Re: [CentOS] [CentOS Stream 8] Update of IPA server broken - bind-dyndb-ldap needs to be rebuilt?
> > Fixed: > https://bugzilla.redhat.com/show_bug.cgi?id=2051108 > > Caused by a rebase of bind, but the new idm:DL1 module lagged behind a > little bit. Was fixed with the push about 9 hours ago. > Many thanks for your quick answer! I confirm that all CentOS Stream 8 IPA servers were then updated without any issue. Cheers, Mathieu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] [CentOS Stream 8] Update of IPA server broken - bind-dyndb-ldap needs to be rebuilt?
Hello, We are testing an IPA/IDM infrastructure which is a mix of RHEL 8 and CentOS Stream 8 environments. The configuration has been completed since last summer, and it is working fine between updates. Currently, the CentOS Stream 8 IPA servers cannot upgrade. I put the whole error message below, but after analyzing a bit, it seems to be that the problem is between: bind-dyndb-ldap (for which there is no new update) and bind-libs-lite (for which a new update is available) $ sudo dnf upgrade bind-libs-lite* Error: Problem: problem with installed package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 - package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 requires libdns.so.1112()(64bit), but none of the providers can be installed - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and bind-libs-lite-32:9.11.26-6.el8.x86_64 - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and bind-libs-lite-32:9.11.26-3.el8.x86_64 - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and bind-libs-lite-32:9.11.26-4.el8_4.x86_64 - cannot install the best update candidate for package bind-libs-lite-32:9.11.26-6.el8.x86_64 The update bind-libs-lite (32:9.11.36-2) seems to offer: /usr/lib64/libdns.so.1115 while bind-dyndb-ldap (11.6-2.module_el8.5.0+750+c59b186b) seems to still require precisely: /usr/lib64/libdns.so.1112 $ sudo dnf provides */libdns.so* ... bind-libs-lite-32:9.11.26-6.el8.x86_64 : Libraries for working with the DNS protocol Repo: @System Matched from: Filename: /usr/lib64/libdns.so.1112 Filename: /usr/lib64/libdns.so.1112.0.2 ... bind-libs-lite-32:9.11.36-2.el8.x86_64 : Libraries for working with the DNS protocol Repo: appstream Matched from: Filename: /usr/lib64/libdns.so.1115 Filename: /usr/lib64/libdns.so.1115.0.3 ... $ sudo dnf list bind-libs-lite bind-dyndb-ldap Installed Packages bind-dyndb-ldap.x86_6411.6-2.module_el8.5.0+750+c59b186b @appstream bind-libs-lite.x86_64 32:9.11.26-6.el8 @appstream Available Packages bind-libs-lite.i686 32:9.11.36-2.el8 appstream bind-libs-lite.x86_64 32:9.11.36-2.el8 appstream Please note that, of course, the module stream idm:DL1 is enabled: $ sudo dnf module list idm* CentOS Stream 8 - AppStream Name Stream Profiles Summary idm DL1 [e] adtrust, client, common [d], dns [i], server The Red Hat Enterprise Linux Identity Management system module idm client [d] common [d] RHEL IdM long term support client module Also, as can be expected, these updates are not yet available on the *RHEL 8* IPA servers: $ sudo dnf list bind-libs-lite bind-dyndb-ldap Updating Subscription Management repositories. Installed Packages bind-dyndb-ldap.x86_6411.6-2.module+el8.4.0+9328+4ec4e316 @rhel-8-for-x86_64-appstream-rpms bind-libs-lite.x86_64 32:9.11.26-6.el8 @rhel-8-for-x86_64-appstream-rpms Available Packages bind-libs-lite.i686 32:9.11.26-6.el8 rhel-8-for-x86_64-appstream-rpms So, is there any workaround, or should we simply wait for the IPA/IDM server DL1 module stream to be updated? (there are updates of the ipa packages which are pending there, juts not bind-dyndb-ldap) Also, should I rather send such reports of our CentOS Stream testing to another mailing-list? (devel?) Or book them into Red Hat's bugzilla? Thanks in advance for your comments! Mathieu ## Full error log when trying to update a CentOS Stream 8 IPA/IDM server $ sudo ipactl status Directory Service: RUNNING krb5kdc Service: RUNNING kadmin Service: RUNNING named Service: RUNNING httpd Service: RUNNING ipa-custodia Service: RUNNING ipa-otpd Service: RUNNING ipa-dnskeysyncd Service: RUNNING ipa: INFO: The ipactl command was successful $ sudo dnf upgrade --refresh CentOS Stream 8 - AppStream 13 kB/s | 4.4 kB 00:00 CentOS Stream 8 - BaseOS 26 kB/s | 3.9 kB 00:00 CentOS Stream 8 - Extras 15 kB/s | 3.0 kB 00:00 Error: Problem 1: package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 requires libdns.so.1112()(64bit), but none of the providers can be installed - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and bind-libs-lite-32:9.11.26-6.el8.x86_64 - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and bind-libs-lite-32:9.11.26-3.el8.x86_64 - cannot install both bind-libs-lite-32:9.11.36-2.el8.x86_64 and bind-libs-lite-32:9.11.26-4.el8_4.x86_64 - cannot install the best update candidate for package bind-libs-lite-32:9.11.26-6.el8.x86_64 - cannot install the best update candidate for package bind-dyndb-ldap-11.6-2.module_el8.5.0+750+c59b186b.x86_64 Problem 2: problem with
Re: [CentOS] 389-ds packages less up-to-date on CentOS Stream 8 than RHEL8
> > No idea why the other is not released to c8s, I will ask. > Thank you! We will test when we see the CentOS Stream updates coming, and we will let you know if we notice anything special. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] 389-ds packages less up-to-date on CentOS Stream 8 than RHEL8
Hello, as described here [1] we were having issues with LDAP dirsrv 389-ds in our environment where we use a mix on CentOS Stream 8 and RHEL 8 deployments. I have been surprised to notice that RHEL packages actually seems to be more up-to-date than CentOS Stream ones, while we are working for our QA processes under the assumption that CentOS Stream is upstream of RHEL. Looking at the package versions: ## RHEL 8 $ sudo dnf info 389-ds-base Name : 389-ds-base Version : 1.4.3.23 Release : 12.module+el8.5.0+13329+4096c77a $ sudo rpm -q --changelog 389-ds-base * Thu Nov 18 2021 Mark Reynolds - 1.4.3.23-12 ## CentOS Stream 8 $ sudo dnf info 389-ds-base Name : 389-ds-base Version : 1.4.3.23 Release : 10.module_el8.5.0+946+51aba098 $ rpm -q --changelog 389-ds-base * Thu Aug 26 2021 Mark Reynolds - 1.4.3.23-10 My understanding from discussion on this mailing-list a few months ago, is that sometimes critical issues will be patched in RHEL before CentOS Stream, which is understandable. But is it to be expected that there can be a lag of many months before CentOS Stream "catches up"? Is it recommended to use CentOS Stream for development and testing of the upcoming RHEL updates? Just to be clear, as a (tiny) Red Hat Partner, we have access to enough RHEL NFR entitlements for such purposes, so the point here is not to get something "for free", but to "see things coming" by developing and testing primarily on CentOS Stream. (Which, by the way is working great, except for these recurring 389-ds and IPA issues; I have also been using it as my workstation for months without a glitch) Thanks in advance for (constructive) comments, and for sharing your own experience! Cheers, Mathieu [1] https://lists.centos.org/pipermail/centos/2021-November/534847.html ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Last 389-ds update on CentOS 8 Stream seems to be broken
After looking at: https://git.centos.org/rpms/389-ds-base/c/0381070f4db756c9771576582981e332aab5d141?branch=c8s-stream-1.4 and testing one of the failing 1.4.3.23-10 dirsrv, I removed manually from /etc/dirsrv/slapd-*/dse.ldif the entry: dn: cn=GOST_YESCRYPT,cn=Password Storage Schemes,cn=plugins,cn=config and restarted the service. And it is now working! Interestingly this entry was recreated, without any difference (except timestamps). Also interestingly, we apparently do *not* have the issue on IPA environments with this same dirsrv update. The issue only happens in environments with standalone dirsrv (that is, without an IPA server). On Sat, Nov 20, 2021 at 8:02 PM Mathieu Baudier wrote: > Hello, > > after updating 389-ds (LDAP dirsrv) on CentOS 8 Stream, this service does > not start anymore: > > $ sudo journalctl -u dirsrv@* | less > > Nov 20 18:27:31 systemd[1]: Starting 389 Directory Server argeo > Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.980124142 +0100] - > ERR - symload_report_error - Netscape Portable Runtime error -5975: > /usr/lib64/dirsrv/plugins/libpwdstorage-plugin.so: undefined symbol: > gost_yescrypt_pwd_storage_scheme_init > Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.985260818 +0100] - > ERR - symload_report_error - Could not load symbol > "gost_yescrypt_pwd_storage_scheme_init" from "libpwdstorage-plugin" for > plugin GOST_YESCRYPT > Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.988423108 +0100] - > ERR - slapd_bootstrap_config - The plugin entry > [cn=GOST_YESCRYPT,cn=Password Storage Schemes,cn=plugins,cn=config] in the > configfile /etc/dirsrv/slapd-argeo/dse.ldif was invalid. Failed to load > plugin's init function. > Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.991083901 +0100] - > EMERG - main - The configuration files in directory /etc/dirsrv/slapd-argeo > could not be read or were not found. Please refer to the error log or > output for more information. > Nov 20 18:27:32 systemd[1]: dirsrv@argeo.service: Main process exited, > code=exited, status=1/FAILURE > Nov 20 18:27:32 systemd[1]: dirsrv@argeo.service: Failed with result > 'exit-code'. > Nov 20 18:27:32 systemd[1]: Failed to start 389 Directory Server argeo.. > > $ sudo dnf list 389-ds-* > Installed Packages > 389-ds-base.x86_64 > 1.4.3.23-10.module_el8.5.0+946+51aba098 @appstream > 389-ds-base-libs.x86_64 > 1.4.3.23-10.module_el8.5.0+946+51aba098 @appstream > > After downgrading and restarting it is working again : > > $ sudo dnf downgrade 389-ds-* > > $ sudo dnf list 389-ds-* > Installed Packages > 389-ds-base.x86_64 > 1.4.3.23-7.module_el8.5.0+889+90e0384f @appstream > 389-ds-base-libs.x86_64 > 1.4.3.23-7.module_el8.5.0+889+90e0384f @appstream > > $ sudo systemctl restart dirsrv@* > > Should I fill a bug report for this? (And if yes, where?) > Or should some 389-ds plugins be deactivated? > Or some upgrade procedure? > > Thanks in advance for your guidance! > Cheers, > > Mathieu > > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Last 389-ds update on CentOS 8 Stream seems to be broken
Hello, after updating 389-ds (LDAP dirsrv) on CentOS 8 Stream, this service does not start anymore: $ sudo journalctl -u dirsrv@* | less Nov 20 18:27:31 systemd[1]: Starting 389 Directory Server argeo Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.980124142 +0100] - ERR - symload_report_error - Netscape Portable Runtime error -5975: /usr/lib64/dirsrv/plugins/libpwdstorage-plugin.so: undefined symbol: gost_yescrypt_pwd_storage_scheme_init Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.985260818 +0100] - ERR - symload_report_error - Could not load symbol "gost_yescrypt_pwd_storage_scheme_init" from "libpwdstorage-plugin" for plugin GOST_YESCRYPT Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.988423108 +0100] - ERR - slapd_bootstrap_config - The plugin entry [cn=GOST_YESCRYPT,cn=Password Storage Schemes,cn=plugins,cn=config] in the configfile /etc/dirsrv/slapd-argeo/dse.ldif was invalid. Failed to load plugin's init function. Nov 20 18:27:31 ns-slapd[1951]: [20/Nov/2021:18:27:31.991083901 +0100] - EMERG - main - The configuration files in directory /etc/dirsrv/slapd-argeo could not be read or were not found. Please refer to the error log or output for more information. Nov 20 18:27:32 systemd[1]: dirsrv@argeo.service: Main process exited, code=exited, status=1/FAILURE Nov 20 18:27:32 systemd[1]: dirsrv@argeo.service: Failed with result 'exit-code'. Nov 20 18:27:32 systemd[1]: Failed to start 389 Directory Server argeo.. $ sudo dnf list 389-ds-* Installed Packages 389-ds-base.x86_64 1.4.3.23-10.module_el8.5.0+946+51aba098 @appstream 389-ds-base-libs.x86_64 1.4.3.23-10.module_el8.5.0+946+51aba098 @appstream After downgrading and restarting it is working again : $ sudo dnf downgrade 389-ds-* $ sudo dnf list 389-ds-* Installed Packages 389-ds-base.x86_64 1.4.3.23-7.module_el8.5.0+889+90e0384f @appstream 389-ds-base-libs.x86_64 1.4.3.23-7.module_el8.5.0+889+90e0384f @appstream $ sudo systemctl restart dirsrv@* Should I fill a bug report for this? (And if yes, where?) Or should some 389-ds plugins be deactivated? Or some upgrade procedure? Thanks in advance for your guidance! Cheers, Mathieu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] World clocks on CentOS 8?
Hello, I am using CentOS 8 Streams + GNOME, and I cannot find the world clocks anymore (in order to add various cities and their current time). It used to be under the calendar, when one clicks on the time on the top bar. I cannot launch 'gnome-clocks' from the command line, and package search (with EPEL enabled) doesn't provide any results : $ sudo dnf list gnome-clocks Error: No matching Packages to list $ sudo dnf list *clock* Error: No matching Packages to list Was this software removed? Thank you! Mathieu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Permission denied when updating CentOS 8 Streams
Hello, On a remote server (in an IPv6-only infrastructure) I am getting the following error when trying to update CentOS 8 Streams x86_64: $ sudo dnf upgrade --refresh Failed to set locale, defaulting to C.UTF-8 CentOS Stream 8 - AppStream 0.0 B/s | 0 B 00:16 Errors during downloading metadata for repository 'appstream': - Curl error (7): Couldn't connect to server for http://mirrorlist.centos.org/?release=8-stream=x86_64=AppStream=stock [Failed to connect to mirrorlist.centos.org port 80: Permission denied] Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: Curl error (7): Couldn't connect to server for http://mirrorlist.centos.org/?release=8-stream=x86_64=AppStream=stock [Failed to connect to mirrorlist.centos.org port 80: Permission denied] Trying to retrieve the mirror list with wget gives similar errors (see log below). This is a development VM and I was playing with firewalld zones on this interface (drop, block, etc.) in order to see the most restrictive that I could use in order to update a system. But the error also appears if I switch back the zone to public. Could it be that my address has been blacklisted because of all these tests? >From my laptop, also running CentOS 8 Streams, everything is working as expected. Thank in advance for hints on how to analyze further! Mathieu ## wget log $ wget http://mirrorlist.centos.org/?release=8-stream=x86_64=AppStream=stock --2021-02-19 08:35:14-- http://mirrorlist.centos.org/?release=8-stream=x86_64=AppStream=stock Resolving mirrorlist.centos.org (mirrorlist.centos.org)... 2001:4178:5:200::10, 2600:1f16:c1:5e01:4180:6610:5482:c1c0, 2604:1380:2001:d00::3, ... Connecting to mirrorlist.centos.org (mirrorlist.centos.org)|2001:4178:5:200::10|:80... failed: Permission denied. Connecting to mirrorlist.centos.org (mirrorlist.centos.org)|2600:1f16:c1:5e01:4180:6610:5482:c1c0|:80... failed: Permission denied. Connecting to mirrorlist.centos.org (mirrorlist.centos.org)|2604:1380:2001:d00::3|:80... failed: Permission denied. Connecting to mirrorlist.centos.org (mirrorlist.centos.org)|2604:1580:fe02:2::10|:80... failed: Permission denied. Connecting to mirrorlist.centos.org (mirrorlist.centos.org)|2604:1380:1001:6c00::1|:80... failed: Permission denied. Connecting to mirrorlist.centos.org (mirrorlist.centos.org)|2a05:d012:8b5:6503:9efb:5cad:348f:e826|:80... failed: Permission denied. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What about the AltArch repositories? (+ some experiments with aarch64 on Raspberry Pi)
> > This is aarch64: > > https://people.centos.org/pgreco/CentOS-Userland-8-stream-aarch64-RaspberryPI-Minimal-4/ > Great! I had missed this one. Thank you. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What about the AltArch repositories? (+ some experiments with aarch64 on Raspberry Pi)
> It's also worth noting that there is a CentOS 8 SD Card image for > Raspberry Pi 4. That's what I used. It was dirt simple to "install"- > simply dd the image file to an actual SD card, put it in the RasPi, > and go! (Allthough in my case, I made some modifications to the > Do you mean an image for armhfp (32 bits) or for aarch64 (64 bits) ? Could you please send a link? Thank you! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] What about the AltArch repositories? (+ some experiments with aarch64 on Raspberry Pi)
Hello, given the recent change in direction of CentOS, what will become of the AltArch repositories? (like CentOS 7 aarch64 and the related kernel repositories) I have been experimenting (with some success) with running a regular CentOS 8 aarch64 (ARM 64 bits) on a Raspberry PI 4 (with 4GB RAM), using the aarch64 kernel-rpi2 provided by CentOS 7 AltArch [1]. (a few more technical details below) This is a very different question than what is currently hotly discussed on this list, with the end of the bug-for-bug clone of RHEL, as there were never expectations that such settings would be supported. But on the other hand, I liked to use CentOS for innovation in a given field (mostly Java related) as its stability allowed one to go deep into one direction with "other things being equal" (contrary to Fedora, which is always moving in all directions). I guess that all these "side projects" (and SIGs, etc.) will disappear as well, won't they? Cheers, Mathieu ## More details about running CentOS aarch64 on a Raspberry Pi 4 As for my experiments with running CentOS 8 on a Raspberry Pi 4, a bit more details, so that these efforts are not completely lost. Two approaches were working : - From a plain CentOS 7 AltArch aarch64 installation, perform a CentOS 8 aarch64 install in a chroot (with the --installroot option) + a clean kernel-pi2 install from the CentOS 7 kernel-pi2 repository. Then copy the chroot to an .img file, and use this image to initialise an SD card. - From a plain CentOS 7 AltArch aarch64 installation, perform an in-place upgrade to CentOS 8 (first install dnf from EPEL, then switch the repos, and it works) The second approach had better device support on the Raspberry Pi 4 (most importantly the wifi, which was not working with the first approach), but this was probably a matter of subtle kernel / modprobe configs that were beyond my skills. I thought that I would share all this at some point, and ask for help from the CentOS AltArch developers; but I guess it is irrelevant right now. Both approaches were working equally well on the Raspberry Pi 3 (but Fedora support is good for this version, while Raspberry Pi 4 is not supported, so I tend to use Fedora aarch64 on them). As for what is actually the point of doing all this, this is not for weekend hobby tinkering, and it is relevant for server-side applications. ARM 64 bits is becoming an important platform (hence the fact that RHEL is now supporting it, MacOS will soon completely move to it, etc.) especially if one is interested in climate-friendly low-power IT, also on the server-side. But finding hardware is not easy and the (cheap) Raspberry Pi have 64-bit capable processors, even though the default distrib (Raspbian, based on Debian) does not yet support 64 bits (but they are working on it [2]). After trying many distributions, a paradox was that CentOS was actually the easiest to deploy and use in order to get some results (thanks to the work of the AltArch team!) In my case, the main interest was to test on ARM 64 bits GraalVM, the next generation Java platform, which can compile Java (and other programming languages) to native code. These builds require a lot of memory, but with an extremely slimmed down CentOS 8 and the 4 GB memory of the Raspberry Pi 4, it worked! [3] On a different layer, I could also test Eclipse SWT (Java user interface library) on this architecture (but on the plain CentOS 7 aarch64 with GNOME), and provide some quick feedback to Eclipse developers on their recent support for the whole Eclipse IDE on ARM 64 bits. [4] [1] http://mirror.centos.org/altarch/7/kernel/aarch64/kernel-rpi2 [2] https://downloads.raspberrypi.org/raspios_arm64/images/ [3] https://twitter.com/mbaudier/status/1274263320254722050 [4] https://twitter.com/mbaudier/status/1291421892381937670 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Installing Maven with OpenJDK 11, without pulling OpenJDK 1.8
Hello, I am trying to create a container image which will build Java software with Maven and Java 11 (rather focussing on CentOS 8 here). When installing 'maven' with yum, 'java-1.8.0-openjdk-devel' is installed as a dependency. If one then installs 'java-11-openjdk-devel', and use the update-alternatives command for java and javac, everything works fine and Maven uses Java 11 for the build. But I would like to avoid shipping OpenJDK 1.8 with the image, since it would uselessly double its size. An approach would be to install Maven manually, but it feels better to use the provided package. Looking at the spec file, I understand that the 'maven' package requires 'java-devel' without explicitly specifying a version. Is there some way (configuration, yum option, alternative, etc.) to make OpenJDK 11 satisfying this dependency? Could the new modules / app stream approach of CentOS 8 help here? This is of course a more general RPM / yum question, but I suspect that the Java use case is a recurring one, as many of us are currently upgrading from 1.8 to 11. Thanks in advance for hints, or telling me that there is no way to achieve this, Mathieu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 : Tip for significantly increasing battery life / reducing power consumption (Thinkpad X220 Tablet)
I was not happy with the power consumption of CentOS 6 x86_64 on a new Lenovo Thinkpad x220 Tablet and I worked on reducing it. I just wanted to share with the list one of the changes which gave me the most significant improvement. As per http://www.williambrownstreet.net/blog/?p=387, add the following kernel arguments to the GRUB boot configuration: pcie_aspm=force i915.i915_enable_rc6=1 i915.lvds_downclock=1 i915.i915_enable_fbc=1 As a follow-up: since the update to 6.4, these kernel arguments are *no longer required* in order to have a reasonable power consumption on a Thinkpad X220. With tuned profile 'laptop-battery-powersave', the idle laptop consumes a bit more than 10W (with display turned of: 8W) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 6 - Does EFI have an impact beyond the boot sequence?
Hello, I am using an up to date CentOS 6 x86_64 laptop (Thinkpad X220t) and after struggling a bit I could install it a few months ago with a pure EFI boot. However, I am not really satisfied with such things as stability, power consumption, etc. and now that I have a little more time I want to investigate these issues thoroughly. So, my questions are: - Does EFI impacts other things than the boot sequence? (a friend of mine told me that this is a complete replacement of BIOS, and thus impacts everything) - Could it change (improve?) stability, power consumption, etc. if I would reinstall CentOS 6 using the traditional boot? (or is it just a legacy wrapper around an EFI BIOS?) Thanks in advance for your advice or for providing more details about what you know about EFI pro and cons! Cheers, Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 : Tip for significantly increasing battery life / reducing power consumption (Thinkpad X220 Tablet)
These could be bad options for a number of users and since it's set at kernel boot time how can you override it once the OS has booted? Can you disable this without altering boot parameters and rebooting? If the answer is yes than a tuned configuration should be created or altered to set them dynamically. Setting of these at boot time are likely just wrong. You likely only want these to be turned on when the laptop is not attached to power, which you can create hooks for. Definitely, these could be bad options for some users (or, more likely, irrelevant ones). I posted to the list, so that when somebody will search for 'centos 6 thinkpad power consumption too high' he will bump into the Ubuntu related post I linked to (which provides additional links to the root cause) but also that this person will see that it worked pretty well in my particular case. Just a quick note to say that I'm indeed experiencing stability issues. The X server sometimes freezes and I have to reboot. Also Firefox crashes more often than not. I'm slowly trying to find out if this is due to these kernel arguments or to the combination with Compiz and docking etc. I'll post it here, if I gather more information. As James pointed out, caution is required before applying these kernel arguments. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 : Tip for significantly increasing battery life / reducing power consumption (Thinkpad X220 Tablet)
You could also consider just sticking to tuned and then having a look at the power management options as provided there. tuned-adm list will show you some predefined power management options which *can* be tweaked. I have made many tests with tuned and written small scripts to switch from one profile to the other (laptop-battery-powersave on battery, default on AC). Gains where in the 1W to 2W range vs. 9W gain with the kernel arguments (which is nice now that I'm around 12W, but it was 25W at the beginning!) Do you know what those options due to your machine in order to make the battery last longer? I mean really, do you know what they do? They are related to Intel graphic drivers (follow links in OP): http://www.williambrownstreet.net/blog/?p=387 http://askubuntu.com/questions/38117/battery-life-decreased-after-upgrade-to-11-04 I don't know much more, but what I know is that this single change increased battery life on my laptop by a factor of two, that the fan is not running at full speed all the time (it also was on AC), and that nothing was broken for the last two days I have been working with it. These could be bad options for a number of users and since it's set at kernel boot time how can you override it once the OS has booted? Can you disable this without altering boot parameters and rebooting? If the answer is yes than a tuned configuration should be created or altered to set them dynamically. Setting of these at boot time are likely just wrong. You likely only want these to be turned on when the laptop is not attached to power, which you can create hooks for. Definitely, these could be bad options for some users (or, more likely, irrelevant ones). I posted to the list, so that when somebody will search for 'centos 6 thinkpad power consumption too high' he will bump into the Ubuntu related post I linked to (which provides additional links to the root cause) but also that this person will see that it worked pretty well in my particular case. This is not a bug, it's a feature/workaround on specific hardware, that tweaks specific settings to get around a specific issue with the driver. Create a profile and submit it upstream. The above links rather point to a regression. I assume that CentOS users are experienced enough to do their own risks/benefits analysis before applying such tweaks. We can probably agree that we disagree on that point. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 6 : Tip for significantly increasing battery life / reducing power consumption (Thinkpad X220 Tablet)
Hello, I was not happy with the power consumption of CentOS 6 x86_64 on a new Lenovo Thinkpad x220 Tablet and I worked on reducing it. I just wanted to share with the list one of the changes which gave me the most significant improvement. As per http://www.williambrownstreet.net/blog/?p=387, add the following kernel arguments to the GRUB boot configuration: pcie_aspm=force i915.i915_enable_rc6=1 i915.lvds_downclock=1 i915.i915_enable_fbc=1 (in /boot/efi/EFI/redhat/grub.conf since I use EFI, /boot/grub/grub.conf otherwise) As measured using PowerTop, this made the power consumption decrease from 20W to 11W ! (I had already decreased it from 25W to 20W with the usual tips of disabling hardware, shutting down services, switching tuned profiles, etc.) All in all, battery time was more than multiplied by two, and the computer is now much more silent since the fan is not always running like mad in order to cool the processor. The bottom of the laptop is not anymore hot as hell. I don't know whether this would have an impact on other hardware, but it may be worth looking at it (even on servers?), since the above link points to descriptions of a regression in the kernel which seems more general. As a side note, the Power Management Guide of Red Hat is a good resource (analysis tools + tuned profiles): http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/Power_Management_Guide/ Cheers, Mathieu PS: Do you think I should book a bug in the upstream bug tracker? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 : Tip for significantly increasing battery life / reducing power consumption (Thinkpad X220 Tablet)
pcie_aspm=force i915.i915_enable_rc6=1 i915.lvds_downclock=1 i915.i915_enable_fbc=1 Interesting as now I'm using RHEL 6.3 on T400. Would that make the notebook slower? I did not notice any change in performance so far. (Tested with parallelized, offline, Java build and unit tests) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Feedback for CentOS 6 on a recent Thinkpad X220 Tablet?
Hello, I'm considering buying a Lenovo Thinkpad X220 *Tablet*. Does anybody run CentOS 6 on it? Is the multitouch working? Thanks in advance for any hint, Mathieu PS: I have checked thinkwiki.org already ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Having less languages in Firefox (hunspell dictionaries provide too many locales)
Hello, on CentOS 6, I am routinely writing mails in English, German and French and using the related hunspell dictionaries for the spelling in Firefox (I'm using Google Apps). This works fine but the problem is that languages are added for all the possible locales (English US, UK, Philippines, Bostwana, Trinidad and Tobago, Denmark (sic!), ... and German Germany, Austria... and French France, Canada, Belgium...). So each time I want to switch from one language to the other (which sometimes happens every few minutes), I need to choose in a very long list (with non-deterministic ordering). First I thought it was no big deal, but with time I realize this is a loss of time and concentration which while not big is recurrent. Does anybody knows how I could reduce the list to English UK, German Germany and French France? (no offence to the other locales) An option would be to uninstall the hunspell dictionaries and install the dictionaries manually as Firefox addons, but I find it nice to have them provided by the base OS, and anyhow, I don't think that it is possible for English. Thanks in advance, Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Having less languages in Firefox (hunspell dictionaries provide too many locales)
You are talking to the wrong people ... we build it exactly like it is built for upstream. It works just like in the RHEL sources, so that is how it is supposed to work. I'm aware of that, I'm just asking if somebody knows a workaround or a way to hack this away. (I'm already thinking of one hack: sudo cp -p /usr/share/myspell/fr_FR.* /tmp sudo rm -f /usr/share/myspell/fr_* sudo cp -p /tmp/fr_FR.* /usr/share/myspell/ but was wondering if there is not something cleaner, like a Firefox config) Next step would indeed be to book a ticket in upstream bugzilla (haven't found any so far). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Having less languages in Firefox (hunspell dictionaries provide too many locales)
Most of the dictionaries are symlinks from other basefiles. I have used these lines in my postinstall to remove dictionaries echo Remove excessive spell checking lists cd /usr/share/myspell find . -type l -exec rm {} \; \rm -f de_AT.* de_CH.* en_CA.* ko_KR.* That will give you a much smaller list of dictionaries in thunderbird. Thanks a lot, exactly what I needed. It worked fine. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Having less languages in Firefox (hunspell dictionaries provide too many locales)
Also, does removing language from Add-ons in Firefox help? You should be able to disable/deinstall any installed language. No, only English (GB) shows up in the Firefox Addons (this is my locale) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What happened to 6.1
If absolute 100% binary compatibility is not required, but admin-level compatibility and source-level compatibility with upstream EL is, Scientific Linux is covering that niche, and has their 6.1 out. In which concrete use cases is 100% binary compatibility important? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Video capture on CentOS (6)
Could anybody recommend a not-too-expensive video capture cards (PCI, USB, fireWire, ...) which would be well supported (drivers easily available in base, ElRepo, or not too complicated to build). Answering my own question for future reference: the GRABBY video capture card by TERRATEC worked out of the box on CentOS 6. It is very small, connects via USB and offers S-Video input + standard audio R/L and video input. It cost around 40 EUR in a consumer shop (Saturn) in the digitalize your old VHS video etc. section. lsusb output: Bus 001 Device 005: ID 0ccd:0096 TerraTec Electronic GmbH Input can be visualized using VLC (from RPMForge) and Video4Linux 2 capture device. Cheers, Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Rsync CR repo for CentOS 6? was [CentOS-announce] CentOS-6.0 Continuous Release i386 and x86_64
- Baseurl for the CR repo is set to only use centos.org internal machines, this is to reduce the amount of time we need to spend in seeding and then managing external mirrors. Is it possible to synchronize locally the CR repo? We usually synchronize all repositories in our internal network via the third-party mirrors, but since the CR repo won't be available there, it would be nice to be able to rsync directly from centos.org (and it would remove some load on it) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Video capture on CentOS (6)
Hello, I need to do some analog video capture and I was wondering what is the status of this in CentOS 6. The last information I could find was here (obviously for CentOS 5): http://lists.centos.org/pipermail/centos/2009-September/082521.html Could anybody recommend a not-too-expensive video capture cards (PCI, USB, fireWire, ...) which would be well supported (drivers easily available in base, ElRepo, or not too complicated to build). Thanks in advance! Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos-release 5.7 srpm where?
Are you able to find what you are looking for in Vault/5.7 ? Yes: http://vault.centos.org/5.7/os/SRPMS/ ( more details on what the thinking behind this is, coming shortly ) I'm curious. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos product specification
ill bet you would take in a boatload of money re: donations to censor and/or kick a.l. paul off the lists Yes, maybe it is time that this person is moderated away? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 6.1 Update request
Step-1, get the major security stuff into 6.0/cr/. Sounds good! Thanks for the update. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentoOS 6 x86_64 Updates
is it correct that there were for a long time no more updates for CentOS 6 x86_64? My understanding is that updates are on hold until the (imminent) release of CentOS 6.1. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Timeframe for httpd update (CVE-2011-3192)
It's in the cr repo. I must admit that I had completely missed the introduction of the CR repository: http://lists.centos.org/pipermail/centos-announce/2011-August/017689.html http://wiki.centos.org/AdditionalResources/Repositories/CR Great idea, thanks. Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos 6 updates?
I haven't seen -any- updates to centos 6 since July 10th?!? is 6.1 holding this up? From the devel mailing list: http://lists.centos.org/pipermail/centos-devel/2011-August/008071.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] [SOLVED] RAID5 suddenly broken
[root@livecd ~]# mdadm --misc -E /dev/md0 mdadm: No md superblock detected on /dev/md0. [root@livecd ~]# mdadm --misc -Q /dev/md0 /dev/md0: is an md device which is not active /dev/md0: No md super block found, not an md component. [root@livecd ~]# mdadm --misc -D /dev/md0 mdadm: md device /dev/md0 does not appear to be active. I could fix the issue. Since the information on internet is a bit messy and scary here is a summary of the problem and of the solution, for future reference: ## PROBLEM Due to some failure related to suspend the RAID5 array became inconsistent. The symptom was that the superblock (which allow auto-configuration of the RAID array) was not recognized. But the underlying member partitions were still recognized as per the following command: [root@livecd ~]# mdadm -E /dev/sd*3 which provided details about their states ## SOLUTION (detailed output of the commands at the end of the post) # Assemble the array with force option mdadm -v --assemble --force /dev/md0 /dev/sd{a,b,c,d}3 # NOTE: assembling without force option was not enough [root@livecd ~]# mdadm -v --assemble /dev/md0 /dev/sd{a,b,c,d}3 ... mdadm: /dev/md0 assembled from 2 drives - not enough to start the array while not clean - consider --force. # Check state mdadm -D /dev/md0 ... Number Major Minor RaidDevice State 0 830 active sync /dev/sda3 1 001 removed 2 8 512 active sync /dev/sdd3 # Add missing partitions to the array mdadm /dev/md0 -a /dev/sdb3 mdadm /dev/md0 -a /dev/sdc3 # Check that it is now OK mdadm -D /dev/md0 ... Number Major Minor RaidDevice State 0 830 active sync /dev/sda3 1 8 191 spare rebuilding /dev/sdb3 2 8 512 active sync /dev/sdd3 3 8 35- spare /dev/sdc3 # and watch it rebuild: ... Rebuild Status : 3% complete Many thanks to the CentOS LiveCD team, they saved the day. Cheers, Mathieu ## DETAILED OUTPUT [root@livecd ~]# mdadm -v --assemble --force /dev/md0 /dev/sd{a,b,c,d}3 mdadm: looking for devices for /dev/md0 mdadm: /dev/sda3 is identified as a member of /dev/md0, slot 0. mdadm: /dev/sdb3 is identified as a member of /dev/md0, slot 1. mdadm: /dev/sdc3 is identified as a member of /dev/md0, slot 1. mdadm: /dev/sdd3 is identified as a member of /dev/md0, slot 2. mdadm: added /dev/sdc3 to /dev/md0 as 1 mdadm: added /dev/sdd3 to /dev/md0 as 2 mdadm: added /dev/sda3 to /dev/md0 as 0 mdadm: /dev/md0 has been started with 2 drives (out of 3). [root@livecd ~]# mdadm -D /dev/md0 /dev/md0: Version : 0.90 Creation Time : Tue Dec 1 12:01:05 2009 Raid Level : raid5 Array Size : 409592832 (390.62 GiB 419.42 GB) Used Dev Size : 204796416 (195.31 GiB 209.71 GB) Raid Devices : 3 Total Devices : 2 Preferred Minor : 0 Persistence : Superblock is persistent Update Time : Wed Aug 17 14:47:36 2011 State : clean, degraded Active Devices : 2 Working Devices : 2 Failed Devices : 0 Spare Devices : 0 Layout : left-symmetric Chunk Size : 256K UUID : 7533411a:f066a145:1e89d48e:1a8374a3 Events : 0.38857 Number Major Minor RaidDevice State 0 830 active sync /dev/sda3 1 001 removed 2 8 512 active sync /dev/sdd3 [root@livecd ~]# mdadm /dev/md0 -a /dev/sdb3 mdadm: re-added /dev/sdb3 [root@livecd ~]# mdadm /dev/md0 -a /dev/sdc3 mdadm: added /dev/sdc3 [root@livecd ~]# mdadm -D /dev/md0 /dev/md0: Version : 0.90 Creation Time : Tue Dec 1 12:01:05 2009 Raid Level : raid5 Array Size : 409592832 (390.62 GiB 419.42 GB) Used Dev Size : 204796416 (195.31 GiB 209.71 GB) Raid Devices : 3 Total Devices : 4 Preferred Minor : 0 Persistence : Superblock is persistent Update Time : Wed Aug 17 14:47:36 2011 State : clean, degraded, recovering Active Devices : 2 Working Devices : 4 Failed Devices : 0 Spare Devices : 2 Layout : left-symmetric Chunk Size : 256K Rebuild Status : 0% complete UUID : 7533411a:f066a145:1e89d48e:1a8374a3 Events : 0.38857 Number Major Minor RaidDevice State 0 830 active sync /dev/sda3 1 8 191 spare rebuilding /dev/sdb3 2 8 512 active sync /dev/sdd3 3 8 35- spare /dev/sdc3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] RAID5 suddenly broken
Hello, I have a RAID5 array on my CentOS 5.6 x86_64 workstation which suddenly failed to work (actually after the system could not resume from a suspend). I had recently issues after moving the workstation to another office, where one of the disks got accidently unplugged. But the RAID was working and it had reconstructed (as far as I can tell) the data. After I replugged the disk, it was working normally over the last two days (enough to get back to a proper state I guess/hoped) This RAID is used as an LVM volume group for all my important data, among them the root of the operating system(s). It based on four partitions on four separate disks (the third partition of each disk, 3 active, one spare) When booting, I get an error message similar to: raid5 failed: No md superblock detected on /dev/md0. and the LVM volume group does not come up. I then booted using the CentOS 5.6 LiveCD and tried to run a few mdadm command (see just below). It seems that there are some data still lying around, but I'm not very experienced with RAID and I thought that I would ask for advice before trying commands which may impact the data such as assemble, etc. Thanks in advance for any help! Mathieu [root@livecd ~]# mdadm --misc -E /dev/md0 mdadm: No md superblock detected on /dev/md0. [root@livecd ~]# mdadm --misc -Q /dev/md0 /dev/md0: is an md device which is not active /dev/md0: No md super block found, not an md component. [root@livecd ~]# mdadm --misc -D /dev/md0 mdadm: md device /dev/md0 does not appear to be active. [root@livecd ~]# mdadm -E /dev/sd*3 /dev/sda3: Magic : a92b4efc Version : 0.90.00 UUID : 7533411a:f066a145:1e89d48e:1a8374a3 Creation Time : Tue Dec 1 12:01:05 2009 Raid Level : raid5 Used Dev Size : 204796416 (195.31 GiB 209.71 GB) Array Size : 409592832 (390.62 GiB 419.42 GB) Raid Devices : 3 Total Devices : 2 Preferred Minor : 0 Update Time : Wed Aug 17 14:47:36 2011 State : active Active Devices : 2 Working Devices : 2 Failed Devices : 1 Spare Devices : 0 Checksum : ed6d5dcd - correct Events : 38857 Layout : left-symmetric Chunk Size : 256K Number Major Minor RaidDevice State this 0 830 active sync /dev/sda3 0 0 830 active sync /dev/sda3 1 1 001 faulty removed 2 2 8 512 active sync /dev/sdd3 /dev/sdb3: Magic : a92b4efc Version : 0.90.00 UUID : 7533411a:f066a145:1e89d48e:1a8374a3 Creation Time : Tue Dec 1 12:01:05 2009 Raid Level : raid5 Used Dev Size : 204796416 (195.31 GiB 209.71 GB) Array Size : 409592832 (390.62 GiB 419.42 GB) Raid Devices : 3 Total Devices : 4 Preferred Minor : 0 Update Time : Wed Aug 10 11:52:15 2011 State : clean Active Devices : 3 Working Devices : 4 Failed Devices : 0 Spare Devices : 1 Checksum : ed63a948 - correct Events : 9022 Layout : left-symmetric Chunk Size : 256K Number Major Minor RaidDevice State this 1 8 191 active sync /dev/sdb3 0 0 830 active sync /dev/sda3 1 1 8 191 active sync /dev/sdb3 2 2 8 512 active sync /dev/sdd3 3 3 8 353 spare /dev/sdc3 /dev/sdc3: Magic : a92b4efc Version : 0.90.00 UUID : 7533411a:f066a145:1e89d48e:1a8374a3 Creation Time : Tue Dec 1 12:01:05 2009 Raid Level : raid5 Used Dev Size : 204796416 (195.31 GiB 209.71 GB) Array Size : 409592832 (390.62 GiB 419.42 GB) Raid Devices : 3 Total Devices : 3 Preferred Minor : 0 Update Time : Tue Aug 16 17:48:59 2011 State : clean Active Devices : 3 Working Devices : 3 Failed Devices : 0 Spare Devices : 0 Checksum : ed6bf2b0 - correct Events : 10670 Layout : left-symmetric Chunk Size : 256K Number Major Minor RaidDevice State this 1 8 351 active sync /dev/sdc3 0 0 830 active sync /dev/sda3 1 1 8 351 active sync /dev/sdc3 2 2 8 512 active sync /dev/sdd3 /dev/sdd3: Magic : a92b4efc Version : 0.90.00 UUID : 7533411a:f066a145:1e89d48e:1a8374a3 Creation Time : Tue Dec 1 12:01:05 2009 Raid Level : raid5 Used Dev Size : 204796416 (195.31 GiB 209.71 GB) Array Size : 409592832 (390.62 GiB 419.42 GB) Raid Devices : 3 Total Devices : 2 Preferred Minor : 0 Update Time : Wed Aug 17 14:47:36 2011 State : active Active Devices : 2 Working Devices : 2 Failed Devices : 1 Spare Devices : 0 Checksum : ed6d5e01 - correct Events : 38857 Layout : left-symmetric
Re: [CentOS] ClearOS rebuild
If you want to get into the nitty gritty of it, the ONLY group of people who deserve ANY credit at all are the Redhat folks. So saying a product that is released off Redhat's coattails is competing with another product that is ALSO running off Redhat's coattails is absurd. Maybe a little thought as well for the few hundreds/thousands of FLOSS upstream projects? (starting with the kernel and all GNU software...) Red Hat is great and what they do (and Debian, Ubuntu, etc. do) is critical, but I find it sometimes weird how people talk about it as if they were developing ALL the software they distribute. The product is the collective work of all the contributors to free software (individuals and organizations) over three decades, as well as of those who make it available to others (volunteers like CentOS, companies like Red Hat). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ClearOS rebuild
Yes, RedHat deserves the credit for denying access to the binaries of open source work, even to the community responsible for it even existing. Since I just made a point about the upstream projects, let me respectfully disagree with your statement : free software is about freedom not free lunch. CentOS, ScientificLinux, ClearOS, etc. are living proof that Red Hat did not take away our freedom. Moreover, I doubt that the free software community is worse off with Red Hat having a profitable business model, but this is another question. (gosh, I got trapped again in one of these threads... Sorry, I love debating too much. Won't do it again. Won't do it again...) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ApacheDS vs OpenLDAP
Wondering if any of you have thoughts/experiences with ApacheDS? Since we develop mostly Java application we use it for development and testing: developers don't have to install an OS dependent LDAP implementation (especially the poor souls working on Windows). In production we use openldap from CentOS (5.6). As far as authentication / role management goes we have never noticed any significant difference between testing and production. (except for a few attributes where null/empty values are accepted by one but not the other). But we are definitely not pushing them to the limit in our deployments. Please note that we are still on ApacheDS 1.0 since we put this in place a while ago and never felt the need to upgrade it for our development / testing needs. I'd be interested in your analysis and final choice if you test it for production deployments. This is something that I'm considering as well, because of our Java focus. A bit OT with regard to the OP question: this is the occasion to signal that Apache Directory Studio (http://directory.apache.org/studio/), a sister project, is an excellent and powerful LDAP client. It works well in order to access CentOS openldap servers (and obviously ApacheDS as well), and runs well on a CentOS desktop (with the default OpenJDK). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)
nothing and apparently today's target date has slipped, and 2) until CentOS admits that there is a problem, nothing will actually change. Apparently they did admit and it does change: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=31347forum=53 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Changing default paper size to A4 on CentOS 5 (Kyocera FS1920 printer)
Hello, I have a Kyocera FS1920 network printer, and I run an up-to-date CentOS 5.6 x86_64 workstation. When I try to print with evince or Firefox the default paper size is always set to US Letter whereas the printer use A4. I have searched and other people seem to have the problem, but the only recommendations that I have found boil down to setting the default paper size to A4 in the CUPS printer settings. I had done that already and double-checked via the Printer config UI or the CUPS web interface (http://localhost:631), but to no avail. What is a bit weird is that I do not remember having such problems with my previous printer (an Epson Stylus RX500). I would be grateful for any hint / idea. Cheers, Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Changing default paper size to A4 on CentOS 5 (Kyocera FS1920 printer)
# en_GB should print in A4 by default export LC_PAPER=en_GB.UTF_8 That did the trick! (evince + Firefox) Merci beaucoup, Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rpm libuser-devel is not signed
'yum update' runs into the following error message. Package libuser-devel-0.54.7-2.1.el5_5.2.i386.rpm is not signed I got this too, there's two ways around it: 1) Wait until the package is signed and then update. 2) Run: yum update --nogpgcheck Other workarounds for this particular issue have just been suggested here: http://lists.centos.org/pipermail/centos/2011-April/110547.html http://lists.centos.org/pipermail/centos/2011-April/110551.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rpm libuser-devel is not signed
Other workarounds for this particular issue have just been suggested here: http://lists.centos.org/pipermail/centos/2011-April/110547.html http://lists.centos.org/pipermail/centos/2011-April/110551.html I find it strange that people are making such recommendations. A non verifyable signature is a MASSIVE deal. Working 'around' that is to stop doing what you are doing, and not do any package centric operation till the issue is fixed and resolved in an acceptable manner. Sorry, but not everybody is on production machines. Since the OP could not analyze himself the error message, one could safely assume he is not dealing with critical production environments. Maybe he was just told: install quickly this CentOS in VirtualBox, just to make sure our app is compatible, and in that case the sooner the better. My advice and those of others where underlying the security risk. The one of Akemi seems pretty safe (not installing the update). To put it shortly: Freedom, as in free software, is about doing whatever you want. This being say, I do agree that having a non signed package is a MASSIVE deal. Do we have more details about what's going on here? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rpm libuser-devel is not signed
Not updating is entirely sensible and sounds like the best default position. Installing a package you'd expect to be signed when it isn't signed should ring alarm bells. I agree that my first answer was probably wrong, even with all disclaimers and warnings. I thought of a technical way (--nogpgcheck) to solve the issue, whereas the right answer was definitely procedural (as you point out, not updating, what I would have done on my own systems). I apologize, but I did my best... Freedom includes being free to make poor decisions. I fully agree with you. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 Update?
The attitudes against any user who has a question about releases significantly undermines the project and is a slap in the face to any user? Or users who keep repeating again and again the same boring old stuff? I think that we now all know what to expect and what not to expect from CentOS. And that some here are frustrated with it, while some aren't. Is there anything else relevant to add? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update after fresh 5.6 install fails
Package libuser-0.54.7-2.1.el5_5.2.x86_64.rpm is not signed You could use --nogpgcheck but this is really weird that some packages are not signed. It may mean that the package is not from the trusted source, so you should not use --nogpgcheck on a serious environment. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] WebSite V2 - progress
we have done some progress on the new web site project. Cool! I was told in the devel ML that the 3 wireframes were not pulicly visible. So you can see them here: http://hydra.azilian.net/centos/ 1. http://hydra.azilian.net/centos/centos_frontpage_design_option_1.png I prefer this one, also visible here apparently: http://qaweb.dev.centos.org/websitever2/node/40 Which version of Drupal do you plan to use? (if you do use Drupal, what I would support) I'm currently testing Drupal 7 on CentOS 5.6 with php53 and I'm very happy so far. I have adapted the Fedora Drupal 7 RPM fro CentOS and added some modules in it (for LDAP integration and force SSL). I don't want to publish the spec file publicly because I'm not confident enough in the security, but if you want I can send you directly the spec file (or to other CentOS members), just as a basis in case you want to use an RPM packaged Drupal 7. I wish I could help more but I'm not a Drupal or PHP developer (I'm a Java developer...). I'm happy to test betw versions of teh website though. Thanks and good luck for the new website! Mathieu PS: the QA web OpenAtrium is cool as well!! ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] CentOS 5.6
Just one thing: THANK YOU ALL!!! Thanks a lot! (especially for focusing on 5.6 before 6.0) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6
5.6 was also very late in appearing? That said, from what I think I'm hearing, 5.6 will have user selectable versions of some software... PHP for one? I've never known of a release with this type of situation. As There was already such situations. postgresql84 was introduced in CentOS 5.5 for example. This is really great and extends the life of the platform, but as you suggest is probably not without costs in terms of complexity (we regularly run into the odd problem with PostgreSQL) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any update on 5.6 / 6?
Anyway, listmaster, I vote to kick him off the list. As others have already pointed out, by definition of the CentOS project this list is very vulnerable to trolling around releases of new versions. A troll (maybe not the right term, but that's what comes to my mind) just has to come and ask THE question (see subject of this thread) in order to start a flame war. So, a pragmatic idea could be to kick temporarily out anybody (him, you, me, ...) asking THE question until the actual release, and then authorize them again afterward (so that it is not too hard a punishment). Just an idea. (I don't care much myself, but I really feel sorry for the people who are currently spending their free time on the rebuild and have to endure this) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5 Java Process Death
I've been running our apps as purely as I can (java -cp /path/to/libs/* path.to.the.App) and they're still being send SIGHUP signals for reasons I can't understand. So, to sum you have tried: - with various classloading approaches - various JVMs - on various systems I must say that I'm really puzzled by your problem. Especially since your app sounds to be not very complex and does not use JNI. I would do the following: reproduce cleanly the problem with OpenJdk and submit it to the IcedTea project as a bug. They may be able to help you more, since they know what is going on in the JVM. Last question: did you always have the problem, or did it suddenly appear? (if yes, after which changes in the app code, or update in the OS, etc.) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 5 on a Thinkpad T60 laptop
Hello, I'm considering buying a second-hand Thinkpad T60 (with 2 GB RAM), as a secondary laptop in order to run CentOS 5 on the field. My main focus is therefore to have something robust, reliable and above all well compatible with CentOS. Hibernate / suspend feature are important to me, because that's the main issue I have with CentOS on other laptops. I have found the following information so far: http://www.thinkwiki.org/wiki/Installation_CentOS_5_on_a_Thinkpad_T60 The processor is a T2300 (so 32 bits apparently): http://ark.intel.com/Product.aspx?id=27233 I would be grateful if people having used CentOS on this model could share their experience (good or bad). Thanks in advance! Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5 Java Process Death
I added in as many try...catch blocks as I could and got no useful output, but it occurred to me that the Eclipse loader is adding in another level of code between my application and the kernel. Can you please give more details about this additional code? How did you find out? Do you mean that the application is running in an OSGi runtime? Can you please give a bit more details about the architecture and deployment of your application? Is it a headless application or with an Eclipse UI? I have had similar issues recently with the OpenJDK shipped in CentOS, and if your application is based on OSGi I may be able to help you analyze further. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5 Java Process Death
When I package a Runnable JAR using the Eclipse Export wizard, in the manifest file, the main-class is given as org.eclipse.jdt.internal.jarinjarloader.JarRsrcLoader, which I presume is a little bit of code to redirect the main method to the main method of my actual application. This is the extra layer I was referring to. Ok, if I well understand, Eclipse packages a big jar containing all your code and jar dependencies, and then uses its own classloader to access them. As you suggested this is an interesting trail to follow. I already had issues with exotic classloaders using OpenJdk on CentOS. Try indeed to do a pure java deployment (java -cp myjar1,myjar2,... com.example.MyAppWithMainMethod) and see if the issue still happens. What was the result of your tests with Sun JRE (cf. your post from Feb 11th)? Do you have the issue with Sun JRE as well? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.5 + firefox 3.6 and 64bit javaplugin (1.6u23)
Looks like firefox is 32bit version, not 64bit version, but 32bit java 1.6.u23 still fails. Where did you install Java from? The Java browser plugin is not available in teh OpenJDK shipped with CentOS 5.5. You need to install the JRE from Sun. In this page: http://wiki.centos.org/HowTos/JavaOnCentOS the following tutorial is recommended: http://www.trading-shim.org/faq/?java ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Amazon EC2 - building a minimal centOS ebs bootable image
physical instances. EC2 is *not* a replacement for a conventional static server. Could you please elaborate a bit? What do you think should be left on the physical servers? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
By default, CentOS v5 requires a user's password when the system wakes up from the screensaver. This can be disabled by each user, but how can I disable this system-wide? Many of my users forget to do this, which results in workstations being locked up. Instead of removing the lock on your workstations (big security risk as others have mentioned), why not rather activate the 'user switch' button? If you really need to access a workstation, you can then log in as another user (e.g. admin user) and then do what you want (which may involve killing the guilty session). In gconf-editor, you find this option under: /apps/gnome-screensaver/user_switch_enabled You can then probably apply it system-wide using recommendations of this thread (I haven't tested it). I quickly scanned through the thread, so maybe somebody suggested that already, sorry for the repeat in that case. A bit OT, but something related that I discovered recently: you can explicitly start the screensaver (and thus the lock) with Ctrl+Alt+L (instead of looking for the button in the GNOME menu). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recompiling source rpms for i386, i686 and x86_64 on the same box?
For the 3 arches you want they could all be done under mock in a x86_64 environment. Under Indeed, I build 32 and 64 bits RPMS on an x86_64 CentOS 5.5 with mock. In order to deal with the multi arch, I call mock as follow: setarch $ARCH mock --arch=$ARCH -r mock config file --debug $SRPM Note that I pass the --arch argument to mock, but also had to put additionally setarch before the actual call. On a side note, use the CentOS mock (in extras), not the one from EPEL. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ext4 or XFS
Hey I've been watching the thread on and off. How large in the file system you are trying to share? What will it / they be used? http://lists.centos.org/pipermail/centos/2011-January/thread.html http://lists.centos.org/pipermail/centos/2011-January/104184.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] do i need a dedicated ip address for https?
certificate for each client, and reduces certificate administration to a SINGLE httpd.conf entry. (if your application is structured thusly) Can you then use only one single SSL port for all subdomains? I am using wildcard certificates as well, but I'm still allocating a separate port per subdomain that needs SSL. I would very much appreciate if you (or someone) could detail a bit how you combine multiple subdomains on a single SSL port. Thanks in advance! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] google chrome big brother
am i right, or i'm missing something? You are right. Google Chrome OS is Open Source. But with Google Chrome OS you can do exactly nothing, because there are no applications (even basic UNIX tools are not available). The My understanding is that Chrome OS is based on Chromium OS, which is more FLOSS oriented: http://www.chromium.org/chromium-os Some months ago I gave a try to this re-build of Chromium OS: http://chromeos.hexxeh.net/ and it was working (it wasn't updated since last February though). The wiki says that you can install Ubuntu packages, but I did not try: http://chromeos.hexxeh.net/wiki/doku.php?id=addingpackages So it seems possible to extend it (the question is then whether it would be useful). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: programming language for morons (newbie friendly language in Open Source world)
And your point is? I consider the fact that *every* *single* *time* tomcat crashes (you cannot have null pointer exceptions in java, the books all said), the stack trace is 150 or 200 calls deep. Show me something written in C, or C++, or perl, or php, or... that's that bad. - copy the stack in the clipboard, whatever its size - paste it in the Eclipse Java Stack console - browse calmly the sources, enjoying the consistent conventions put in place by Sun from the beginning and the coding standards matured by projects such as the Apache Java projects or Spring (assuming you are properly managing your dependencies, use a FLOSS stack and have the sources linked in Eclipse which is done automatically if you use Maven and/or OSGi) Yes, you have NullPointerException in Java. But they don't make you're whole application die. Analyzing a core file is a post-mortem autopsy. With a Java stack trace in a log file you can sometime still save the patient. The point is that languages like Java are of course not well suited for the needs of the OP and probably for sysadmins in general. But please take a step back, and realize that when one decide to put man-months or man-years of development into big software products (be they FLOSS software or proprietary), one needs features and an ecosystem that scripting languages are simply not meant to provide (which doesn't mean they are bad), and that Java, .Net or C++ do provide. Don't get me wrong, I find your comments very interesting because they illustrate a given perspective. But as a software developer who humbly does a bit of system administration, I find one should be cautious before calling the thousands and thousands of Java developers utterly stupid. Just like I would feel bad if I would read on a software list rants against system administrators. I have indeed seen smart sysadmins saving the day with a few lines of BASH, to workaround badly (and expensively) written Java enterprise systems... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Issues with CentOS in enterprise
And also take into consideration that RHEL6 is shipped with approx. 2.000 packages. And there are over 10.000 packages available for Fedora. Such a limited package scope is needed to be able to provide stability. And this stability is why so many loves to run RHEL/CentOS/ScientificLinux instead of many other Linux distros on their servers. The fact that the number of packages is pretty limited in core RHEL/CentOS also makes that with additional repos such as EPEL (or RPMForge) you can have a lot of recent software. EPEL additionally guarantees that the base OS won't be updated. Then you can always decide to backport some software for a given field, using the rest as a stable basis. As Karanbir Singh pointed out in a recent interview in DistroWatch, it can be much easier to innovate and be cutting edge in a given field if the rest stays stable, instead of doing so when the whole distribution is a moving target as in Fedora. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: programming language for morons (newbie friendly language in Open Source world)
What programming language should I learn? It depends what you want to do. - build quickly applications, reusing existing components and understanding a lot of the Linux ecosystem = Python - process quickly huge amount of text files = Practical Exrtaction and Reporting Language (aka. PERL, yes you can do a lot of other things with it, but not so convincingly as with Python, IMHO) - performance and resource critical algorithms = C++ - simple, fast and powerful websites / understanding CMS such as Drupal or Wordpress = PHP - enterprise applications = Java (= or .Net, but then I think that MS Windows is a better platform than CentOS even though I heard that Mono is working) I'm personnally a Java developer and tend to do all of the above with Java. If you are a sysadmin, I would recommend you Python: I don't know it well, but all people I know who used it love it, and again there are plenty of the software around which are based on it (also GUIs) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Issues with CentOS in enterprise
I have the following situation. I tried to promote CentOS to local bank. They have now a couple of Gentoo-based systems and I tried to explain them that CentOS is much better option for enterprises. We deployed a CentOS based virtualized appliance for a (non-critical) application developed by us in a bank which had similar policies. Actually they even had an explicit official policy against any open-source software. We finally convinced them with the following arguments: - we could support RHEL if they would prefer to have a big company behind the OS and they could always decide to switch to it - we said that we were ready to deploy it on Solaris, but they should pay us more for that and take responsibility for any issue I guess, I'm not the first who encounter this issue. Could you share your experience how to deal with it? Are there any public resources that can be used as proofs of CentOS stability? Out of common sense, and as others have suggested, I would tell them: - if you are willing to pay and want to be safe, take RHEL (Red Hat is about to reach $1 billion revenues http://bit.ly/eb4igX) - if not, what makes you think that Gentoo is more viable? CentOS definitely addresses a need in the market, and even if the project should collapse (God forbids...), so many people needs it that an equivalent would probably pops up quickly, based on the amazing work which as already been done and is available. The following chart shows for example that CentOS is very popular for web servers: http://w3techs.com/technologies/history_details/os-linux ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPV4 is nearly depleted, are you ready for IPV6?
I guess the reason it jars us here is because most people post properly. Except the gmail lusers who haven't figured out how to turn off multipart html crap. +1 Unfair: the 'text' formatting mode from GMail is very standard compliant, trimming the lines etc. Maybe one should just more explicitly tell new users to enable it when posting to mailing-lists. This is even easier to activate (this hyperlink right here above the text area) than in any mail client I have ever seen (except those which do only text, of course...) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPV4 is nearly depleted, are you ready for IPV6?
b) Do I get charged by my ISP on a per-device basis? Heh, if they want to micromanage... This is no science fiction. Some big providers in some countries limit the number of device that can connect to internet. You have to register the MAC address of your single PC (which, by the way, is expected to run Windows or MacOS) In that case, a NAT router sending the MAC address expected by the provider could have (maybe, possibly...) been very handy. (I won't tell more, even though I have left the country and the provider in question) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPV4 is nearly depleted, are you ready for IPV6?
/me does not care. Not sure about other folks though...do them a service :-p In theory, a lot of residential routers (not provided by the ISP) will allow to set the sent MAC address via their web interface. And on a full fledged Linux OS: ifconfig ethX hw ether MY:MA:CA:DD:RE:SS (or something like that, see man ifconfig) I just did not say whether I have ever tried in real... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5 with MediaWiki
I'm trying to install MediaWiki, and asks that package as a dependency. Which version of MediaWiki are you trying to install? I could recently repackage a Fedora RPM of v1.15.4, using dependencies provided by the RPMForge repo. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.5 with MediaWiki
Also, there will soon be a MediaWiki 1.16 package in EPEL[1]. There is Good news! Actually my dependencies were probably from EPEL in that case, not RPMForge. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] New list ?
My personal opinion is that it's not a big deal. As with other mailing lists, stuff I'm not interested in I simply ignore. +1 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Eclipse Helios on CentOS 5.5 (was Websites Up!)
Then I hope to finish my tutorial on installing Eclipse Helios for Centos 5.5 Is there anything special to be done? I just unzipped the SR1 distribution for RCP/RAP developers linux-gtk-x86_64 and it works without problem on an up to date CentOS 5.5 x86_64. (to be more precise: I install it as root under /opt, install some plugins like subclipse and regular users start it from there) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 installation memory requirements
break out your wallet, blow the dust out, and spend a few bucks on some RAM Sometimes the hardware is so old, that it is not as easy as that to find the right RAM for it... I have some very old IBM PoS cashier machines (sic! got them for 30 EUR each, plenty of connectors, very well built) based on Celeron processors which valiantly run CentOS 5 for some tests/router/storage, etc., but I have a hard time finding RAM for them. I think that they will never make it to CentOS 6 (maybe I'll switch them to Debian which I always found pretty good for low-end hardware). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 installation memory requirements
it, turn it off, and maybe uninstall. If these are PoS boxen, do you need X windows? Do you need Gnome or KDE as windonw managers (look at smaller ones - I use IceWM at home, 600k, yes, k, not M; the other admin here likes xfce)? I have the CentOS Extras XFCE on one of them (for which I could actually get the right additional RAM), but most just run headless (and were installed with the text installer). I don't use them as cashier machines, just got them second hand. They were so cheap that I bought one just to try, and then found it so good that I bought the other three... (I'm probably not the only one on this list who has computers all over the place, and a wife who gave up asking when you come up with a new one) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 installation memory requirements
What type of RAM modules are you looking for? I'm never quite sure how to find out. I know that there was a pretty descriptive label on one of them (with 200 MHz or something) and that's how I could find a similar one. Let me open them and find out and I'll contact you offlist. They would be much more useful with just a bit of additional RAM (and they may run CentOS 6 in the end ;) Thanks! Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] KVM: where are the directions?
kvm-83. That said, as you've probably already read in the docs, KVM is a technology preview in RHEL 5.x...6.0 will be the first version with official/stable KVM support by Red Hat. My understanding is that KVM was tech preview in RHEL/CentOS 5.4 and officially supported from RHEL/CentOS 5.5. Am I mistaken? ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Can I mix kvm and virtual box?
If you manually install virtualbox, you can unload the kvm module manually and load the virtual box modules. You can't have both loaded at the same time (at least not that I know of), but you can unload one and load the other. Concretely, before running VirtualBox, run: sudo /sbin/modprobe -r kvm_intel (or maybe kvm_amd if you're not running on Intel processors...) If you want to disable kvm for between reboots, you can blacklist the module. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS] Best practices for the maximal length of user names
Hello, are there any best practices for the length of user names? I tend to limit them to 8 characters and to follow the pattern 'first letter of the first name'+'first 7 letters of the last name' (e.g. mbaudier). But people are sometimes frustrated with having their last name truncated and I wonder if limiting the user name to 8 characters is not a kind of superstition coming from some old times... I would be very interested to hear opinions / experience about this. (I'm using CentOS 5.5) Thanks in advance! Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network card not working after update to 2.6.18-194.17.4.el5
the network card of my workstation stopped working after I updated the kernel to 2.6.18-194.17.4.el5 . Just to follow up on this: I actually dual boot with Ubuntu on this workstation (mostly for digital processing, where recent FLOSS software are needed), and Ubuntu network access also broke at the same time. But I did not care as much as for CentOS since I don't absolutely need the network when I process pictures. At some point though, I tried to fix the problem on Ubuntu as well and used the same approach as on CentOS, that is starting the previous kernel version from GRUB. I must say that most of them were completely broken, not even starting the OS properly, and I had to come back to three kernel versions before in order to reach the OS (which I find really disturbing with regard to Ubuntu stability, especially when you consider that this is a completely pure untweaked installation that I barely use...) Anyhow, I finally could reach the network on Ubuntu, did an update (no new kernel was included inthis update), restarted Ubuntu and the network was working again on the latest kernel (where it was previously broken). Then I booted CentOS with 2.6.18-194.17.4.el5 (where the network was broken, see my OP), and the network was now working. So, it seems that Ubuntu and CentOS somehow conflicted in their management of the network card. I don't understand how it is possible though, since the machine is rebooted (I also did some tests, where I was cuttin all power supply, in order to be sure that the motherboard was completely shut off). Anyhow, my CentOS workstation is back to normal and I will now update to the kernel which has just been released. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
I have been using Fedora on my home desktop for close to an year, and I am happy with it, nevertheless I am considering switching to a slower-moving distro. I followed the same path a few years ago, and I'm very happy with it. So, welcome! CentOS + EPEL put together have less packages than Fedora. Moreover I use CentOS + EPEL as a base and include specific packages from RPMForge, using includepkgs in the /etc/yum.repos.d/rpmforge.repo file. For example my (very personal) package list from RPMForge: includepkgs=pam_keyring pbzip2 subversion* mod_dav_svn bonnie++ xplanet xplanet-maps filezilla allegro* unrar aircrack-ng python-reportlab python-psycopg drupal6 powertop fuse-davfs2 dropbox* nautilus-dropbox gtkimageview* I used RPMFusion when on Fedora and found it a great repo, but on CentOS, RPMForge is much more complete and of better quality IMHO I can go upstream, get sources and build them. It is a good solution, I build locally very rarely and only when I need something quick on my workstation that I know I will use once (I don't even install it and run the binaries directly when possible). it possible to get a Fedora binary package and install it? What about in general, no getting a Fedora source package, building and installing it? Is there Yes and it is pretty straightforward for a lot of them. Just first unzip the Fedora SRPM with the Archive Manager and copy the files in rpmbuild/SOURCES and rpmbuild/SPECS (the RPM format somehow changed around Fedora 9 or 10, so rpm -Uvh *.src.rpm won't work with recent Fedora versions) However for some packages you will see that they depend on recent versions of some software, especially the graphical environment libraries (GTK/GNOME or Qt/KDE). In that case there is not much you can do, because you don't want to update core libraries of CentOS (if yous start going that way, you should rather keep using Fedora or use Ubuntu...) An approach is then to look at earlier Fedora versions until you find a version of the software which is still compatible with the CentOS libraries. CentOS is more or less compatible with Fedora 6, but I found that up to Fedora 9 most packages rebuild easily ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
In particular I had never heard of RPMForge, I will check it. Also check ElRepo for up to date drivers (e.g. NVIDIA): http://elrepo.org More generally the CentOS wiki is a very helpful resource, e.g.: http://wiki.centos.org/AdditionalResources/Repositories ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
RPMForge has a lot of packages (but be careful!). rpmbone has more. Careful about what? Third-party repos sometimes conflict. For example if you activate both EPEL and RPMForge fully, it is very likely that your perl-* packages will be a complete mess. That's why I personally followed the approach of enabling EPEL (almost) fully and then include RPMForge packages one by one (see my previous mail) It could be done the other way around, using primarily RPMForge and then picking up EPEL packages one by one. RPMForge is stronger on multimedia, up-to-date versions etc., but EPEL is a Fedora project and many packages have the same maintainer in EPEL and Fedora. So, by using it you stay more in the Red Hat family, since RHEL (and thus CentOS) releases are based on Fedora. A recommended approach is also to use the yum priorities plugin: http://wiki.centos.org/PackageManagement/Yum/Priorities ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Network card not working after update to 2.6.18-194.17.4.el5
Hello, the network card of my workstation stopped working after I updated the kernel to 2.6.18-194.17.4.el5 . I don't see any specific error messages when booting, and the related interface is shown as up by ifconfig with its (static) IP address properly set. But I cannot reach any other computer or router on the LAN (whereas other boxes work fine). Where the network cable is plugged, an orange light stays on and does not blink. Booting with 2.6.18-194.17.1.el5 instead solves the issue. The network card is: Ethernet controller: Realtek Semiconductor Co., Ltd. RTL-8110SC/8169SC Gigabit Ethernet (rev 10) I just wanted to share this, and see if anybody else experienced such issues. It makes me feel uncomfortable with updating some remote servers, because it would really be a pain to fix if their network cards stopped working after rebooting (they are not the same as the one of my workstation, but I would feel safer if I could find out that this is a problem with my computer and not with the kernel) Cheers, Mathieu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] temp dir, httpd and selinux
How should i do ? You probably need to use chcon to change the SELinux context of the temp directory to httpd_sys_content_t (or something like httpd_specific_script_rw_t). In order to troubleshoot: - switch SELinux to permissive mode - perform your actions (they should now work, and the SELinux issues will be written in the audit log) - run sealert -a on the /var/log/audit/audit.log file, it will give you hint on how to fix it ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] recommended way to install source rpms?
Would you mind giving a hint why one should not use mock from EPEL? Because the one in CentOS will, out of the box, pull out and properly configure the CentOS buildsys package, which itself is a meta-package whose dependencies are the minimal set required to create a chroot build environment: http://dev.centos.org/centos/buildsys/5/ My understanding (to be confirmed/infirmed by CentOS developers) is that this is the tool actually used to build CentOS. Afaict the mock version in the CentOS repo is 0.6.13 which was released years ago and the one in EPEL is 1.0.7 which is current. Yes, that's what I thought first as well, but the one from CentOS worked, while the one from EPEL did not (for the purpose of building CentOS RPMS = I don't say that EPEL's mock is broken). I tried to tweak it a bit, but in the end all that you need is a cleanly prepared chroot and the CentOS mock is good enough for that. (there is probably a way to get the EPEL one to work as well.) Hence the need to exclude the mock from EPEL in the repo file, otherwise it updates the one from CentOS. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] recommended way to install source rpms?
More people should be doing this kind of stuff. The world needs more open source developers. Looking at existing code is a great tool for learning. +1 As Karanbir put it in his interview in Distrowatch a few months ago, CentOS is not only great as a stable and predictable server distrib, but can also serve as a basis for going further in one particular area, leaving the rest rock solid and untouched. - create rpmbuild environment as here: http://wiki.centos.org/HowTos/SetupRpmBuildEnvironment - install 'mock' (IMPORTANT: install the one from CentOS, exclude the one from EPEL in your repo file) - download SRPM(s) - (optional) if taken from Fedora after around 9 or 10, rpm -i *.src.rpm won't work, unpack it manually with Archive Manager, put the spec file in SPECS, the rest in SOURCES - download the latest source, or hack the spec file, etc. - create the SRPM: rpmbuild -bs --nodeps rpmbuild/SPECS/myspecfile.spec - build the SRPM you just created in mock (with debug option enabled to see all the logs, but they will also be in build.log) - do it over and over until your build dependencies are right and it completely builds - retrieve your RPMs, put them in a directory, use 'createrepo' to create metadata, use this directory as an additional repo for mock (update /etc/mock/*.cfg) - create a virtual machine (using KVM, VirtualBox, ...) - install your binaries RPM in the virtual machine (you could expose the above created local repo via httpd or NFS) - break your dummy virtual machine as much as you want - if what you have done could be useful to someone else, you are free to redistribute it (http://www.gnu.org/philosophy/free-sw.html), just be clear that it is not supported CentOS, especially if you updated core parts (*-plus repositories) [1] building in mock is really efficient and clean: it takes care of the dependencies in a clean chrooted install, otherwise you end up having plenty of build dependencies on your workstation and if you have to build the dependency of the dependency of the dependency, install it in order to build the next one, etc. you're pretty much sure to break your workstation. You can use 'mock shell' to go and build manually in the chrooted install in case something went wrong and you want to study it without redoing the whole process. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ldif invalid per syntax
I have added the corresponding posix accounts in LDAP I wish to use: Here is a LDIF snippet that works for users authenticated via LDAP: dn: uid=myuser,ou=People,dc=example,dc=com objectClass: person objectClass: organizationalPerson objectClass: inetOrgPerson objectClass: posixAccount objectClass: top cn: FirstName LastName gidNumber: 1130 homeDirectory: /home/myuser sn: LastName uid: myuser uidNumber: 1130 gecos: FirstName LastName givenName: FirstName loginShell: /bin/bash mail: myu...@example.com userPassword:: *** dn: uid=myuser,ou=Group,dc=example,dc=com objectClass: posixGroup objectClass: top cn: myuser gidNumber: 1130 Yet su to these accounts is still broken: I would recommend you to (maybe you have done some already): - check your ACLs in slpad.conf, quite a few fields need to be visible when doing anonymous binds: http://www.openldap.org/lists/openldap-software/200208/msg00855.html (you may want to add or remove some depending on what you want to achieve, but first try a loose configuration, in order to have something working) - use a simple, standard, structure: ou=People,dc=example,dc=com ou=Group,dc=example,dc=com - use authconfig to generate the configs (it will update pam, nss, and various ldap.conf), you can then review them and deploy them as files, although I have found that running the command is the most predictable way to replicate a working config on client systems authconfig --enableldap --enableldapauth --enablecache --enablemkhomedir --ldapserver=ldap://myhost --ldapbasedn=dc=example,dc=com --passalgo=sha256 --updateall - test all this on a separate clean environment (typically a virtual machine, before deploying it) - maybe use the scripts in /usr/share/openldap/migration for your first import Any idea why su _still_ isn't authenticating even tho the user accounts have been added to LDAP??? :::sigh::: Getting this to work was long and painful for me, but worth the effort. Good luck. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: linux desktop market share more than 1%
We're just throwing blind assertions at each other, but since I don't want to go PC shopping just to pursue the argument, let's keep it theoretical. Which do you suppose is a harder task: Mac laptops have a big problem: they forgot to put the right mouse button... (and the keyboard layout is slightly non-standard) I'm personally quadruple booting (CentOS 5 / Ubuntu 10.4 / Mac OS 10.6 / RHEL 6 Beta 2) on a Mac Book Pro when on the road. This was the computer of my wife whose art academy only taught them Final Cut and Photoshop, so she's hooked to MacOS and thus Apple hardware (we are trying to ween her off, but she can't, no she can't... sad story, don't let your kids ever touch this...) The other day I had to make a demo of FLOSS Geographical Information System (GIS) software (QGIS, GRASS, PostGIS, etc.). I had prepared it on Ubuntu (because multi-touch touchpad is not working on CentOS 5, and you actually do need a right-click). PostgreSQL broke one hour before the demo, I could not uninstall/reinstall it (sic!). Re-booted to CentOS, set up the stuff, everything went smoothly, no surprise, did the demo (with an USB mouse). Try to setup such a complex software suite in one hour without a package management system. Mac is not an option in such cases. The harddrive broke after one year (minus two weeks: still under guarantee, pfeew...). BUT, I look cool when I sit in Berlin cafes with my laptop (although it starts to look very old-fashioned, since it is two/three years old and without unibody enclosure) Is this beautifully designed computer utter crap because it just has one mouse button? Is Ubuntu broken because you cannot play around with partitions as robustly as with CentOS? (of course, I was responsible for breaking the PostgreSQL: what killed me is that I could not reset it) Is CentOS useless because people who really need (certainly for good reasons) to run proprietary software such as Adobe CS or MS Office, just can't? That you found the right combination for yourself doesn't mean all others are worthless. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: linux desktop market share more than 1%
ObOnTopic: does anybody know if CentOS supports the MacBookPro7,1 model with the funky SATA controller? It's nontrivial to find any hard information about even kernel support, much less whether a given distro has included any of the relevant patches in its kernel. I don't mind OS X, but for some purposes I really prefer a linux-based desktop. If you already have the computer, I would recommend you to give a try to RHEL 6 Beta 2 and report to Red Hat any problem you have while they are still polishing their release. I was surprised, but they have been pretty helpful and motivated with issues that I reported which are specific to Apple hardware. As per my other mail, I would not recommend CentOS 5 on a Mac laptop anyhow (because of the touchpad), although this is still what I mostly do when traveling. Otherwise, Ubuntu is probably your safest bet (but it is a pretty fast moving target). In any case, I recommend you to partition your disk as soon as you get the computer and leave says 10 / 20 GB for a Linux. Even if it does not work today, it may (will) work in a few months, and it is more dangerous to repartition while you already have important data on your Mac OS. As long as you have the disk space reserved for it, it will be safe to try various Linux distributions over and over. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: linux desktop market share more than 1%
I know PPC linux releases could support command-click as right click, so I can only assume CentOS 5 could as well. (But I wouldn't know where to start looking for this information beyond a naive google search.) Yes I used to do so on PPC, but I never got it working on the MacBook Pro + CentOS (and I really spent a lot of time trying). I found a workaround using accessibility features but it is a bit heavy and with a few side effects (I can put it if you want though). In the end I end up doing the following: - I have a partition with shared data (documents, java source code, maven repository, etc.). - when I'm settled somewhere I use CentOS with a mouse - when I'm on the move I use Ubuntu (where the touchpad is working perfectly = the related driver was added around 2.6.27 if I'm not mistaken) - both OS link to the shared directories (I forced the Ubuntu user id to 500, in order to be compatible with CentOS) - dreaming of when RHEL/CentOS 6 is out and reporting bugs on RHEL 6 Beta 2 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: linux desktop market share more than 1%
The main thing about Linux that is 'hard' is the fact that you have to use your brain and make choices: Which web browser? Which office suite? Which email client? Which desktop? Which Linux distro? For lots of people this is way too much work. I guess if these people looked at, I think that you raise an important point here, but I would rather relate it to a question of education. People simply don't know that there are alternatives, or that this alternatives are manageable. They are not educated to consider the OS and their software ecosystem as something that can be configured and tweaked (I don't say that everybody should hack the kernel). I am always puzzled when I talk to non technical people that, while everybody knows what is an Excel spreadsheet, almost nobody knows precisely what is a database. Or what are the roles and relationships between CPU + memory + disk. Or how does a website work, etc. People now spend their lives dealing with a DB, a computer or a website, and it takes less than one hour to explain how they work! (I did it many times and people are always very eager to know it) We spend years learning how to read and write, but we could not spend a few hours as kids learning what *is* a computer and what it can do? (I don't talk about learning how to open a browser, download from iTunes or fill a spreadsheet). I really don't think that MS Windows or Mac or Ubuntu or CentOS are better or less good for desktop in general (CentOS better suits my personal needs). Same for iPhone vs. Blackberry vs. Android for mobile devices. When I discuss this with other people, I therefore don't try to convince them, but I just want to make sure that they are aware of which tradeoffs they are doing: versatility vs. security, nice design vs. freeedom, works-out-of-the-box vs. works-not-out-of-the-box-but-after-this-has-been-properly-configured-will-always-work-perfectly (eh, eh, that's what I like with my CentOS desktop). People are of course free to give up (some) freedom, I just wish they would do it consciously. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]
A quick search will provide plenty of articles about the subject. Thanks, I had actually thought of using a search engine (as somebody put it, part of the fun with configuring OpenLDAP is that you definitely have to). What I cannot find (yet) is whether there is a way to require StartTLS only for external connections and allow it plain on the local network? The reason why I (think I) need both is that many third party apps on the server (PHP applications typically) do not easily manage StartTLS. Meanwhile, having two different ports make it easier to manage via iptables. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]
You can also use StartTLS over the network and LDAPI (connection over Unix sockets, which are inherently secure) for apps running on the server. I use it, both with OpenLDAP and 389 Directory Server (a.k.a. Fedora DS, Red Hat DS). Unfortunately, I have a whole LAN whose user/group/auth management is centralized with LDAP (each server having different apps). So I need plain LDAP access on the LAN. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]
One possible solution is to have the main LDAP server addressable only via STARTTLS and a non-SSL, read-only slave on a different host that's visible only to your LAN. Very interesting. It would also address some concerns I had with all these third-party LDAP plugins having (potential) write access to the repo. Thanks a lot for the idea! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] LDAP authentication on a remote server (via ldaps://)
Hello, I have a central repository of users/groups based on OpenLDAP which is working on a remote LAN (servers share users credentials and mount their home directories via NFS). They use non-encrypted ldap restricted to the local network. Now, I have a few servers in our local office and I would like them to authenticate from the remote LDAP server using encryption via ldaps://. (at this stage, without using client-side certificate) I have run a similar command as I did on the remote servers, replacing ldap://localldapserver by ldaps://ldap.mycompany.com: authconfig --enableldap --enableldapauth --enablecache --enablemkhomedir --ldapserver=ldaps://ldap.mycompany.com --enableldaptls --ldapbasedn=dc=mycompany,dc=com --passalgo=sha256 --updateall and I put the CA certificate at the right place. (either explicitly pointing to it TLS_CACERT or downloading it to /etc/openldap/cacerts vi system-configuration-authentication) In all my various tests, ldapsearch -x returns the content of the remote LDAP, so I guess that at least openldap clients are properly configured. But when I try: getent passwd the command hangs. Same when I try to: su - myuser (I also tried configuring with the system-configuration-authentication UI from a box with GNOME, and also tried authconfig without --enableldaptls) So is there anything specific to authentication ldaps: that I should have done? (as I said, this approach systematically works with plain ldap on this same LDAP server) Thanks in advance for your help! Mathieu Note: all systems involved are running up to date CentOS 5.5 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://)
Did you, on the server, change the new, undocumented, /etc/sysconfig/ldap file's entry for SLAPD_LDAPS and restart the ldap service on the server? This settings was indeed set to no. What is funny though is that I actually can connect to the ldaps port without it (since ldapsearch -x is working and I can also connect via ldaps using a graphical client, and the plain ldap port is closed by the firewall) I changed the settings to yes and restarted the service, but it did not change anything. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]
Here are the changes I'd review: 1. After installing the CA cert, did you create a hash link? E.g., /usr/sbin/cacertdir_rehash /etc/openldap/cacerts 2. Make sure you know the difference between /etc/ldap.conf and /etc/openldap/ldap.conf. The former is used by nss_ldap, the latter by openldap clients. 3. Does /etc/ldap.conf have all the correct TLS entries, e.g., ssl start_tls tls_checkpeer yes tls_cacertdir /etc/openldap/cacerts Additionally, I've had trouble using the uri directive in /etc/ldap.conf, esp. with encrypted connections. The host and port directives have worked better for me. 4. Does /etc/pam.d/system-auth have pam_ldap.so entries for auth, account, password, and session? 5. Are you running nscd? (I've found it indispensable when working with network auth.) 6. Review the changes to /etc/nsswitch.conf to make sure that the passwd, shadow, and group entries all query ldap. Thanks a lot for this check-list (I recommend it for others in the future). I had already checked most of the points, but I still played around with your ideas, without success But, this remark: I've never done ldaps to port 636, only TLS to port 389, so some of my comments may be slightly off-base in your situtation. made me think of checking what should be the difference between a START_TLS on a plain ldap port and ldaps on the ssl port In /etc/ldap.conf: for ldap + START_TLS this is indeed ssl start_tls but for ldaps (my case) this should be: ssl on Changing the value of 'ssl' to 'on' solved my problem! (and this explains why my ldapsearch queries were working: as you pointed out, /etc/ldap.conf is for the configuration of nss_ldap) IMHO, the comments in /etc/ldap.conf could be a bit more explicit on the 'on' value: ... # OpenLDAP SSL mechanism # start_tls mechanism uses the normal LDAP port, LDAPS typically 636 #ssl start_tls #ssl on ... Thanks a lot for your help! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]
Are you aware that SSL on port 636 is now considered deprecated in favor of START_TLS on port 389? No, I'm not (I actually thought that it was the other way round) I found it practical to have a port (389 or equivalent) that I could authorize via iptables only on the local network., and another one (636 or equivalent) that could be accessed from outside. What are the pro and cons of both approaches? Comments more than welcome! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] upgrade python to python2.6.4 using yum
Is there an already available repository to do this.? The EPEL repository has a python26 package that you can install in parallel of base python. You can then also use python-virtualenv (also in EPEL) to add the Python modules you would need: virtualenv -p /usr/bin/python26 /path/to/your/virtualenv/dir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bugzilla 3.6.2 + sendmail + SELinux
Out of curiosity, when you read the log, did you attempt the suggestion w/o success? Not really (yet): - for the first one (./spool), I have not clearly identified (yet) where the file is being created - for the second they talk about creating a policy module, and even though I may have to go this way, I thought I would first check with the list if there was something simpler that could be done (googling around did not help much). I have the foollowing booleans set: httpd_can_sendmail -- on I'm trying to progress thoughtfully because I know that it is way to easy to start messing around with SELinux contexts, etc., and I typically want sendmail to be more secure than less. I'm now looking at audit2allow: http://wiki.centos.org/HowTos/SELinux#head-faa96b3fdd922004cdb988c1989e56191c257c01 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos