Re: [CentOS] Hardware Compatibility List (looking for a gigabit nic on RHEL4)

2008-07-13 Thread John R Pierce 

Jason Pyeron wrote:

Where should I start on my quest to find gigabit ethernet cards for all our
workstations?
  


Intel pro1000 cards or onboard chips.  



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Hardware Compatibility List (looking for a gigabit nic on RHEL4)

2008-07-13 Thread Jason Pyeron 


https://hardware.redhat.com/list.cgi?version=4&internal_whiteboard=Component/Per
ipheral has no results

https://hardware.redhat.com/list.cgi?product=Red+Hat+Hardware+Certification&quic
ksearch=ethernet has a few results for RHEL2.x and one for RHEL4.x on IA64.

Where should I start on my quest to find gigabit ethernet cards for all our
workstations?



--
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
-   -
- Jason Pyeron  PD Inc. http://www.pdinc.us -
- Principal Consultant  10 West 24th Street #100-
- +1 (443) 269-1555 x333Baltimore, Maryland 21218   -
-   -
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
 
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise private information. If you
have received it in error, purge the message from your system and
notify the sender immediately.  Any other use of the email by you 
is prohibited.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] madwifi on Centos 5.2, kernel 2.6.18-92.1.6.el5

2008-07-13 Thread Hendrik Strydom 
Any of these approaches will work.
There is a bug in madwifi (or at least a difference in opinion on RH
kernels) as per 
http://madwifi.org/ticket/1956
As documented there this requires a trivial source code change in order
to get the modules to compile.  
If your system already attempts to compile the module at boot time you
only need to make the change in the code found under /usr/src and all
should be well.  If not, compile it from madwifi source or an atrpms
source rpm as per your preference.

Regards
  Hendrik

On Sun, 2008-07-13 at 23:46 -0400, Kurt Hansen wrote:
> Hello,
> 
> I just installed Centos 5.2 on my wife's IBM thinkpad T41 with Atheros 
> wireless.
> 
> It looks like I need to install madwifi to get the wireless to work. Our 
> home wireless network uses WPA2
> 
> I found the EL5 rpms at atrpms, but there is no madwifi-kmdl rpms for 
> kernel 2.6.18-92.1.6.el5.
> 
> So, to get the wireless working on my home network, what's the shortest 
> path from here? Install madwifi from source (was part the way there but 
> discovered the rpms when I looked for the wpa_supplicant stuff)? Or, can 
> I use one of the other madwifi-kmdl rpms? Or, go back to an earlier kernel?
> 
> Thanks for your help!
> 
> Take care,
> 
> Kurt Hansen
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] madwifi on Centos 5.2, kernel 2.6.18-92.1.6.el5

2008-07-13 Thread Kurt Hansen 

Hello,

I just installed Centos 5.2 on my wife's IBM thinkpad T41 with Atheros 
wireless.


It looks like I need to install madwifi to get the wireless to work. Our 
home wireless network uses WPA2


I found the EL5 rpms at atrpms, but there is no madwifi-kmdl rpms for 
kernel 2.6.18-92.1.6.el5.


So, to get the wireless working on my home network, what's the shortest 
path from here? Install madwifi from source (was part the way there but 
discovered the rpms when I looked for the wpa_supplicant stuff)? Or, can 
I use one of the other madwifi-kmdl rpms? Or, go back to an earlier kernel?


Thanks for your help!

Take care,

Kurt Hansen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Ian Blackwell 

Lanny Marcus wrote:

Question: The next time I connect our Backup IPCop box, should I put
the 2 IP addresses for opendns.com there, or, the IP of our ADSL
Modem? Which will be faster? If I understand, you have the IP
addresses in your IPCop box and that bypasses your ADSL Modem.
TIA, Lanny
  
My advice is to forget DNS on the modem because it won't be more 
up-to-date than the cache on the IPCop server, so it won't serve any 
useful function.  Set the IPCop box to use the IP addresses provided by 
opendns.com.  It will cache DNS query results and contact the opendns 
servers when it needs to refresh expired data or get new data not 
already in the IPCop cache.  The modem can't help in this scenario, so 
leave it alone and bypass it by telling IPCop to go directly to opendns 
for DNS queries.


Cheers,

Ian



smime.p7s
Description: S/MIME Cryptographic Signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Lanny Marcus 
On Sun, Jul 13, 2008 at 6:11 PM, Ian Blackwell <[EMAIL PROTECTED]> wrote:

> If your ADSL modem can act as a DNS server, then you can point IPCop to that
> for DNS, but you can't point IPCop to itself (127.0.0.1) because it is only
> a proxy - not a full DNS server.  In my view, for DNS your IPCop box should
> be directed to:-
> 1) your ISP's DNS servers; or
> 2) public DNS servers; or
> 3) your ADSL modem which is using either of the above.
>
> As I've already mentioned in other replies on this topic, my IPCop server
> uses my ISP for DNS requests.  This means my ADSL modem is bypassed for DNS
> queries, but I'm not even sure if it could respond to DNS queries.

Ian: This is from the web interface of our ZTE ADSL Modem:

 DNS Server Configuration

If Enable Automatic Assigned DNS checkbox is selected, this router
will accept the first received DNS assignment from the PPPoA, PPPoE or
MER/DHCP enabled PVC(s) during the connection establishment. If the
checkbox is not selected, enter the primary and optional secondary DNS
server IP addresses. Click "Apply" to save it.
NOTE:   If changing from unselected Automatic Assigned DNS to selected Automatic
Assigned DNS, you must reboot the router to get the automatic assigned DNS
addresses.

Enable Automatic Assigned DNS


Primary DNS server: 

Last night, I put the IP addresses for the 2 DNS Servers at opendns.com there.

Question: The next time I connect our Backup IPCop box, should I put
the 2 IP addresses for opendns.com there, or, the IP of our ADSL
Modem? Which will be faster? If I understand, you have the IP
addresses in your IPCop box and that bypasses your ADSL Modem.
TIA, Lanny
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Lanny Marcus 
On Sun, Jul 13, 2008 at 6:11 PM, Ian Blackwell <[EMAIL PROTECTED]> wrote:

> My understanding is that IPCop provides a Caching DNS Proxy, not a Caching
> Name Server.  Being a proxy means it forwards any queries that it can't
> answer from it's own cache to full DNS Servers (caching or not).

I suspect you are correct, that it is a DNS Proxy and not a DNS
Server. I googled
site:ipcop.org caching+DNS+server and I see things that refer to DNS
Server and also
things that refer to DNS Proxy.

In the IPCop Administrative Manual, it says, "As well as Caching DNS
information from the Internet,
the DNS proxy on IPCop."

As I wrote a few minutes ago, the next time I hook up that IPCop box,
I will follow the instructions on opendns.com and see what happens.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How Do I Get Info About New RPMs in Major REPOs

2008-07-13 Thread John Thomas 

Kenneth Porter wrote:

I would like to know about new software (rpms) with a general description
as they become available in the major repos.
Most have an -announce mailing list. For CentOS, I use a procmail filter 
to put the package announcements for my version and arch in one Dovecot 
IMAP folder, and all the others in another folder.


Could I trouble you for a few examples/links?

--
Sincerely,
John Thomas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How Do I Get Info About New RPMs in Major REPOs

2008-07-13 Thread Kenneth Porter 
--On Sunday, July 13, 2008 7:59 AM -0700 John Thomas 
<[EMAIL PROTECTED]> wrote:



I would like to know about new software (rpms) with a general description
as they become available in the major repos.

Is there a way to get an RSS feed?


Most have an -announce mailing list. For CentOS, I use a procmail filter to 
put the package announcements for my version and arch in one Dovecot IMAP 
folder, and all the others in another folder.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Lanny Marcus 
On Sun, Jul 13, 2008 at 6:11 PM, Ian Blackwell <[EMAIL PROTECTED]> wrote:
> Lanny Marcus wrote:
> I am up and running on our normal IPCop box again. Last night, I changed the
> DNS Settings in the ADSL Modem, from using the DNS Servers at our local ISP,
> to those of opendns.com  and that probably will help a lot, until I can get
> IPCop configured properly for the Caching DNS Server.

> My understanding is that IPCop provides a Caching DNS Proxy, not a Caching
> Name Server.

You may be correct about that. Scott Silva tried this using IPCop on a
VM and it did work for him.
I googled for: IPCop+Caching+DNS and these are the first responses I got:

5. Services Menu
As well as caching DNS information from the Internet, the DNS proxy on
IPCop allows you to manually enter hosts whose address you want to
maintain locally. ...
www.ipcop.org/1.4.0/en/admin/html/services.html - 51k - Cached - Similar pages
IPCop History :: IPCop.org :: The bad packets stop here!
Digital Alpha (preliminary) - yes, IPCop runs on Alpha systems as well
as Intel ... Caching DNS; TCP/UDP Port Forwarding; External Service
Access Control ...
www.ipcop.org/index.php?module=pnWikka&tag=IPCopHistory - 26k - Cached
- Similar pages
More results from www.ipcop.org »
IPCop: An Overview
IPCop is a cut-down Linux distribution that is intended to operate as
a ... Caching DNS; TCP/UDP port forwarding; Intrusion detection system
(Snort) ...
www.securityfocus.com/infocus/1556 - 38k - Cached - Similar pages
[Technic] IPCOP
Now, if you use Morenet's DNS system.. consider changing your DHCP to
pass out the IPCOP's caching DNS server instead(but set ipcop itself
to use morenet's ...
lists.more.net/archives/technic/2005-July/009873.html - 10k - Cached -
Similar pages
'Re: [IPCop-devel] Regarding local (green) DNS and global (red ...
I flushed >the local DNS cache and restarted IPCop before testing in
each mode. I got >identical results in all modes - the DNS lookup
would be sucessfully ...
marc.info/?l=ipcop-devel&m=105698912708708&w=2 - 10k - Cached - Similar pages
z o r g . o r g - IPCop Firewall Review
IPCop offers an IPChains based firewall with DHCP server, caching DNS,
the Squid web proxy, Snort intrusion detection system, port
forwarding, ...
www.zorg.org/linux/ipcop.php - 25k - Cached - Similar pages

>  Being a proxy means it forwards any queries that it can't
> answer from it's own cache to full DNS Servers (caching or not).  Once it
> knows the answer it will cache it locally and return that answer to local
> users without contacting the DNS server again - as long as it is valid to do
> so based on the cache time set for that particular domain.  For exmaple, my
> domain's cache time is short because my server lives on a dynamic IP
> address, but google's cache time is long because their servers are on static
> IP addresses and caching for a long time is safe for the DNS client to do
> (no need to query often because the servers aren't moving).
>
> If your ADSL modem can act as a DNS server,

I don't think so, but I will log onto it and see if I can find
anything about it being able to do that.

 >then you can point IPCop to that
> for DNS, but you can't point IPCop to itself (127.0.0.1) because it is only
> a proxy - not a full DNS server.  In my view, for DNS your IPCop box should
> be directed to:-
> 1) your ISP's DNS servers; or

We stopped using the DNS Servers at my ISP last night. I switched the
settings in the ADSL Modem to use the DNS at opendns.com and that will
eliminate the DNS problems we had, when using the DNS Servers at our
ISP.

> 2) public DNS servers; or

Now using opendns.com  as I mentioned above.

> 3) your ADSL modem which is using either of the above.

On this URL: 
They have the below informaion:

Enable OpenDNS: Unix/Linux IPCop firewall

Get Started > Change DNS on your server > Instructions
Overview

   1. Log in as root and run setup.
   2. Select the Networking option and select OK.
   3. In Network configuration menu, select DNS and Gateway settings
and select OK.
   4. In the DNS and Gateway settings screen, enter the OpenDNS
nameserver addresses. Leave the Gateway value alone. Select OK.
   5. Back on the Network Configuration menu, select Done.
   6. Watch the Pushing Network down... message.
   7. Watch the Pulling Network up... message.
   8. At the Selection menu, press Quit to exit the setup program.

They have information for bind  dnscache and IPCop
I think my next attempt will be to follow the above instructions and
see if I then have DNS!

> As I've already mentioned in other replies on this topic, my IPCop server
> uses my ISP for DNS requests.  This means my ADSL modem is bypassed for DNS
> queries, but I'm not even sure if it could respond to DNS queries.  Even if
> it could, since the IPCop is a caching proxy, it will keep the query results
> as long as it is entitled to before re-querying the real DNS server again.
> Using the ADSL modem won't help here bec

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Ian Blackwell 

Lanny Marcus wrote:
I am up and running on our normal IPCop box again. Last night, I 
changed the DNS Settings in the ADSL Modem, from using the DNS Servers 
at our local ISP, to those of opendns.com   and 
that probably will help a lot, until I can get  IPCop configured 
properly for the Caching DNS Server.
My understanding is that IPCop provides a Caching DNS *Proxy*, not a 
Caching Name Server.  Being a proxy means it forwards any queries that 
it can't answer from it's own cache to full DNS Servers (caching or 
not).  Once it knows the answer it will cache it locally and return that 
answer to local users without contacting the DNS server again - as long 
as it is valid to do so based on the cache time set for that particular 
domain.  For exmaple, my domain's cache time is short because my server 
lives on a dynamic IP address, but google's cache time is long because 
their servers are on static IP addresses and caching for a long time is 
safe for the DNS client to do (no need to query often because the 
servers aren't moving).


If your ADSL modem can act as a DNS server, then you can point IPCop to 
that for DNS, but you can't point IPCop to itself (127.0.0.1) because it 
is only a proxy - not a full DNS server.  In my view, for DNS your IPCop 
box should be directed to:-

1) your ISP's DNS servers; or
2) public DNS servers; or
3) your ADSL modem which is using either of the above.

As I've already mentioned in other replies on this topic, my IPCop 
server uses my ISP for DNS requests.  This means my ADSL modem is 
bypassed for DNS queries, but I'm not even sure if it could respond to 
DNS queries.  Even if it could, since the IPCop is a caching proxy, it 
will keep the query results as long as it is entitled to before 
re-querying the real DNS server again.  Using the ADSL modem won't help 
here because it can't cache any longer than the IPCop box can, so it 
will have to query the real DNS server in this situation.  My view is 
you might as well make the IPCop do that in one step - why involve the 
modem?


Regards,

Ian


smime.p7s
Description: S/MIME Cryptographic Signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum remove from stdout

2008-07-13 Thread Kenneth Burgener 

On 7/13/2008 10:43 AM, William L. Maltby wrote:

On Sun, 2008-07-13 at 11:21 -0500, Johnny Hughes wrote:

OR ...

yum remove `cat result`


The winner! And if running a modern bash

  yum remove $(cat result)



Interesting.  According to the bash man page `command` and $(command) 
are slightly different (in regards to backslashes).  I always assumed 
they were identical in every way.



Command Substitution

Command substitution allows the output of a command to replace the 
command name.  There are two forms:


  $(command)
   or
  ‘command‘

Bash performs the expansion by executing command and replacing the 
command substitution with the standard output of  the  command,  with 
any trailing newlines deleted.


...

*When  the  old-style  backquote form of substitution is used, backslash 
retains its literal meaning except when followed by $, ‘,  or  \.*   The
first backquote not preceded by a backslash terminates the command 
substitution.  When using the $(command) form, all characters between 
the parentheses make up the command; none are treated specially.




Kenneth
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Paul wrote:

On Sun, 2008-07-13 at 22:23 +0200, Rainer Duffner wrote:
  

Am 13.07.2008 um 22:14 schrieb Ryan Nichols:



Johnny Hughes wrote:
  
If it works ok on the old kernel, it should also work OK on the new  
one.




Not if it's a binary-driver...




I'm familiar with the card & driver ... it's a binary blob with a bit of
source to glue it to the kernel.   The card is also fakeraid rather than
real raid ... more trouble than it's worth.

Paul

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

  
So its junk? What would you recommend we move to then?  Wont that be 
messy on the card change to another raid5 set?


Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] using new sysconfig file

2008-07-13 Thread Ian Blackwell 

Kai Schaetzl wrote:
Thanks for the hint. It was the CRLF sequence from creating the file on a 
Windows machine. I haven't had a problem with this in a long time, bash 
scripts etc. work fine, no matter if LF or CRLF is used, but it seems to 
make a difference when including a file.


  

Glad to hear :-)
BTW: Postgrey recommend a maximum delay of 300.  Is there a reason 
you're using 660?



It's the default and been the default since postgrey saw the light of day, 
but I wouldn't deem it "recommended". ;-) I've been doing greylisting 
(with sendmail) for many years and started out with ten minutes. 
  
You're history with greylisting eclipses my recent foray into the field, 
so I bow to your experience.  I took the 300 from the CentOS HowTo where 
they write:-
Setting your delay to values larger than 300 Seconds ( 5 Minutes 
) is really not recommended.
This has 
proven to be quite successful, but there is a growing number of spammers 
that come back after exactly ten minutes, so I'm moving it up to 11 
minutes on new machines. I doubt that 5 minutes gives any advantage in 
terms of faster turnaround time for ham messages. Most MTAs retry after 15 
or 30 minutes, I would actually consider an MTA that retries after only 5 
minutes a bit rude.


  
I started my delay at 60 seconds as the how-to suggests, and have moved 
it up to 300 now.  If your experience suggests 660, then I'll try that 
next ;-)


Anything to kill Spam is cool in my book 8-)

Ian


smime.p7s
Description: S/MIME Cryptographic Signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Paul 

On Sun, 2008-07-13 at 22:23 +0200, Rainer Duffner wrote:
> Am 13.07.2008 um 22:14 schrieb Ryan Nichols:
> 
> > Johnny Hughes wrote:
> >>
> >>
> >> If it works ok on the old kernel, it should also work OK on the new  
> >> one.
> >>
> 
> 
> Not if it's a binary-driver...
> 

I'm familiar with the card & driver ... it's a binary blob with a bit of
source to glue it to the kernel.   The card is also fakeraid rather than
real raid ... more trouble than it's worth.

Paul

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Understanding iptables

2008-07-13 Thread Spiro Harvey, Knossos Networks Ltd 

 > Could you post /etc/sysconfig/iptables?
 /etc/sysconfig/iptables doesn't necessarily reflect what is running
 right now, and you can't include the counters with it.

> I'm not interested in the counters  I want to see how the rules are

I think he's trying to tell you that any changes made since the *last* 
write to /etc/sysconfig/iptables won't be reflected in that file. Or 
rather, what if that file has been written to, but not read from? The 
fact remains that "iptables -L" is more useful because it is a live state.


In fact, I've got a few machines where all my rules are only kept in 
running memory. They're all activated/reactivated/modified using 
scripts. No state is stored on disk.



[snip]
Chain RH-Firewall-1-INPUT (2 references)
target prot opt source   destination
ACCEPT all  --  anywhere anywhere
[/snip]
What are we accepting here?  All packets?  If this is the case then there is 
no need for the rest of the rules in this chain.


depends on the INPUT rule that references this. but yes, once a packet 
has been filtered to get here, then it will be accepted.


see? you can read this output.




--
Spiro Harvey  Knossos Networks Ltd
021-295-1923www.knossos.net.nz

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread nate 
Ryan Nichols wrote:

> We're trying to get support from a 3rd party software we use and they
> are insiting we goto the current versions of everything for there
> software before they'll move forward on the support.

In that case I would reproduce the problem on another system
that doesn't have the strange RAID controller, and on the most
up to date software. If you can troubleshoot it there, get the fix
and apply it to the system they won't "support".

It seems pretty common with folks and Red Hat /CentOS. They buy
red hat for a few high value target systems, and get support on
them and use CentOS for the rest, or some other RHEL offshoot.
If they have a problem on CentOS they repro it on RHEL and if
they can they can get a fix from Red Hat.

Not the most honest thing to do in my opinion but it is an option
in many cases.

nate


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Problem with Bonding Driver

2008-07-13 Thread nate 
Art Age Software wrote:

> Yes, indeed. I have successfully changed both the primary interface
> and the miimon value **while the interface is up** by directly writing
> to the /sys/class/net/bondX/bonding/{Key} files. Changing the bonding
> mode is not allowed while the interface is up (probably a good thing).

Out of curiosity only, why do you care which is the primary interface?
I have been using bonding for several years now and it's never
concerned me. I have a pair of switches(active-active) that the
system(s) are plugged into, and it doesn't matter which link or which
switch they use, they'll always have connectivity. The switches themselves
have two pairs of active/passive uplinks to the "core" switches, as well.
If one of those links were to fail the core switches fail over, providing
maximum bandwidth and availability.

I can see the need for different bonding methods, though to-date for
me at least I've only used active-passive in linux. I do use active-active
(usually 4 links going to two different switches) in VMWare ESX.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

nate wrote:

Ryan Nichols wrote:

  

and if i go back to grub take the old kernel its happy..
werid..



Sounds like you should just stick to the old kernel, what's in
the new kernel that you need anyways? Is the system in a secure
place?(e.g. separate firewall protecting it, not directly on
the internet, don't have untrusted users logging in).

If so, then you really have little to worry about, there is not
much interesting things released in the newer minor version releases
of the kernel in RHEL/CentOS. It's that way on purpose.

In my experience having all your systems completely up to date is
rare. The environment I stepped into a few months ago for example
is running RHEL 4 Update 1 for the most part. They still run windows
2000 on several systems, and I don't think they've patched them
recently. But the nature of the environment and the users that
interact on it don't keep me up at night like a system directly
connected to the internet with untrusted users. It'll probably
take me the next 6 months to get everything more up to date in
this particular environment, it has a lot of interdependencies.
And by that point it should be easier to manage going forward,
but we'll still probably won't install updates sooner than
a month or two after they come out in general because that stuff
takes time to test and deploy.

Hopefully your not in a situation where you have untrusted users,
if so you should replace the hardware with something that is
better supported, or abstract the exposure to the system with
something like virtualization, certainly not perfect but it's
better then nothing, it will help dramatically against the
most common, casual attacks.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

  
We're trying to get support from a 3rd party software we use and they 
are insiting we goto the current versions of everything for there 
software before they'll move forward on the support.


Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread nate 
Ryan Nichols wrote:

> and if i go back to grub take the old kernel its happy..
> werid..

Sounds like you should just stick to the old kernel, what's in
the new kernel that you need anyways? Is the system in a secure
place?(e.g. separate firewall protecting it, not directly on
the internet, don't have untrusted users logging in).

If so, then you really have little to worry about, there is not
much interesting things released in the newer minor version releases
of the kernel in RHEL/CentOS. It's that way on purpose.

In my experience having all your systems completely up to date is
rare. The environment I stepped into a few months ago for example
is running RHEL 4 Update 1 for the most part. They still run windows
2000 on several systems, and I don't think they've patched them
recently. But the nature of the environment and the users that
interact on it don't keep me up at night like a system directly
connected to the internet with untrusted users. It'll probably
take me the next 6 months to get everything more up to date in
this particular environment, it has a lot of interdependencies.
And by that point it should be easier to manage going forward,
but we'll still probably won't install updates sooner than
a month or two after they come out in general because that stuff
takes time to test and deploy.

Hopefully your not in a situation where you have untrusted users,
if so you should replace the hardware with something that is
better supported, or abstract the exposure to the system with
something like virtualization, certainly not perfect but it's
better then nothing, it will help dramatically against the
most common, casual attacks.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Rainer Duffner wrote:


Am 13.07.2008 um 22:14 schrieb Ryan Nichols:


Johnny Hughes wrote:



If it works ok on the old kernel, it should also work OK on the new 
one.





Not if it's a binary-driver...






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/cen


ata1.00: status { DRDY }   over and over

No idea what i broke..




You upgraded the kernel...


Seriously - if this driver is not included in the vanilla- or 
distribution-kernel, get the heck rid of it (the hardware).

With very few exceptions it's usually not worth the trouble.
One of these exceptions is Areca (don't know if the driver is in now 
RHEL/CentOS) - the guy maintaining the driver at Areca actually 
responds to email enquiries.

But then, they distribute source and not BLOBs.




cheers,
Rainer




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


ata1.00 cmd c8/00:08:00:00:00:/00:00:00:00/E0 tag 0 dma 4096 in
ata1.00 status: {DRDY}
ata1.execption Emask 0x0 SAct 0x0 SErr 0x0 action 0x2 frozen

and it keeps going and going until it hits Buffer I/O error on device 
sdc, logical block 0


and if i go back to grub take the old kernel its happy..
werid..

Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Rainer Duffner wrote:


Am 13.07.2008 um 22:14 schrieb Ryan Nichols:


Johnny Hughes wrote:



If it works ok on the old kernel, it should also work OK on the new 
one.





Not if it's a binary-driver...






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/cen


ata1.00: status { DRDY }   over and over

No idea what i broke..




You upgraded the kernel...


Seriously - if this driver is not included in the vanilla- or 
distribution-kernel, get the heck rid of it (the hardware).

With very few exceptions it's usually not worth the trouble.
One of these exceptions is Areca (don't know if the driver is in now 
RHEL/CentOS) - the guy maintaining the driver at Areca actually 
responds to email enquiries.

But then, they distribute source and not BLOBs.




cheers,
Rainer




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Thats the point Im at, but the man who pays for this hardware wants us 
to make this work because we already own it and it works until we 
attempt an upgrade of the kernel .. So i guess its onto tech support 
with HighPoint RocketRaid...


Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Ralph Angenendt 
William L. Maltby wrote:
> Q: since you have seen me on here for a long time and know that I am
> generally observant of the courtesies, would you have "shouted" at me in
> the same way?

Yes, sure.

> Your answer should provide insight to future hapless victims of your
> wrath. :-)

Ah, wrath would have been removal from the list without notice >:)

Ralph


pgpPvxw05MC8E.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Rainer Duffner 


Am 13.07.2008 um 22:14 schrieb Ryan Nichols:


Johnny Hughes wrote:



If it works ok on the old kernel, it should also work OK on the new  
one.





Not if it's a binary-driver...






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/cen


ata1.00: status { DRDY }   over and over

No idea what i broke..




You upgraded the kernel...


Seriously - if this driver is not included in the vanilla- or  
distribution-kernel, get the heck rid of it (the hardware).

With very few exceptions it's usually not worth the trouble.
One of these exceptions is Areca (don't know if the driver is in now  
RHEL/CentOS) - the guy maintaining the driver at Areca actually  
responds to email enquiries.

But then, they distribute source and not BLOBs.




cheers,
Rainer




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Could not start X window

2008-07-13 Thread Nikolay Ulyanitsky 
Try to install CentOS 5.2. It has updated video drivers.

On Mon, 2008-06-23 at 17:09 +1000, hce wrote:
> You are right, the CentOS version 5 does not support the video driver
> of the Intel graphic chipset. The FC9 works fine. Now the question is
> where can I download video driver for CentOS 5? Or, is there anything
> I can do to work around to resolve this problem? I have to use this
> version of CentOS which our development was based on.
> 

-- 
Nikolay Ulyanitsky <[EMAIL PROTECTED]>

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Problem with Bonding Driver

2008-07-13 Thread Art Age Software 
>Very interesting.
>
>Looking under the hood, it's actually handled by the
>/etc/sysconfig/network-scripts/ifup-eth script, which writes the
>values to the pseudo-files under /sys/class/net/bondX/bonding/, so
>there you go, another way to change that dinamically without having to
>restart the interface. Would you be kind to see if you can change the
>primary "on-the-fly" using this method?
>
>Thanks,
>Filipe

Yes, indeed. I have successfully changed both the primary interface
and the miimon value **while the interface is up** by directly writing
to the /sys/class/net/bondX/bonding/{Key} files. Changing the bonding
mode is not allowed while the interface is up (probably a good thing).

This is a great improvement over previous incarnations of Red Hat
bonding support. I have even successfully configured two bonds on the
same machine using different bonding modes for each. VERY useful!

Sam
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Johnny Hughes wrote:

Ryan Nichols wrote:

Johnny Hughes wrote:

Ryan Nichols wrote:
Ok, I've got a RocketRAID 2300 and when i do the update of the 
kernel it breaks the raid card since the OS is on the raid card 
itself, i need to install the driver into the new kernel.. Whats 
the best way to do this? I am reading the manual from the 
manufacter, but i dont see anything as to a new kernel upgrade.




If the kernel module is built from an external driver, you can just 
copy it to it's place in the new kernel path and then run the command:


depmod -a 

also need to rerun mkinitd like this:

mkinitrd /boot/initrd-.img 
  
Ok, I used -f to get around that.. but now it hates my raid 
controller and is throwing all kinds of errors...


If it works ok on the old kernel, it should also work OK on the new one.






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/cen
  

ata1.00: status { DRDY }   over and over

No idea what i broke..

Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread William L. Maltby 

On Sun, 2008-07-13 at 21:41 +0200, Ralph Angenendt wrote:
> William L. Maltby wrote:
> > It wasn't a bad thing to do. IMO the bad thing to do was for someone to
> > "rebuke" you in such a "short" manner when you had made the list aware
> > of your "noobiness". 
> 
> Had I seen your attachement first (which somehow got around me), you
> would have gotten "the notice". That has nothing to do with "noobiness"
> or not, just with common sense: One does not send large mails/files to
> thousands of users. At least not via public mailing lists.

"Common sense" is almost always derived from the experience of those who
have it. Some things a plumber would consider common sense would be
beyond the ken of you and me, I imagine.

Same here in the virtual world. In fact, probably worse. A plumber has a
relatively smaller knowledge base to digest. And a relatively smaller
selection of sources for that knowledge.

So I take the approach that unless someone is an obvious repeat
offender, or just doesn't care, I cut them some slack and approach them
as I would like to be approached if I was new to the venue.

But that's just me. I don't expect others to adhere to my standards.

> 
> And yes, I was astonished that the list even allowed mails that large.

<*chuckle*> "That large"? I'd *almost* bet I'd seen regular posts in
some of our longer threads (mostly careening OT severely) that were
larger just because folks are too damn lazy to snip.

Q: since you have seen me on here for a long time and know that I am
generally observant of the courtesies, would you have "shouted" at me in
the same way?

Your answer should provide insight to future hapless victims of your
wrath. :-)

> 
> Ralph
> 

-- 
Bill

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Johnny Hughes wrote:

Ryan Nichols wrote:

Johnny Hughes wrote:

Ryan Nichols wrote:
Ok, I've got a RocketRAID 2300 and when i do the update of the 
kernel it breaks the raid card since the OS is on the raid card 
itself, i need to install the driver into the new kernel.. Whats 
the best way to do this? I am reading the manual from the 
manufacter, but i dont see anything as to a new kernel upgrade.




If the kernel module is built from an external driver, you can just 
copy it to it's place in the new kernel path and then run the command:


depmod -a 

also need to rerun mkinitd like this:

mkinitrd /boot/initrd-.img 
  
Ok, I used -f to get around that.. but now it hates my raid 
controller and is throwing all kinds of errors...


If it works ok on the old kernel, it should also work OK on the new one.






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
  
No idea, it says the OS drive is corrupt,all kinds of errors.. i hate 
this install that was recommended of putting the stupid OS on the 
rocketraid card for this very reason..



Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Ralph Angenendt 
William L. Maltby wrote:
> It wasn't a bad thing to do. IMO the bad thing to do was for someone to
> "rebuke" you in such a "short" manner when you had made the list aware
> of your "noobiness". 

Had I seen your attachement first (which somehow got around me), you
would have gotten "the notice". That has nothing to do with "noobiness"
or not, just with common sense: One does not send large mails/files to
thousands of users. At least not via public mailing lists.

And yes, I was astonished that the list even allowed mails that large.

Ralph


pgpbDaiIyM4iB.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Johnny Hughes 

Ryan Nichols wrote:

Johnny Hughes wrote:

Ryan Nichols wrote:
Ok, I've got a RocketRAID 2300 and when i do the update of the kernel 
it breaks the raid card since the OS is on the raid card itself, i 
need to install the driver into the new kernel.. Whats the best way 
to do this? I am reading the manual from the manufacter, but i dont 
see anything as to a new kernel upgrade.




If the kernel module is built from an external driver, you can just 
copy it to it's place in the new kernel path and then run the command:


depmod -a 

also need to rerun mkinitd like this:

mkinitrd /boot/initrd-.img 
  
Ok, I used -f to get around that.. but now it hates my raid controller 
and is throwing all kinds of errors...


If it works ok on the old kernel, it should also work OK on the new one.






signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Johnny Hughes wrote:

Ryan Nichols wrote:
Ok, I've got a RocketRAID 2300 and when i do the update of the kernel 
it breaks the raid card since the OS is on the raid card itself, i 
need to install the driver into the new kernel.. Whats the best way 
to do this? I am reading the manual from the manufacter, but i dont 
see anything as to a new kernel upgrade.




If the kernel module is built from an external driver, you can just 
copy it to it's place in the new kernel path and then run the command:


depmod -a 

also need to rerun mkinitd like this:

mkinitrd /boot/initrd-.img 



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
  
Ok, I used -f to get around that.. but now it hates my raid controller 
and is throwing all kinds of errors...


Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 

Johnny Hughes wrote:

Ryan Nichols wrote:
Ok, I've got a RocketRAID 2300 and when i do the update of the kernel 
it breaks the raid card since the OS is on the raid card itself, i 
need to install the driver into the new kernel.. Whats the best way 
to do this? I am reading the manual from the manufacter, but i dont 
see anything as to a new kernel upgrade.




If the kernel module is built from an external driver, you can just 
copy it to it's place in the new kernel path and then run the command:


depmod -a 

also need to rerun mkinitd like this:

mkinitrd /boot/initrd-.img 



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
  

First command, no error.. 2nd command said image already exists?

Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Johnny Hughes 

Ryan Nichols wrote:
Ok, I've got a RocketRAID 2300 and when i do the update of the kernel it 
breaks the raid card since the OS is on the raid card itself, i need to 
install the driver into the new kernel.. Whats the best way to do this? 
I am reading the manual from the manufacter, but i dont see anything as 
to a new kernel upgrade.




If the kernel module is built from an external driver, you can just copy 
it to it's place in the new kernel path and then run the command:


depmod -a 

also need to rerun mkinitd like this:

mkinitrd /boot/initrd-.img 



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Kernel Upgrade and RAID Card

2008-07-13 Thread Ryan Nichols 
Ok, I've got a RocketRAID 2300 and when i do the update of the kernel it 
breaks the raid card since the OS is on the raid card itself, i need to 
install the driver into the new kernel.. Whats the best way to do this? 
I am reading the manual from the manufacter, but i dont see anything as 
to a new kernel upgrade.


Thanks,
Ryan Nichols

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Cluster: understanding virtual IP

2008-07-13 Thread Les Mikesell 

John R Pierce wrote:


 

Okay, I found that ifconfig does not show the virtual IP address



Are you sure?

These are interface aliases, they should show up as a "different"
interface such as eth0:0 or eth0:1. If you run "ifconfig" without any
parameters, doesn't it show up?
  


with the IP stack in Linux as of kernel 2.4.something, and the 'ip' 
command, virtual addresses no longer need be associated with virtual 
interfaces like eth0:1, instead you can `ip addr add eth0 a.b.c.d`


the ifconfig command, written back in the stone ages, is blissfully 
unaware of this.  it really should be deprecated in favor of `ip addr`


Where is the best documentation on how the ip capabilities map to the 
files in /etc/sysconfig/network-scripts?  Do you have to use the eth0:n 
syntax there?  Also, isn't there some way to describe up vlan trunks and 
subinterfaces there?


--
  Les Mikesell
   [EMAIL PROTECTED]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread William L. Maltby 

On Sun, 2008-07-13 at 11:57 -0500, Lanny Marcus wrote:
> On 7/13/08, William L. Maltby <[EMAIL PROTECTED]> wrote:
> >> again. Lanny
> >
> > FYI: When you have a large thing to post publicly there are sites such
> > as http://pastebin.com/ and others. Googling will get you some.
> > Bill
> 
> Bill: You'd attached your file, Friday night. I attached mine, when I
> replied. That was a *bad* thing to do and if I need to  post something
> public in the future, I will try to remember pastebin. Lanny

It wasn't a bad thing to do. IMO the bad thing to do was for someone to
"rebuke" you in such a "short" manner when you had made the list aware
of your "noobiness". But that's really irrelevant and I'm not in the
habit of telling others how to behave. Their mommies raised them, not
me. Their personal problems are theirs and will not become mine.

Having said that, I sense an emotional current underlying your reply, so
I'll offer the below. If I read incorrectly I apologize in advance for
the below.

First, *I* had no problem with your post and was not aware that you
would post back with a snapshot, regardless of size. So don't take
umbrage at my suggestion. It was in good spirit and posted so that you
wouldn't have to hear posts from Ralph et al in the future, but could
still make large attachments available to the community as the need
arises.

Second, my post of the attachment has nothing to do with the response
from the list. Mine was much smaller (appx. 100K, which I checked
first). Generally the list has not expressed problems in the past with
smaller attachments and it never occurred to me that a problem would
result or I would have warned you. Being a *long* time user of various
net-centric resources, I already knew to check my size first and that is
why I sent only a partial snapshot of the whole screen.

Typically users, like myself, forget that other newer users need to be
advised of such things. *shrug* I will say that my style often varies
from theirs when I feel the need to help a newer user "learn the ropes".

I have more I could say, but I'll just end it with this. Chalk it up to
learning curve, let the emotional aspects of the *apparent* rebuke slide
and "sailor on". No harm done unless you let it eat at you. Remember
there are "brusque" personalities generally associated with lists such
as this.

Keep the emotional responses reserved for those who matter - the VIPs -
not the folks on lists such as this.

> 
> >I've attached a partial snapshot of what you should see in your browser
> > when you got into IPCop. System->updates.
>  >IPCopSnap.png
> 

-- 
Bill

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can an ISO be specified allow mount "setsebool -P allow_mount_iso=1" insted of "setsebool -P allow_mount_anyfile=1" SE context samba share

2008-07-13 Thread Frank Murphy 
On Sun, 2008-07-13 at 11:49 -0400, Filipe Brandenburger wrote:
> Hi,
> 
> Please try to be more specific about what you are trying to do, how
> you are trying to do it, what you expected, what is going wrong, and
> what you tried to do to repair it. Your previous mail looks like the
> output of a tool, I don't even know which. Knowing that would help
> solve your issue.

tool: setroubleshoot.noarch :: gui helps solve selinux problesm either
Redhat\Fedora epel or rpmforge d\l

> 
> >From what I see, you are trying to mount an .iso file in a target
> directory inside Samba's tree, and SELinux is denying that (with the
> AVC you showed on your original message).

The 4 isos are shared to Fedora clients using samba, everyfile under the
shared main mountpoint has SElinux samba shared context.


> 
> SELinux complains because the target directory is not marked with the
> "mnt_t" type and, for security, it restricts mounting filesystems only
> to directories with that type.
> 

That is probably what I'm looking for

> To change that, you could use "chcon" to set the type to the directory
> where you want to mount your iso.
> 
> # chcon -t mnt_t /path/to/mountpoint
> # mount -o loop,ro /path/to/iso/Fedora.iso /path/to/mountpoint
> 
> You can use ls -Z (or if it's a directory ls -dZ) to verify the
> SELinux user:role:type of the file.
> 
> Please let us know how that works for you.
> 

Will give a good check in the am.

> HTH,
> Filipe

Frank

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Lanny Marcus 
On 7/11/08, Scott Silva <[EMAIL PROTECTED]> wrote:

> I just played with one of my test vmware ipcop images and set it to dhcp on
> our internal network (which should simulate your natted connection through
> your adsl modem) for the red interface and I was able to dig +trace
> google.com
> with proper answers. So it is possible to get it working unless your ISP
> blocks DNS queries to anywhere else but their own servers.

Scott: There are probably one or two configuration settings that I do
not have correct at this time. That is why I am testing this on our
Backup IPCop box.

You got this to work, so it will work for me, if & when I get the
configuration settings correct. Question: Do I need to put something
in the hosts file? At the moment, I cannot use that IPCop box to surf,
because there is no name resolution. TIA! Lanny
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Lanny Marcus 
On 7/13/08, William L. Maltby <[EMAIL PROTECTED]> wrote:
>> again. Lanny
>
> FYI: When you have a large thing to post publicly there are sites such
> as http://pastebin.com/ and others. Googling will get you some.
> Bill

Bill: You'd attached your file, Friday night. I attached mine, when I
replied. That was a *bad* thing to do and if I need to  post something
public in the future, I will try to remember pastebin. Lanny

>I've attached a partial snapshot of what you should see in your browser
> when you got into IPCop. System->updates.
 >IPCopSnap.png
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum remove from stdout

2008-07-13 Thread William L. Maltby 

On Sun, 2008-07-13 at 11:21 -0500, Johnny Hughes wrote:
> Kenneth Burgener wrote:
> > On 7/13/2008 8:50 AM, David Hláčik wrote:
> >> Hello, little tricky question :
> >>  
> >> i have a file of packages for removal , which looks like that :
> >>  
> >> atk libart_lgpl libXfixes audiofile libXcursor libxslt alsa-lib esound  
> >> how to , provide that file to yum, using pipe, or redirect does not work
> >>  
> >> cat result | yum remove ..
> > 
> > 
> > Try the xargs command:
> > 
> > cat result | xargs yum remove
> 
> OR ...
> 
> yum remove `cat result`

The winner! And if running a modern bash

  yum remove $(cat result)

> 

-- 
Bill

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum remove from stdout

2008-07-13 Thread Johnny Hughes 

Kenneth Burgener wrote:

On 7/13/2008 8:50 AM, David Hláčik wrote:

Hello, little tricky question :
 
i have a file of packages for removal , which looks like that :
 
atk libart_lgpl libXfixes audiofile libXcursor libxslt alsa-lib esound  
how to , provide that file to yum, using pipe, or redirect does not work
 
cat result | yum remove ..



Try the xargs command:

cat result | xargs yum remove


OR ...

yum remove `cat result`



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Cluster: understanding virtual IP

2008-07-13 Thread John R Pierce 

Filipe Brandenburger wrote:

On Sun, Jul 13, 2008 at 10:56 AM, Dirk H. Schulz
<[EMAIL PROTECTED]> wrote:
  

Okay, I found that ifconfig does not show the virtual IP address



Are you sure?

These are interface aliases, they should show up as a "different"
interface such as eth0:0 or eth0:1. If you run "ifconfig" without any
parameters, doesn't it show up?
  


with the IP stack in Linux as of kernel 2.4.something, and the 'ip' 
command, virtual addresses no longer need be associated with virtual 
interfaces like eth0:1, instead you can `ip addr add eth0 a.b.c.d`


the ifconfig command, written back in the stone ages, is blissfully 
unaware of this.  it really should be deprecated in favor of `ip addr`



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Cluster: understanding virtual IP

2008-07-13 Thread Filipe Brandenburger 
On Sun, Jul 13, 2008 at 10:56 AM, Dirk H. Schulz
<[EMAIL PROTECTED]> wrote:
> Okay, I found that ifconfig does not show the virtual IP address

Are you sure?

These are interface aliases, they should show up as a "different"
interface such as eth0:0 or eth0:1. If you run "ifconfig" without any
parameters, doesn't it show up?

Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can an ISO be specified allow mount "setsebool -P allow_mount_iso=1" insted of "setsebool -P allow_mount_anyfile=1" SE context samba share

2008-07-13 Thread Filipe Brandenburger 
Hi,

Please try to be more specific about what you are trying to do, how
you are trying to do it, what you expected, what is going wrong, and
what you tried to do to repair it. Your previous mail looks like the
output of a tool, I don't even know which. Knowing that would help
solve your issue.

>From what I see, you are trying to mount an .iso file in a target
directory inside Samba's tree, and SELinux is denying that (with the
AVC you showed on your original message).

SELinux complains because the target directory is not marked with the
"mnt_t" type and, for security, it restricts mounting filesystems only
to directories with that type.

To change that, you could use "chcon" to set the type to the directory
where you want to mount your iso.

# chcon -t mnt_t /path/to/mountpoint
# mount -o loop,ro /path/to/iso/Fedora.iso /path/to/mountpoint

You can use ls -Z (or if it's a directory ls -dZ) to verify the
SELinux user:role:type of the file.

Please let us know how that works for you.

HTH,
Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum remove from stdout

2008-07-13 Thread Filipe Brandenburger 
On Sun, Jul 13, 2008 at 11:16 AM, Ray Van Dolson <[EMAIL PROTECTED]> wrote:
> You could probably also do something like:
>
>  # for line in `cat packages.txt`; do echo remove $line >> yumshell.txt; done
>  # echo run >> yumshell.txt
>  # yum shell yumshell.txt

Or, without the tempfile and in one line:

# { for line in `cat packages.txt`; do echo remove "$line"; done; echo
run; } | yum shell

> That might be a bit faster as it'll only do the dep-solving one time.

Not really. "xargs" will by default call yum remove with a long line
of parameters. It will only break that into multiple commands if the
line is too long (too many parameters or too many characters). man
xargs for the details, see the -n and -s parameters.

Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum remove from stdout

2008-07-13 Thread Ray Van Dolson 
On Sun, Jul 13, 2008 at 09:02:44AM -0600, Kenneth Burgener wrote:
> On 7/13/2008 8:50 AM, David Hláčik wrote:
>> Hello, little tricky question :
>>  i have a file of packages for removal , which looks like that :
>>  atk libart_lgpl libXfixes audiofile libXcursor libxslt alsa-lib esound  
>> how to , provide that file to yum, using pipe, or redirect does not work
>>  cat result | yum remove ..
>
>
> Try the xargs command:
>
> cat result | xargs yum remove
>

You could probably also do something like:

  # for line in `cat packages.txt`; do echo remove $line >> yumshell.txt; done
  # echo run >> yumshell.txt
  # yum shell yumshell.txt

That might be a bit faster as it'll only do the dep-solving one time.

Ray
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How Do I Get Info About New RPMs in Major REPOs

2008-07-13 Thread Kenneth Burgener 

On 7/13/2008 8:59 AM, John Thomas wrote:
I would like to know about new software (rpms) with a general 
description as they become available in the major repos.


Currently, I run "yum --enablerepo=* list recent" in cron.daily, but it 
does not provide a description.


The following will cycle through the recently added packages, and then 
output the description for each package.  You could then have this 
mailed to you, or what ever you do with your cron job.


 yum -q list recent | cut -f 1 -d ' ' | grep -v "Recently" \
   | xargs -L 1 yum -q info




Kenneth
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum remove from stdout

2008-07-13 Thread Kenneth Burgener 

On 7/13/2008 8:50 AM, David Hláčik wrote:

Hello, little tricky question :
 
i have a file of packages for removal , which looks like that :
 
atk libart_lgpl libXfixes audiofile libXcursor libxslt alsa-lib esound 
 
how to , provide that file to yum, using pipe, or redirect does not work
 
cat result | yum remove ..



Try the xargs command:

cat result | xargs yum remove



Kenneth
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] How Do I Get Info About New RPMs in Major REPOs

2008-07-13 Thread John Thomas 
I would like to know about new software (rpms) with a general 
description as they become available in the major repos.


Is there a way to get an RSS feed?

Currently, I run "yum --enablerepo=* list recent" in cron.daily, but it 
does not provide a description.


I'm like a kid in a candy store with all this great free software. 
Thank you, by the way!


--
Sincerely,
John Thomas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Cluster: understanding virtual IP

2008-07-13 Thread Dirk H. Schulz 
Okay, I found that ifconfig does not show the virtual IP address, but "ip 
addr show" shows it bound to an interface. Seems that ifconfig can only 
handle old style aliases.


dirk

--On 13. Juli 2008 14:28:29 +0200 "Dirk H. Schulz" 
<[EMAIL PROTECTED]> wrote:



Hi folks,

I have set up a cluster on CentOS 5.2 using /etc/cluster/cluster.conf -
and it works fine. It's only purpose is to switch a virtual IP between
two routers.

Now the service is running, I can ping the virtual IP from outside - but
this virtual IP is not bound to any interface. How does this work? Can I
force the cluster to bind it to a certain interface?

I need this because the routing daemon (xorp) does not make use of an ip
address that is not bound to an interface.

Any hint or help is appreciated.

Dirk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos




--
Dirk H. Schulz
IT Systems Service
Wiesenweg 12, 85567 Grafing
Tel. 0 80 92/86 25 68
Fax. 0 80 92/86 25 72
--
Technik vom Feinsten - und das nötige Tuning
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] yum remove from stdout

2008-07-13 Thread David Hláčik 
Hello, little tricky question :

i have a file of packages for removal , which looks like that :

atk libart_lgpl libXfixes audiofile libXcursor libxslt alsa-lib esound
gnome-mime-data libIDL ORBit2 libbonobo libdaemon libXrandr dbus-python
avahi avahi-glib gamin shared-mime-info libXres startup-notification
libXinerama hicolor-icon-theme gtk2 GConf2 libglade2 libgnomecanvas
gnome-keyring libwnck notification-daemon libnotify gnome-vfs2 libgnome
libbonoboui gnome-mount libgnomeui xulrunner firefox libXmu xorg-x11-xauth
ttmkfdir libfontenc libXfont xorg-x11-font-utils libselinux-python
audit-libs-python policycoreutils libFS chkfontpath xorg-x11-xfs
xorg-x11-fonts-truetype xorg-x11-fonts-ISO8859-1-100dpi
xorg-x11-fonts-100dpi xorg-x11-fonts-ISO8859-2-75dpi xorg-x11-fonts-ethiopic
xorg-x11-fonts-misc xorg-x11-fonts-syriac xorg-x11-fonts-ISO8859-9-100dpi
xorg-x11-fonts-Type1 xorg-x11-fonts-ISO8859-14-75dpi
xorg-x11-fonts-ISO8859-9-75dpi xorg-x11-fonts-ISO8859-2-100dpi
xorg-x11-fonts-ISO8859-15-100dpi xorg-x11-fonts-base
xorg-x11-fonts-ISO8859-14-100dpi xorg-x11-fonts-ISO8859-1-75dpi
xorg-x11-fonts-cyrillic xorg-x11-fonts-75dpi xorg-x11-fonts-ISO8859-15-75dpi
libXtst vnc-server libXpm libXaw xterm

how to , provide that file to yum, using pipe, or redirect does not work

cat result | yum remove ..

Thanks in advance!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] looking for motherboard / temp / hdd monitor, other than lmsensors

2008-07-13 Thread Kai Schaetzl 
Jarmo wrote on Sun, 13 Jul 2008 14:49:50 +0300:

> Look mbmon/xmbon at
> http://www.freshports.org/sysutils/mbmon/

It seems the current version of this software 
(http://www.nt.phys.kyushu-u.ac.jp/shimizu/download/download.html)
is older than anything I get with CentOS.

I found an interesting thread here, but this would involve compiling a 
kernel module and installing a non-Centos lm_sensors.
http://www.centos.org/modules/newbb/viewtopic.php?topic_id=14748

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread William L. Maltby 

On Sat, 2008-07-12 at 17:23 -0500, Lanny Marcus wrote:
> On 7/12/08, Ralph Angenendt <[EMAIL PROTECTED]> wrote:
> > Lanny Marcus wrote:
> > [240kB png]
> > DON'T EVER DO THAT AGAIN.
> >You just sent out ~1GB of data.
> > As of now (as that already happened last week), the maximum message size
> > for this list is 50kB.
> > So people: Trim your mails >:)
> 
> To: Ralph and everyone on the list: I apologize, sincerely. Bill sent
> a .png attachment of the screen in his IPCop box and I sent mine back.
> Please forgive me. I will not send an attachment like that to the list
> again. Lanny

FYI: When you have a large thing to post publicly there are sites such
as http://pastebin.com/ and others. Googling will get you some.

> 

-- 
Bill

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.com when browsing web?

2008-07-13 Thread Lanny Marcus 
On Fri, Jul 11, 2008 at 12:36 PM, Scott Silva <[EMAIL PROTECTED]> wrote:

> 
>>
> On 7/10/08, Scott Silva <[EMAIL PROTECTED]> wrote:
> No !!! Don't change it there. That is the IP address sent to your dhcp
> clients for them to use for dns. If you set that to 127.0.0.1, no one will
> find anything.
> You need to run setup either from a terminal window on the ipcop box or by
> ssh.
> About halfway down is "Networking" which you select, and in that menu is
> "Dns and Gateway Settings".
>
> You would set the primary dns to 127.0.0.1 and if you want set the
> secondary dns to what your primary dns was set at. You might have to play
> with the options to have dhcp assigned red and still be able to set your
> nameserver settings.
> The ipcop boxes I have are all on static ip's, on either T1's or business
> class DSL, so the settings are a little different.
>
> Whatever you do, write down the original settings of anything you change so
> you can restore it if it horribly breaks.


Progress this morning! On our backup IPCop box (the one with much better HW)
I updated IPCop and the Snort definitions and backed up that IPCop box to
the HD on my Desktop. Then, I had a problem, when I tried to SSH into it. I
got an Error, because the /root/.ssh/Known Hosts has the RSA Key for the
IPCop box we normally use. I made a backup of that file and put the RSA Key
for the Backup IPCop box there and then I was able to SSH into it. I put
127.0.0.1 for the Primary DNS and also for the Secondary DNS and tried to
surf the web. No go.

Playing with the IPCop options you suggested might be something I need to
do. In DHCP Server configuration, the Primary DNS was set to 192.168.10.1
I tried changing that to 127.0.0.1 but I had the same problem. When I tried
to ping one of my web sites by the domain name, it came back ping: unknown
host

I am up and running on our normal IPCop box again. Last night, I changed the
DNS Settings in the ADSL Modem, from using the DNS Servers at our local ISP,
to those of opendns.com  and that probably will help a lot, until I can get
IPCop configured properly for the Caching DNS Server.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] screen command

2008-07-13 Thread David Mackintosh 
On Sun, Jul 13, 2008 at 01:46:20AM -0400, Ed Donahue wrote:
> Anyone know which rpm give you the screen command?
> 
> Or tell me how to figure this out on my own :-)

# yum install screen

It will tell you what it wants to download and install before it does it.

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
 [EMAIL PROTECTED]  | http://www.xdroop.com


pgpjWCcD3bXSc.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Cluster: understanding virtual IP

2008-07-13 Thread Dirk H. Schulz 

Hi folks,

I have set up a cluster on CentOS 5.2 using /etc/cluster/cluster.conf - and 
it works fine. It's only purpose is to switch a virtual IP between two 
routers.


Now the service is running, I can ping the virtual IP from outside - but 
this virtual IP is not bound to any interface. How does this work? Can I 
force the cluster to bind it to a certain interface?


I need this because the routing daemon (xorp) does not make use of an ip 
address that is not bound to an interface.


Any hint or help is appreciated.

Dirk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] NFS options on kernel parameters

2008-07-13 Thread Ali Rostami 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of vincenzo romero
Sent: Tuesday, February 26, 2008 2:24 AM
To: Frank Cox
Cc: CentOS mailing list
Subject: Re: [CentOS] NFS options on kernel parameters

I apologize for the miscommunication.

I would like to enable that ability to "no_root_squash" to make sure
root users on the clients have actual root permissions; or effectively
root users are NOT mapped to user nobody.

1.  I have no_root_squash enabled in /etc/exports

2.  But my client when accessing the export via NFS - seems to be
root-squashing it .. so that root is mapped to nobody.
 I would like the root client to have actual root permissions.

... What am I missing in my client side configuration (append line
passed to kernel)?

thanks in advance.

On Mon, Feb 25, 2008 at 2:41 PM, Frank Cox <[EMAIL PROTECTED]> wrote:
> On Mon, 25 Feb 2008 14:36:17 -0800
>  vincenzo romero <[EMAIL PROTECTED]> wrote:
>
>  > I would like to NFS root-squash the root directory.
>
>  no_root_squash means just what it says.  If you want to have root-squashing,
>  remove that parameter from your /etc/exports file.  root-squash=yes is the
>  default setting unless otherwise specified with no_root_squash.
>
>  --
>  MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com
>



-- 
best,

Vince
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Reg. VNC server and Windows and Centos interworking

2008-07-13 Thread Ali Rostami 


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of Les Mikesell
Sent: Monday, February 25, 2008 11:02 PM
To: Padmaja
Cc: CentOS mailing list
Subject: Re: [CentOS] Reg. VNC server and Windows and Centos interworking

Padmaja wrote:
> Hi,
> 
> Thanks for your response, I could connenct to the Centos PC from Windows 
> using VNC. However, I do not see the icons etc., that I see when I 
> access any windows PC. I ran the command ps aux and saw there is a vnc 
> process running for iconic view, but 'm not able to view the icons on 
> the desktop. What should I do to get access to the GUI?
> 

If you don't create your own /home/username/.vnc/xstartup file, 
vncserver will run twm which is a very old and unfriendly window 
manager.  You probably wan to run gnome instead.   But, as I mentioned 
before, this is going to run an independent screen.  If instead, you 
want to control the console session remotely, try 
System/Preferences/Remote Desktop from the Gnome menu and allow remote 
connections.  This will be to the :0 (default) screen.

-- 
   Les Mikesell
[EMAIL PROTECTED]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 41, Issue 6

2008-07-13 Thread centos-announce-request 
MAIL PROTECTED]



--

Message: 4
Date: Sat, 12 Jul 2008 14:16:28 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CEBA-2008:0573  CentOS 5 i386 gfs2_utils
Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2008:0573 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2008-0573.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

i386:
fc2cdea6bb3f984cbd6633bfa3452fb6  gfs2-utils-0.1.44-1.el5_2.1.i386.rpm

Source:
ac62180672f1c1e4c927786542c8c6c7  gfs2-utils-0.1.44-1.el5_2.1.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

Message: 5
Date: Sun, 13 Jul 2008 06:46:35 -0500
From: Johnny Hughes <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2008:0584 Important CentOS 4 i386
pidgin -security update
To: CentOS-Announce <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"

CentOS Errata and Security Advisory 2008:0584

https://rhn.redhat.com/errata/RHSA-2008-0584.html

The following updated files have been uploaded and are currently
syncing to the mirrors:

i386:
pidgin-1.5.1-2.el4.i386.rpm

src:
pidgin-1.5.1-2.el4.src.rpm

-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20080713/baad8e25/signature-0001.bin

--

Message: 6
Date: Sun, 13 Jul 2008 06:46:41 -0500
From: Johnny Hughes <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2008:0584 Important CentOS 4 x86_64
pidgin -security update
To: CentOS-Announce <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"

CentOS Errata and Security Advisory 2008:0584

https://rhn.redhat.com/errata/RHSA-2008-0584.html

The following updated files have been uploaded and are currently
syncing to the mirrors:

i386:
pidgin-1.5.1-2.el4.x86_64.rpm

src:
pidgin-1.5.1-2.el4.src.rpm

-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20080713/f06c35d1/signature-0001.bin

--

Message: 7
Date: Sun, 13 Jul 2008 06:52:40 -0500
From: Johnny Hughes <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2008:0583 Important CentOS 4 i386
openldap -  security update
To: CentOS-Announce <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"

CentOS Errata and Security Advisory 2008:0583

https://rhn.redhat.com/errata/RHSA-2008-0583.html

The following updated files have been uploaded and are currently
syncing to the mirrors:

i386:
compat-openldap-2.1.30-8.el4_6.5.i386.rpm
openldap-2.2.13-8.el4_6.5.i386.rpm
openldap-clients-2.2.13-8.el4_6.5.i386.rpm
openldap-devel-2.2.13-8.el4_6.5.i386.rpm
openldap-servers-2.2.13-8.el4_6.5.i386.rpm
openldap-servers-sql-2.2.13-8.el4_6.5.i386.rpm

src:
openldap-2.2.13-8.el4_6.5.src.rpm

-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20080713/e38cca16/signature-0001.bin

--

Message: 8
Date: Sun, 13 Jul 2008 06:52:34 -0500
From: Johnny Hughes <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2008:0583 Important CentOS 4 x86_64
openldap- security update
To: CentOS-Announce <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="iso-8859-1"

CentOS Errata and Security Advisory 2008:0583

https://rhn.redhat.com/errata/RHSA-2008-0583.html

The following updated files have been uploaded and are currently
syncing to the mirrors:

x86_64:
compat-openldap-2.1.30-8.el4_6.5.i386.rpm
compat-openldap-2.1.30-8.el4_6.5.x86_64.rpm
openldap-2.2.13-8.el4_6.5.i386.rpm
openldap-2.2.13-8.el4_6.5.x86_64.rpm
openldap-clients-2.2.13-8.el4_6.5.x86_64.rpm
openldap-devel-2.2.13-8.el4_6.5.x86_64.rpm
openldap-servers-2.2.13-8.el4_6.5.x86_64.rpm
openldap-servers-sql-2.2.13-8.el4_6.5.x86_64.rpm

src:
openldap-2.2.13-8.el4_6.5.src.rpm

-- next part --
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
Url : 
http://lists.centos.org/pipermail/centos-annou

Re: [CentOS] looking for motherboard / temp / hdd monitor, other than lmsensors

2008-07-13 Thread jarmo 
Kai Schaetzl kirjoitti viestissään (lähetysaika sunnuntai, 13. heinäkuuta 
2008):

> I'm having the same problems with lm_sensors with newer motherboards (ones
> from the last two years), some work, some don't. On some AMD motherboards
> it helps to "rmmod k8temp" to get a reading. On some it doesn't.
> I have one Intel board with I think Intel 5000X where lm_sensors also
> fails with a message like "no sys_fs" or so, I don't really remember.
> Do others know any tricks to get the data nevertheless?
> I think the kernel and lm_sensors on Centos 5 are simply too old for some
> chipsets. Also, there's sometimes a discrepancy between the support in the
> kernel and in lm_sensors.
>
> Kai

Look mbmon/xmbon at http://www.freshports.org/sysutils/mbmon/
Jarmo

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] using new sysconfig file

2008-07-13 Thread Kai Schaetzl 
Ian Blackwell wrote on Sun, 13 Jul 2008 08:34:51 +0930:

> I got similar errors by corrupting my /etc/sysconfig/postgrey file, by 
> putting text into the delay value - i.e. I replaced 660 with 66O.  I 
> suggest you recreate the file (from scratch) to make sure you haven't 
> got some odd binary data in their somehow (null's?).

Thanks for the hint. It was the CRLF sequence from creating the file on a 
Windows machine. I haven't had a problem with this in a long time, bash 
scripts etc. work fine, no matter if LF or CRLF is used, but it seems to 
make a difference when including a file.

> 
> BTW: Postgrey recommend a maximum delay of 300.  Is there a reason 
> you're using 660?

It's the default and been the default since postgrey saw the light of day, 
but I wouldn't deem it "recommended". ;-) I've been doing greylisting 
(with sendmail) for many years and started out with ten minutes. This has 
proven to be quite successful, but there is a growing number of spammers 
that come back after exactly ten minutes, so I'm moving it up to 11 
minutes on new machines. I doubt that 5 minutes gives any advantage in 
terms of faster turnaround time for ham messages. Most MTAs retry after 15 
or 30 minutes, I would actually consider an MTA that retries after only 5 
minutes a bit rude.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Can an ISO be specified allow mount "setsebool -P allow_mount_iso=1" insted of "setsebool -P allow_mount_anyfile=1" SE context samba share

2008-07-13 Thread Frank Murphy 
Summary:

SELinux prevented mount from mounting on the file or directory
"./Fedora-9-Everything-i386-DVD1.iso" (type "samba_share_t").

Detailed Description:

SELinux prevented mount from mounting a filesystem on the file or
directory
"./Fedora-9-Everything-i386-DVD1.iso" of type "samba_share_t". By
default
SELinux limits the mounting of filesystems to only some files or
directories
(those with types that have the mountpoint attribute). The type
"samba_share_t"
does not have this attribute. You can either relabel the file or
directory or
set the boolean "allow_mount_anyfile" to true to allow mounting on any
file or
directory.

Allowing Access:

Changing the "allow_mount_anyfile" boolean to true will allow this
access:
"setsebool -P allow_mount_anyfile=1."

The following command will allow this access:

setsebool -P allow_mount_anyfile=1

Additional Information:

Source Contextsystem_u:system_r:mount_t
Target Contextuser_u:object_r:samba_share_t
Target Objects./Fedora-9-Everything-i386-DVD1.iso
[ file ]
Sourcemount
Source Path   /bin/mount
Port  
Host  server-01
Source RPM Packages   util-linux-2.13-0.47.el5
Target RPM Packages   
Policy RPMselinux-policy-2.4.6-137.1.el5
Selinux Enabled   True
Policy Type   targeted
MLS Enabled   True
Enforcing ModeEnforcing
Plugin Name   allow_mount_anyfile
Host Name server-01
Platform  Linux server-01 2.6.18-92.1.6.el5 #1 SMP
Wed Jun
  25 13:49:24 EDT 2008 i686 athlon
Alert Count   3
First SeenSun 13 Jul 2008 10:26:26 IST
Last Seen Sun 13 Jul 2008 11:07:49 IST
Local ID  268bdb54-5d8d-4c81-b7ba-0392b5cea34e
Line Numbers  

Raw Audit Messages

host=server-01 type=AVC msg=audit(1215943669.186:14): avc:  denied
{ write } for  pid=2898 comm="mount"
name="Fedora-9-Everything-i386-DVD1.iso" dev=md2 ino=8585227
scontext=system_u:system_r:mount_t:s0
tcontext=user_u:object_r:samba_share_t:s0 tclass=file

host=server-01 type=SYSCALL msg=audit(1215943669.186:14): arch=4003
syscall=5 success=no exit=-13 a0=9fd5450 a1=8002 a2=0 a3=8002 items=0
ppid=2877 pid=2898 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0
egid=0 sgid=0 fsgid=0 tty=(none) ses=4294967295 comm="mount"
exe="/bin/mount" subj=system_u:system_r:mount_t:s0 key=(null)




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] looking for motherboard / temp / hdd monitor, other than lmsensors

2008-07-13 Thread Kai Schaetzl 
William L. Maltby wrote on Sat, 12 Jul 2008 09:47:28 -0400:

> I don't know if it's good or what you want, but I use gkrellm

relies on lm_sensors according to the homepage. (and sys_fs, AFAIK 
lm_sensors picks up sys_fs if it's available.)

I'm having the same problems with lm_sensors with newer motherboards (ones 
from the last two years), some work, some don't. On some AMD motherboards 
it helps to "rmmod k8temp" to get a reading. On some it doesn't.
I have one Intel board with I think Intel 5000X where lm_sensors also 
fails with a message like "no sys_fs" or so, I don't really remember.
Do others know any tricks to get the data nevertheless?
I think the kernel and lm_sensors on Centos 5 are simply too old for some 
chipsets. Also, there's sometimes a discrepancy between the support in the 
kernel and in lm_sensors.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] screen command

2008-07-13 Thread D Steward 
On Sun, 2008-07-13 at 01:46 -0400, Ed Donahue wrote:
> Anyone know which rpm give you the screen command?
> 
> Or tell me how to figure this out on my own :-)
> 
> Ed

Just going off on a slight tangent here, but to add to that which others
have said, if you want to search for information/tutorials/documentation
on 'screen' with google, you'll need to search using 'GNU screen'

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] screen command

2008-07-13 Thread Ralph Angenendt 
John R Pierce wrote:
> Ed Donahue wrote:
>> Anyone know which rpm give you the screen command?
>>
>> Or tell me how to figure this out on my own :-)
>
> # rpm -qf `which screen`
> screen-4.0.3-1.el5

Is that the hen or the egg? >:)

yum list "*screen*" or yum provides "*screen*" should show the rpm if it
isn't installed ...

Cheers,

Ralph


pgpPQ4r24Bw6n.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: OT: anything in CentOS 5.2 that uses opendns.comwhen browsing web?

2008-07-13 Thread Ralph Angenendt 
Robert - elists wrote:
> 
> > 
> > As of now (as that already happened last week), the maximum message size
> > for this list is 50kB.
> > 
> > So people: Trim your mails >:)
> 
> Ralph
> 
> Will the server notify us if we exceed that threshold ?

Yes. You'll get an error mail.

Ralph


pgpHR8fFKvmPL.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos