.
Here a screenshot of version 2.2.0d (beta ;-) as compiled some months ago
on my Fedora 28 Asus U36SD ..
https://drive.google.com/file/d/1JrRPdCpYXzyAB0hhVqRyfr2Pj_mtL3dr/view?usp=sharing

I just see that there is now final version 2.3.0... time to recompile it on
Fedora 29
https://sourceforge.net/projects/cdesktopenv/files/

I couldn't resist... and I cannot forget how beautiful it was on my HP9000
workstation on 1994 !

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Future Releases

2018-10-19 Thread Gianluca Cecchi

On Fri, Oct 19, 2018 at 10:15 PM Robert Moskowitz 
wrote:

>
> Yeah, I was kind of hedging my comment that maybe something for 1.3
> would be in the earlier version, but yes, all the TLS 1.3 work was
> focused on openSSL 1.1.1.  I was personally focused on EDDSA support.
>
> So a number of items have to appear in C6 for it to support TLS 1.3.
> More slowness in TLS 1.3 availability.  Kind of flies in the face of a
> claim made against my HIP protocol which 'requires kernel level changes'
> and thus too hard to deploy.  TLS is an upper layer protocol and changes
> easily roll out.
>
> Yeah, right.
>
>
Keep in mind that first version of RHEL 6 was released 8 years ago and
since May 2017 is in Maintenance Level 2, that means:
Software Enhancements = No
more info here
https://access.redhat.com/support/policy/updates/errata/

Coming to the particular question of OpenSSL, originally was released with
1.0.0 in RHEL 6, then rebased to 1.0.1e in 2013 with RH EL 6.5 (but when
still in Full Support phase).
Here are interesting discussions and articles you can access without Red
Hat login:
https://access.redhat.com/discussions/3440141
and
https://access.redhat.com/discussions/2172641
and
https://access.redhat.com/articles/1462223

And CentOS follows in cascade

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] two 2-node clusters or one 4-node cluster?

2018-07-07 Thread Gianluca Cecchi

On Thu, Jul 5, 2018 at 7:10 PM, Digimer  wrote:

First of all thanks for all your answers, all useful in a way or another. I
have yet to dig sufficiently deep in Warren considerations, but I will do
it, I promise! Very interesting arguments
The concerns of Alexander are true in an ideal world, but when your role is
to be an IT Consultant and you are not responsible for the budget and for
the department, is not so easy to convince about emerging concepts that due
to their nature are not so rock solid and accepted (yet).
In my work lifetime I had the fortune to be on both the sides of the IT
chair and so I think I'm able to see all the points.
Eg in 2004 I was the IT Manager of a small company (without responsibility
of the budget, I had to convince my CEO at that time; company revenue about
50 million euros) and I did migrate the physical environment to VMware and
a Dell CX300 SAN, but it was not so easy, believe in me. I left the company
at end of 2007 and the same untouched 3-years old environment ran for other
4 years without any modification or problems.
And bare on me, at least in Italy in 2004 it wasn't a so common environment
to setup for production.

I always prioritize simplicity and isolation, so I vote fore 2x 2-nodes.
> There is no effective benefit to 3+ nodes (quorum is arguably helpful,
> but proper stonith, which you need anyway, makes it mostly a moot point).
>
> In this particular scenario I run several Oracle RDBMS instances. They are
currently distributed as 3 big ones on the first cluster and other 7
smaller on the other one.
With chance to grow up.
So in my case I think I can spread better in my opinion the load and have
better high availability.

> Keep in mind; If your services are critical enough to justify an HA
> cluster, they're probably important enough that adding the
> complexity/overhead of larger clusters doesn't offset any hardware
> efficiency savings.

Probably true for old RHCS stack, based on Cman/Rgmanager. But from various
tests it seems Corosync/Pacemaker is much more smooth in managing more than
2 nodes' clusters

> Lastly, with 2x 2-node, you could lose two nodes
> (one per cluster) and still be operational. If you lose 2 nodes of a
> four node cluster, you're offline.
>
>
This is true with default configuration, but you can configure Auto Tie
Breaker (ATB) as you can see with "man votequorum", or an example web page
here:
https://www.systutorials.com/docs/linux/man/5-votequorum/

I just tested and verified it on my virtual 4-nodes based on CentOS 7.4,
where I have:

- modified corosync.conf on all nodes
- pcs cluster stop --all
- pcs cluster start --all
- wait a few minutes for resources to start
- shutdown cl3 and cl4

and this is the situation at the end, without downtime and with cluster
quorate

[root@cl1 ~]# pcs status
Cluster name: clorarhv1
Stack: corosync
Current DC: intracl2 (version 1.1.16-12.el7_4.8-94ff4df) - partition with
quorum
Last updated: Sat Jul  7 15:25:47 2018
Last change: Thu Jul  5 18:09:52 2018 by root via crm_resource on intracl2

4 nodes configured
15 resources configured

Online: [ intracl1 intracl2 ]
OFFLINE: [ intracl3 intracl4 ]

Full list of resources:

 Resource Group: DB1
 LV_DB1_APPL (ocf::heartbeat:LVM): Started intracl1
 DB1_APPL (ocf::heartbeat:Filesystem): Started intracl1
 LV_DB1_CTRL (ocf::heartbeat:LVM): Started intracl1
 LV_DB1_DATA (ocf::heartbeat:LVM): Started intracl1
 LV_DB1_RDOF (ocf::heartbeat:LVM): Started intracl1
 LV_DB1_REDO (ocf::heartbeat:LVM): Started intracl1
 LV_DB1_TEMP (ocf::heartbeat:LVM): Started intracl1
 DB1_CTRL (ocf::heartbeat:Filesystem): Started intracl1
 DB1_DATA (ocf::heartbeat:Filesystem): Started intracl1
 DB1_RDOF (ocf::heartbeat:Filesystem): Started intracl1
 DB1_REDO (ocf::heartbeat:Filesystem): Started intracl1
 DB1_TEMP (ocf::heartbeat:Filesystem): Started intracl1
 VIP_DB1 (ocf::heartbeat:IPaddr2): Started intracl1
 oracledb_DB1 (ocf::heartbeat:oracle): Started intracl1
 oralsnr_DB1 (ocf::heartbeat:oralsnr): Started intracl1

Daemon Status:
  corosync: active/enabled
  pacemaker: active/enabled
  pcsd: active/enabled
[root@cl1 ~]#

This 4 node scenario seems also suitable to my needs because every one of
the current 2-nodes clusters is a stretched one, with one node in site A
and the other in site B.
The future scenario will see 2 nodes of the new cluster in site A and 2
nodes in site B, so that a failure of a site will compromise 2 nodes, but
with the setting above I can provide all the 10 RDBMS services spread
between two nodes but allowing me to decide where to put them and not force
to only a single node.

BTW: there is also last_man_standing option I can set so that I can also
tolerate the loss ot site B and while not yet resolved, the loss of one of
the two surviving nodes in site A (in this case possibly I will disable
some less critical services or tolerate degraded performances)

In this case the configuration in my

[CentOS] two 2-node clusters or one 4-node cluster?

2018-07-05 Thread Gianluca Cecchi

Hello,
I'm planning migration of current two clusters based on CentOS 6.x with
Cman/Rgmanager going to CentOS 7.x and Corosync/Pacemaker.

As the clusters and their services are on the same subnet, and there no
particular security concerns differentiating them, I'm also evaluating the
option to transform the two clusters into a unique 4-node one during the
upgrade.

Currently I'm testing a virtual 4-node CentOS 7.4 cluster inside oVirt 4.2
and things seem to behave well.

Before going further in deep with tests and so on, I'd like to check with
the community about how many CentOS 7.x clusters composed by more than two
nodes are in place and what are the feedbacks on them in terms of
incremented latency/communication, ecc scaling out.

Also general feedback related to CentOS 6 and scalability of cluster nodes
number is welcome.

Thanks in advance,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS7/Mate Qt bugs/features?

2018-06-15 Thread Gianluca Cecchi

On Fri, Jun 15, 2018 at 6:50 PM, James Pearson 
wrote:

> We have recently migrated from CentOS6/Gnome to CentOS7/Mate - and have
> noticed 'glitches' with some Qt applications that appears to be linked
> to the 'org.mate.Marco.general' 'compositing-manager' setting - and
> wondered how we 'fix' the issue ...
>
>
I tested with one environment where I have two VMs under oVirt 4.2 and I
connect to them using remote-viewer and spice in full screen mode.
One is a fully updated CentOS 7 VM
One is a (not fully up to date) Fedora 28 VM

Both using Mate as DE. On CentOS 7 Mate 1.16.2. On F28 1.20.1
I confirm on both the setting is true and I never tricked with it, so it
should be the default.


Below is a PyQT4 python script that shows the issues:
>
> 1. With 'compositing-manager' set to 'true' (I believe the default
> setting):
>
>   gsettings set org.mate.Marco.general compositing-manager true
>
> Running the script and the window background is transparent - which is fine
>
> However, if the pull down menu is selected and the 'Toggle' button
> pressed, the menu stays on the screen - and stays put even if the window
> is moved
>


I confirm exactly your behaviour with CentOS 7. The toggle makes the drop
down to remain expanded and if I move the window the drop down remains
where it was.
With F28 all is ok and as expected



> 2. With 'compositing-manager' set to 'false' :
>
>   gsettings set org.mate.Marco.general compositing-manager false
>
> Running the script and the window background is no longer transparent -
> which is not good, but the pull down menu issue is fine ...
>
>
I confirm no transaprent background on both and correct behaviour on both


>
> Using CentOS7/Gnome3 works as expected (transparent background and pull
> down menu is fine)
>
>
Not tried this


Anyone have any idea what the problem(s) might be and how to fix it/them ?
>
>
Unfortunately no...
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Passwords in plain text

2018-06-15 Thread Gianluca Cecchi

Mee too

Il Ven 15 Giu 2018, 18:45 Larry Martell  ha
scritto:

> I got it as well.
>
> On Fri, Jun 15, 2018 at 12:41 PM rj coleman  wrote:
>
> > Am I the only one who just received this email from this group?  Which
> > came with my password in the email in plain text?
> >
> >
> > Begin forwarded message:
> >
> > > From: centos-requ...@centos.org
> > > Date: June 15, 2018 at 12:31:04 PM EDT
> > > To: rjcdeve...@gmail.com
> > > Subject: confirm a8e9e592b9d81e13e569ffa9f6f4267c3f2a8fe8
> > >
> > > Your membership in the mailing list CentOS has been disabled due to
> > > excessive bounces The last bounce received from you was dated
> > > 15-Jun-2018.  You will not get any more messages from this list until
> > > you re-enable your membership.  You will receive 3 more reminders like
> > > this before your membership in the list is deleted.
> > >
> > > To re-enable your membership, you can simply respond to this message
> > > (leaving the Subject: line intact), or visit the confirmation page at
> > >
> > >
> >
> https://lists.centos.org/mailman/confirm/centos/a8e9e592b9d81e13e569ffa9f6f4267c3f2a8fe8
> > >
> > >
> > > You can also visit your membership page at
> > >
> > >
> > https://lists.centos.org/mailman/options/centos/rjcdevelop%40gmail.com
> > >
> > >
> > > On your membership page, you can change various delivery options such
> > > as your email address and whether you get digests or not.  As a
> > > reminder, your membership password is
> > >
> > >Removed For Security
> > >
> > > If you have any questions or problems, you can contact the list owner
> > > at
> > >
> > >centos-ow...@centos.org
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Kernel Support

2018-06-14 Thread Gianluca Cecchi

On Thu, Jun 14, 2018 at 3:07 PM, Jonathan Billings 
wrote:

> On Wed, Jun 13, 2018 at 11:16:55PM -0700, Alice Wonder wrote:
> > > You might be able to pay Red Hat for an Extended Update Support
> > > release of RHEL7 that has a similar version
> > > (kernel-3.10.0-514.51.1.el7) but support ends November 30 2018.
> > >
> > > https://access.redhat.com/articles/rhel-eus
> > >
> >
> > The src.rpm for that kernel is probably available somewhere.
>
> I'm fairly certain you cannot download the SRPM for EUS kernels.  You
> might if you're a Red Hat customer paying for that product (but don't
> take my word for it).
>
> EUS 7.3.x support is going away soon enough that the real answer is to
> plan to migrate to supported RHEL/CentOS kernels.
>
>
I agree for the format of release (SRPM), but in any case Red Hat should
provide the sources for the changes, as the kernel is GPL-2.0
Then one can manually try to merge them in a patched kernel in some way...
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kernel-lt from ELRepo vs. GRUB: define default boot kernel

2018-05-16 Thread Gianluca Cecchi

On Wed, May 16, 2018 at 4:17 PM, Anand Buddhdev  wrote:

> On 16/05/2018 12:10, Nicolas Kovacs wrote:
>
> Bonjour Nicolas!
>
> > So right now I have two kernels on my machine, the 4.4.129 and the
> > 4.4.131. How do I configure GRUB so that on the next reboot, it defaults
> > to the 4.4.131 kernel? I knew how to do this with LILO under Slackware,
> > but GRUB is a very different beast.
>
> The easiest way is to use the "grubby" tool to set your default kernel.
> Look at the man page of grubby for details.
>
> Regards,
> Anand
>
>

This is helpful too and still valid for CentOS 7.5:
https://wiki.centos.org/HowTos/Grub2

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.5 (1804) and NetworkManager

2018-05-15 Thread Gianluca Cecchi

On Tue, May 15, 2018 at 12:40 PM, Nicolas Kovacs  wrote:

> Hi,
>
> I'm running CentOS on all kinds of setups: servers, workstations,
> desktops and laptops.
>
> Up until now, I'm only using NetworkManager on laptops, since it makes
> sense to use it there. On servers and desktop clients, I usually remove
> it and configure the network "traditionally" by simply editing
> /etc/sysconfig/network-scripts/ifcfg-whatever, /etc/resolv.conf,
> /etc/hosts, /etc/hostname and /etc/sysconfig/network. Running
> NetworkManager on anything else than a laptop has never made any sense
> to me, since it's basically an extra layer of abstraction.
>
> With the latest update, the removal of NetworkManager on a desktop
> client isn't possible anymore, since 'yum remove NetworkManager' also
> tries to remove 'gdm', and disabling it on startup spews back all sorts
> of errors.
>
> If you folks at Red Hat are reading this, I have one question: WHY ?
>
> Niki Kovacs
>

Disclosure:
I'm not a folk at Red Hat ;-)

In CentOS / Fedora I simply disable NetworkManager service and put into
ifcfg-xxx (eg ifcfg-eth0) the line

NM_CONTROLLED=no

The network service is enabled by default, so this should be sufficient to
keep NetworkManager installed but not inerfering with your classic network
configuration.

On a just updated c7test vm

[root@c7test ~]# uptime
 13:19:51 up 2 min,  1 user,  load average: 0.10, 0.15, 0.07
[root@c7test ~]#

[root@c7test ~]# cat /etc/centos-release
CentOS Linux release 7.5.1804 (Core)
[root@c7test ~]#

[root@c7test ~]# systemctl status NetworkManager
● NetworkManager.service - Network Manager
   Loaded: loaded (/usr/lib/systemd/system/NetworkManager.service;
disabled; vendor preset: enabled)
   Active: inactive (dead)
 Docs: man:NetworkManager(8)

[root@c7test ~]# systemctl status network -l
● network.service - LSB: Bring up/down networking
   Loaded: loaded (/etc/rc.d/init.d/network; bad; vendor preset: disabled)
   Active: active (exited) since Tue 2018-05-15 13:17:27 CEST; 15s ago
 Docs: man:systemd-sysv-generator(8)
  Process: 700 ExecStart=/etc/rc.d/init.d/network start (code=exited,
status=0/SUCCESS)

May 15 13:17:21 c7test.mydomain systemd[1]: Starting LSB: Bring up/down
networking...
May 15 13:17:23 c7test.mydomain network[700]: Bringing up loopback
interface:  [  OK  ]
May 15 13:17:27 c7test.mydomain NET[1001]:
/etc/sysconfig/network-scripts/ifup-post : updated /etc/resolv.conf
May 15 13:17:27 c7test.mydomain network[700]: Bringing up interface eth0:
[  OK  ]
May 15 13:17:27 c7test.mydomain systemd[1]: Started LSB: Bring up/down
networking.


[root@c7test ~]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN group
default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
   valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state
UP group default qlen 1000
link/ether 00:1a:4a:16:01:00 brd ff:ff:ff:ff:ff:ff
inet 10.4.4.33/24 brd 10.4.4.255 scope global eth0
   valid_lft forever preferred_lft forever
inet6 fe80::21a:4aff:fe16:100/64 scope link
   valid_lft forever preferred_lft forever
[root@c7test ~]#


HOIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Will RHSA-2018:0980 hit Centos repos soon?

2018-04-24 Thread Gianluca Cecchi

On Tue, Apr 24, 2018 at 11:47 PM, Sean  wrote:

> Hi all,
>
> RH published the advisory 2 weeks ago, according to
> https://access.redhat.com/errata/RHSA-2018:0980.  The main repo does not
> appear to have the packages noted yet -
> http://mirror.centos.org/centos/7/updates/x86_64/Packages/
>
> We've been waiting on a few of these bugs to be fixed for some time.  I
> don't mean to be impatient, just looking for an ETA.
>
> Thanks for all the great work the team does!
> ___
>

Hi,
based on its release date (10/04), I think the package you are searching is
part of the updates included in RH EL 7.5 release, so you should at least
wait until the so-called CentOS CR repo will be ready.
More infos about it here:
https://wiki.centos.org/AdditionalResources/Repositories/CR

I think the CR readiness announcement will be published here:
https://blog.centos.org/
and also in centos-devel mailing list so you can subscribe to that list or
check its real-time archives:
https://lists.centos.org/pipermail/centos-devel/

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 7 LAPP setup PHP 5 vs 7

2018-04-05 Thread Gianluca Cecchi

On Thu, Apr 5, 2018 at 8:49 PM, Gary Stainburn  wrote:

> Another questions regarding my new server setup.
>
> [snip]

>
> The default distro's appear to still be installing PHP5 while some sites
> instruct on how to install PHP7.
>
> I am porting my old server which must be 10 years old, running Fedora 9 and
> PHP5 onto the new server, so presumably sticking with PHP5 would be the
> easier option.
>
> However, I am looking to give my new server as long a life as possible, so
> should I instead be looking at PHP7?
>

[snip]

It mainly depends on your application, I think. And the level of "support"
you want.
Anyway, the default in plain CentOS 7 is now version 5.4, based on 5.4.16.
To get PHP 7.0 or 7.1, but also newer minor version of 5.4 (currently
5.4.40) or 5.5 or 5.6, you have to enable the so-called Software
Collections.
See here:
https://wiki.centos.org/AdditionalResources/Repositories/SCL

There are then some "scl" commands to enable desired installed version (eg
to have in default path ecc..), so that you can try them and find the more
suitable one.
More info here:
https://www.softwarecollections.org/en/docs/

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenVPN server and firewalld

2017-12-29 Thread Gianluca Cecchi

On Fri, Dec 29, 2017 at 10:32 AM, Kenneth Porter 
wrote:

> How do I insert the iptables rule below using firewalld?
>
> I'm moving up from CentOS 6 to 7 on an office gateway and I'm trying to
> get OpenVPN working to allow home workers to access PCs at the office. I've
> got it all working but only by manually inserting an ACCEPT rule in the
> FORWARD iptables chain:
>
> iptables -I FORWARD 3 -i tun+ -j ACCEPT
>
> This rule was extracted from my iptables firewall under CentOS6. The 3
> puts it after the accepts for established connections and loopback
> connections, but before any firewalld sub-chains. With this I can connect
> to an internal Windows 10 system with Remote Desktop.
>
> How can I inject this rule using firewalld, either as a direct rule or as
> some more firewalld-approved kind of rule?
>
>
Hello,
in case your need is not covered by the "--add-service" and/or the
"--add-port" you can still use a direct rule for it.

I think it should be something like this to test:
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i tun+ -j ACCEPT

Manual page and some examples with
man firewalld.direct

The "iptables like" rule will be added into the pre-built chain named
FORWARD_direct
The 0 above means it is put at top of FORWARD_direct chain. In your example
appears "3" and it is not clear what are lines 1 and 2.
With iptables -L command you will see:

# iptables -v -L FORWARD_direct
Chain FORWARD_direct (1 references)
 pkts bytes target prot opt in out source
destination
0 0 ACCEPT all  --  tun+   any anywhere
anywhere
#

With firewall-cmd you can see with
# firewall-cmd --direct --get-all-rules
ipv4 filter FORWARD 0 -i tun+ -j ACCEPT
#

If it works ok as expected, you can make it permanent with

firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i tun+
-j ACCEPT
firewall-cmd --reload

HIH digging into,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C7 and docker storage

2017-11-30 Thread Gianluca Cecchi

On Wed, Nov 29, 2017 at 10:23 PM,  wrote:

>
>
> The latter would explain the message my user's job gave him when it tried
> to umount /
>
> A bit of googling, and I see something called overlayFS can be used... but
> I know nothing about that, or how dangerous it is.  Anyone got a pointed
> to something more than the minimal how to configure docker to use it?
>
> mark
>
>
You could follow CentOS Atomic SIG
https://wiki.centos.org/SpecialInterestGroup/Atomic
http://www.projectatomic.io/download/

and/or read here and adapt in case for your storage needs:
http://www.projectatomic.io/docs/docker-storage-recommendation/

See also here for overlayfs addiction in CentOS Atomic Host in September
this year
https://seven.centos.org/2017/09/new-centos-atomic-host-with-overlayfs-storage/

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] qemu-system-x86_64 does not support fw_cfg option

2017-07-26 Thread Gianluca Cecchi

On Wed, Jul 26, 2017 at 12:20 PM, Steve Rubie-Todd 
wrote:

> Hi
>
> I am trying to run CoreOS (Container Linux) as a guest OS using KVM/QEMU.
> One of their suggestions is to pass config info into the VM using the
> "fw_cfg" option . When I try this I get the error "-fw_cfg invalid option".
> If I run the vm with the help option it does not list the fw_cfg option.
> However, according to the qemu documentation, see here <
> https://qemu.weilnetz.de/doc/qemu-doc.html#Debug_002fExpert-options>,
> they support this option.
>
> The command used to run the vm is:
>
>/usr/bin/qemu-system-x86_64 -name CL-IGN-1 -m 1024 \
> -net nic,vlan=0,model=virtio \
> -net user,vlan=0,hostfwd=tcp::-:22,hostname=CL-IGN-1 \
> -drive if=virtio,file=./coreos_production_qemu_image.img \
> -fw_cfg name=opt/com.coreos/config,file=./CL-IGN-1.ignconfig
>
>qemu-system-x86_64: -fw_cfg: invalid option
>
> I also tried using /usr/libexec/qemu-kvm but got the same error.
>
> I am running::
>
>CentOS Linux release 7.3.1611 (Core)
>
>qemu-system-x86-2.0.0-1.el7.6.x86_64
>qemu-kvm-1.5.3-126.el7.x86_64
>
>
> Thanks.
>

Hello,
I think (based also on your qemu-kvm version man page), that the feature is
not present in qemu-kvm version provided by base CentOS.
But you can use packages provided by the Virtualization SIG
Good idea especially if virtualization is core service for your server.
See here the announcement:
https://lists.centos.org/pipermail/centos-announce/2015-October/021445.html

So you can follow what detailed there:
yum install centos-release-qemu-ev
yum install qemu-kvm-ev

I reproduced a situation on a CentOS 7.3 server where qemu-kvm is already
present and you can do

yum install centos-release-qemu-ev

and then

yum update qemu-kvm-ev
...
Dependencies Resolved


 Package   Arch  Version
 Repository Size

Installing:
 qemu-img-ev   x86_6410:2.6.0-28.el7.10.1
centos-qemu-ev1.0 M
 replacing  qemu-img.x86_64 10:1.5.3-126.el7_3.10
 qemu-kvm-common-evx86_6410:2.6.0-28.el7.10.1
centos-qemu-ev516 k
 replacing  qemu-kvm-common.x86_64 10:1.5.3-126.el7_3.10
 qemu-kvm-ev   x86_6410:2.6.0-28.el7.10.1
centos-qemu-ev2.5 M
 replacing  qemu-kvm.x86_64 10:1.5.3-126.el7_3.10

Transaction Summary

Install  3 Packages

so it seems it automatically obsoletes the "standard" packages, because
they overlap in filesand you can have only one installed

And now you should have the -fw_cfg option.

BTW: the version of the hypervisor used by Virtualization SIG is the same
used by the Virtualization Platform project named oVirt (
http://www.ovirt.org), upstream for commercial RHEV solution, so rock
solid, I'm currently using it extensively ;-)

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Upgrade 6 to 7

2017-06-02 Thread Gianluca Cecchi

Il 01 Giu 2017 10:13 PM, "Jerry Geis"  ha scritto:

I found this site https://wiki.centos.org/TipsAndTricks/CentOSUpgradeTool

Is this still the case - there is no upgrade path from 6 to 7 ?

I have a few remote servers I'd like to upgrade (if possible).

Thanks,

Jerry


It is supported, with some limitations, in rhel, so the same I think
applies to CentOS.
See here for rhel
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Migration_Planning_Guide/chap-Red_Hat_Enterprise_Linux-Migration_Planning_Guide-Upgrading.html#chap-Red_Hat_Enterprise_Linux-Migration_Planning_Guide-Upgrading_from_RHEL6
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.9 Skylake soft error

2017-05-31 Thread Gianluca Cecchi

On Wed, May 31, 2017 at 2:50 PM, Andreas Benzler 
wrote:

> Look like sound card layer
>
> lspci ???
>
> This is the german web site
>
> http://www.intel.de/content/www/de/de/support/boards-and-kits/05499
> .html
>
> linux kernel 3.14.8 or higher .. for soundcard and newer alsa 
>
> Sincerely
>
> Andy
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


On my CentOS 7.3 based NUC6i5SYH

lspci -v gives

00:1f.3 Audio device: Intel Corporation Sunrise Point-LP HD Audio (rev 21)
Subsystem: Intel Corporation Device 2063
Flags: bus master, fast devsel, latency 32, IRQ 127
Memory at df14 (64-bit, non-prefetchable) [size=16K]
Memory at df12 (64-bit, non-prefetchable) [size=64K]
Capabilities: [50] Power Management version 3
Capabilities: [60] MSI: Enable+ Count=1/1 Maskable- 64bit+
Kernel driver in use: snd_hda_intel
Kernel modules: snd_hda_intel, snd_soc_skl
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.9 Skylake soft error

2017-05-31 Thread Gianluca Cecchi

On Wed, May 31, 2017 at 11:44 AM, Andreas Benzler 
wrote:

> You need at least a newer kernel.
>
> If you like you can try out
>
> http://elrepo.org/tiki/tiki-index.php  index.php>
>
>
> With 3.10 I’m personal unsure
> kernel-lt-3.10.104-1.el6.elrepo.x86_64.rpm  net/kernel/el6/x86_64/RPMS/kernel-lt-3.10.104-1.el6.elrepo.x86_64.rpm>
>
> But got here centos with 4.11.3 running quiet well.
> kernel-ml-4.11.3-1.el6.elrepo.x86_64.rpm  net/kernel/el6/x86_64/RPMS/kernel-ml-4.11.3-1.el6.elrepo.x86_64.rpm>
>
> Hopefully that works for you.
>
> Sincerely
>
> Andy
>
>
>
If it can help, on my NUC6i5SYH with CentOS 7.3 and kernel
3.10.0-514.6.1.el7.x86_64 I get this in dmesg


[4.931203] input: HDA Intel PCH Mic as
/devices/pci:00/:00:1f.3/sound/card0/input10
[4.931262] input: HDA Intel PCH Headphone as
/devices/pci:00/:00:1f.3/sound/card0/input11
[4.931336] input: HDA Intel PCH HDMI/DP,pcm=3 as
/devices/pci:00/:00:1f.3/sound/card0/input12
[4.931391] input: HDA Intel PCH HDMI/DP,pcm=7 as
/devices/pci:00/:00:1f.3/sound/card0/input13
[4.931439] input: HDA Intel PCH HDMI/DP,pcm=8 as
/devices/pci:00/:00:1f.3/sound/card0/input14

and no unkown PCH messages.

The fw I'm using is

Version: SYSKLi35.86A.0052.2016.0910.1456

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ovirt Hosted-Engine VM iptables

2017-05-28 Thread Gianluca Cecchi

On Sun, May 28, 2017 at 8:17 AM, Andrew Dent  wrote:

> Hi
>
> I would like to add rules into the iptables of the Hosted Engine VM in
> Ovirt.
>
> the version is oVirt Engine Version: 4.1.1.8-1.el7.centos
> I have tried using the normal process for iptables (iptables-save etc),
> but it seems that the file
> /etc/sysconfig/iptables
> this is ignored in the Ovirt Engine VM.
> How can I add permanent rules into the Engine VM?
>
> Kind regards
>
>
>
> Andrew
>


Hi, probably the oVirt users mailing list would be better than the general
CentOS list; here archives and registration information:
https://lists.ovirt.org/mailman/listinfo/users


That said, the hosted engine setup workflow should give you the option to
configure the firewall too. Didn't you choose that option?
Did you use the provided appliance or did you manage yourself the os
installation and run of engine-setup inside the hosted engine vm?

I suppose you have iptables and not firewalld installed, so that the command

systemctl status firewalld

returns service not found, correct? Otherwise yo uhave to disable firewalld
and enable iptables

For my hosted engine 4.1.1 test setup I have in place firewalld on CentOS
7.3, that is the default using the appliance, and these are the rules if I
run

iptables -S > /tmp/itables-dump.txt

so you can convert them to /etc/sysconfig/iptables rules
Note that the needed rules could change also depending on the oVirt related
services you enable on the engine (eg ovirt-imageio-proxy that needs 54323
port open below, websocket proxy, ecc..)

[root@ractorshe ~]# cat /tmp/iptables-dump.txt
-P INPUT ACCEPT
-P FORWARD ACCEPT
-P OUTPUT ACCEPT
-N FORWARD_IN_ZONES
-N FORWARD_IN_ZONES_SOURCE
-N FORWARD_OUT_ZONES
-N FORWARD_OUT_ZONES_SOURCE
-N FORWARD_direct
-N FWDI_public
-N FWDI_public_allow
-N FWDI_public_deny
-N FWDI_public_log
-N FWDO_public
-N FWDO_public_allow
-N FWDO_public_deny
-N FWDO_public_log
-N INPUT_ZONES
-N INPUT_ZONES_SOURCE
-N INPUT_direct
-N IN_public
-N IN_public_allow
-N IN_public_deny
-N IN_public_log
-N OUTPUT_direct
-A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -j INPUT_direct
-A INPUT -j INPUT_ZONES_SOURCE
-A INPUT -j INPUT_ZONES
-A INPUT -m conntrack --ctstate INVALID -j DROP
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i lo -j ACCEPT
-A FORWARD -j FORWARD_direct
-A FORWARD -j FORWARD_IN_ZONES_SOURCE
-A FORWARD -j FORWARD_IN_ZONES
-A FORWARD -j FORWARD_OUT_ZONES_SOURCE
-A FORWARD -j FORWARD_OUT_ZONES
-A FORWARD -m conntrack --ctstate INVALID -j DROP
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
-A OUTPUT -j OUTPUT_direct
-A FORWARD_IN_ZONES -i eth0 -g FWDI_public
-A FORWARD_IN_ZONES -g FWDI_public
-A FORWARD_OUT_ZONES -o eth0 -g FWDO_public
-A FORWARD_OUT_ZONES -g FWDO_public
-A FWDI_public -j FWDI_public_log
-A FWDI_public -j FWDI_public_deny
-A FWDI_public -j FWDI_public_allow
-A FWDI_public -p icmp -j ACCEPT
-A FWDO_public -j FWDO_public_log
-A FWDO_public -j FWDO_public_deny
-A FWDO_public -j FWDO_public_allow
-A INPUT_ZONES -i eth0 -g IN_public
-A INPUT_ZONES -g IN_public
-A IN_public -j IN_public_log
-A IN_public -j IN_public_deny
-A IN_public -j IN_public_allow
-A IN_public -p icmp -j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 6641 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 6642 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 6100 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 9696 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport  -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 80 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 443 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 22 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 54323 -m conntrack --ctstate NEW
-j ACCEPT
-A IN_public_allow -p tcp -m tcp --dport 5432 -m conntrack --ctstate NEW -j
ACCEPT
-A IN_public_allow -p udp -m udp --dport 7410 -m conntrack --ctstate NEW -j
ACCEPT

NOTE: 6641 and 6642 are for OVN setup (
http://www.ovirt.org/develop/release-management/features/ovirt-ovn-provider/)
and probably you don't need them

If I run the dump from command "ip6tables -S" and then run a diff with the
former file, you get an hint on how to create also your
/etc/sysconfig/ip6tables file if you are using ipv6

[root@ractorshe ~]# diff /tmp/ip6tables-dump.txt /tmp/iptables-dump.txt
31c31
< -A INPUT -j REJECT --reject-with icmp6-adm-prohibited
---
> -A INPUT -j REJECT --reject-with icmp-host-prohibited
40c40
< -A FORWARD -j REJECT --reject-with icmp6-adm-prohibited
---
> -A FORWARD -j REJECT --reject-with icmp-host-prohibited
49c49
< -A FWDI_public -p ipv6-icmp -j ACCEPT
---
> -A FWDI_public -p icmp -j ACCEPT
58c58,60
< -A

[CentOS] [OT] how to give ssh options to rdist

2017-05-19 Thread Gianluca Cecchi

Hello,
I'm trying to configure rdist over ssh so that it connects at target side
as a particular user.

I'm using CentOS 7.3 on both ends (I also tested with Fedora 25 with the
same behavor)

So I create at source side the file ~/.ssh/config under mysourceuser home

Host targetsrv.localdomain.local
 HostName targetsrv.localdomain.local
 User mytargetuser

Then, connected as mysourceuser user on local server

$ ssh targetsrv.localdomain.local
mytargetuser@targetsrv.localdomain.local's password:

So far so good as expected.

But if I create a small distfile to distribute a file on
targetsrv.localdomain.local and execute rdist on it, I receive the prompt
of mysourceuser password, not mytargetuser one

$ rdist -P /usr/bin/ssh -f ./distfile distrotest
mysourceuser@targetsrv.localdomain.local's password:

It seems the config file is not honored. I tried different combinations but
none worked
eg creating a wrapper script that runs ssh -F config_file "$@"

I can workaround the problem using inside the distfile
"mytargetuser@targetsrv.localdomain.local" instead of
"targetsrv.localdomain.local" , this way it works.
But I would like to avoid it if possible as I have a distfile with many
entries and variables as destination hosts target.

Any help appreciated

Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] sshd and problems with network vs NetworkManager

2017-05-12 Thread Gianluca Cecchi

Hello,
I'm registering a strange new behavior after updating openssh on my CentOS
7.3 server.

Firt of all difference of systemd service configuration between
new openssh-server-6.6.1p1-35.el7_3.x86_64
and
old openssh-server-6.6.1p1-33.el7_3.x86_6

[root@c7service ~]# diff new_sshd.service old_sshd.service
8c8,9
< Type=notify
---
> Type=forking
> PIDFile=/var/run/sshd.pid
10c11
< ExecStart=/usr/sbin/sshd -D $OPTIONS
---
> ExecStart=/usr/sbin/sshd $OPTIONS
15d15
< RestartPreventExitStatus=255

It changed the Type and it was also added the RestartPreventExitStatus
directove.

The effects I'm noticing are:

1) If using NetworkManager and no ListenAddress entry in sshd_config
--> all ok (listen on ipv4 and ipv6)

2) If using NetworkManager and I put ListenAddress=ip in sshd_config
--> all ok

3) If NetworkManager disabled and using only network service and no
ListenAddress entry in sshd_config
--> ok (listen on ipv4 and ipv6)

4) If NetworkManager disabled and using only network service and I put
ListenAddress=ip in sshd_config

--> ko with 255 error and so no restart

5) If NetworkManager disabled and using only network service and I put
ListenAddress=0.0.0.0
--> ok

6) If NetworkManager disabled and using only network service and I put
ListenAddress=ip and comment out the RestartPreventExitStatus line
--> ko with 255 error and after 42s restart and ok of sshd

Can anyone replicate on an RH EL and report?
Do you think I can opena a bugzilla for this or NetworkManager is supposed
to be kept running as official support?

I have a server with two network interfaces where I want to enable sshd
only on the second and I'm blocked if I disable NetworkManager.
In the mean time I have commented out the service line related to restart n
case of 255 error...
I see here that actually 255 is the common exit code for many sshd errors
and some discussions about Type of sshd service:
https://bugzilla.redhat.com/show_bug.cgi?id=1398360

In changelog of rpm between old and new eleases I only see:

* Wed Mar 01 2017 Jakub Jelen  - 6.6.1p1-35 + 0.9.3-9
- Do not send SD_NOTIFY from forked childern (#1381997)

* Fri Feb 24 2017 Jakub Jelen  - 6.6.1p1-34 + 0.9.3-9
- Add SD_NOTIFY code to help systemd to track running service (#1381997)

Thanks in advance,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

On Fri, May 5, 2017 at 7:46 PM, Nikolaos Milas  wrote:

> On 5/5/2017 8:29 μμ, Nikolaos Milas wrote:
>
> I am very puzzled with "unknown filesystem".
>>
>
> After more googling, I found this bug report with a very recent fix:
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1399487
>
> It seems to me that this may be relevant in our case.
>
> If so, may it be that this fix has not been rolled out to CentOS repos yet?
>
> What is your opinion and your advice/suggestion(s)?
>
> Thanks,
>
> Nick
>

Ah... I never used xfs for /boot.
Also on CentOS 7 I tipically format it with ext4.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

On Fri, May 5, 2017 at 8:06 PM, Nikolaos Milas <nmi...@noa.gr> wrote:

> On 5/5/2017 8:34 μμ, Gianluca Cecchi wrote:
>
> Your /mnt/sysimage/boot is under tmpfs not real disk...
>>
>
> Sorry, I am not an expert, but it does seem to NOT be under tmpfs:
>
> Filesystem   Size Used  Avail Use%  Mounted on
> ...
> /dev/vdal497M 192M   306M   39% /mnt/sysimage/boot
> ...
>
> Why do you say that the boot partition is under tmpfs?
>
>
> Nick
> ___
>
>
Sorry, bad formatting of "df -h" output while reading on my mobile phone...
;-)
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

Il 05 Mag 2017 19:30, "Nikolaos Milas" <nmi...@noa.gr> ha scritto:

On 5/5/2017 3:45 μμ, Gianluca Cecchi wrote:

BTW: see also this paragraph in the provided RH EL link:
> 24.7.3. Resetting and Reinstalling GRUB 2
>
> But i think is not your problem
>

Yes, I have done that, without change in behavior.


Also, after changing partitions flag does your fdisk command reflect the
> change?
>

Yes.


Is the error during boot the same as the one provided in your first e-mail?
>

Yes.


One final thing. When I had to change boot settings, I made different steps
> in choot environment in respect of the indication inside the image you
> sent.
>
> Specifically
>
> Verify if your boot partition is already mounted under /mnt/sysimage/boot
> in your current environment
>

Yes, it is:

sh-4.2# df -h
Filesystem   Size Used  Avail Use%  Mounted on
/dev/mapper/live-rw  2.0G 1.1G   930M   54% /
devtmpfs 979M0   979M0% /dev
tmpfs   1001M 4.0K  1001M1% /dev/shm
tmpfs   1001M 8.3M   993M1% /run
tmpfs   1001M0  1001M0% /sys/fs/cgroup
/dev/sr0 680M 680M  0  100% /run/install/repo
tmpfs   1001M 300K  1001M1% /tmp
/dev/mapper/centos-root   18G 1.5G16G9% /mnt/sysimage
/dev/vdal497M 192M   306M   39% /mnt/sysimage/boot
/tmpfs  1001M0  1001M0% /mnt/sysimage/dev/shm


If it is mounted on another mount point in your live env go and umount it
> and run
> mount /dev/vda1 /mnt/sysimage/boot
>

Didn't need to.

then
> chroot /mnt/sysimage
>

OK, I did so:

sh-4.2# chroot /mnt/sysimage
bash-4.2#


when you are in chrooted environment, probably you don't have special files
> for vda and vda1 because they are dinamically created;
> verify with
>
> ls -l /dev/vda*
>

It seems I do have such files:

bash-4.2# ls -la /dev/vda*
brw-rw.1  root disk 252, 0 May 5 16:49 vda
brw-rw.1  root disk 252, 1 May 5 16:49 vdal
brw-rw.1  root disk 252, 2 May 5 16:49 vda2


If this is the case, go and create them
>
> mknod -m 660 /dev/vda b 253 0
> mknod -m 660 /dev/vda1 b 253 1
>

Didn't need to.


at this point
>
> grub2-install /dev/vda
> and let see the output of the command and its exit code
>

As usual:

   bash-4.2# grub2-install /dev/vda

   Installing for i386-pc platform.
   grub2-install: error: unknown filesystem.

at this point exit chrooted environment (exit)
> umount /mnt/sysimage/boot
>
> reboot and see if anything changes
>

Didn't do it,  because grub2-install above failed, so nothing changed.

I am very puzzled with "unknown filesystem".

Thanks for your time and help! I am looking forward to reaching a solution!

All the best,

Nick

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos


Your /mnt/sysimage/boot is under tmpfs not real disk...
Try to unmount it and mount the vda1 device instead and then follow the
other steps...
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

On Fri, May 5, 2017 at 2:38 PM, Nikolaos Milas <nmi...@noa.gr> wrote:

> On 5/5/2017 3:15 μμ, Gianluca Cecchi wrote:
>
> ...
>> grub2-install /dev/vda
>> ...
>> Was this one of the command you already tried?
>>
>
> Yes, I have tried that multiple times, both from Troubleshooting Mode
> (booting using CentOS 7 Installation CD) and from within the actual system
> (booted using super-grub2 disk).
>
> I always get (from troubleshooting mode):
>
># grub2-install --root-directory=/mnt/sysimage/ /dev/vda
>Installing for i386-pc platform.
>grub2-install: error: unknown filesystem.
>
> or (from within the OS):
>
># grub2-install /dev/vda
>Installing for i386-pc platform.
>grub2-install: error: unknown filesystem.
>
> How can I fix that?
>
>
> Nick
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


BTW: see also this paragraph in the provided RH EL link:
24.7.3. Resetting and Reinstalling GRUB 2

But i think is not your problem

Also, after changing partitions flag does your fdisk command reflect the
change?
Is the error during boot the same as the one provided in your first e-mail?

One final thing. When I had to change boot settings, I made different steps
in choot environment in respect of the indication inside the image you sent.

Specifically

Verify if your boot partition is already mounted under /mnt/sysimage/boot
in your current environment
If it is mounted on another mount point in your live env go and umount it
and run
mount /dev/vda1 /mnt/sysimage/boot

then
chroot /mnt/sysimage

when you are in chrooted environment, probably you don't have special files
for vda and vda1 because they are dinamically created;
verify with

ls -l /dev/vda*

If this is the case, go and create them

mknod -m 660 /dev/vda b 253 0
mknod -m 660 /dev/vda1 b 253 1

at this point

grub2-install /dev/vda
and let see the output of the command and its exit code

at this point exit chrooted environment (exit)
umount /mnt/sysimage/boot

reboot and see if anything changes

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

On Fri, May 5, 2017 at 2:05 PM, Bernard Lheureux <
bernard.lheur...@bbsoft4.org> wrote:

> On 05/05/2017 12:57, Gianluca Cecchi wrote:
>
> grub-install /dev/vda2 didn't work ?
>
>
As this is a CentOS 7.x system, I would say this, if you want to install it
on MBR:

grub2-install /dev/vda

as detailed here:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-Reinstalling_GRUB_2.html

Was this one of the command you already tried?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

On Fri, May 5, 2017 at 12:52 PM, Nikolaos Milas  wrote:

> On 5/5/2017 1:42 μμ, Nikolaos Milas wrote:
>
> Hmm, it seems that the boot flag should be removed from /dev/vda2
>> partition?
>>
>
> Actually, I tried this and left the boot flag only to /dev/vda1. I
> rebooted and I am still getting the same error. :-(
>
> I was hoping we were close to a solution...
>
>
> Nick
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>

what do you get when you boot the VM (I imagine with supergrub2 you
described) and run this

lspci
lspci -kn

in particular in respect with scsi devices ad kernel modules used
eg in a VM of mine under oVirt

[root@ractorshe ~]# lspci
00:00.0 Host bridge: Intel Corporation 440FX - 82441FX PMC [Natoma] (rev 02)
00:01.0 ISA bridge: Intel Corporation 82371SB PIIX3 ISA [Natoma/Triton II]
00:01.1 IDE interface: Intel Corporation 82371SB PIIX3 IDE [Natoma/Triton
II]
00:01.2 USB controller: Intel Corporation 82371SB PIIX3 USB [Natoma/Triton
II] (rev 01)
00:01.3 Bridge: Intel Corporation 82371AB/EB/MB PIIX4 ACPI (rev 03)
00:02.0 Unclassified device [00ff]: Red Hat, Inc Virtio RNG
00:03.0 Ethernet controller: Red Hat, Inc Virtio network device
00:04.0 SCSI storage controller: Red Hat, Inc Virtio SCSI
00:05.0 Communication controller: Red Hat, Inc Virtio console
00:06.0 SCSI storage controller: Red Hat, Inc Virtio block device
[root@ractorshe ~]#


[root@ractorshe ~]# lspci -kn
00:00.0 0600: 8086:1237 (rev 02)
Subsystem: 1af4:1100
00:01.0 0601: 8086:7000
Subsystem: 1af4:1100
00:01.1 0101: 8086:7010
Subsystem: 1af4:1100
Kernel driver in use: ata_piix
Kernel modules: ata_piix, pata_acpi, ata_generic
00:01.2 0c03: 8086:7020 (rev 01)
Subsystem: 1af4:1100
Kernel driver in use: uhci_hcd
00:01.3 0680: 8086:7113 (rev 03)
Subsystem: 1af4:1100
Kernel driver in use: piix4_smbus
Kernel modules: i2c_piix4
00:02.0 00ff: 1af4:1005
Subsystem: 1af4:0004
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
00:03.0 0200: 1af4:1000
Subsystem: 1af4:0001
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
00:04.0 0100: 1af4:1004
Subsystem: 1af4:0008
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
00:05.0 0780: 1af4:1003
Subsystem: 1af4:0003
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
00:06.0 0100: 1af4:1001
Subsystem: 1af4:0002
Kernel driver in use: virtio-pci
Kernel modules: virtio_pci
[root@ractorshe ~]#
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 cloned VM cannot boot

2017-05-05 Thread Gianluca Cecchi

On Fri, May 5, 2017 at 11:54 AM, Nikolaos Milas  wrote:

> On 5/5/2017 5:11 πμ, Barry Brimer wrote:
>
> Are the correct volumes referenced in your /etc/default/grub file?
>>
>
> Thanks Barry for your feedback.
>
> Here is the output:
>
> http://iweb.noa.gr/files/centos7/scratchvm-data-20170505-01.png
>
> What can you tell from that?
>
> Cheers,
>
> Nick
> ___
>

Just a guess, as you already tested many things
I remember in the past I had problems when the boot partition was not
marked as active.
I don't know if still relevant.
Could you verify, if /dev/sda is your boot disk, with the command

fdisk -l /dev/sda
?

Something like this with the star in the "Boot" column:

[root@ractorshe ~]# fdisk -l /dev/vda

Disk /dev/vda: 10.7 GB, 10737418240 bytes, 20971520 sectors
Units = sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disk label type: dos
Disk identifier: 0x000cb2a3

   Device Boot  Start End  Blocks   Id  System
/dev/vda1   *20482097151910484736   83  Linux
[root@ractorshe ~]#

BTW: are you using virt-manager to configure/run your VMs? Or direct virsh
commans or what?

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Network Manager / CentOS 7 / local unbound

2017-04-11 Thread Gianluca Cecchi

On Tue, Apr 11, 2017 at 12:03 PM, Alice Wonder  wrote:

> From the man page that does tell it not to mess with /etc/resolv.conf -
> thank you. That will work.
>
> On 04/11/2017 02:21 AM, anax wrote:
>
>> Hi Alice
>> man NetworkManager.conf
>>
>> in /etc/NetworkManager/NetworkManager.conf
>>
>> 
>> dns=none
>> 
>>
>>
Hello,
I think another option should be to put this inside ifcfg-xxx of the
involved network adapter:

PEERDNS=no

So that it will not accept dns server eventually proposed by the dhcp server
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Mixed bonding and vlan on plain adapter possible?

2017-03-29 Thread Gianluca Cecchi

Hello,
I have a CentOS 7.3 + updates server where my configuration arises from the
need to connect via iSCSI to a Dell PS Series storage array and Dell not
supporting bonding.
So that I need to use 2 nics on the same vlan to connect to iSCSI portal IP
and then use multipath.
Also, the iSCSI lan is on a dedicated vlan
I have only these 2 x 10Gbit adapters and I also need to put other vlans on
them through bonding. I plan to use active-backup as bonding mode.

My first tests were only with iSCSI in place to verify connection is ok
I followed these Dell guidelines, for both multipath and sysctl configs for
network adapters:
http://en.community.dell.com/techcenter/extras/m/white_papers/20442422
iSCSI vlan is 100 so that the configured devices are p1p1.100 and p1p2.100
and my sysctl config is:

net.ipv4.conf.p1p1/100.arp_announce=2
net.ipv4.conf.p1p2/100.arp_announce=2
net.ipv4.conf.p1p1/100.arp_ignore=1
net.ipv4.conf.p1p2/100.arp_ignore=1
#
net.ipv4.conf.p1p1/100.rp_filter=2
net.ipv4.conf.p1p2/100.rp_filter=2

So far so good and my lun is viewed this way through multipath
[root@ov300 etc]# multipath -l
364817197b5dfd0e5538d959702249b1c dm-3 EQLOGIC ,100E-00
size=1.0T features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=0 status=active
  |- 7:0:0:0 sde 8:64 active undef  running
  `- 8:0:0:0 sdf 8:80 active undef  running

I tried a test workload and both paths are used in a balanced way.

Now I temporarily stop the iSCSI layer and ifdown the p1p1.100 and p1p2.100
devices and put in place bonding on plain p1p1 and p1p2 interfaces and then
vlans over it and bridges (they are for VMs)

[root@ov300 ~]# cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: fault-tolerance (active-backup)
Primary Slave: None
Currently Active Slave: p1p1
MII Status: up
MII Polling Interval (ms): 100
Up Delay (ms): 0
Down Delay (ms): 0

Slave Interface: p1p1
MII Status: up
Speed: 1 Mbps
Duplex: full
Link Failure Count: 0
Permanent HW addr: a0:36:9f:2e:4d:80
Slave queue ID: 0

Slave Interface: p1p2
MII Status: up
Speed: 1 Mbps
Duplex: full
Link Failure Count: 1
Permanent HW addr: a0:36:9f:2e:4d:82
Slave queue ID: 0
[root@ov300 ~]#

- ifcfg-bond1.65

DEVICE=bond1.65
VLAN=yes
BRIDGE=vlan65
ONBOOT=yes
MTU=1500
DEFROUTE=no
NM_CONTROLLED=no
IPV6INIT=no

- ifcfg-vlan65

DEVICE=vlan65
TYPE=Bridge
DELAY=0
STP=off
ONBOOT=yes
MTU=1500
DEFROUTE=no
NM_CONTROLLED=no
IPV6INIT=no

[root@ov300 network-scripts]# brctl show vlan65
bridge name bridge id STP enabled interfaces
vlan65 8000.a0369f2e4d80 no bond1.65
[root@ov300 network-scripts]#

The same for vlans 162, while for vlan 187 I only have the bond1.187
without a bridge on top of it

At the end I try to re-start the iSCSI components, but it seems now I have
iSCSI connection interrupted and not stable. During this phase the command

[root@ov300 network-scripts]# iscsiadm -m session -P1

has in its output for the 2 interfaces

Iface Netdev: p1p2.100
SID: 5
iSCSI Connection State: TRANSPORT WAIT
iSCSI Session State: FAILED
Internal iscsid Session State: REOPEN
...
SID: 6
iSCSI Connection State: TRANSPORT WAIT
iSCSI Session State: FREE
Internal iscsid Session State: REOPEN

and then

Iface Netdev: p1p2.100
SID: 5
iSCSI Connection State: TRANSPORT WAIT
iSCSI Session State: FREE
Internal iscsid Session State: REOPEN
...
Iface Netdev: p1p1.100
SID: 6
iSCSI Connection State: LOGGED IN
iSCSI Session State: LOGGED_IN
Internal iscsid Session State: NO CHANGE

and from multipath point of view a sequence of these:

[root@ov300 network-scripts]# multipath -l
364817197b5dfd0e5538d959702249b1c dm-2 EQLOGIC ,100E-00
size=1.0T features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=0 status=active
  |- 14:0:0:0 sde 8:64 active undef  running
  `- 13:0:0:0 sdf 8:80 failed faulty running

[root@ov300 network-scripts]# multipath -l
364817197b5dfd0e5538d959702249b1c dm-2 EQLOGIC ,100E-00
size=1.0T features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=0 status=active
  |- 14:0:0:0 sde 8:64 active undef  running
  `- 13:0:0:0 sdf 8:80 failed faulty running

[root@ov300 network-scripts]# multipath -l
364817197b5dfd0e5538d959702249b1c dm-2 EQLOGIC ,100E-00
size=1.0T features='0' hwhandler='0' wp=rw
`-+- policy='round-robin 0' prio=0 status=active
  |- 14:0:0:0 sde 8:64 active undef  running
  `- 13:0:0:0 sdf 8:80 failed undef  running

Should my config work or do you see any physical/network intrinsic problems
in it?
>From first tests it seems the more problematic adapter in iSCSI connection
is the one that at the time was the active slave in the active-backup
bond. but I only did preliminary tests

Tomorrow I'm going to run further tests and verify better and deeper, but
any comment/suggestion would be appreciated in advance.

Thanks
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to resize a partition of a disk define as a physical volume

2017-02-22 Thread Gianluca Cecchi

On Wed, Feb 22, 2017 at 2:42 PM, Bernard Fay  wrote:

> How do you resize the partition without loosing data?
>
> gparted does not support LVM.
>
>
It is preferrable to create PV on the whole disk also to manage these kind
of situations.
In case I have to manage with partitions, the must is that you can do it
only if it is the last partition, and you are ok.
Normally I use fidsk and I first delete the last partition and then without
exiting the utility I create again it using the same starting point and the
new larger end.
For this, take care of using option to show sectors and not cylinders ("u"
switches between the two options) and print your partition layout ("p"
comamnd), so that you can set exactly the same starting point of the new
xvda2 partition otherwise you will have destroyed it and LVM layer would
not be able to identify it (also the type if now it is 8e for Linux LVM).
Eventually you will have to run also the command

partprobe /dev/xvda

to align os with new partition layout

Take care and read well (also on other sources on internet in case). Also
backup your partiion layout before making changes with

sfdisk -d /dev/xvda > part_table.before

and compare with what you have after.

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] multipath show config different in CentOS 7?

2017-01-31 Thread Gianluca Cecchi

Hello,
suppose I want to use a special configuration for my IBM/1814 storage array
luns, then I put something like this in multipath.conf

devices {
device {
vendor "IBM"
product "^1814"
product_blacklist "Universal Xport"
path_grouping_policy "group_by_prio"
path_checker "rdac"
features "0"
hardware_handler "1 rdac"
prio "rdac"
failback immediate
rr_weight "uniform"
no_path_retry "12"
}
}

In CentOS 6.x when you restart multipathd or restart server, using

multipathd -k
multipathd> show config
multipathd> exit

in output you see your particular configuration instead than the default
one for this particular device.
In CentOS 7.3 instead I see it two times, the first one with the default
built-in values (eg "no_path_retry   fail") and at the end the customized
one.
So it is not clear what is the actual configuration that device mapper
multipath is using...
The last wins?
Is this expected behaviour? In that case what command can I use to
crosscheck it (apart from real testing that is anyway necessary to verify
too)?
Eg in CentOS 7.3 I'm using device-mapper-multipath-0.4.9-99.el7_3.1.x86_64
while on CentOS 6.8 I'm using device-mapper-multipath-0.4.9-93.el6.x86_64

Thanks in advance,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Increase CPU usage on HV after upgrade (7.2 -> 7.3)

2017-01-18 Thread Gianluca Cecchi

On Wed, Jan 18, 2017 at 2:34 PM, Subscriber  wrote:

> Hello ,
>
> After upgrading the system from CentOS 7.2.1511 to CenOS 7.3.1611 I
> see that the average processing time has increased from 5-7% to 12-15%
> (doubled). Not critical but it is not pleasant. Server as KVM with 5
> virtual machines. Someone noticed something similar? If so, how to fix
> that?
>
> Thx.
>
>
>
In the mean time, if you have not disabled it, you should find some
collected statistics from sysstat/sar.
Look at the sarXX files under /var/log/sa. They should be kept for 30 day
by default in CentOS 7.
So you can compare cpu, mem, I/O profiles before and after the upgrade.
If you have access to Red Hat documents you can look also here:
https://access.redhat.com/articles/325783

or in general some articles like this:
https://www.blackmoreops.com/2014/06/18/sysstat-sar-examples-usage/
and to create pdf graphics with kSar
https://www.thomas-krenn.com/en/wiki/Linux_Performance_Analysis_using_kSar

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Reliable way of having both LAN and WIFI on headless box

2017-01-13 Thread Gianluca Cecchi

On Fri, Jan 13, 2017 at 12:33 PM, Gary Stainburn 
wrote:

>
>
> Also, it was suggested that I use nmcli in a cronjob to re-activate it if
> it
> drops.  I can check to see if it's still active by 'grep'ing the IP
> address,
> but I don't know the nmcli to re-activate an existing WIFI connection.
>
> Can anyone help here too, just in case I can't fix the real problem


I have a wireless connection named "AndroidAP-notepro"

So I can run

# nmcli con show --active | grep AndroidAP-notepro
AndroidAP-notepro  62d0fc1f-91b8-4c07-baf0-323cf1c108d1  802-11-wireless
 wlp3s0
#

You can check exit code and number of lines.
If number of lines is 0, it means the connection is not active and you can
try to activate it and get exit code of the command

# nmcli con up AndroidAP-notepro

Also, it could be useful to know what value you have for
"connection.autoconnect" for this connection.
If it is yes, in theory it should automatically reactivate when it returns
available.

In my case my AndroidAP-notepro connection is to be manually activated and
in fact I have

# nmcli con show AndroidAP-notepro | grep connection.autoconnect:
connection.autoconnect: no
#

In case you also have autoconnect set to no, If you don't have a gui you
should be able to set it up with

# nmcli con mod AndroidAP-notepro connection.autoconnect yes

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update pulls in lvm-cluster on 7.3

2017-01-04 Thread Gianluca Cecchi

On Wed, Jan 4, 2017 at 6:30 AM,  wrote:

> Hi,
>
> Sorry for the delayed response.


No problem



> Hummm, According to the changelog your version of lvm2 is over a year old.
>

Yes, it was a test vm server not recently updated.


>
> So I guess what I am trying to figure out is what is pulling in the
> Resilient
> Storage group.
>
> Suggestions?
>
>
question: your .repo files under /etc/yum.repos.d contain official CentOS
mirrors or anything customized that could have broken repodata information?

question: why are you using priorities plugin?
See here for related files, in case:
https://wiki.centos.org/PackageManagement/Yum/Priorities

What I would test/try in order is:

- check all enabled contents in .repo files and verify it is correct in
respect with a standard CentOS 7 system

- yum update --disablerepo=cr
and see if anything changes

- it could be related with priorities plugin too, I would try
yum update --disableplugin=priorities
and/or
yum update --disableplugin=priorities --disablerepo=cr

- I never used changelog plugin and it should pop-in only if changelog
option has been given in yum command, anyway I would try
yum update --disableplugin=changelog
and/or
yum update --disableplugin=changelog --disablerepo=cr

- try running yum command with debug option enabled and see if anything
pops up
yum update -d 5

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can't delete or move /home on 7.3 install

2016-12-14 Thread Gianluca Cecchi

On Thu, Dec 15, 2016 at 2:49 AM, Glenn E. Bailey III <
replic...@dallaslamers.org> wrote:

> Tried this in both AWS and GCE as I though it may be a specific cloud
> vendor issue. SELinux is disabled, lsof | grep home shows nothing,
> lsattr /home shows nothing. Simply get "Device or resource busy."
>
> Works just find on 7.2 so I'm kinda at a loss. Scanned over the RHEL
> release notes and didn't see anything. Anyone else have this issue? We
> move our /home to another mount point and symlink /home to it ..
>
>
Do you have access to the console, so that you can try to do the move while
in single user mode?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update pulls in lvm-cluster on 7.3

2016-12-13 Thread Gianluca Cecchi

On Tue, Dec 13, 2016 at 2:16 PM,  wrote:

> Hi,
>
> I ran "yum update" this morning on a 7.2 machine with all of the cr updates
> applied to it and yum wants to install lvm-cluster and a bunch of deps.
>
> Dependencies Resolved
>
> ==
>  Package   Arch  VersionRepository   Size
> ==
> Installing for group upgrade "Resilient Storage":
>  lvm2-cluster  x86_647:2.02.166-1.el7_3.1updates  663 k
>

Hello,
which command did you execute, exactly?
I have only experience with RHEL and not CentOS for what regards
lvm2-cluster; in my opinion it is correct that it is included in "Resilient
Storage" group.
So that if you already had this group installed but not lvm2-cluster rpm
package, it was a problem before, not now

Eg, in a CentOS 7.2 vm of mine I have:

[root@manageiq ~]# rpm -q lvm2-cluster
package lvm2-cluster is not installed
[root@manageiq ~]#

[root@manageiq ~]# rpm -q lvm2
lvm2-2.02.130-5.el7.x86_64
[root@manageiq ~]#

[root@manageiq ~]# yum update
. . .
centos-releasex86_64 7-3.1611.el7.centos
  base 23 k
. . .
lvm2  x86_64 7:2.02.166-1.el7_3.1
 updates 1.1 M
. . .
but no lvm2-cluster package proposed

but correctly if I run

[root@manageiq ~]# yum groupinstall "Resilient Storage"
...
Dependencies Resolved


 Package Arch Version
Repository Size

Installing for group install "Resilient Storage":
 dlm x86_64   4.0.6-1.el7
base   89 k
 gfs2-utils  x86_64   3.1.9-3.el7
base  302 k
 lvm2-clusterx86_64   7:2.02.166-1.el7_3.1
 updates   663 k
Installing for dependencies:
 corosyncx86_64   2.4.0-4.el7
base  213 k
 corosynclib x86_64   2.4.0-4.el7
base  125 k
 dlm-lib x86_64   4.0.6-1.el7
base   24 k
 libqb   x86_64   1.0-1.el7
base   92 k
 resource-agents x86_64   3.9.5-82.el7_3.1
 updates   360 k
Updating for dependencies:
 device-mapper   x86_64   7:1.02.135-1.el7_3.1
 updates   269 k
 device-mapper-event x86_64   7:1.02.135-1.el7_3.1
 updates   177 k
 device-mapper-event-libsx86_64   7:1.02.135-1.el7_3.1
 updates   177 k
 device-mapper-libs  x86_64   7:1.02.135-1.el7_3.1
 updates   333 k
 device-mapper-persistent-data   x86_64   0.6.3-1.el7
base  368 k
 lvm2x86_64   7:2.02.166-1.el7_3.1
 updates   1.1 M
 lvm2-libs   x86_64   7:2.02.166-1.el7_3.1
 updates   984 k

Transaction Summary

Install  3 Packages (+5 Dependent packages)
Upgrade ( 7 Dependent packages)

So it seems ok to me. It pulls the update of lvm2 package itself and also
the lvm2-cluster package (correctly pulled from the "updates" repo)

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6: latest util-linux-ng dependency on kernel?

2016-11-21 Thread Gianluca Cecchi

On Mon, Nov 21, 2016 at 12:49 PM, Tony Mountifield 
wrote:

> I am just applying the latest C6 updates to a couple of KVM Linodes.
> It appears that the latest update of util-linux-ng has added a new
> dependency on the kernel package.
>
> On these VMs, the kernel package is not normally installed, and the VM
> runs a host-supplied kernel. But now, a "yum update" wants to install for
> dependencies kernel, kernel-firmware and grubby, none of which should be
> necessary in this environment.
>
> I have allowed it on one Linode and rebooted it. All seems ok and it is
> still running the host-supplied kernel, but it still grates that an
> unused kernel should have been required to be installed.
>
> Is this an error in util-linux-ng, or a real new requirement?
>
> Cheers
> Tony
>

If you have access to it see:

 Bug Fix Advisory - RHBA-2016:2748-1

Corresponding CentOS announcement here:
https://lists.centos.org/pipermail/centos-announce/2016-November/022148.html

Verify that in your current kernel you don't incur in this bugzilla (I
think you are not using rlogin...):
https://bugzilla.redhat.com/show_bug.cgi?id=1335670

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RHEL 7.3 released

2016-11-04 Thread Gianluca Cecchi

Il 04/Nov/2016 19:20, "Phelps, Matthew"  ha
scritto:
> > Please, before a new flame, please read all what related with release
> > numbering discussed on June 2014 thread of centos-devel mailing list:
> > https://lists.centos.org/pipermail/centos-devel/2014-June/thread.html
> >
> > with subject
> > CentOS 7 and release numbering
> >
> > started here by Karanbir:
> > https://lists.centos.org/pipermail/centos-devel/2014-June/010444.html
> >
> >
> I have read that thread, and the backlash against changing the version
> numbering scheme is dominant there too. Including from one Johnny Hughes.
>
> Keep in mind that all of this discussion happened on the development list
> where very few of us who actually use CentOS are on.
>
[snip]
> The horse is not dead,
> -Matt

The reason why I wrote "before" and not "instead" ;-)
I thought it was important to read all that huge thread with many arguments
already discussed and motivated.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RHEL 7.3 released

2016-11-04 Thread Gianluca Cecchi

On Fri, Nov 4, 2016 at 2:14 PM, Phelps, Matthew 
wrote:

>
> >
> > 1.  Is CentOS-7.3 done yet?  Answer:  NO!
> >
> > And it is NOT CentOS-7.3 .. it is CentOS-7 (1611) based on RHEL-7.3
> > Sources.  The main tree will be labeled '7.3.1611' on the mirrors (along
> > side 7.0.1406 and 7.1.1503, and 7.2.1511, all of which are already there)
> >
> >
> Obligatory objection to this version numbering scheme:
>
> Deviating from RHEL in such a basic way is crazy, dumb, stupid, annoying,
> wrong, etc, etc.
>
> There, done.
>
>
Please, before a new flame, please read all what related with release
numbering discussed on June 2014 thread of centos-devel mailing list:
https://lists.centos.org/pipermail/centos-devel/2014-June/thread.html

with subject
CentOS 7 and release numbering

started here by Karanbir:
https://lists.centos.org/pipermail/centos-devel/2014-June/010444.html

Thanks,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] latest documentation of OpenStack for CentOS7

2016-11-02 Thread Gianluca Cecchi

On Wed, Nov 2, 2016 at 2:34 PM, FrancisM  wrote:

> Dear Gianluca,
>
> Thanks for sharing this information it will take my whole week again to
> read the architecture and to understand it. By the way is it recommended to
> run the OpenStack on top of ESXi6 for testing purpose? When I provision the
> CentOS VMs for this test I append this line 'vhv.enable=true' inside the
> .vmx file to support Nested-Environment inside my ESXi6
>
> Its my first time to install and configure OpenStack so I'm wondering if I
> will hit some limitation in my VM environment if I setup this inside of VMs
> running in CentOS7.2
>
>
>
Yes, in the past I was able to create a nested Openstack "farm" (tested
both Grizzly and Icehouse versions) inside VSphere 5 using a vApp without
any problems.
In this vApp there were 13 VMs configured with CentOS 6: 3 compute nodes, 2
swift proxy nodes, 3 swift storage nodes, 3 controller nodes + 2 load
balancer nodes (to manage calls for swift storage and swift proxy nodes)
In ESXi 5 the steps to configure/enable nested hypervisors was different
than in ESXi 6.

Recently I was able to configure a nested oVirt environment in ESXi 6 and
basically I followed what described here.
http://nokitel.im/index.php/2016/03/21/nested-windows-hyper-v-server-2012-r2-on-vmware-vsphere-esxi-6/

and verifying that I was able to load kvm kernel module in my virtual
hypervisors and start qemu-kvm on them.
HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] latest documentation of OpenStack for CentOS7

2016-11-02 Thread Gianluca Cecchi

On Wed, Nov 2, 2016 at 8:03 AM, FrancisM  wrote:

> Hello All,
>
> Is there any good and complete material on how to install OpenStack in
> CentOS out there that is updated that you can share to begin configuring. I
> have followed some documentation in docs.openstack.org and its seems like
> every time i follow one of the module I hit a lot of errors and could not
> complete the installation.
>
>
Hello,
for updated documentation for the Openstack Platform product as provided by
Red Hat starts here:
https://access.redhat.com/documentation/en/red-hat-openstack-platform/
and I think it could be a good starting point anyway.

Please note that I think it requires a particular subscription and that you
can try it for free going here:
https://www.redhat.com/en/technologies/linux-platforms/openstack-platform

If you want to use CentOS (or also base Red Hat OS but without RH Openstack
channels) you can go with RDO project:
https://www.rdoproject.org/

It contains many docs too and in general you can choose differente repo,
depending on which version of Openstack you want to deploy (current one is
Newton now)

For more detailed questions/clarifications, ecc I think you can go to:
https://www.rdoproject.org/community/
and see the appropriate communication channels

HIH,
Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Virtualization Networking

2016-10-03 Thread Gianluca Cecchi

On Mon, Oct 3, 2016 at 1:54 PM, TE Dukes  wrote:

>
>
> > -Original Message-
> > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> > Behalf Of Michael Cole
> > Sent: Friday, September 30, 2016 9:41 PM
> > To: centos@centos.org
> > Subject: Re: [CentOS] Virtualization Networking
> >
> > Deletion does not remove all, Try a erase if that did not work.
> >
> > Configuration files are not always where you expect then to be.
> >
> > Regards Michael Cole
> >
> > On Friday, September 30, 2016 9:16:44 PM TE Dukes wrote:
> > > I deleted all virtualization packages and re-installed.
> > >
> > > Something must have been hosed up.
> > >
> > > Installing a VM and it didn't even ask to setup the network. Hopefully
> > > that's a good sign.
> > >
> > > Will know shortly
> > >
> > > TIA
>
>
> OK, I'm about done trying to get this to work. I have spent HOURS reading,
> installing, re-installing, etc.
>
> I can get the guest to access the internet but have tried every was
> possible
> to be able to access the guest from the LAN or even the host. Nothing I
> have
> tried works.
>
> The only thing all documentation leaves out is how to set up the guest
> networking during the install. Seems if I don't set anything up or just set
> it to DHCP it has internet connectivity, but that is all.
>
> I have gone back in after the guest has been installed and changed the
> networking configuration to match my LAN, that doesn't work either. I lose
> internet accessibility when I do that.
>
> I have tried to install CentOS 7 and Debian 8, the same problems with each.
> I have tried CentOS the built in Virt-Manager and VirtualBox. with same
> results.  Can't seem to find the free version of VMware but I suspect I
> would have the same results as well.
>
> Again, any help would be greatly appreciated.
>
> TI!
>
>
>
If you still have in place environment with virt-manager, can you send the
output of

virsh net-list

Then for every network-name you get into the output of the command above in
column "Name"

virsh net-dumpxml network-name

Then
brctl show

Feel free to transform any ip you think could be sensible.

Gianluca
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

1 2 >

1 - 100 of 116 matches

Mail list logo