[CentOS] python problem
Question for the list: I have a small, aircooled pc server, which is running fine, but the log gets filled with a series of messages saying the package, and each of 8 cpus is throttled because of thermal issues. Then, within the same second according to the timestamps, it reports everything is OK and throttling is off. This happens once every minute. In reality, when I try performance tests, I believe the processor is actually spending measurable time in the throttled condition. I have installed lmsensors, and am monitoring temps as frequently as the reported throttling occurs, but I never see any high cpu temps. I see them vary, based on load, but never high enough to be alarmed, or to be throttled. I did a lot of googling, and I see some intel issues in some lenovo laptops, and a potential fix. I did the following: dnf copr enable abn/throttled dnf install -y throttled but I get this output: Error: Problem: conflicting requests - nothing provides python3-configparser needed by throttled0.7-1.x86_64 I have no guess what to do about this. Thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] python problem while trying to fix a separate issue
Question for the list: I have a small, aircooled pc server, which is running fine, but the log gets filled with a series of messages saying the package, and each of 8 cpus is throttled because of thermal issues. Then, within the same second according to the timestamps, it reports everything is OK and throttling is off. This happens once every minute. In reality, when I try performance tests, I believe the processor is actually spending measurable time in the throttled condition. I have installed lmsensors, and am monitoring temps as frequently as the reported throttling occurs, but I never see any high cpu temps. I see them vary, based on load, but never high enough to be alarmed, or to be throttled. I did a lot of googling, and I see some intel issues in some lenovo laptops, and a potential fix. I did the following: dnf copr enable abn/throttled dnf install -y throttled but I get this output: Error: Problem: conflicting requests - nothing provides python3-configparser needed by throttled0.7-1.x86_64 I have no guess what to do about this. Thanks, -chuck -- campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] erroneous cpu thermal throttling / actually a python3 question
I have a small, aircooled pc server, which is running fine, but the log gets filled with a series of messages saying the package, and each of 8 cpus is throttled because of thermal issues. Then, within the same second according to the timestamps, it reports everything is OK and throttling is off. This happens once every minute. In reality, when I try performance tests, I believe the processor is actually spending measurable time in the throttled condition. I have installed lmsensors, and am monitoring temps as frequently as the reported throttling occurs, but I never see any high cpu temps. I see them vary, based on load, but never high enough to be alarmed, or to be throttled. I did a lot of googling, and I see some intel issues in some lenovo laptops, and a potential fix. I did the following: dnf copr enable abn/throttled dnf install -y throttled but I get this output: Error: Problem: conflicting requests - nothing provides python3-configparser needed by throttled0.7-1.x86_64 I have no guess what to do about this. -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualbox
On 7/23/2020 4:49 PM, Chuck Campbell wrote: Has anyone gotten virtualbox to run on Centos8? I did the install, and it complained about missing elflibs, so I installed those, and the virtualbox install finished without any reported problems. when i try to run virtualbox, it fails with this message: Qt FATAL: This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem. Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, xcb. Aborted (core dumped) I tried doing dnf reinstall vbox stuff, again, no reported problems, but I get the same result. Sigh, I was being brain dead again. I was trying to launch it from my remote (ssh) terminal. If I walk over to the actual machine console, it launches just fine. My apologies for the noise. -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] virtualbox
Has anyone gotten virtualbox to run on Centos8? I did the install, and it complained about missing elflibs, so I installed those, and the virtualbox install finished without any reported problems. when i try to run virtualbox, it fails with this message: Qt FATAL: This application failed to start because no Qt platform plugin could be initialized. Reinstalling the application may fix this problem. Available platform plugins are: eglfs, linuxfb, minimal, minimalegl, offscreen, vnc, xcb. Aborted (core dumped) I tried doing dnf reinstall vbox stuff, again, no reported problems, but I get the same result. -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] firewall questions
I'm running Centos 7.8.2003, with firewalld. I was getting huge numbers of ssh attempts per day from a few specific ip blocks. The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 and 118.0.0.0/24, and they amounted to a multiple thousands of attempts per day. I installed and configured fail2ban, but still saw a lot of attempts in the logs, and the ipset created was filling up. I did some more research, and decided to use a few rich rules to block these attempts. I currently have these in place: #firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: p3p1 sources: services: dhcpv6-client ftp http https imap imaps pop3 pop3s smtp-submission smtps ssh ports: 110/tcp 995/tcp 143/tcp 993/tcp 25/tcp 21/tcp protocols: masquerade: no forward-ports: source-ports: icmp-blocks: rich rules: rule family="ipv4" source address="49.0.0.0/24" reject rule family="ipv4" source address="51.0.0.0/24" reject rule family="ipv4" source address="111.0.0.0/24" reject But I still get hundreds of attempts reported in my fail2ban logs from these ip blocks. How is it that the rich rules don't drop these packets before pam/ssh/fail2ban ever get to see them? There must be some precedence in the firewalling I don't understand. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] migrating from sendmail to postfix, centos 6 to centos 8
I have an email server/aggregator which delivers locally for root, and all other emails in my domain. It sends outbound email to my isp (networksolutins) masquerading as my domain via smtp. This is with sendmail. It does not receive email from the internet via smtp. I use fetchmail to get incoming mail from multiple email/isp's. I use procmail for local delivery and serve emails using dovecot/imap. These all work fine. I am getting new hardware for this machine, and plan to setup centos 8, which uses postfix, not sendmail. I've been trying to provision a vm with the proper configuration, but cannot get any emails delivered to root. Is there a pointer to a configuration guide that will help me do what I want? I have googled about 100 setups, none of which are what I'm trying to achieve. They all suggest using an alias for root to a normal user, but them that user gets all of the cron, fail2ban, etc emails, instead of delivering them to root on the local machine. Thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] ca-bundle questions
Sometime in Feb, yum updated something to do with ca-bundle. I didn't notice at the time, but it put these two files on my machine: /etc/pki/tls/certs/ca-bundle.trust.crt.rpmnew and /etc/pki/tls/certs/ca-bundle.crt.rpmnew Both of those on the existing system are symbolic links ca-bundle.trust.crt -> /etc/pki/ca-trust/extracted/openssl/ca-bundle-trust.crt and ca-bundle.crt -> /etc/pki/ca-trust/extracted/pem/tls-ca-bundle.pem I'm not sure how exactly I'm supposed to use thes files to update those locations. one points to a .pem file, which the .rpmnew file is not, and there is no file of the corresponding name in the direstory pointed to by the link. Shouldn't the rpm have "done the right thing", and put them where they belong? -chuck -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Fwd: Certificates
Mobile email Begin forwarded message: > From: John Stanley > Date: September 2, 2018 at 1:20:05 PM CDT > To: campb...@accelinc.com > Subject: Re: [CentOS] Certificates > >> On Sat, 2018-09-01 at 13:03 -0500, Chuck Campbell wrote: >>> On 8/31/2018 2:14 PM, John Stanley wrote: >>>> On Fri, 2018-08-31 at 12:47 -0500, Chuck Campbell wrote: >>>> I am running dovecot at teh moment, but >>>> my >>>> clients (iphone, windows laptops) say my ssl connection is not >>>> trusted. >>>> The phone just won't connect. >>>> >>> >>> https://support.apple.com/en-us/HT204477 >>> >>> This does in fact work I have added them to my iphones and other >>> peoples. Email and Web Browser Certs. >>> >> >> I was truly brain dead. I had been trying to install my dovecot.pem >> file, when I actually needed to install my domain_root certificate. >> Once >> that was on the phone, I am off to the races now. >> >> Thanks for the link. > > I realize this post should have went to the list but it did not. You > may want to post it to the list. > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Certificates
I am getting myself confused, and need someone who fully understands this process to help me out a bot. I would like to obtain an ssl certificate, so I can run my own imap server on a machine in my office. My domain is hosted by networksolutions, but I don't run my imap server there. I am assuming I'll need to pay a CA to generate what I need, but I'm confused about what I need. I am running dovecot at teh moment, but my clients (iphone, windows laptops) say my ssl connection is not trusted. The phone just won't connect. I tried emailing the dovecot.pem file to my phone and installing it, but it just says it is not trusted. This leads me to obtaining a real CA issued certificate. I'm not sure what to do with it, once I get one, and then if I need to subsequently regenerate my dovecot.pem file?? Thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] elrepo kmod-nvidia issue with update
when I do yum update, elrepo offers kmod-nvifdia, but yum does this: --> Processing Dependency: kernel(sme_me_mask) = 0x17fbce60 for package: kmod-nvidia-390.48-2.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(reservation_object_add_excl_fence) = 0xea98efc0 for package: kmod-nvidia-390.48-2.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(drm_vblank_init) = 0xdcd50a49 for package: kmod-nvidia-390.48-2.el7_5.elrepo.x86_64 . . . repeatedly, then says: You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest Is there a problem on my end or theirs? -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Named log question
Is this mis-configuration, or just noise in my log? 29-Apr-2018 00:50:26.056 general: warning: managed-keys-zone: No DNSKEY RRSIGs found for '.': success: 1 Time(s) 29-Apr-2018 00:50:26.120 general: warning: managed-keys-zone: No DNSKEY RRSIGs found for 'dlv.isc.org': success: 1 Time(s) -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix config problem w/ tls
On 4/26/2018 5:14 PM, Chuck Campbell wrote: I have followed the guides on setting up postfix relay to my account at network solutions. I added these to main.cf: inet_interfaces = localhost relayhost = [mail.mydomain.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl_password smtp_use_tls = yes smtp_tls_CAfile = /etc/pki/tls/certs/sendmail.pem The username and password are correct, and all these options work fine from thunderbird on a windows box in my local network. I get no errors on postfix restart, but when I try to send an email from the centos box, I get this: Apr 26 17:00:33 host postfix/smtp[10627]: C9C1D80075: to=<campb...@somedomain.com>, relay=mail.mydomain.com[xxx.xxx.xxx.xxx]:587, delay=0.87, delays=0.08/0.02/0.72/0.04, dsn=5.0.0, status=bounced (host mail.mydomain.com[xxx.xxx.xxx.xxx] said: 503 you must authenticate first (#5.5.1) (in reply to MAIL FROM command)) Why is tls not authenticating? Under centos 5 I used sendmail, and it all worked just fine. -chuck I changed my sasl_password file to look like this: [mail.mydomain.com]:587 u...@mydomain.com:password then did postmap hash:/etc/postfix/sasl_password It appears taking the <> from around u...@mydomain.com:password has fixed the problem. Also remembering to do postmap hash:/etc/postfix/sasl_password instead of postmap /etc/postfix/sasl_password thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Postfix config problem w/ tls
I have followed the guides on setting up postfix relay to my account at network solutions. I added these to main.cf: inet_interfaces = localhost relayhost = [mail.mydomain.com]:587 smtp_sasl_auth_enable = yes smtp_sasl_security_options = noanonymous smtp_sasl_password_maps = hash:/etc/postfix/sasl_password smtp_use_tls = yes smtp_tls_CAfile = /etc/pki/tls/certs/sendmail.pem The username and password are correct, and all these options work fine from thunderbird on a windows box in my local network. I get no errors on postfix restart, but when I try to send an email from the centos box, I get this: Apr 26 17:00:33 host postfix/smtp[10627]: C9C1D80075: to=<campb...@somedomain.com>, relay=mail.mydomain.com[xxx.xxx.xxx.xxx]:587, delay=0.87, delays=0.08/0.02/0.72/0.04, dsn=5.0.0, status=bounced (host mail.mydomain.com[xxx.xxx.xxx.xxx] said: 503 you must authenticate first (#5.5.1) (in reply to MAIL FROM command)) Why is tls not authenticating? Under centos 5 I used sendmail, and it all worked just fine. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] upgrade reference docs
Is there a Centos 6.x to Centos 7.x guide somewhere? What has changed, that I need to learn about as an admin, before I jump in and flounder? thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President & Senior Geoscientist | "Integration means more than having all the maps at the same scale!" ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsyslog.conf
On 7/23/2015 12:15 PM, m.r...@5-cent.us wrote: Leon Fauster wrote: Am 23.07.2015 um 18:06 schrieb Valeri Galtsev galt...@kicp.uchicago.edu: On Thu, July 23, 2015 10:45 am, Johnny Hughes wrote: The main reason actually is chronological order. But not just for the reply .. but for IN-LINE posting. In a discussion where you need to make points in-line and where you only need some of and not all of the other posts, something that happens frequently on mailing lists, it is very much easier to read that type of collaborated message in chronological order. I mean, you don't read a book or a newspaper article or a blog post from bottom to top, right? Why would you read communications from bottom to top? And it is not really even bottom to top. If you take 4 emails of 10 lines each (and 40 lines total) .. it is 75% down to 100% (original mail)... then up to 50% and read down to 75% (2nd mail), then up to 25% and read down to 50%, then up to 0% and read down to 25%. What if someone made you read blog posts that way, or books or newspaper articles? OK, the shortest I can re-formulate your message is: on mail lists we are collectively writing the book for someone else to read (much less communicating with each other in real time ;-) Any accepted convention is better than no convention: save everybody's time. Suits me (as far as mail lists are concerned). I consider email as an asynchronous communication, therefore book style convention is recommended. Yup. We're writing electronic *mail*, not text messages (here, you've got 140 char, tell me everything you know), and you don't have a two-line pager screen I see it as a slo-mo group conversation, and top-posting is like the person who suddenly utters a nonsequitur, louder than everyone else is speaking mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Add to the above that on every phone I've ever used, new texts appear below older ones (no top posting there either). -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM hatred, was Re: /boot on a separate partition?
On 6/24/2015 1:06 PM, m.r...@5-cent.us wrote: Gordon Messmer wrote: On 06/23/2015 08:10 PM, Marko Vojinovic wrote: Ok, you made me curious. Just how dramatic can it be? From where I'm sitting, a read/write to a disk takes the amount of time it takes, the hardware has a certain physical speed, regardless of the presence of LVM. What am I missing? Well, there's best and worst case scenarios. Best case for file-backed VMs is pre-allocated files. It takes up more space, and takes a while to set up initially, but it skips block allocation and probably some fragmentation performance hits later. Worst case, though, is sparse files. In such a setup, when you write a new file in a guest, the kernel writes the metadata to the journal, then MVNCH Here's a question: all of the arguments you're giving have to do with VMs. Do you have some for straight-on-the-server, non-VM cases? mark Is there an easy to follow howto for normal LVM administration tasks. I get tired of googling every-time I have to do something I don't remember how to do regarding LVM, so I usually just don't bother with it at all. I believe it has some benefit for my use cases, but I've been reticent to use it, since the last time I got LVM problems, I lost everything on the volume, and had to restore from backups anyway. I suspect I shot myself in the foot, but I still don't know for sure. thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] firefox 38 question
Is Firefox 38 still borked for Centos 5? It shows up as available for update, but I don't recall seeing anything saying the problems noted here have been fixed. thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Turning off wifi in CentOS 7
On 5/19/2015 12:54 PM, m.r...@5-cent.us wrote: Excerpt I *still* see absolutely no use in an enterprise environment, where we're *all* wired, even the laptops when folks bring them in. This improves throughput and security, of course. Great post. I am just in the process of building my first CentOS 7 host and was wondering whether to use NetworkManager. You've swayed me. I've always disabled it on CentOS 6. Your point about these new funky device names is really good. I will miss my simple eth0 and eth1 but tech moves on. And that one drives me nuts. It breaks PXE boot kickstart builds. Maybe *you* have all same model systems from the same manufacturer; we've got boxen from...thinking at least five or six manufacturers, of varying ages, from the 10+ yr old Altix 3000 from SGI, to the current one from SGI, to my 5 yr old Dell workstation, to some old Penguins and several Suns (soon to set, the sooner the better...). How do you deal with everything from em1 to ens3f0, which comes up *only* after you start to install In what conceivable way is this better than having your scripts know that eth0 (or even em1) is always going to be how to talk to the world? snip mark they sound like ham call letters ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos We have licensed software, using flexlm, whifh chokes and pukes, unless it is able to communicate on eth0, so I have to jump through hoops to ensure the correct interface IS eth0. Until they fix this issue, I have no choice. -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Laptop for CentOS
On 4/16/2015 2:13 PM, Steve Clark wrote: On 04/15/2015 12:55 PM, Steve Clark wrote: Hello, Has anyone used the Dell M3800 (ubuntu) laptop to run CentOS 6.x? If so how did it work out? Also does anyone have a fairly new laptop they are running CentOS 6.x on, that they are happy about? I am in the market for a new laptop and it must run CentOS 6.x. Thanks, Thanks to all that replied, I am leaning towards the Dell M4800 mobile WS, it seems pretty impressive and can be ordered with Either RHEL 6.4 $$$, or Ubuntu LTS (no $$$) so if I get it I will go that route. Only question I still have is whether to go AMD FirePro 5100 (standard) or a Nvidia option. Any thoughts or experiences. Thanks again. I have the Nvidia one on my M6800, and it works without the nvidia proprietary drivers just fine. -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Laptop for CentOS
On 4/15/2015 11:55 AM, Steve Clark wrote: Hello, Has anyone used the Dell M3800 (ubuntu) laptop to run CentOS 6.x? If so how did it work out? Also does anyone have a fairly new laptop they are running CentOS 6.x on, that they are happy about? I am in the market for a new laptop and it must run CentOS 6.x. Thanks, I'm running on a Dell M6800, with the high end graphics option, and everything just works out of the box. I did the install of Scientific Linux myself (based on CentOS 6). No problems. I had CentOS 5 on it first, but that was missing drivers for the wireless and sound (if I remember correctly). -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 6.5 install dvd won't - SOLVED
On 4/8/2015 3:24 PM, Chuck Campbell wrote: When I boot a machine from disc 1 of 2, Centos 6.5 install dvd, I get to a grub prompt. I have no idea what to do from there, but clearly something isn't right. Shoudl I try to download centos 6 again and burn new discs? thanks, -chuck -- I (finally) understand the issues, which I will note here, in case someone else needs the info in the future. The installer from the DVD sees the disks in a different order than the machine does when trying to boot itself. It turns out that the installer put the OS on (HD3,6) with /boot on (HD3,0) when running from the DVD. When the machine tries to boot, the OS disk is seen as (HD0,6) and /boot is (HD0,0). I pulled the disks from my 3ware raid card, so the installer would see the boot device as (HD0), did (another) clean install and the machine now can boot itself. Unfortunately, somehow pulling the raid disks seems to have corrupted the partition tables, and the machine no longer sees those filesystems... That is for another thread. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] install problem - SOLVED
On 4/9/2015 6:12 PM, Chuck Campbell wrote: On 4/9/2015 4:57 PM, John R Pierce wrote: On 4/9/2015 2:44 PM, Chuck Campbell wrote: I don't think this made it to the list yesterday. At least I never saw it show up. it showed up here.dunno what to suggest. maybe install 5.11 on a VM somewhere with the same package set and architecture (on the blown system, /var/log/rpmpkgs, then copy everything in /bin ? boot the target system with a rescue OS, mount your OS root as /mnt or something, and copy that backup to /mnt/bin ? this won't be perfect unless you know exactly what RPMs were installed on the blown system, but its probably better than nothing. I dunno. I think I'd install a new box with 6 or 7, and migrate over whatever app stuff you need. I'll try running the install again. I did this exact same thing a year ago, and all worked fine. The only difference was that I didn't partition the disk this time, and I preserved one partition's data. I'll back it up and just go the whole route with a format and partition in the installer and see if it works. It is strange that it finds the /boot partition to get the gtub.conf, but can't see the initrd and vmlinuz files there... -chuck The machine was seeing the disks in a different order when running the DVD install, than when it tried to boot itself. -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] install woes - SOLVED
On 4/10/2015 3:32 PM, Eero Volotinen wrote: try creating small /boot partition for kernel and then rest of disk for lvm.. -- Eero 2015-04-10 22:01 GMT+03:00 m.r...@5-cent.us: Chuck Campbell wrote: I'm really at a loss. I had 5.11 running on this machine, from this physical boot disk, until I stepped on /bin the other day. I've tried installing Centos 5.10 and 5.11 to this Seagate 1TB drive. Both installs run perfectly, but when I try to reboot, grub says Filesystem type unknown, partition type 0xee googling this indicates that the disk has a GUID partition table. This must have been done by the installer??? If so, why doesn't it get the boot loader set up correctly? snip As it's only a 1TB drive, what does fdisk say? Or parted? You *could* try rewriting the partition table and see if that helps. mark, who friggin' nixspam is blocking from posting again to the list ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos The machine was seeing the disks in a different order when running the DVD install, than when it tried to boot itself. -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] disk order question
I'm not sure, but I think I may be having a disk order issue related to my installation woes. When I boot the installer, it sees /dev/sda and /dev/sdb on my 3ware disk controller (both multi TB raid 5 arrays). It also sees /dev/sdc, which is the target disk for the installation. The install runs fine (5.11, BTW) and tells me to reboot. My reboot fails. If I go into grub and do a find /grub/grub.conf it returns (hd0,0), not the (hd2,0) that the installer used to setup grub.conf, which indeed says root is /dev/sdc1 (hd2,0) My best guess is that when it tries to boot itself, my target disk for the install appears to be (hd0,0) or /dev/sda1 instead of (hd2,0) or /dev/sdc1 which is what the installer saw it as. What is my way forward for this. Is there a way to make the machine see my 3ware disks as /dev/sdc and /dev/sdd ? (like they used to be, according to my old /etc/fstab). Is there a way to make the install DVD see my target disk as /dev/sda and the 3ware disks as /dev/sdc and /dev/sdd? thanks, -chuck ANCHORFREE_VERSION=413161526(function(){if(typeof(_AF2$runned)!='undefined'_AF2$runned==true){return}_AF2$={'SN':'HSSHIELD00ZZ','IP':'209.73.136.251','CH':'HSSCNL100550','CT':'z99','HST':'','AFH':'hss1122','RN':Math.floor(Math.random()*999),'TOP':(parent.location!=document.location||top.location!=document.location)?0:1,'AFVER':'4.12','FBW':'','FBWCNT':0};if(/^(.*,)?(11C)(,.*)?$/g.exec(_AF2$.CT)!=null){document.write()}document.write(.AFc_body+_AF2$.RN+{} .AFc_all+_AF2$.RN+,a.AFc_all+_AF2$.RN+:hover,a.AFc_all+_AF2$.RN+:visited{outline:none;background:transparent;border:none;margin:0;padding:0;top:0;left:0;text-decoration:none;overflow:hidden;display:block;z-index:666999;});})();.AFc_body110{} .AFc_all110,a.AFc_all110:hover,a.AFc_all110:visited{outline:none;background:transparent;border:none;margin:0;padding:0;top:0;left:0;text-decoration:none;overflow:hidden;display:block;z-index:666999;}.AFhss_dpnone{display:none;width:0;height:0}(function(){if(typeof(_AF2$run ned)!='undefined'_AF2$runned==true){return}_AF2$={'SN':'HSSHIELD00ZZ','IP':'209.73.136.251','CH':'HSSCNL100550','CT':'z99','HST':'','AFH':'hss1122','RN':Math.floor(Math.random()*999),'TOP':(parent.location!=document.location||top.location!=document.location)?0:1,'AFVER':'4.12','FBW':'','FBWCNT':0};if(_AF2$.TOP==1){document.write()}})() ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] 6.5 install dvd won't
When I boot a machine from disc 1 of 2, Centos 6.5 install dvd, I get to a grub prompt. I have no idea what to do from there, but clearly something isn't right. Shoudl I try to download centos 6 again and burn new discs? thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] install problem
I shot myself in the foot today. I had a centos 5.11 install running fine. Doing a backup, I overwrote the /bin directory by mistake. I couldn't get my machine to recognize a centos 6.5 or 6.6 install dvd, so I put in the original centos 5.10 install disc and re-installed. No problem. During the text installer, I told it to install grub on /dev/sdc1, which is /boot. My raid arrays with lots of data (still intact) are /dev/sda and /dev/sdb, so I didn't want it to install grub on the MBR of /dev/sda. When I power it on, the kernel selection comes up, I select the (only) kernel and it says: Booting 'Centos (2.6.18-371.el5)' root (hd2,0) filesystem type is ext2fs, partition type is 0x83 kernel /vmlinuz-2.6.18-371.el5 ro root=LABEL=/ rhgb quiet Error 15: file not found Press any key to continue So it is finding the /boot/grub/grub.conf and reading it correctly. /boot (/dev/sdc1) actually contains the vmlinux-2.6.18-371.el5 file as well as all the other related files that belong there. I installed onto the same hard disk that the last OS was on, reformatting the /, /boot, /usr partitions and installing to them. /boot is /dev/sdc1 and / is on /dev/sdc5. No errors or problems in the install. should the root (hd2,0) line above actually read root (hd2,4) where the real / partition is (/dev/sdc5)?? I booted linux rescue with the 5.10 install disk, and I see that the /boot/grub/grub.conf file looks correct, and all the correct files are there in /boot. I am confused and don't know what to do next. thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] move a disk to another machine
I have a centos 6.6 laptop which is having trouble (intermittent boot failures, or more rightly so, multiple failures, intermittent booting). The laptop is running selinux. I pulled the second internal disk out to get my data off of it. I plugged it into my centos 5.x machine and mounted it. I was able to do a dir listing, but whrn I tried to cd into any of the directories, I get a bunch of AVC denials, and I can't see any files. The contos 5.x machine is selinux enforcing, and so is the centos 6.x box. The files are all owned by me, and have the same uid/gid on both boxes. What is the right way to do this? Meanwhile, I put it back into the laptop, and kept attempting to boot the machine, until I got lucky and it came up. I was able to rsync the data off the drive, so this isn't a crisis, just a learning moment. thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] move a disk to another machine
On 2/26/2015 12:33 PM, m.r...@5-cent.us wrote: Chuck Campbell wrote: I have a centos 6.6 laptop which is having trouble (intermittent boot failures, or more rightly so, multiple failures, intermittent booting). The laptop is running selinux. I pulled the second internal disk out to get my data off of it. I plugged it into my centos 5.x machine and mounted it. I was able to do a dir listing, but whrn I tried to cd into any of the directories, I get a bunch of AVC denials, and I can't see any files. The contos 5.x machine is selinux enforcing, and so is the centos 6.x box. The files are all owned by me, and have the same uid/gid on both boxes. What is the right way to do this? snip My reaction would have been simple: set selinux to permissive on your machine, back up what you wanted, then return it to enforcing. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Hah, I didn't actually think of that. If it is that simple, then live and learn. I had thought there were differences between 5.x and 6.x that were causing the problem, since the uid/gid are the same on both boxes for the file owner. There must have been something in the xattrs that didn't line up... thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dovecot move doesn't work: RESLOVED
On 1/7/2015 4:01 PM, Peter wrote: On 01/08/2015 05:39 AM, Chuck Campbell wrote: I tried this using yum install dovecot22, but I get a lot of these: file xxx from install of dovecot22-1:2.2.15-1.gf.el6.x86_64 conflicts with file from package dovecot-1:2.0.9-8.el6_6.4.x86_64 I tried yum update dovecot22, but I get: Package(s) dovecot22 available, but not installed. What is the right way to do this? yum shell remove dovecot install dovecot22 run I should warn you that there are subtle changes to dovecot config between 2.0 and 2.2 that may give you issues when switching. You will likely have to tweak a few config options to get it to work the way you want. If you're using MailDir storage then you can simply move the messages yourself, it's as easy as using the mv command to move them from one directory to another and you won't need the doveadm move command. If you have any more questions feel free to ask them here or in #ghettoforge on FreeNode IRC. Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Peter, thank you, I was guessing this is what might be needed, and I appreciate the heads up on what to expect when I do the update. The resolution I achieved is a bit more convoluted, but it consists of the following, and remains consistent with centos 6.6 version of dovecot: wrote a cron script that does the following: stop fetchmail process stop sendmail process stop spamassassin process run sa-learn against the user's spam_to_learn mailbox run 'doveadm mailbox unsubscribe' to unsubscribe the spam_to_learn mailbox run 'doveadm mailbox rename' to rename the spam_to_learn mailbox to ${date}_spam_learned run 'doveadm mailbox subscribe' to subscribe the ${date}_spam_learned mailbox (for testing and validation purposes, I will disable this eventually) run 'doveadm mailbox create' to create a new spam_to_learn mailbox run 'doveadm mailbox subscribe' to subscribe the new spam_to_learn mailbox then run sa-learn against the user's ham_to_learn mailbox run 'doveadm mailbox unsubscribe' to unsubscribe the ham_to_learn mailbox run 'doveadm mailbox rename' to rename the ham_to_learn mailbox to ${date}_ham_learned run 'doveadm mailbox subscribe' to subscribe the ${date}_ham_learned mailbox (for testing and validation purposes, I will disable this eventually) run 'doveadm mailbox create' to create a new ham_to_learn mailbox run 'doveadm mailbox subscribe' to subscribe the new ham_to_learn mailbox start spamassassin start sendmail start fetchmail Note that the doveadm-mailbox help indicates that some of these steps can be combined by using the -s option to subscribe or unsubscribe, depending on the function invoked (rename, create, delete), but they don't work. You need to do the steps manually, one at a time as I have them listed here. When I have more time, I will go ahead with a dovecot 2.2x install and report on any issues I find. thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dovecot move doesn't work
On 1/7/2015 12:06 AM, Alexander Dalloz wrote: Am 06.01.2015 um 23:55 schrieb Chuck Campbell: I'm running centos 6.6 with the default 2.0.9-xxx dovecot. I run sa-learn against my spam_to_learn folder, then I wan to move those emails to a learned_spam folder. when I do a doveadm -Dv move -u user learned_spam mailbox 'spam_to_learn' ALL I get this result: usage: doveadm [-Dv] [-f formatter] command [args] [ ... ] this doesn't even list a move command, yet the dovecot pages show it and give examples. The dovecot version provided by CentOS 6 simply does not have that feature implemented. The wiki.dovecot.org documentation reflects the current stable upstream status of things. any suggestions? You may use the dovecot22 package provided by the ghettoforge plus repository, providing dovecot release 2.2.15. thanks, -chuck Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Has anyone else installed the 2.2x version of dovecot in centos? Any issues or gotchas? I am loathe to just hammer on our working installation, but I need to sort out this issue as well. The dovecot pages indicate that ATrpms has a current 2.2x version, but I don't see it when I try to do a yum update with ATrpms turned on. I may just have to grab the rpms from the packages directory on ATrpms. Does anyone know if the ATrpms layout is significantly different than elrepo? What kinds of issues might I expect with just banging their dovecot rpm into my machine? Sigh, I may have to set up another machine as a test mule... thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dovecot move doesn't work
On 1/7/2015 9:46 AM, Chuck Campbell wrote: On 1/7/2015 12:06 AM, Alexander Dalloz wrote: Am 06.01.2015 um 23:55 schrieb Chuck Campbell: I'm running centos 6.6 with the default 2.0.9-xxx dovecot. I run sa-learn against my spam_to_learn folder, then I wan to move those emails to a learned_spam folder. when I do a doveadm -Dv move -u user learned_spam mailbox 'spam_to_learn' ALL I get this result: usage: doveadm [-Dv] [-f formatter] command [args] [ ... ] this doesn't even list a move command, yet the dovecot pages show it and give examples. The dovecot version provided by CentOS 6 simply does not have that feature implemented. The wiki.dovecot.org documentation reflects the current stable upstream status of things. any suggestions? You may use the dovecot22 package provided by the ghettoforge plus repository, providing dovecot release 2.2.15. I tried this using yum install dovecot22, but I get a lot of these: file xxx from install of dovecot22-1:2.2.15-1.gf.el6.x86_64 conflicts with file from package dovecot-1:2.0.9-8.el6_6.4.x86_64 I tried yum update dovecot22, but I get: Package(s) dovecot22 available, but not installed. What is the right way to do this? thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dovecot move doesn't work
On 1/7/2015 10:52 AM, Johnny Hughes wrote: On 01/07/2015 10:39 AM, Chuck Campbell wrote: On 1/7/2015 9:46 AM, Chuck Campbell wrote: On 1/7/2015 12:06 AM, Alexander Dalloz wrote: Am 06.01.2015 um 23:55 schrieb Chuck Campbell: I'm running centos 6.6 with the default 2.0.9-xxx dovecot. I run sa-learn against my spam_to_learn folder, then I wan to move those emails to a learned_spam folder. when I do a doveadm -Dv move -u user learned_spam mailbox 'spam_to_learn' ALL I get this result: usage: doveadm [-Dv] [-f formatter] command [args] [ ... ] this doesn't even list a move command, yet the dovecot pages show it and give examples. The dovecot version provided by CentOS 6 simply does not have that feature implemented. The wiki.dovecot.org documentation reflects the current stable upstream status of things. any suggestions? You may use the dovecot22 package provided by the ghettoforge plus repository, providing dovecot release 2.2.15. I tried this using yum install dovecot22, but I get a lot of these: file xxx from install of dovecot22-1:2.2.15-1.gf.el6.x86_64 conflicts with file from package dovecot-1:2.0.9-8.el6_6.4.x86_64 I tried yum update dovecot22, but I get: Package(s) dovecot22 available, but not installed. What is the right way to do this? My suggestion would be to contact the ghettoforge people as this is no longer really a CentOS issue. Certainly this list can be used if they are on it. I'm not sure, I'll await a response from them. I do believe the Centos list might have someone who went down this path, or a similar one, with a different package though, that is why I am asking. But instead of using a repo I have personally never heard of, I would instead look at the documentation for version of dovecot that is in CentOS 6. The documentation for dovecot 2.0.9xxx in Centos 6 does not indicate the functionality exists. Further looking shows it is in a newer version that I am trying to implement. The dovecot version 2.2 exists in other repos as well. I am aware of the perils of mixing repos, hence I was asking the Centos list if anyone has been here before. The purpose of running CentOS is to have enterprise level server software .. if you instead want latest and greatest server software, I would recommend that you just run the latest Fedora Server. I agree with the Centos philosophy and have happily lived without running other distro/repo packages until now. Since I believe providing a way for users of this server to train spamassassin with the spam they have identified, and the false positive messages as well is within the limits of sanity, I am attempting to get there from here (TM). I don't believe switching the entire OS to a bleeding edge one is appropriate. I would rather attempt one bleeding edge (dovecot 2.2x) than everything this machine provides all in one fell swoop. I only need to understand the mechanics of installing a package with yum, which conflicts with the package it is intended to replace. I will live with the peril of testing this and understand it might break something else. Meanwhile the unbroken bits will keep functioning. I suspect I need to 'yum remove dovecot-2.0.9x', then 'yum install dovecot22-2.2.x' to get there, but was hoping someone on the Centos list had been there before me. thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] dovecot move doesn't work
I'm running centos 6.6 with the default 2.0.9-xxx dovecot. I run sa-learn against my spam_to_learn folder, then I wan to move those emails to a learned_spam folder. when I do a doveadm -Dv move -u user learned_spam mailbox 'spam_to_learn' ALL I get this result: usage: doveadm [-Dv] [-f formatter] command [args] altmove [-u user|-A] [-S socket_path] search query auth [-a auth socket path] [-x auth info] user [password] config [doveconf parameters] director add|flush|map|remove|status dump [-t type] path expunge [-u user|-A] [-S socket_path] search query fetch[-u user|-A] [-S socket_path] fields search query force-resync [-u user|-A] [-S socket_path] mailbox help cmd import [-u user|-A] [-S socket_path] source mail location dest parent mailbox search query kick [-a anvil socket path] [-f] user mask[|]ip/bits log find|reopen|test mailbox create|delete|list|mutf7|rename|status|subscribe|unsubscribe penalty [-a anvil socket path] [ip/bits] purge[-u user|-A] [-S socket_path] pw [-l] [-p plaintext] [-r rounds] [-s scheme] [-u user] [-V] reload search [-u user|-A] [-S socket_path] search query sis deduplicate|find stop user [-a userdb socket path] [-x auth info] user mask [...] who [-a anvil socket path] [-1] [user mask] [ip/bits] this doesn't even list a move command, yet the dovecot pages show it and give examples. any suggestions? thanks, -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6.6 procmail trouble
On 11/21/2014 1:01 PM, Chuck Campbell wrote: I have a 6.5 machine that had everything set up and working correctly (fetchmail, sendmail w/ starttls, procmail, spamassassin) but the MB cratered. I bought a new machine, and installed Centos 6.6 and all is not well. I used the config from the previous incarnation (via backups) for fetchmail (works fine), sendmail (works fine for sending via relay and tls), but procmail now refuses to pick up the correct MAILDIR location, and therefore won't deliver mail to the right place. The example below is landing in /home/user/.spam_to_learn, NOT in /home/user/Maildir/.spam_to_learn Maybe some other eyes can tell me what is wrong here. -chuck This was all very bizarre, but it is now resolved. The Maildir was a link in the user's home directory, pointing at another partition. I re-created the user with the other partition as their home directory, set some selinux contexts correctly for this, and made Maildir a real directory there. Procmail now delivers just fine with no changes in the .procmailrc I still don't understand how this worked before the crash, and wouldn't work after I restored files, but hey, persistence pays off. It works again... -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 6.6 procmail trouble
I have a 6.5 machine that had everything set up and working correctly (fetchmail, sendmail w/ starttls, procmail, spamassassin) but the MB cratered. I bought a new machine, and installed Centos 6.6 and all is not well. I used the config from the previous incarnation (via backups) for fetchmail (works fine), sendmail (works fine for sending via relay and tls), but procmail now refuses to pick up the correct MAILDIR location, and therefore won't deliver mail to the right place. The example below is landing in /home/user/.spam_to_learn, NOT in /home/user/Maildir/.spam_to_learn Maybe some other eyes can tell me what is wrong here. -chuck This is the top of the .procmailrc in my home directory: SHELL=/bin/bash HOME=/home/nnl PATH=$HOME/bin:/bin:/usr/bin:/usr/local/bin:/usr/contrib/bin:. MAILDIR=$HOME/Maildir/ DEFAULT=$HOME/Maildir/ MAILDIR=$DEFAULT LOGFILE=$HOME/procmail_log #LOGFILE=$/var/log/procmail.log LOCKFILE=$HOME/.lockmail LOCKEXT=.lock SENDMAIL=/usr/sbin/sendmail -oi -t N= NL= LOG= My HOME is -- $HOME $NL My MAILDIR Directory is -- $MAILDIR $NL My DEFAU LT Directory is -- $DEFAULT $NL My ORGMAIL Directory is -- $ORGMAIL $NL My LOG NAME is $LOGNAME $NL New .procmailrc $NL Starting recipes $NL $NL $NL VERBOSE=on LOG= Recipe 0 $NL :0 * (^TO|^TO_|^Sender:|^From:.*)\(centos-bounces)\ .centos/ # # SpamAssassin # # Pipe the mail through spamassassin (replace 'spamassassin' with 'spamc' # if you use the spamc/spamd combination) # The condition line ensures that only messages smaller than 250 kB # (250 * 1024 = 256000 bytes) are processed by SpamAssassin. Most spam # isn't bigger than a few k and working with big messages can bring # SpamAssassin to its knees. # # LOG= Recipe 2 $NL :0fw:spamassassin.lock * 256000 #| /usr/bin/spamassassin -a | /usr/bin/spamc LOG= Recipe 3 $NL :0 * ^X-Spam-Status: Yes .spam_to_learn/ LOG= Recipe 5 $NL :0 * . { LOG=$NL default recipe using copy to .ham_to_learn/ (maildir version) $NL } :0 c .ham_to_learn/ # LOG=$NL default recipe using $DEFAULT (maildir version) $NL :0 $DEFAULT here is an excerpt from the procmail_log file: My HOME is -- /home/campbell My MAILDIR Directory is -- . My DEFAULT Directory is -- /home/campbell/Maildir/ My ORGMAIL Directory is -- /var/spool/mail/campbell My LOGNAME is campbell New .procmailrc Starting recipes procmail: [21138] Fri Nov 21 12:57:23 2014 procmail: Assigning LOG= Recipe 0 procmail: Assigning LOG= Recipe 2 Recipe 2 procmail: Match on 256000 procmail: Locking spamassassin.lock procmail: Executing /usr/bin/spamc procmail: Unlocking spamassassin.lock procmail: Assigning LOG= Recipe 3 Recipe 3 procmail: Match on ^X-Spam-Status: Yes procmail: [21138] Fri Nov 21 12:57:24 2014 procmail: Assigning LASTFOLDER=.spam_to_learn/new/1416596243.21138_2.helium procmail: Notified comsat: campbell@0:./.spam_to_learn/new/1416596243.21138_2.h elium From some...@gmail.com Fri Nov 21 12:52:23 2014 Subject: [SPAM3] Folder: .spam_to_learn/new/1416596243.21138_2.helium 2095 procmail: Unlocking /home/campbell/.lockmail ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Renaming NIC name in CentOS 7
On 10/5/2014 3:17 PM, George Kontostanos wrote: I really don't get it. Why get into so much fuss just to rename your interfaces On Sun, Oct 5, 2014 at 5:18 PM, Eliezer Croitoru elie...@ngtech.co.il wrote: You might be (like I am) running archaic license servers that have hard coded ethernet ports in them. I have one that won't run with anything except eth0. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Bind config question, centos 5.10
I must have something mis-configured in my bond setup. Things are working, but I'm getting TONS of this sort of stuff in my log: +2001:502:ad09::4#53: 1 Time(s) network unreachable resolving 'kns1.kuwaitnet.net/A/IN': +2001:503:231d::2:30#53: 1 Time(s) network unreachable resolving 'kns1.kuwaitnet.net/A/IN': +2001:503:a83e::2:30#53: 1 Time(s) network unreachable resolving 'kns1.kuwaitnet.net//IN': +2001:503:231d::2:30#53: 1 Time(s) network unreachable resolving 'kns1.kuwaitnet.net//IN': +2001:503:a83e::2:30#53: 1 Time(s) network unreachable resolving 'kns2.kuwaitnet.net/A/IN': +2001:503:231d::2:30#53: 1 Time(s) network unreachable resolving 'kns2.kuwaitnet.net/A/IN': +2001:503:a83e::2:30#53: 1 Time(s) network unreachable resolving 'kns2.kuwaitnet.net//IN': +2001:503:231d::2:30#53: 1 Time(s) network unreachable resolving 'kns2.kuwaitnet.net//IN': +2001:503:a83e::2:30#53: 1 Time(s) network unreachable resolving 'kns3.kuwaitnet.net/A/IN': +2001:503:231d::2:30#53: 1 Time(s) network unreachable resolving 'kns3.kuwaitnet.net/A/IN': +2001:503:a83e::2:30#53: 1 Time(s) network unreachable resolving 'kns3.kuwaitnet.net//IN': +2001:503:231d::2:30#53: 1 Time(s) I'm not sure where to look. it may be the any in the named.conf lines below, but I'm not sure. My named.conf looks like this: options { listen-on port 53 { 127.0.0.1; any; }; # listen-on-v6 port 53 { ::1; }; directory /var/named; dump-file /var/named/data/cache_dump.db; statistics-file /var/named/data/named_stats.txt; memstatistics-file /var/named/data/named_mem_stats.txt; // Those options should be used carefully because they disable port // randomization // query-sourceport 53; // query-source-v6 port 53; allow-query { localhost; any; }; allow-query-cache { localhost; any; }; # allow-query { localhost; }; # allow-query-cache { localhost; }; }; logging { channel default_debug { file data/named.run; severity dynamic; }; }; view localhost_resolver { match-clients { localhost; any; }; match-destinations { localhost; any; }; # match-clients { localhost; }; # match-destinations { localhost; }; recursion yes; include /etc/named.rfc1912.zones; }; -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] slow i/o with a raid 50 on a 3ware controller
I have a raid 50 array on a 3ware controller. The box is running centos 6.5 and the file system is ext4. I'm going to try some other filesystems, but could anyone suggest any alternative raid setups as well as stripe sizes I should try? The old server uses the same controller on a centos 5.10 setup, using ext3, and it performs much faster i/o. The old 3ware setup is raid 5. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS-6.5 LiveDVD problem
On 7/4/2014 12:43 PM, James B. Byrne wrote: I downloaded the Live DVD for CentOS-6.5 and burned a DVD-R using a CentOS-6.5 desktop. To test the validity of the new DVD I then rebooted the same desktop using the same Live DVD. No matter which Live DVD boot option I choose I see this after the splash screen completes the Circle (sounds like a good title for a novel). --- Kernel panic - Not syncing - Attempting to kill init! Pid: 1, comm: init Not tainted 2.6.32-431.el6.x86_64 # 1 call trace [815271fa] ? Panic+0xa7/0x16f [81077622] ? do_exit+0x862/0x870 [8118a865] ? fput+0x25/0x30 [81077688] ? do_group_exit+0x58/0xd0 [81077717] ? sys_exit_group+0x17/0x020 [81006072] ? system_call_fastpath+0x16/0x16 dkm_kms_helper panic occurred, switching back to text console --- The very last line appears for each boot choice saving only the text mode boot. In that case the line is absent but the rest of the output remains unchanged. An extract of the system specifications rendered by lshw: --- description: Desktop Computer width: 64 bits capabilities: smbios-2.4 dmi-2.4 vsyscall64 vsyscall32 configuration: boot=normal chassis=desktop uuid=B4CDC46C-7E7A-11DE-87DF-0011D8A408ED *-core description: Motherboard product: DG43GT vendor: Intel Corporation physical id: 0 version: AAE62768-300 serial: BTGT931003W4 slot: To be filled by O.E.M. *-firmware description: BIOS vendor: Intel Corp. physical id: 0 version: GTG4310H.86A.0019.2009.0625.1334 (06/25/2009) size: 64KiB capacity: 960KiB capabilities: pci upgrade shadowing escd cdboot bootselect socketedrom edd int13floppy1200 int13floppy720 int13floppy2880 int5printscreen int9keyboard int14serial int17printer int10video acpi usb ls120boot zipboot biosbootspecification *-cpu description: CPU product: Intel(R) Core(TM)2 Quad CPUQ8400 @ 2.66GHz vendor: Intel Corp. physical id: 4 bus info: cpu@0 version: Intel(R) Core(TM)2 Quad CPUQ8400 @ 2.66GHz serial: To Be Filled By O.E.M. slot: PROCESSOR size: 2666MHz capacity: 4GHz width: 64 bits clock: 333MHz capabilities: fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx x86-64 constant_tsc arch_perfmon pebs bts rep_good aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 cx16 xtpr pdcm sse4_1 xsave lahf_lm tpr_shadow vnmi flexpriority *-cache:0 description: L1 cache physical id: 5 slot: L1-Cache size: 32KiB capacity: 32KiB capabilities: internal write-back data *-cache:1 description: L2 cache physical id: 6 slot: L2-Cache size: 2MiB capacity: 2MiB capabilities: internal varies unified *-memory description: System Memory physical id: 2b slot: System board or motherboard size: 16GiB *-bank:0 description: DIMM DDR2 Synchronous 800 MHz (1.2 ns) product: PartNum0 vendor: Manufacturer0 physical id: 0 serial: SerNum0 slot: CHANNEL_A size: 4GiB width: 64 bits clock: 800MHz (1.2ns) *-bank:1 --- Help??? I saw the same issues with my machine and never sorted it out (I just went back to my 5.10 media and installed that instead). I had a thought that I had burned a dual layer DVD, then tried to read in on a single layer drive, but I never verified this as the problem. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] mail delivery question
-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables question
On 6/16/2014 11:08 PM, John R Pierce wrote: On 6/16/2014 8:52 PM, Chuck Campbell wrote: I ran a script after fail2ban was started. It looks like this: #!/bin/sh iptables -A INPUT -s 116.10.191.0/24 -j DROP iptables -A INPUT -s 183.136.220.0/24 -j DROP iptables -A INPUT -s 183.136.221.0/24 -j DROP iptables -A INPUT -s 183.136.222.0/24 -j DROP iptables -A INPUT -s 183.136.223.0/24 -j DROP iptables -A INPUT -s 122.224.11.0/24 -j DROP iptables -A INPUT -s 219.138.0.0/16 -j DROP so, how do I get them in front of the RH-Firewall-1-INPUT, or do I add them to that chain? use -I (insert) rather than -A (append). OR specify chain RH-Firewall-1-INPUT rather than INPUT I used the RH-Firewall-1-INPUT chain, and -I, defaulting to position 1, and all is working as I had anticipated. It is working as expected, killing all of those rolling ip attempts. I was loathe to use system-config-firewall, because I wasn't sure it wouldn't drop something I needed, or forgot to include, and it would have wiped out the existong ruleset. I'll experiment with that when I am physically in front of the server, instead of remote from it. I would have had no quick remedy if I messed it up. Thanks you for the clear concise explanation. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables question
On 6/17/2014 6:39 PM, Warren Young wrote: On 6/16/2014 15:58, Chuck Campbell wrote: If they keep going through this ip block, they will still get 255 attempts at the root password and 1020 attempts at other login/password combinations before they are blocked by fail2ban. I'm glad you got your firewall problem sorted out, but I can't let this comment slide. If removing a thousand possibilities from the pool of available credentials puts your servers at significant risk, your passwords are too weak. Let's say you're using 12-character alphanumeric passwords, mixed case, no symbols, 3/4 alphabetic. That gives a search space of 3.28 x 10^21 possible passwords.[1] Knocking off 1,000 passwords on each pass means you need 3.28 x 10^18 passes to explore all options. Since there are only 3.7 x 10^9 public IPv4 addresses, total,[2] that means if every single public machine (or NAT) on the Internet were gathered into a massive zombie net, the chance of them cracking one of your passwords is 1 in a billion. My state lottery offers better odds. And we haven't even added symbols yet. But, I hear you say, fail2ban doesn't ban an IP forever. True. What it does is greatly stretch out the time between hammer blows, above that of ssh's own attack mitigation timers. Let's say you set the ban expiration time to 5 minutes. Let's also say you really annoyed someone, so they rent time on a 1 million machine zombie net, just to try and break into your server. Let's also say they focus their entire attack on a single account, rather than guess user names as well as passwords, as is common for SSH crackbots. The zombie net factor drops the 10^18 pass count magnitude above to the order of 10^12. 10^12 * 5 minutes is about 10 million years. If you start using pre-shared keys and configure sshd to accept keys only,[3] you turn lottery odds into astronomical odds. The twelve character passwords above have about 71 bits of entropy, if you pick them randomly. A generated SSH key is as close to random as you're likely to get, and it will have a *minimum* of 1,024 bits of entropy. Every bit of entropy doubles the required attack time, so you turn 10^9 into 10^ridiculous. (Well known exponent in number theory, that.) What if we're willing to settle for human time scales, rather than astronomical ones? Using the information above, I have come to the realization that if I can hold off the crackbot hordes for just another 100 years, I can stop caring about the risks, on account of the fact that I expect someone else will be taking care of my remaining CentOS 3 servers by then, and they will change the passwords shortly after handover. It turns out that 8 random lowercase letters is sufficient to buy me those 100 years. I can then go play Tetris in my centenarian dotage without a care for the security of my old Linux boxen. So, unless your passwords are weaker than 8 lowercase random letters, you're literally wasting time manually banning IPs. Let fail2ban do its job, while you go off and do something a dumb computer can't. I've used fail2ban myself, but only to cut down on log noise, not because it adds any real security. In the end, I've found that moving ssh to a nonstandard port is just as effective at reducing log noise. [1] https://www.grc.com/haystack.htm [2] http://goo.gl/7LtFvE [3] http://goo.gl/02oksG ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I concur with all you've said, and I haven't done the load stats, but it appears to me that a hundred of these crackers hitting my machine at these rates is likely to deny my legit users some resources. That is still a concern, but I've already seen that 20 banned ip ranges out of china has dropped the incidence from about 100 to 3. That's worth the effort to gain a better understanding of iptables in managing my servers anyway. I've noticed (unquantified) a bit better login response and interactive response without the resource drain, unless I'm just imagining it... Besides, just because the odds are against you, sometimes luck is all it takes. I'm looking into the shared keys approach, so I can do away with passwords. thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SELinux issue?
I've recently built a new mail server with centos6.5, and decided to bite the bullet and leave SELinux running. I've stumbled through making things work and am mostly there. I've got my own spam and ham corpus as mbox files in /home/user/Mail/learned. These files came from my backup of the centos 5 server this machine is replacing. The folder is owned by the user (the following is run as root): ls -laF learned drw---. 6 user group 4096 Jun 10 03:35 ./ drw---. 6 user group 35864Jun 10 03:35 ../ drw---. 6 user group 4096 Jun 10 03:35 2004/ -rw---. 6 user group 155296 Jun 10 03:35 2014_10_Jun_learned_spam -rw---. 6 user group 996584 Jun 10 03:35 2014_10_Jun_learned_ham also as root: ls -laZlearned drw---. 6 user group unconfined_u:object_r:mail_spool_t:s0. drw---. 6 user group unconfined_u:object_r:mail_spool_t:s0.. drw---. 6 user group unconfined_u:object_r:mail_spool_t:s02004 -rw---. 6 user group system_u:object_r:mail_spool_t:s02014_10_Jun_learned_spam -rw---. 6 user group system_u:object_r:mail_spool_t:s02014_10_Jun_learned_ham When I do the same as the user, I get this: ls -laF learned ls: cannot access learned/2004: Permission denied ls: cannot access 2014_10_Jun_learned_spam: Permission denied ls: cannot access 2014_10_Jun_learned_ham: Permission denied total 0 d ? ? ? ? ? ./ d ? ? ? ? ? ../ d ? ? ? ? ? 2004/ - ? ? ? ? ? 2014_10_Jun_learned_spam - ? ? ? ? ? 2014_10_Jun_learned_ham and this: ls -laFZ learned ls: cannot access learned/2004: Permission denied ls: cannot access 2014_10_Jun_learned_spam: Permission denied ls: cannot access 2014_10_Jun_learned_ham: Permission denied total 0 d ? ? ./ d ? ? ../ d ? ? 2004/ - ? ? 2014_10_Jun_learned_spam - ? ? 2014_10_Jun_learned_ham The user's process to feed the spam and ham to spamassassin fails when trying to write to the directories, even though the files are owned by user:group What, precisely is wrong here? I don't get any AVC entries in /var/log/audit/audit.log, so I'm at a loss as to what to try next. Should this directory not be target mail_spool_t? Any guesses? -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux issue?
On 6/16/2014 10:13 AM, m.r...@5-cent.us wrote: Chuck Campbell wrote: I've recently built a new mail server with centos6.5, and decided to bite the bullet and leave SELinux running. I've stumbled through making things work and am mostly there. I've got my own spam and ham corpus as mbox files in /home/user/Mail/learned. These files came from my backup of the centos 5 server this machine is replacing. The folder is owned by the user (the following is run as root): ls -laF learned drw---. 6 user group 4096 Jun 10 03:35 ./ drw---. 6 user group 35864Jun 10 03:35 ../ drw---. 6 user group 4096 Jun 10 03:35 2004/ -rw---. 6 user group 155296 Jun 10 03:35 2014_10_Jun_learned_spam -rw---. 6 user group 996584 Jun 10 03:35 2014_10_Jun_learned_ham also as root: ls -laZlearned drw---. 6 user group unconfined_u:object_r:mail_spool_t:s0. drw---. 6 user group unconfined_u:object_r:mail_spool_t:s0.. drw---. 6 user group unconfined_u:object_r:mail_spool_t:s02004 -rw---. 6 user group system_u:object_r:mail_spool_t:s02014_10_Jun_learned_spam -rw---. 6 user group system_u:object_r:mail_spool_t:s02014_10_Jun_learned_ham When I do the same as the user, I get this: ls -laF learned ls: cannot access learned/2004: Permission denied ls: cannot access 2014_10_Jun_learned_spam: Permission denied ls: cannot access 2014_10_Jun_learned_ham: Permission denied snip Yup, you will. The *directories* have to be executable for you to look in them. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I don't know how, after all these years, that bit on knowledge escaped me. Thanks, it works perfectly now. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] iptables question
I'm running fail2ban to attempt to block malicious brute-force password dictionary attacks against ssh. They seem to be rolling through a block of ip addresses as the source to defeat this kind of screening, so I've set some ip addresses to be blocked in iptables. Here is the output of iptables -L (edited): Chain INPUT (policy ACCEPT) target prot opt source destination fail2ban-VSFTPD tcp -- anywhere anywheretcp dpt:ftp fail2ban-SSH tcp -- anywhere anywheretcp dpt:ssh RH-Firewall-1-INPUT all -- anywhere anywhere DROP all -- 116.10.191.0/24 anywhere DROP all -- 183.136.220.0/24 anywhere DROP all -- 183.136.221.0/24 anywhere DROP all -- 183.136.222.0/24 anywhere DROP all -- 183.136.223.0/24 anywhere DROP all -- 122.224.11.0/24 anywhere DROP all -- 219.138.0.0/16 anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- anywhere anywhere REJECT all -- anywhere anywherereject-with icmp-ho st-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere anywhere ACCEPT icmp -- anywhere anywhereicmp any ACCEPT esp -- anywhere anywhere . . . Yet in my logwatch emails, I see this, long after the iptables rules are in place to drop some ip ranges: - pam_unix Begin sshd: Authentication Failures: root (116.10.191.166): 1 Time(s) root (116.10.191.167): 1 Time(s) root (116.10.191.170): 1 Time(s) root (116.10.191.173): 1 Time(s) root (116.10.191.179): 1 Time(s) root (116.10.191.182): 1 Time(s) root (116.10.191.186): 1 Time(s) root (116.10.191.199): 1 Time(s) root (116.10.191.203): 1 Time(s) root (116.10.191.211): 1 Time(s) root (116.10.191.219): 1 Time(s) root (116.10.191.223): 1 Time(s) root (116.10.191.226): 1 Time(s) root (116.10.191.228): 1 Time(s) root (116.10.191.237): 1 Time(s) snip - SSHD Begin Failed logins from: 116.10.191.165: 4 times 116.10.191.181: 3 times 116.10.191.201: 4 times 116.10.191.207: 4 times 116.10.191.218: 4 times 116.10.191.231: 4 times 116.10.191.234: 3 times 116.10.191.235: 4 times 116.10.191.239: 4 times If they keep going through this ip block, they will still get 255 attempts at the root password and 1020 attempts at other login/password combinations before they are blocked by fail2ban. Why is this ip range still able to attempt connections? Have I done something wrong with my address ranges, or added them in the wrong place? thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables question
All of the suggestions are graciously accepted, however, I was actually asking what I was doing wrong with iptables, and why, with the rules I put in place, someone was still able to connect to my machine. I understand there might be better ways, but if I don't understand what I did wrong last time, how am I going to figure out how to deny all, then allow selected, ehrn I can't seem to allow all and deny selected. There must be a misunderstanding on my part about how iptables are supposed to work. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables question
On 6/16/2014 9:44 PM, Earl Ramirez wrote: On Mon, 2014-06-16 at 21:42 -0500, Chuck Campbell wrote: All of the suggestions are graciously accepted, however, I was actually asking what I was doing wrong with iptables, and why, with the rules I put in place, someone was still able to connect to my machine. I understand there might be better ways, but if I don't understand what I did wrong last time, how am I going to figure out how to deny all, then allow selected, ehrn I can't seem to allow all and deny selected. There must be a misunderstanding on my part about how iptables are supposed to work. -chuck As John R Pierce mentioned one of your first rule in the chain is RH-Firewall-1-INPUT all -- anywhere anywhere, this simply mean everything with DROP after it will be ignored. iptables will work its way down the chain, therefore you have to options 1. remove that line or 2. move it at the bottom of the chain. I am clearly missing some emails, because I didn't see a reply from John R Pierce. My apologies. I appreciate you restating this. I'll try to go make sense of iptables, given the insight, thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables question
As John R Pierce mentioned one of your first rule in the chain is RH-Firewall-1-INPUT all -- anywhere anywhere, this simply mean everything with DROP after it will be ignored. iptables will work its way down the chain, therefore you have to options 1. remove that line or 2. move it at the bottom of the chain. I am clearly missing some emails, because I didn't see a reply from John R Pierce. My apologies. I appreciate you restating this. I'll try to go make sense of iptables, given the insight, thanks, -chuck OK, I went to the list archive and found the email in question. Also, one after it that asked how I added these rules. I ran a script after fail2ban was started. It looks like this: #!/bin/sh iptables -A INPUT -s 116.10.191.0/24 -j DROP iptables -A INPUT -s 183.136.220.0/24 -j DROP iptables -A INPUT -s 183.136.221.0/24 -j DROP iptables -A INPUT -s 183.136.222.0/24 -j DROP iptables -A INPUT -s 183.136.223.0/24 -j DROP iptables -A INPUT -s 122.224.11.0/24 -j DROP iptables -A INPUT -s 219.138.0.0/16 -j DROP so, how do I get them in front of the RH-Firewall-1-INPUT, or do I add them to that chain? -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] procmail and dovecot
Does anyone know how to get procmail and dovecot to play happily together with mboxes? I'm on Centos 6.5, fully patched. I'm getting tons of lock timeouts which is killing performance. I tried using dovecot's lda from procmail, which prompted many adjustments to selinux, which I managed, but it still gives permission problems, and I haven't succeeded in getting it to deliver mail. Any guesses at all would be useful. thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 448 W. 19th St. #325|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] procmail and dovecot
On Fri, Jun 13, 2014 at 09:14:06AM -0400, Jason Pyeron wrote: -Original Message- From: Chuck Campbell Sent: Friday, June 13, 2014 9:09 Does anyone know how to get procmail and dovecot to play happily together with mboxes? I'm on Centos 6.5, fully patched. I'm getting tons of lock timeouts which is killing performance. That is 1 of 2 reasons why we switched to Maildir. What was the second reason? Always looking for justification to take up the line with my recommendations... I tried using dovecot's lda from procmail, which prompted many adjustments to selinux, which I managed, but it still gives permission problems, and I haven't succeeded in getting it to deliver mail. Any guesses at all would be useful. I would recommend switching if that is an option, if it helps we did it incrementally on our userbase. Are there any tools to convert procmailrc files to maildir compatible recipes? -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 5.x SElinux issues
I did a complete clean install of CentOS 5 from CD yesterday. I took the default selinux configuration. After that I ran yum update and found 600 plus updates and installs. I let it go to do the updates and during that process I saw a large number of issues in the selinux troubleshooter. I also see these kinds of things in /var/log/messages: **Unmatched Entries** (Only first 10 out of 49031 are printed) audit: audit_backlog=262 audit_backlog_limit=256 audit: audit_lost=1 audit_rate_limit=0 audit_backlog_limit=256 audit: backlog limit exceeded audit: audit_backlog=262 audit_backlog_limit=256 audit: audit_lost=2 audit_rate_limit=0 audit_backlog_limit=256 audit: backlog limit exceeded . . . This makes me wonder if I've now got a corrupt system because of partial installs/upgrades on a number of packages ? Do I need to start over with a clean install again, and how do I avoid this problem the next time I try to run updates after the install? thanks, -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 633 1/2 W. 21st St.|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | campb...@accelinc.com | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] fetchmail log messages I don't understand
I see these messages every time fetchmail pops my mail. I don't understand what certificates it is talking about, or how to straighten this out. fetchmail: Server CommonName mismatch: localhost != mail.mydomain.com fetchmail: Server certificate verification error: self signed certificate fetchmail: Server certificate verification error: certificate has expired What do I need to read up on to understand this and find a fix? TIA, -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fetchmail log messages I don't understand
On Wed, Oct 24, 2007 at 06:58:06PM +0100, Luciano Rocha wrote: On Wed, Oct 24, 2007 at 12:22:21PM -0500, Johnny Hughes wrote: Luciano Rocha wrote: On Wed, Oct 24, 2007 at 11:46:34AM -0500, Chuck Campbell wrote: I see these messages every time fetchmail pops my mail. I don't understand what certificates it is talking about, or how to straighten this out. I would like to point out that the certificate in question resides on the server where you are getting ou mail from ... not your machine with fetch on it, so unless you own the mail server that it is pulling from, you are not going to fix the certificate. I assumed the mail server was under the poster's control. It's unusual to see a public server with so badly set up PKI. -- lfr 0/0 Interestingly, it is our hosting provider, networksolutions... Possibly I need to set something in my administrator capacity for the email server. I'll drop them an email and find out. Thanks for the help. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 633 1/2 W. 21st St.|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | [EMAIL PROTECTED] | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] is there an smp kernel?
I have a dual xeon, dual core box running the xen x86_64 kernel. I've decided against running any guest OS'es most of the time, so I'd like to install an smp kernel, that would hopefully allow me to install and use the nvidia drivers for my quadro FX1500 graphics card. I did a yum list kernel* but I don't see any smp kernels. Do I need to do a full reinstall w/o virtualization, or does the plain kernel.x86_64 0:2.6.28-8.1.14.el5 support smp? I spent an hour or so googling and didn't find any clear answer, but I may not have looked in the right place. thanks, -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Thu, Sep 13, 2007 at 10:11:35PM +0100, Karanbir Singh wrote: This is one the major issues with the Linux process these days, as you move from kernel to kernel there is almost zero assurance of driver abi/api stability - and that in turn creates a situation like this wherein one kernel works while another does not. Its enough of a situation that on a lot of platforms sysadmins will not upgrade a kernel unless they really really need to. On CentOS and the EL codebase, this isnt so much of an issue because upstream do some work on trying to make sure they dont break driver compatibility. If they do break this compatibility, its easy to detect. And most of the heavy lifting is getting done by a fairly simple shell script called weak-modules, based in /sbin/ and comes from module-init-tools.rpm weak-modules will basically take a given driver .ko and check what other kernels installed at this time will work with it, it will then create the symlinks for each of those kernels to point at this .ko. It will then check each initrd in the /boot dir, and update each initrd for kernels it found compatible with the driver. Rather than overwrite the initrd, it will create a new one with the same-name but followed by a number. It will then edit /etc/grub.conf and add a *new* section for this just created initrd. So when you reboot the machine you have the choice to boot the kernel.rpm shipped initrd or the newly updated one. Ok, so how does this work ? lets say you have drivers ( from install time ) in /lib/modules/2.6.8-8.el5/updates/ 1) sudo to root 2) find /lib/modules/2.6.8-8.el5/updates | /sbin/weak-modules --add-modules This didn't work. I did: ls -1 /lib/modules/2.6.8-8.el5/updates | /sbin/weak-modules --add-modules 3) watch the blinking lights, depending on how many kernels you have installed it could be a few seconds 4) check /boot/ and make sure you have the new updated initrd's for all kernels you thought it would work with. 5) check /etc/grub.conf for new sections [1] 6) reboot with whatever kernel + initrd you want All worked fine for the 2.6.18-8.1.8.el5xen kernel. 7) all further kernels brought down by yum from the centos repos will auto magically get this driver included in the initrd. ( rpm -q --scripts kernel-version will show you what happens in the post install section, and how weak-updates does an --add-kernel ) New kernel was released, so I did yum update. The new kernel boots, but does not see the raid devices on the 3ware card. the update also seems to have removed my install kernel (2.6.18-8.el5xen). Did that step on something? If I boot the 2.6.18-8.1.8el5xen kernel, I still see my raid devices, so it worked for the first update... I will try this in a few moments. One last observation though, 3Ware has a newer driver for the updated kernel. If I wish to use it, is it a simple matter of replacing the 3w-9xxx.ko file with the appropriate one? If it is more complicated than that, where do I find info about this issue? well, in this case, build that .ko agains the oldest kernel-devel you have on the machine ( ideally, I should say only against the installtime kernel, but lots of people dont have that hanging around :/ ) and weak-modules should do its magic. There is a pre-built (by 3ware) .ko file for 2.6.18-8.1.8.el5xen I don't know what to do with it though. Slight change in plan, I did this braindump and you get to write the wiki page :) I've never done a wiki page, but I'm okay with writing this all up, once I understand it. I can put what you wrote above (with some minor fixes), but it didn't exactly work out for further kernel updates... Not sure what to say about that. You might also want to look and see how the /lib/modules/kver/extras/ directory contents are handled and include some info on that. Since that would basically address non install time .ko The extras dir in the orig install kernel tree is empty. So is the weak-updates dir, since the kernel update removed the install kernel??? The 2.6.18-8.1.8.el5xen tree has a weak updates tree which appears to duplicate the old lib/modules tree. It looks like this: /lib/modules/2.6.18-8.1.8.el5xen/weak-updates/lib/modules/2.6.18-8.el5xen/updates/3w-9xxx.ko So I'm completely confused at this point... -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Wed, Sep 12, 2007 at 08:06:03PM +0100, Karanbir Singh wrote: Chuck Campbell wrote: http://pastebin.ca/693896 http://pastebin.ca/693905 As you have already pointed out in this email, yes - the installtime kernel does see the drives fine. Thanks for your help, I appreciate it! -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Wed, Sep 12, 2007 at 08:10:32PM +0100, Karanbir Singh wrote: Chuck Campbell wrote: If you want to keep the driver in-place even when the kernel updates, you might want to investigate the weak-updates process and how you might get a driver included into that. Pretty much everything you need to make it happen would be on the system already. Where do I find info about this? I suspect I will need to do this with every kernel update??? how exactly where you planning on managing out-of-tree kernel drivers otherwise ? I've no idea... I've never had to deal with this before, so I didn't even understand this could be an issue. It raises more questions for me than I had thought of previously though. I have more homework ahead of me :-) btw, since this is a stable distro you are using, the chances are that the same driver will work through the life of the product. Try this command : /sbin/weak-modules and register the driver you have against that. Then reinstall the updated kernel and the driver should move along. I will try this in a few moments. One last observation though, 3Ware has a newer driver for the updated kernel. If I wish to use it, is it a simple matter of replacing the 3w-9xxx.ko file with the appropriate one? If it is more complicated than that, where do I find info about this issue? I shall try and do some more specific docs on this, in the centos wiki, over the next few days. Thanks, I'm anxious to learn, since I'll probably need to deploy more systems with this (and other similar) issue(s). -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] NFS and iptables issues
I've got a newly installed Centos 5.0 box, planned to replace an ageing server (solaris box). I've set up the nfs shares, but the other solaris boxes won't mount them, unless I turn of iptables on the Centos box. If I do that, they mount, and all operations tested to date work fine. Iptables is allowing the 2049 tcp and udp ports already. What else needs to be opened up in iptables for nfs to work through the firewall? I looked at the RHEL system admin guide on NFS and found nothing useful. thanks, -chuck ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Tue, Sep 11, 2007 at 10:37:05PM +0100, Karanbir Singh wrote: Chuck Campbell wrote: Bothe kernels see the card though (looking in /var/log/messages after boot. Can you post the output from 'dmesg; lsmod; lspci -n' booting the installtime kernel at http://pastebin.ca/ and post the url to that here.. I concatenated dmesg, lsmod and lspci outputs from booting the install kernel into a single file and put it here: http://pastebin.ca/693896 Glancing through dmesg I do see the 3ware controller and sda, sdb, sdc and sdd, so in the install kernel, it looks like everything is recognized. I then booted the updated kernel and reran the dmesg, lsmod and lspci commands, then concatenated the outputs into another file and put it here: http://pastebin.ca/693905 I see differences with respect to the 3ware stuff and disks recognized, but I don't know how to reconcile them with the new kernel. Both kernels seem to load the 3ware module (lsmod output), but the updated kernel doesn't see the raid devices (only /dev/sda and /dev/sdb). -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Tue, Sep 11, 2007 at 05:19:07PM +0100, Karanbir Singh wrote: If you want to keep the driver in-place even when the kernel updates, you might want to investigate the weak-updates process and how you might get a driver included into that. Pretty much everything you need to make it happen would be on the system already. Where do I find info about this? I suspect I will need to do this with every kernel update??? -chuck -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Sat, Sep 08, 2007 at 01:07:50PM -0700, mark pryor wrote: This is what you said in the OP quote The intent is to install the OS onto the 2-320GB drives on the motherboard controller (preferrably in a raid 1 configuration). The other disks are for our data requirements. /quote Yes, but it turned out that my install media was indeed corrupt, even though it passed media verification. I got a new iso image for the install dvd from a different location, and burned a new disc. I did an install from this w/o the earlier reported hang, or SQUASHFS errors. I couldn't figure out how to do the raid1 boot device on the MB controller, or how to do it via s/w raid in the installer, so I installed onto a single disc on the MB controller. I now have 2 individual disks which show up as sda and sdb. I did custom partitioning in the install and set up a /boot, / and swap partitions on sda. I set up additional swap and other partitions on sdb. During the install, I deselected the sdc and sdd, devices during partitioning (these are the raid arrays on the 3ware card). Each is over 2 TB as they stand, so I was afraid of problems with the mke2fs step, and thought I'd create filesystems after initial boot. I believe I need to use 4KB block size (or maybe 8KB) to get 2TB filesystems, and wasn't sure the installer would do this correctly. The installer saw the 3ware devices (2 of them) because I loaded a driver from floppy (linux text dd). I just didn't use them in the install steps. I ran the install as described above and put grub on the MBR of sda. The system now boots, so I ran a yum update, which updated 156 packages. The kernel was updated too, so I set it up to boot the new xen kernel. The large arrays on the 3ware card don't seem to be recognized either before or after the yum update. The /var/log/messages file shows the 3ware card was found, but doesn't seem to find any exported devices... The smartd man page indicates I need to use /dev/twaN in the smartd.conf file, but these device files don't exist. I'm stuck and at a loss on how to find these 3ware arrays to put filesystems on. The MB controller is fakeraid and to use it would require the dmraid support in the install. is this through a driver disk? I'll have to delve into this another day, I need to get this machine online with the big raid arrays useable ASAP. Was your MB setup by the reseller with the 2 320 GB drives in Raid1? What shows in the Intel Matrix Raid bios? No, I added the disks after the machine arrived w/o any OS installed. At boot time I see the six onboard slots, with two 400gb grives recognized. Following this, the 3ware bios reports the other 8 disks in two arrays. Lastly the adaptec scsi card bios shows no devices attached (this if for the tape drives later). I have installed Fedora on such a SuperMicro board and we went Raid1 using the onboard device. What's easy to mess up is the boot order menu. If you want to boot from the Raid1 array, you have to bring it in as one of the choices. If you have never setup Linux on a SuperMicro its a little tricky. I have, but not as raid1. I still haven't done a raid1, because I just installed on a single disk to get down the road. Unfortunately I can't see my 3ware raid arrays now... I'm getting a bit frustrated. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 633 1/2 W. 21st St.|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | [EMAIL PROTECTED] | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Tue, Sep 11, 2007 at 05:19:07PM +0100, Karanbir Singh wrote: Chuck Campbell wrote: The system now boots, so I ran a yum update, which updated 156 packages. The kernel was updated too, so I set it up to boot the new xen kernel. Depending on the way your Driverdisk is setup - it would have only installed the drivers for the kernel you installed initially. So if you have problems talking to the 3ware drives, try booting from that kernel instead. If you want to keep the driver in-place even when the kernel updates, you might want to investigate the weak-updates process and how you might get a driver included into that. Pretty much everything you need to make it happen would be on the system already. yes, it is a 3ware 9650SE-8ML. I used the driver disk during the install, and the installer saw the raid devices. I deselected them during the partitioning of the install disks, and the installed system doesn't see those devices. I then updated the kernel and the new kernel doesn't see the devices either. When I boot the old kernel again, it still doesn't see the devices. Bothe kernels see the card though (looking in /var/log/messages after boot. -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 633 1/2 W. 21st St.|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | [EMAIL PROTECTED] | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installation troubles
On Fri, Sep 07, 2007 at 03:32:55PM -0700, mark pryor wrote: Chuck Campbell [EMAIL PROTECTED] wrote: I have a new machine I'm trying to install Centos 5.0 on and I'm not getting very far. Chuck, I'm suprised that the raid array wasn't named as /dev/mapper/isw_xxxyyyxxx raid arrays are real hw raid on the 3ware card, and show up as very large disks. I was trying to install to a single drive (non raid) in the earlier messages. to be named as /dev/sdc suggests that anaconda didn't use dmraid. To be sure that the installer missed using dmraid, you could do a quick knoppix (4.0+) live session and try to mount and read the fakeraid array named above. There are no fake raid arrays, just the hw raid arrays and the two individual disks, which show up as sda and sdb (very large 2Tb disks) and sdc, sdd which are the two single disks. If you don't find the isw_ device, then you will have to redo the install, adding the dmraid kernel parameter along with dd text dmraid. The install never runs, it just hangs as I described, so I have nothing on any of the disks... As far as the blank screen, while in the knoppix session try to see if your xorg.conf is missing a modeline. If missing, add a modeline suitable for your monitor. Not a blank screen, a screen full of hash with an X cursor which changes to the arrow, but I cvan't see anything in the the hashed up screen. I'll look for the xorg.conf details in knoppix, but how do I use those to do a centos graphical install? -chuck -- ACCEL Services, Inc.| Specialists in Gravity, Magnetics | (713)993-0671 ph. | and Integrated Interpretation | (713)993-0608 fax 633 1/2 W. 21st St.|Since 1992 | (713)306-5794 cell Houston, TX, 77008 | Chuck Campbell | [EMAIL PROTECTED] | President Senior Geoscientist | Integration means more than having all the maps at the same scale! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Installation troubles
I have a new machine I'm trying to install Centos 5.0 on and I'm not getting very far. The system is 2 dual core xeons (5160, 3.0 GHZ) w/ 8GB ram. It has two 320 GB disks on the motherboard controller (Supermicro X7DAE+), and 8 750 GB disks on a 3ware 9650SE-8ml, pcie (x4) controller card. The 8 disks are set up as two raid 5 volumes (4 disks each). There is a scsi card in the machine w/ nothing attached to it. The graphics card is na NVIDIA Quadro FX 1500 (pci express x16). The intent is to install the OS onto the 2-320GB drives on the motherboard controller (preferrably in a raid 1 configuration). The other disks are for our data requirements. 1)I used bit torrent (azureus on windows) to download the dvd iso for Centos 5.0, and it completed without any errors. I believe it does the checksumming verification automatically. I also ran sha1sum against the image, and it came out fine. 2)I burned the image to a dvd using roxio. No errors. When I couldn't get down the road, I burned another copy with no errors. 3)During the install, I verified the media with no errors for both of the disks. 4)I downloaded the driver for this OS and raid card from AMCC-3ware site and made a driver floppy. 5)I booted the dvd and ran linux dd to do the install. Should the graphical installer work on an nvidia quadro fx1500 graphics card? At the present it doesn't appear to work for me, I get hash all over the screen, once X starts. 6)I booted the dvd again and ran linux text dd. I verified my dvd media without problems, and it reads the driver floppy and loads the 3w-9xxx driver. It asks questions about lang, kbd and timezone. 7)For partitions, I selected custom, created a /boot, /, swap and /home on the first 320 GB disk (it turns out to be sdc, with sda and sdb being the big raid volumes). After the grub section (I told it to put grub on the /boot partition) the screen is blue, and it just sis without any further response (I left it over night, so it should have finished). 8)If I press alt-f3, the last thing I see is: 13:18:16 INFO : Moving (1) to step reposetup 9)If I press alt-f4, the last thing I see is: 5SQUASHFS error : sb_bread failed reading block 0x6acc 5SQUASHFS error : unable to read page, block 1aaa0d9, size 9154 8)I'm at a loss as to what to try next, or how to find out what is wrong. thanks in advance for any and all help, -chuck By the Way, a knoppix 3.8 live cd will boot and run fine on the hardware. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos