If you have NIS configured, it'll be used by anything that needs to map
a uid or gid number to a name, or anything that needs a list of groups
for users, among other things.
That means (IIRC) that having a crontab implies a NIS lookup, because
creating a new session for your user needs to
On 06/02/2017 04:32 AM, hw wrote:
What may cause the high CPU load?
Offhand, it's hard to say. I don't see similar behavior. Can you post
the libvirt XML definitions for those VMs somewhere? pastebin maybe?
What's the output of "rpm -qa qemu\*"?
On 06/05/2017 10:40 AM, Mark Haney wrote:
[root@ansible ~]# ansible-playbook playbooks/radtest.yml
--ask-become-pass
SUDO password:
ansible-playbook --become-method su --ask-become-pass playbooks/radtest.yml
___
CentOS mailing list
On 05/31/2017 08:04 AM, m.r...@5-cent.us wrote:
I've got an old RAID that I attached to a box. LSI card, and the RAID has
12 drives, for a total RAID size of 9.1TB, I think. I started shred
/dev/sda the Friday before last... and it's still running. Is this
reasonable for it to be taking this
On 05/22/2017 12:57 PM, Jason Welsh wrote:
im trying to set up a shared samba directory for users to use on
centos 7, but whenever I create a file from the samba client to the
samba server,
the owner of the file ends up being the user the share is mounted up as..
That's how SMB works.
On 05/20/2017 06:10 PM, Adam Tauno Williams wrote:
Six months later, now on CentOS6.9, we still see the same issue -
constantly logging this message. Server packages are all up-to-date.
I find multiple reports on the Internet - but no solutions.
The bug report mentioned in the message you
Use "rpm -Vf /path/to/original/module.ko"
If rpm tells you that the checksum has been modified, then the
"original" file you've got isn't the correct file. Download the rpm
that owns that file, and use "rpm -i --replacefiles --replacepkgs
" to reinstall the kernel package.
On 05/13/2017 02:52 AM, Nicolas Kovacs wrote:
But when I do the same thing with CentOS, I don't have a real
full-screen display. There's still two grey bars left on the upper and
lower end of the screen.
From the virt-manager main window:
Edit -> Preferences -> Console -> Resize guest with
On 05/09/2017 04:08 AM, Nicolas Kovacs wrote:
I'd like this machine to also be a KVM virtualization host, so I
installed qemu-kvm and libvirt. The interface facing the LAN is enp3s0,
so I created a virbr0 bridge like this.
virbr0 is a device managed by libvirt, and it'll come up later than
On 05/07/2017 07:22 AM, ken wrote:
"Note that traditional init scripts continue to function on a systemd
system. An init script /etc/rc.d/init.d/foobar is implicitly mapped
into a service unit foobar.service during system initialization."
...
However, what it implies doesn't seem to work out.
On 05/02/2017 01:39 PM, Robert Moskowitz wrote:
Is there a good guide for setting up a Samba active domain controller?
There's samba's guide:
https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
..though you can't use the Red Hat/CentOS packages, since
On 04/30/2017 07:24 PM, Günther J. Niederwimmer wrote:
when I like to set this Rule ?
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/
typo3conf(/.*)?"
This Errors are displayd ?
neverallow check failed at /etc/selinux/targeted/tmp/modules/100/selinuxutil/
cil:244
I see,
On 04/30/2017 07:03 AM, Günther J. Niederwimmer wrote:
I write this!
semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/html(/.*)?/
typo3conf(/.*)?"
OK. Did you get an error?
I have more instances from typo3
I found this construct in the selinux policies
On 04/29/2017 06:50 AM, Gregory P. Ennis wrote:
about 4 years ago, I tried to install CentOS 6 on a Supermicro server
with SCSI drives using a LSI raid system.
Red Hat does discontinue support for some storage driver for very old
hardware when they start a new release series. For EL6, that
On 04/28/2017 12:06 AM, Robert Moskowitz wrote:
Here are the messages I got:
type=AVC msg=audit(1493361695.041:49205): avc: denied { rlimitinh }
for pid=3047 comm="cleanup"
scontext=system_u:system_r:postfix_master_t:s0
tcontext=system_u:system_r:postfix_cleanup_t:s0 tclass=process
On 04/28/2017 01:37 AM, Nicolas Kovacs wrote:
So before I go any further with this, I'm asking the more technically
proficient admins here. Are there any drawbacks to using this solution?
Until you run in to the limit of 100 domains per cert, I think the
process you described is preferred.
On Mon, Apr 24, 2017 at 9:53 AM, James B. Byrne wrote:
> sha256sum /dev/sr0
> Which gave this result:
> sha256sum: /dev/sr0: Input/output error
isoinfo -d -i /dev/sr0 | grep -i -E 'block size|volume size'
dd if=/dev/cdrom bs= count= | sha256sum
Reference:
On 04/26/2017 12:29 AM, Robert Moskowitz wrote:
But the policy generates errors. I will have to submit a bug report,
it seems
A bug report would probably be helpful.
I'm looking back at the message you wrote describing errors in
ld-2.17.so. I think what's happening is that the policy on
On 04/25/2017 10:29 PM, Robert Moskowitz wrote:
did not work. it was set off, so I turned it on and tried it out. Got
the same errors:
Apr 26 01:25:45 z9m9z dovecot: dict: Error:
mysql(/var/lib/mysql/mysql.sock): Connect failed to database
(postfix): Can't connect to local MySQL server
On 04/25/2017 03:25 PM, Robert Moskowitz wrote:
This made the same content as before that caused problems:
I still don't understand, exactly. Are you seeing *new* problems after
installing a policy? What are the problems?
# The file '/var/lib/mysql/mysql.sock' is mislabeled on your
On 04/25/2017 07:00 PM, Jobst Schmalenbach wrote:
What I want is the IP address and if possible the incorrect password (just to
see how far they are off).
Is this possible?
I hope not. That's a terrible idea. Every time a user fat-fingers
their password, your plain-text logs have a copy
On 04/25/2017 12:05 PM, Robert Moskowitz wrote:
How do I undo the damage the last attempt caused?
I'm not sure what damage you mean.
If you installed a custom selinux module already and want to remove it,
look at the files in /etc/selinux/targeted/modules/active/modules/.
Those are the
On 04/25/2017 01:58 AM, Laurent Wandrebeck wrote:
Quick’n’(really) dirty SELinux howto:
Alternate process:
1: setenforce permissive
2: tail -f /var/log/audit/audit.log | grep AVC
3: use the service, exercise each function that's constrained by the
existing policy
4: copy and paste the
On 04/21/2017 12:49 PM, Frank Thommen wrote:
It seems, that this is not related to local disk space - as I initally
thought - but to too small memory. It only happens with VMs with
little RAM (1024 MB). As soon as we raise the available memory to
2048 MB, kickstarting works fine. The RHEL
On 04/16/2017 03:53 AM, ken wrote:
And, yes, the exploits also include more than a few against linux. Go
to their site and look under vault7. Or search for "linux" or
"redhat"... you'll get hundreds of hits. Here's just one:
On 04/11/2017 04:16 PM, Alice Wonder wrote:
Hi, I would like to see this addressed.
Is there a firewalld solution to this issue?
Yes:
# Disable connection tracking for UDP DNS traffic
#
https://kb.isc.org/article/AA-01183/0/Linux-connection-tracking-and-DNS.html
firewall-cmd --permanent
On Tue, Apr 11, 2017 at 1:40 AM, Alice Wonder wrote:
> http://unix.stackexchange.com/questions/90035/how-to-set-dns-resolver-in-fedora-using-network-manager
>
> That says it works for CentOS 5 and I *suspect* the methods there (3 listed)
> would work
Across comments, there
On 04/11/2017 07:09 PM, Keith Keller wrote:
On 2017-04-11, Gordon Messmer<gordon.mess...@gmail.com> wrote:
You also don't have the flexibility to replace the kernel. Or glibc.
But you do, don't you? It'll take you months to replace them, or years
to rewrite, but you*can* do it.
Th
On 04/11/2017 10:16 AM, Nicolas Kovacs wrote:
I just read through this thread, and I must say I'm a bit worried, to
the point that I'm asking myself: is CentOS still as reliable as it was?
Yes. I've been very happy with release 7 across hundreds of servers and
dozens of configurations.
On 04/11/2017 10:05 AM, Nicolas Kovacs wrote:
Is there a*reliable* more or less quick & dirty tutorial on how to get
BIND up and running as a primary public nameserver, with the default
configuration as a starting point?
1: Change the "listen-on" settings to bind to network interfaces:
-
On 04/11/2017 09:48 AM, Leroy Tennison wrote:
Interesting that you should cite Stallman because freedom is an issue here,
we've been reduced to Microsoft when it comes to init. We've lost most of our
flexibility with no option to choose piecemeal what we want and don't want.
You also
On 03/27/2017 02:31 PM, m.r...@5-cent.us wrote:
Has that changed?
That answer is probably subjective. I'll probably never trust it, but
the number of recent known critical exploits isn't as high as it used to be:
https://www.cvedetails.com/vulnerability-list/vendor_id-358/Webmin.html
On 03/24/2017 06:52 AM, Matt wrote:
I already have epel installed. If it breaks something is it as simple
as yum erase python34 to restore everything back to normal?
Consider using "yum history undo" or "yum history revert" to remove
dependencies as well.
On 03/18/2017 10:46 AM, James B. Byrne wrote:
When I try to run fsck on any of them I see the following error:
fsck from util-linux-ng.2.17.2
e2fsck 1.41.12.(17-May-2010)
fsck.ext2: No such file or directory while trying to open /dev/vg. . .
Once you've completed enabling the logical
On 03/17/2017 02:41 AM, Ian Diddams wrote:
I’ve followed this
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Security_Guide/chap-Security_Guide-Securing_Your_Network.html#sect-Security_Guide-Workstation_Security-Administrative_Controls
Can you send the
On 03/14/2017 12:53 AM, Rajmohan Banavi wrote:
Is there any package available for qmail? I am having hard time finding it.
If you're interested in an qmail-style mail server that's actively
maintained, take a few minutes to look at Courier MTA. It features POP
and IMAP servers in addition
On 02/27/2017 08:21 AM, Valeri Galtsev wrote:
Quite some time ago I have noticed that kernel updated quite often "come
in pairs".
Looking at the errata list for the kernel package on RHEL 6, I don't see
any such pattern. It's certainly happened that kernel updates are
released withing a
On 02/25/2017 12:20 AM, Alice Wonder wrote:
I'm working on a major project bitcoin related and it would be
frustrating to deploy a bunch of CentOS 7 virtual machines only to
have 8 come out fairly soon afterwards.
I'd expect the release of RHEL 8 no less than 6 months after a beta was
On 02/22/2017 07:02 PM, John R Pierce wrote:
Without knowing what the OP's file system but assuming he too is
using EXT4, what would the directory be storing that's so different
from mine?
a bajillion small files vs a few large ones.
Not to be pedantic, but the size of a directory has
On 02/22/2017 12:27 PM, Anthony K wrote:
On 23/02/17 06:04, John R Pierce wrote:
on many modern file systems, larger directories are stored as some
sort of B-Tree or hash tree, so there's quite a lot of indexing data
in there along with the actual directory entries
So I gather this depends
On 02/22/2017 06:34 AM, Jason Welsh wrote:
How does the directory *itself* have a size of 2.8 megs?
If you write a large number of directory entries in a directory, the
directory will grow in order to provide storage for those directory
entries. You can imagine a directory as a text file
On 02/16/2017 09:18 PM, Keith Keller wrote:
Doesn't mdraid support changing RAID levels?
It supports a small number of conversions. See the "GROW MODE" section
of mdadm for details.
___
CentOS mailing list
CentOS@centos.org
On 02/17/2017 04:25 AM, Johnny Hughes wrote:
Here are where all the builds for EL6 devtoolset live:
http://cbs.centos.org/koji/search?match=glob=tag=*devtoolset*el6*
Thanks. Should we report the packages missing from "vault" somewhere?
___
CentOS
On 02/16/2017 01:20 PM, John R Pierce wrote:
look very closely at a USB 3.0 port, with the 'blue' tongued A
connector, and you'll see 5 additional pins in there behind the
standard USB1/2 4 pins.
I will be a monkey's uncle. Thanks for the pointers.
On 02/16/2017 04:45 PM, Dave Johansen wrote:
The source RPMs for devtoolset don't appear to be there, but I did find
them here:
http://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHSCL/SRPMS/
Possibly a result of an unspecified "accident"
On 02/16/2017 12:28 PM, John R Pierce wrote:
USB 1 and 2 used 4 pins.USB 3 ports have an ADDITIONAL 5 pins, the
original 4 are used for USB 1/2 operation, the new 5 only for USB 3
operation. they are effectively two completely independent controllers.
Do you mean USB type C? USB 3 is
On 02/15/2017 12:08 PM, Valeri Galtsev wrote:
/run/screen/S- - NOT on CentOS 5
/var/spool/samba - NOT on CentOS 5 that needs extra security - in our shop;
To be pedantic: screen definitely creates a user-writable directory on
CentOS 5, in a different location, and samba will include that
On 02/15/2017 08:47 AM, Valeri Galtsev wrote:
And yes, ALL user writable places (including often overlooked /dev/shm)
are mounted with nosuid, nosgid, nodev, noexec options on servers where
users are allowed to have shell.
How sure are you? On the system I'm looking at right now, any user
On 02/15/2017 08:22 AM, Chris Adams wrote:
noexec is not that big of a protection. On a normal CentOS system, you
almost certainly have python installed (as well as likely other
scripting languages such as perl), and they can be used to do just about
anything compiled code can do.
Exactly.
On 02/15/2017 12:23 AM, John R Pierce wrote:
DHCPv6 is really unusual. IPv6 addressing and routing is set up
almost entirely in the kernel, unless you're using static addresses.
IPv6 is neither harder nor easier with NetworkManager, in my experience.
It was my understanding that most ipv6
On 02/14/2017 08:40 PM, Alice Wonder wrote:
Well CentOS 7 doesn't use that, and trying to figure out where in the
mess of /etc/sysconfig/network-scripts the problem is occurring has
caused me much frustration.
DHCPv6 is really unusual. IPv6 addressing and routing is set up almost
entirely
On 02/13/2017 10:35 AM, m.r...@5-cent.us wrote:
What's in /etc/sysconfig/network-scripts/ifcfg-? Does it say
NM_CONTROLLED=no?
Good catch. No, it doesn't say no... because the line was commented out.
I've just uncommented it, and set it to yes.
Commented out should be the same as =yes.
On 02/13/2017 07:35 AM, m.r...@5-cent.us wrote:
Finally, I do an ifdown, followed by an ifup, and everything's wonderful.
What's in /etc/sysconfig/network-scripts/ifcfg-? Does it say
NM_CONTROLLED=no?
My manager thinks that the NM daemon thinks everything's fine, and
there've been no
On 02/13/2017 06:55 AM, KM wrote:
The NIC went bad and it has been replaced. I knew enough to update the HW
address in the ifcfg-* files. The network service restarts successfully
without errors. However I cannot connect via ping or ssh with the pt2pt
network setup on 192.168.x.*. When I
On 02/12/2017 10:50 AM, Robert Moskowitz wrote:
? What do I install for this?
You don't have to install anything. You'd just temporarily disable
"dontaudit" rules by running "semodule -BD". Give named time to log
additional "permission denied" errors, and then look for related AVC
On 02/12/2017 10:56 AM, Robert Moskowitz wrote:
It's probably safe to specify some range of higher numbered ports:
use-v4-udp-ports { range 10240 65535; };
use-v6-udp-ports { range 10240 65535; };
But that is not the ports that I am seeing in logwatch:
Yes, I know. The work-around in
On 02/12/2017 10:40 AM, Gordon Messmer wrote:
I'm not seeing those errors logged, either, so maybe your system
differs from mine. If I'm misreading, hopefully someone will chime in
to clarify.
... Also, it might be useful to get the AVCs on your system. The bug
entry indicated that you'd
On 02/11/2017 08:56 PM, Robert Moskowitz wrote:
This seems to be bug 1103439 which was 'fixed' for Centos6.
What should I do about this? Is there a SELinux policy to apply or
should I the avoid upd-ports option in Bind?
It looks like that bug was assigned to the selinux-policy component,
On 02/09/2017 02:55 PM, John R Pierce wrote:
you realize noone on this email list has anything to do with the
source code for this pkcheck thing?CentOS uses the code exactly as
is that Red Hat releases.You're tilting at windmills in the wrong
country here.
Yes, I do. And I tried
On 02/09/2017 02:27 PM, Warren Young wrote:
I’m with Gordon: someone certainly should fix this problem for its own sake,
but don’t try to strong-arm Red Hat into doing it for you because Security.
Way too many bad things are done Because Security.
My larger concern is that there *does* seem
On 02/09/2017 01:03 PM, Leonard den Ottolander wrote:
Not necessarily. Suppose the adversary is aware of a root
exploit/privilege escalation in a random library.
There is no such thing as a root exploit in a library. A "root exploit"
is one that ends with the attacker executing code as
On 02/09/2017 01:36 PM, Robert Moskowitz wrote:
So what SELinux magic do I need here
restorecon /etc/named.conf
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On 02/09/2017 10:50 AM, Leonard den Ottolander wrote:
SRPMS are signed which allows the integrity of the contents to be
checked. Such an integrity check is missing from the git repo.
Git already has the protection you're looking for. As part of its core
design, git uses a hash chain to
On 02/07/2017 02:33 PM, Alice Wonder wrote:
That's what I am trying to avoid, and that is easiest to avoid by just
using /usr as the prefix so that devel files have their headers in
/usr/include and devel files for different implementations of the same
API can not be installed at the same
On 02/07/2017 08:05 AM, Jerry Geis wrote:
I was expecting that command would build and install?
If that is not the case what do you run to install the package for
gstreamer and the plugins?
When rpmbuild finishes, it will list the rpm packages that it
generated. You can install those
On 02/07/2017 05:50 AM, Jerry Geis wrote:
Did I miss something?
Did you install the package that you built? "rpm -qf /usr/bin/gst-inspect"
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On 02/07/2017 01:42 AM, Alice Wonder wrote:
The software collections looks like it might interfere with some of my
own packaging (repos that build upon EPEL to provide modern server
stack based on LibreSSL and a repo for modern multimedia)
Where do you see a conflict? Those packages are
On 02/05/2017 06:37 PM, Alice Wonder wrote:
Where are src.rpm's ?
Same place as everything else:
http://vault.centos.org/7.3.1611/sclo/Source/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On 02/05/2017 05:33 PM, Alice Wonder wrote:
Is there by chance a compat package for gcc 4.9.x available?
Yes. Use the software collections.
https://www.softwarecollections.org/en/
https://www.softwarecollections.org/en/scls/rhscl/devtoolset-4/
yum install centos-release-scl && yum
On 02/02/2017 12:37 PM, Leonard den Ottolander wrote:
So by continuing to have these memory leaks in the binary you are making
it easier for a malevolent local user to mount an attack that might
cause the "desired" privilege escalation.
I'm really struggling to explain this more simply and
On 02/02/2017 11:46 AM, Leonard den Ottolander wrote:
That memory leak can be used to cause the
heap and the stack to run in to each other, and that flaw has previously
been combined with bugs in glibc to produce an exploit. The glibc bug
is now fixed, but there is still a risk that collision
On 02/02/2017 07:35 AM, Leonard den Ottolander wrote:
If that's so, why are you supplying patches to pkcheck rather than
fixing pkexec?
The patch has a fix for three memory leaks. One memory leak that allows
heap spraying in pkexec.c that according to the aforementioned article
is*directly*
On 02/02/2017 06:51 AM, Leonard den Ottolander wrote:
pkcheck might not be directly vulnerable. However, pkexec is.
If that's so, why are you supplying patches to pkcheck rather than
fixing pkexec?
If your bug report, you said, "The author clearly states that in his
example exploit he
On 02/01/2017 01:02 AM, Daniel Reich wrote:
I have a script to resign all DNS zones every two weeks.
I don't think I can answer the question about why your script is failing
per se, but I can say that there are some flaws in the approach that
your script is taking. Primarily, if you delete
On 01/29/2017 10:32 PM, Mark wrote:
That's strange, because I started the tor process simply with
sudo systemctl start tor
Yes, it looks like that package runs the service as "root". That
doesn't seem like a good default, and it could be a packaging bug. Try
adding "User toranon" to the
On 01/29/2017 02:35 PM, Leon Fauster wrote:
The next EL6 release (6.9) will have them marked as deprecated algorithms
(disabled by default).
The client will no longer attempt to use hmac-md5. The server will
continue to accept them.
On 01/29/2017 01:54 PM, TE Dukes wrote:
I telnet to localhost 143 or 993 and I can connect, telneting to 25 or 465,
connection refused.
As I mentioned before: firewalld allows all traffic to localhost. If
you're getting connection refused, then those services aren't running.
As for
On 01/29/2017 11:59 AM, Mark wrote:
As I don't know what dac_override is I don't know if it's a good idea
to give it to tor and the confidence seems quite low.
dac_override indicates that you're running your process as root, and
it's trying to do something on the filesystem which is not
On 01/28/2017 04:03 PM, TE Dukes wrote:
What is the preferred remote mail client for 7.3?
I'm a fan of SOGo.
https://sogo.nu/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On 01/27/2017 06:01 PM, TE Dukes wrote:
I telnet localhost 143, I get connection refused.
What zone is used for the local network and what zone is used for outside
access?
All traffic from localhost is allowed. No zone is involved.
The zone for "outside" access depends on which interface
On 01/27/2017 10:59 AM, Leonard den Ottolander wrote:
https://en.wikipedia.org/wiki/MD5 seems to disagree:
No, it doesn't. That page links to RFC 6151, which notes:
"It is not urgent to stop using MD5 in other ways, such as HMAC-MD5"
There's nothing wrong with disabling hmac-md5 in your
On 01/27/2017 10:03 AM, Leonard den Ottolander wrote:
To my astonishment the openssh versions on both C6 and C7 will by
default negotiate an MD5 HMAC.
Cryptographers still consider MD5 secure for HMAC use. Wikipedia's
references (currently 6, 7, and 8) in this article are useful:
On 01/26/2017 05:27 PM, Jerry Geis wrote:
I tried many things to mount it, to mdadm add it but
could not get it to cooperate.
You probably want to "mdadm --assemble --scan". If there were logical
volumes on it, you'd also want to "lvchange -a y" afterward.
On 01/26/2017 01:40 AM, Tony Mountifield wrote:
Anaconda doesn't set up the boot sector on the second drive by default,
so I put some grub commands in the post-install section of kickstart
to do so.
I can't attest that it *works* (mostly since I use UEFI everywhere
possible) but anaconda
You didn't answer all of the questions I asked, but I'll answer as best
I can with the information you gave.
On 01/25/2017 04:47 AM, mark wrote:
Made an md RAID 0 on the raw disks - /dev/sda /dev/sdb. No partitions,
nothing.
OK, so right off the bat we have to note that this is not a
On 01/24/2017 08:33 AM, m.r...@5-cent.us wrote:
I'm building a new box, and I want three partitions - /boot, /, and
swap, on*one* RAID 1, not three separate partitions. Other than
mdadm...,*is* there any way in the graphical installer to do
this? All I see is a way to make three separate
On 01/20/2017 09:31 AM, Peter Peltonen wrote:
I am planning to have RAID1 setup and I am wondering if I should use
the controller's RAID functionality which has 2GB cache or should I go
with JBOD + Linux software RAID?
I'd recommend testing the specific application that will run on this
On 01/20/2017 04:13 AM, Robbert Eggermont wrote:
Since this (opposite defaults) is broken by design, I hope the AD
provider will be fixed so it follows the general default.
I find filing bug reports generally more effective than hoping, and
submitting patches more effective still.
On 01/19/2017 06:54 AM, Subscriber wrote:
But I collect such statistics in Zabbix. And the numbers and graphs
indicate an increase in the load on the CPU (ie System time).
"load" has another meaning in the context of POSIX system performance
counters. I'm pretty sure you're talking about
On 01/19/2017 06:29 AM, Subscriber wrote:
and what kind of IO patterns do those VMs
have?
Do not quite understand. What do you mean?
What at the VMs doing? Are they entirely idle? Are they doing light
work, mostly reading from disks? If they're not generating disk IO,
then that's not
On 01/19/2017 12:43 AM, Marcin Trendota wrote:
After recent system upgrade (this night) i lost access to two servers
through SSH, because of change in SELinux policy - i have ssh there on
different port and now it's gone.
Which release? I also run ssh on an alternate port on one host, and
For the archive's sake:
https://plus.google.com/+GordonMessmer/posts/H5DuyP1LHPU?sfc=false
https://plus.google.com/+GordonMessmer/posts/eSe6iNmk1Fs?sfc=false
During testing, I found that under CentOS 7.2, the default storage
layout for software RAID5 was the worst possible configuration. 512k
On 01/18/2017 05:34 AM, Subscriber wrote:
Someone noticed something similar?
How is your storage arranged, and what kind of IO patterns do those VMs
have?
During recent testing, I found that the read performance of software
RAID volumes was worse under 7.3 than it was under 7.2. Most
On 01/15/2017 10:19 AM, Gregory P. Ennis wrote:
It seems apparent to me that a
better way to do what I wanted would be to have two wireless routers,
one wifi being controlled by the dhcpd server that assigns ip addresses
through it to known and trusted connections with one subnet, and the
other
On 01/15/2017 09:11 AM, Gregory P. Ennis wrote:
All I can say is that when I looked at the dhcpd.conf examples and read
the man pages as well as the explanations of how dhcpd works, we should
be able to use dhcpd for more than one subnet :
You can, provided they're on different physical
On 01/13/2017 07:07 AM, TE Dukes wrote:
I may have. If so, is there a way to undo it?
You can determine whether you've set the file's immutable attribute
using "lsattr". You can remove it using "chattr -i"
___
CentOS mailing list
On 01/13/2017 04:49 AM, TE Dukes wrote:
I changed ISPs and need to update name servers in resolv.conf.
...
I have Network Manager turned off and when I enable it , eth0 and eth1 have
no entries. I enabled it, added the connections, but still no changes.
If you want to use NetworkManager,
On 01/11/2017 05:22 AM, Tru Huynh wrote:
%post
# workaround required but should be handled by anaconda. imho
systemctl disable initial-setup-graphical.service
Has this been tested? My understanding is that systemctl doesn't work
in chroots, and can't be used in %post.
Regardless of that,
I tracked this down, eventually. Under RHEL/CentOS 7.2, the rootfs was
limited to the size of available memory. Under 7.3, there's an
artificial restriction of 50% of total system memory. The default size
of a VM under "virt-manager" is 1G, which creates a ~500MB rootfs in the
installer.
On 01/06/2017 07:11 AM, Nikolaos Milas wrote:
Any feedback regarding this "issue" and its possible repercussions
will be appreciated!
Probably none. That file indicates which Linux device file corresponds
to the (hdX) references in grub.cfg. I'm not really sure it's even used
under
401 - 500 of 1508 matches
Mail list logo