[CentOS-docs] c6-testing in wiki
Can someone add CentOS 6: http://dev.centos.org/centos/6/testing/CentOS-Testing.repo; to the CentOS-Testing[1] section? [1] http://wiki.centos.org/AdditionalResources/Repositories thanks, jerry ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] c6-testing in wiki
On Tue, Jan 17, 2012 at 9:57 AM, Akemi Yagi amy...@gmail.com wrote: On Tue, Jan 17, 2012 at 7:33 AM, Jerry Amundson jamun...@gmail.com wrote: Can someone add CentOS 6: http://dev.centos.org/centos/6/testing/CentOS-Testing.repo; to the CentOS-Testing[1] section? [1] http://wiki.centos.org/AdditionalResources/Repositories Thanks. Done. ... and the CentOS 6 in front of the link, please? :-) jerry ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] c6-testing in wiki
On Tue, Jan 17, 2012 at 8:09 AM, Jerry Amundson jamun...@gmail.com wrote: On Tue, Jan 17, 2012 at 9:57 AM, Akemi Yagi amy...@gmail.com wrote: On Tue, Jan 17, 2012 at 7:33 AM, Jerry Amundson jamun...@gmail.com wrote: Can someone add CentOS 6: http://dev.centos.org/centos/6/testing/CentOS-Testing.repo; to the CentOS-Testing[1] section? [1] http://wiki.centos.org/AdditionalResources/Repositories Thanks. Done. ... and the CentOS 6 in front of the link, please? :-) jerry Indeed. Thanks again. I have a better suggestion by the way. Why don't you join the Wiki authors so that you can help with things like this (and others) ? :-) Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-announce] CEBA-2012:0026 CentOS 5 busybox Update
CentOS Errata and Bugfix Advisory 2012:0026 Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0026.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: dca4151ada0126d7a2995cd930f674ff58303c19a70d6644c1f07eaee3e16a08 busybox-1.2.0-10.el5.centos.1.i386.rpm 0f8cc25680afc6c9af4dc50dd72b51a0619d25e398c8b93c6d03a6fadc481a9d busybox-anaconda-1.2.0-10.el5.centos.1.i386.rpm x86_64: ef568123e891ea047e857291b54fa52c9caeee7b38d4baad41c2f3eb66a8a3e6 busybox-1.2.0-10.el5.centos.1.x86_64.rpm c2c6411c9b17a46fbfc74041f00799ce06f203023986c3ac2e35ad5057d2caa6 busybox-anaconda-1.2.0-10.el5.centos.1.x86_64.rpm Source: 042a1c7de86223e6bcb4eec7053e415e3f7b662fad01c8eb1e5cbf9456c9db10 busybox-1.2.0-10.el5.centos.1.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2012:0013 CentOS 6 libvirt Update
CentOS Errata and Bugfix Advisory 2012:0013 Upstream details at : https://rhn.redhat.com/errata/RHBA-2012-0013.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: b54b2e5e3f8e70473e334ad6632818e4629248287252143ef3cfd425ae4b179d libvirt-0.9.4-23.el6_2.4.i686.rpm 23cd3c1c33d5fd0003699d56fcbc141fa4f983a91939ee777a8225fd6dbb15a9 libvirt-client-0.9.4-23.el6_2.4.i686.rpm 49fa3c7f464174380cc512911108bd7eeba25802f96457ce4805e9bd08f5c452 libvirt-devel-0.9.4-23.el6_2.4.i686.rpm 2d0975f1cf829d6b7e0f99d205d4ba1e459c258e276e2c5a6cd1cd2ae70b9973 libvirt-lock-sanlock-0.9.4-23.el6_2.4.i686.rpm f358a6f2778d31f63a2f3e160a5367c562094e13e5647c43c39289372e83b9a2 libvirt-python-0.9.4-23.el6_2.4.i686.rpm x86_64: 0324a13c6340b4e46854a0e0260365d1e201b2115d35b06fb996e12d32307c35 libvirt-0.9.4-23.el6_2.4.x86_64.rpm 23cd3c1c33d5fd0003699d56fcbc141fa4f983a91939ee777a8225fd6dbb15a9 libvirt-client-0.9.4-23.el6_2.4.i686.rpm 2171b97ccf1d4ae77c1e7fe05d199b14550e4f3f2f377ebf0ab14b0db7805375 libvirt-client-0.9.4-23.el6_2.4.x86_64.rpm 49fa3c7f464174380cc512911108bd7eeba25802f96457ce4805e9bd08f5c452 libvirt-devel-0.9.4-23.el6_2.4.i686.rpm 9696a7fc7defceaefebb0e18811b82346bdbfdfe13c2702dd16796ed9a8dee62 libvirt-devel-0.9.4-23.el6_2.4.x86_64.rpm e91e200fd5740f71942c819e135ab5f49e8b1ba4bd14919e85c0b8649059cd46 libvirt-lock-sanlock-0.9.4-23.el6_2.4.x86_64.rpm abcd98eef77921b8116d33425104c709c9a52bdb61697882fe66188308f27a07 libvirt-python-0.9.4-23.el6_2.4.x86_64.rpm Source: aadd794bcadd21a7b13b1f46cdb1cbbf2e1574b5edd0e12828dbf7c320b98801 libvirt-0.9.4-23.el6_2.4.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
Re: [CentOS-virt] [CentOS] VirtIO disk 'leakage' across guests?
On Mon, January 16, 2012 17:01, Dennis Jacobfeuerborn wrote: On 01/16/2012 10:16 PM, James B. Byrne wrote: ... The xmldump for this guest instance contains this: ... Please post the xmldumps of the original guest and cloned guest right after cloning and without any modifications. Regards, Dennis Prototype dumpxml virsh # dumpxml vm-centos-6 domain type='kvm' id='34' namevm-centos-6/name uuid77692b36-d424-175f-b991-abc58fa0359b/uuid descriptionvm clone prototype root user password: protoype/description memory2097152/memory currentMemory2097152/currentMemory vcpu1/vcpu os type arch='x86_64' machine='rhel6.0.0'hvm/type boot dev='hd'/ /os features acpi/ apic/ pae/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashrestart/on_crash devices emulator/usr/libexec/qemu-kvm/emulator disk type='block' device='disk' driver name='qemu' type='raw' cache='none'/ source dev='/dev/vg_vhost01/lv_vm_base'/ target dev='vda' bus='virtio'/ alias name='virtio-disk0'/ address type='pci' domain='0x' bus='0x00' slot='0x05' function='0x0'/ /disk disk type='block' device='cdrom' driver name='qemu' type='raw'/ target dev='hdc' bus='ide'/ readonly/ alias name='ide0-1-0'/ address type='drive' controller='0' bus='1' unit='0'/ /disk controller type='ide' index='0' alias name='ide0'/ address type='pci' domain='0x' bus='0x00' slot='0x01' function='0x1'/ /controller interface type='bridge' mac address='52:54:00:28:7e:ce'/ source bridge='br0'/ target dev='vnet5'/ model type='virtio'/ alias name='net0'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface serial type='pty' source path='/dev/pts/6'/ target port='0'/ alias name='serial0'/ /serial console type='pty' tty='/dev/pts/6' source path='/dev/pts/6'/ target type='serial' port='0'/ alias name='serial0'/ /console input type='tablet' bus='usb' alias name='input0'/ /input input type='mouse' bus='ps2'/ graphics type='vnc' port='5905' autoport='yes'/ sound model='ac97' alias name='sound0'/ address type='pci' domain='0x' bus='0x00' slot='0x04' function='0x0'/ /sound video model type='cirrus' vram='9216' heads='1'/ alias name='video0'/ address type='pci' domain='0x' bus='0x00' slot='0x02' function='0x0'/ /video memballoon model='virtio' alias name='balloon0'/ address type='pci' domain='0x' bus='0x00' slot='0x06' function='0x0'/ /memballoon /devices seclabel type='dynamic' model='selinux' relabel='yes' labelsystem_u:system_r:svirt_t:s0:c299,c322/label imagelabelsystem_u:object_r:svirt_image_t:s0:c299,c322/imagelabel /seclabel /domain virsh # A substantially identical clone of the prototype. This guest has had no additional storage added to it. virsh # dumpxml sshpipe.harte-lyne.ca domain type='kvm' id='19' namesshpipe.harte-lyne.ca/name uuid5fbd2bad-059c-da0d-c856-c16cfb831a9a/uuid descriptionvm clone prototype root user password: protoype/description memory2097152/memory currentMemory2097152/currentMemory vcpu1/vcpu os type arch='x86_64' machine='rhel6.0.0'hvm/type boot dev='hd'/ /os features acpi/ apic/ pae/ /features clock offset='utc'/ on_poweroffdestroy/on_poweroff on_rebootrestart/on_reboot on_crashrestart/on_crash devices emulator/usr/libexec/qemu-kvm/emulator disk type='block' device='disk' driver name='qemu' type='raw' cache='none'/ source dev='/dev/vg_vhost01/lv_vm_sshipe.harte-lyne.ca_00'/ target dev='vda' bus='virtio'/ alias name='virtio-disk0'/ address type='pci' domain='0x' bus='0x00' slot='0x05' function='0x0'/ /disk disk type='block' device='cdrom' driver name='qemu' type='raw'/ target dev='hdc' bus='ide'/ readonly/ alias name='ide0-1-0'/ address type='drive' controller='0' bus='1' unit='0'/ /disk controller type='ide' index='0' alias name='ide0'/ address type='pci' domain='0x' bus='0x00' slot='0x01' function='0x1'/ /controller interface type='bridge' mac address='52:54:00:ee:d8:32'/ source bridge='br0'/ target dev='vnet2'/ model type='virtio'/ alias name='net0'/ address type='pci' domain='0x' bus='0x00' slot='0x03' function='0x0'/ /interface serial type='pty' source path='/dev/pts/3'/ target port='0'/ alias name='serial0'/ /serial console type='pty' tty='/dev/pts/3' source path='/dev/pts/3'/ target type='serial' port='0'/ alias name='serial0'/ /console input type='tablet' bus='usb' alias name='input0'/ /input input type='mouse' bus='ps2'/ graphics
Re: [CentOS-virt] [CentOS] VirtIO disk 'leakage' across guests?
On 01/17/2012 06:46 PM, James B. Byrne wrote: On Mon, January 16, 2012 17:01, Dennis Jacobfeuerborn wrote: On 01/16/2012 10:16 PM, James B. Byrne wrote: ... The xmldump for this guest instance contains this: ... Please post the xmldumps of the original guest and cloned guest right after cloning and without any modifications. Regards, Dennis Prototype dumpxml virsh # dumpxml vm-centos-6 domain type='kvm' id='34' ... source dev='/dev/vg_vhost01/lv_vm_base'/ /domain virsh # dumpxml sshpipe.harte-lyne.ca domain type='kvm' id='19' ... source dev='/dev/vg_vhost01/lv_vm_sshipe.harte-lyne.ca_00'/ /domain The second guest, sshpipe, shows this for pvdisplay: [root@sshpipe ~]# pvdisplay Couldn't find device with uuid umrIn6-Np0c-NC4Z-MuUo-5TBj-IKRE-XBU0De. --- Physical volume --- PV Name /dev/vda2 VG Name vg_vm_centos_6 PV Size 7.32 GiB / not usable 3.00 MiB Allocatable yes (but full) PE Size 4.00 MiB Total PE 1874 Free PE 0 Allocated PE 1874 PV UUID djM23m-6Yeb-BQ2x-gPh9-ORMt-dX2i-Ou9xBQ --- Physical volume --- PV Name unknown device VG Name vg_vm_centos_6 PV Size 31.25 GiB / not usable 3.97 MiB Allocatable yes PE Size 4.00 MiB Total PE 7999 Free PE 1855 Allocated PE 6144 PV UUID umrIn6-Np0c-NC4Z-MuUo-5TBj-IKRE-XBU0De What does the first guest say for pvdisplay? The key here is the PV UUID umrIn6-Np0c Either this PV must exists somewhere else on the host or in one of the guest or maybe the cloning process has corrupted the LVM metadata. Regards, Dennis ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Dedicated Firewall/Router
On Tue, Jan 17, 2012 at 9:55 AM, Laurent Wandrebeck l.wandreb...@gmail.com wrote: On Mon, 16 Jan 2012 18:18:26 -0600 Tom Bishop bisho...@gmail.com wrote: I would get a dell r210 from the outlet site and then load pfsense, been running in multiple locations, solid and works great. Do NOT use pfsense if you have to use realtek cards. I used to (1.2.3 and 2.0.1), and lost connection regularly, need to reboot to get it back… Flee realtek as much as you can :) You shouldn't be using realtek NIC's in a production, or even just a large-ish server environment in anycase. Rather use Intel. Back to the topic though, how does one guarantee 100% uptime on the firewall level when you use a standard dedicated server? Even if the server (Dell / Intell / SuperMicro / you name it...) has redundant PSU's and HDD's, there could still be hardware failure. And, unless you buy 3 or 4 at a time, you may run into a where once you pop the HDD into a new (standby?) chassis that something may not be compatible and the firewall might be down for a few minutes, or even hours while you search for a solution on the internet, or with the hardware vendor. -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedicated Firewall/Router
Am Tue, 17 Jan 2012 10:02:01 +0200 schrieb Rudi Ahlers r...@softdux.com: Back to the topic though, how does one guarantee 100% uptime on the firewall level when you use a standard dedicated server? pfSense offers failover via CARP ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ia32-libs for 64 bit CentOS
On 01/16/12 11:05 PM, Alexander Dalloz wrote: If the script you are running is hardcoded to require ia32-libs, then that install method is not compatible with CentOS. You probably will have to read the script's code to see whether it fits CentOS. indeed, the install.pl in zdesktop seems to want to do this.. IA32Warning = WARNING: ia32-libs is missing for x86_64 platform. This package is required to run Zimbra Desktop on 64-bit Linux. . if (($arch eq 'x86_64') !(-d '/usr/share/doc/ia32-libs')) { print get_message('IA32Warning'), \n\n; } (if the system architecture is x86_64 then if the directory /usr/share/doc/ia32-libs does not exist, print the Warning, but continue with the install) and, AFAIK, nothing in any RH derived system will create that folder. # yum provides /usr/share/doc/ia32-libs Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * base: mirrors.login.com * extras: mirrors.login.com * updates: yum.singlehop.com base/filelists_db | 5.8 MB 00:09 cr/filelists_db | 584 B 00:00 extras/filelists_db | 2.4 kB 00:00 pgdg90/filelists_db | 118 kB 00:00 updates/filelists_db | 451 kB 00:01 No Matches found it appears the app is written in Java and the installer includes its own JRE so, I ran the install.pl, and poked around and found its JRE, so I tried to run the java JRE it installed $ /opt/zimbra/zdesktop/linux/jre/bin/java -version -bash: /opt/zimbra/zdesktop/linux/jre/bin/java: /lib/ld-linux.so.2: bad ELF interpreter: No such file or directory hookoay. yum provides /lib/ld-linux.so.2 tells me, I need glibc.i686 .. so... # yum install glibc.i686 and voila, now its built in java works... $ /opt/zimbra/zdesktop/linux/jre/bin/java -version java version 1.6.0_16 Java(TM) Platform, Standard Edition for Business (build 1.6.0_16-b01) Java HotSpot(TM) Client VM (build 14.2-b01, mixed mode) It may very well work now, but it may need additional libraries, you'll find that out when you exercise the application. I won't be surprised if it needs some 32bit X client stuff. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Error occurred when compiling Vim 7.3 with --enable-perlinterp specified.
Thanks, I found the package perl-ExtUtils-Embed caused this problem. An Yang an.eurof...@gmail.com 於 2012年1月17日下午3:55 寫道: At 2012-01-17 Tue 15:42 +0800,Lenin wrote: Has anyone compiled Vim 7.3 on CentOS 6.2 64bit ? I got the following error after *configure --enable-perlinterp make*: ./vim.h:2153:21: error: EXTERN.h: No such file or directory ./vim.h:2154:19: error: perl.h: No such file or directory ./vim.h:2155:19: error: XSUB.h: No such file or directory I've installed perl and perl-devel, but with no luck. Any ideas ? Please check build depends of http://vault.centos.org/6.2/os/Source/SPackages/vim-7.2.411-1.6.el6.src.rpmor http://kojipkgs.fedoraproject.org/packages/vim/7.3.393/1.fc17/src/vim-7.3.393-1.fc17.src.rpm Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On 01/16/2012 12:34 PM, Bennett Haselton wrote: With companies like Facebook and Google offering cash prizes for people who can find security holes in their products, has there ever been any consideration given to offering cash rewards to people finding security exploits in CentOS or in commonly bundled services like Apache? (Provided of course they follow responsible disclosure and report the exploit to the software authors and get it fixed.) Obviously the benefit would be that it would increase the chance of a white hat finding and fixing an exploit, before a black hat discovered the same one and used it to attack people's servers. Would there be any other downsides, other than the cost of paying out the prize? I've heard some objections from companies over the years who didn't want to institute a prize program, but I thought some of those objections didn't make much sense (and indeed some of those companies ended up instituting a prize program after all, a few years later). For example, some people said, This just encourages people to find exploits and then they might use those exploits to do harm. (The problem with this is if someone has sufficient black-hat incentives for finding an exploit -- either to do malice, or more likely to sell it on the black market -- those incentives *already* exist, so the prize program wouldn't create any additional incentive to use an exploit illegally.) Would you feel safer using CentOS if a bounty program encouraged people to report exploits to the project? Why or why not? I think I would, for the stated reason -- newly discovered exploits are more likely to get reported and fixed, than to be used in the wild. But I'd be curious why anyone might feel less safe if such a program existed. On a related question, suppose that instead of paying for generic exploits against the operating system, you as a webmaster had the option of adding your website to a directory of bounty sites, where you would have to put up a bond of $100 to join. Then anyone who could prove that they broke into your server (let's say the proof is that they read a world-readable file in the root directory) would collect the $100 prize, if they can describe exactly how they did it and what you need to fix to prevent the attack in the future. That way, if there's ever a weakness in your server, it's more likely to be found by a white hat and reported to you directly so you can fix it, before a black hat finds the same weakness. Would you sign up your webserver? I think I would, and I believe I'd be reducing the risk of a black-hat breakin as a result, but there may be counter-arguments that I'm not thinking of. For the record ... Facebook USES CentOS signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
Hugh E Cruickshank writes: Hi All: We have been looking at implementing deduplication on a backup server. From what I have been able to find the available documentation is pretty thin. I ended up trying to install LessFS on this CentOS 5.7 box but we have now encountered problems with fuse version. Maybe try CentOS6. We've had numerous fuse issues with other software on CentOS5 and one recommendation was to use a newer kernel, which essentially means a newer distro. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedicated Firewall/Router
Jason T. Slack-Moehrle writes: Hi All, I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics) [...] Thoughts, opinions, suggestions are welcome as to what to do! http://www.openbsd.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Etherpad on CentOS 5
From: Harold Pritchett har...@uga.edu I am attempting to install Etherpad on a CentOS 5.7 system. Maybe analyze the fedora srpm... http://repos.fedorapeople.org/repos/sdz/etherpad/fedora-13/SRPMS/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] A little confused with video drivers
Hello, I have an HP Pavilion g series laptop with an ATI vision A6 video chipset. I tried elrepos ati driver but found that the laptop would freeze intermittently and frequently. So I unloaded that driver and am running with nomodeset argument just to get a desktop. I went to the ATI site but am not sure what to try. Would anyone know which driver I could use that would work? Thanks in advance, Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A little confused with video drivers
17.1.2012 13:11, Phil Savoie kirjoitti: I have an HP Pavilion g series laptop with an ATI vision A6 video chipset. I tried elrepos ati driver but found that the laptop would freeze intermittently and frequently. So I unloaded that driver and am running with nomodeset argument just to get a desktop. I went to the ATI site but am not sure what to try. Would anyone know which driver I could use that would work? The drivers you installed from ELRepo are exactly the same ones that are available from the AMD/ATI site, just repackaged for easy installation. If the ELRepo drivers don't work, the same drivers directly from AMD won't work either. -- Markku Kolkka markku.kol...@iki.fi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A little confused with video drivers
On 01/17/2012 07:00 AM, Markku Kolkka wrote: 17.1.2012 13:11, Phil Savoie kirjoitti: I have an HP Pavilion g series laptop with an ATI vision A6 video chipset. I tried elrepos ati driver but found that the laptop would freeze intermittently and frequently. So I unloaded that driver and am running with nomodeset argument just to get a desktop. I went to the ATI site but am not sure what to try. Would anyone know which driver I could use that would work? The drivers you installed from ELRepo are exactly the same ones that are available from the AMD/ATI site, just repackaged for easy installation. If the ELRepo drivers don't work, the same drivers directly from AMD won't work either. Thank you for this. Guess I'm stuck then. Great... No wireless and limited video. I guess I really know how to pick 'em. Again, thank you for your time. Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedicated Firewall/Router
On Mon, 16 Jan 2012, Jason T. Slack-Moehrle wrote: I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics) I use two Dell R310's in a master/backup setup with shorewall and keepalived. -s ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Errors in /var/spool/mail/root
CentOS Experts, I am receiving the following in /var/spool/mail/root. I cleaned out the file and then rebooted and the same errors came back. Is it possible to analyze the data and advise if there is an issue with my system? This is a completely fresh install. From u...@localhost.srv.net Tue Jan 17 08:11:56 2012 Return-Path: u...@localhost.srv.net X-Original-To: root@localhost Delivered-To: r...@localhost.srv.net Received: by fst.srv.net (Postfix, from userid 0) id 6F02E2A0078; Tue, 17 Jan 2012 08:11:56 -0500 (EST) Date: Tue, 17 Jan 2012 08:11:56 -0500 From: u...@localhost.srv.net To: r...@localhost.srv.net Subject: [abrt] full crash report Message-ID: 4f15739c.MHhrv8Xn0YkMj8Xp%user@localhost User-Agent: Heirloom mailx 12.4 7/29/08 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Duplicate check = Common information = architecture - x86_64 package - kernel kernel - 2.6.32-220.2.1.el6.x86_64 Additional information = kernel_tainted_long - Taint on warning. kernel_tainted - 512 backtrace - WARNING: at arch/x86/kernel/cpu/mtrr/generic.c:467 generic_get_mtrr+0x11e/0x140() (Not tainted) Hardware name: empty mtrr: your BIOS has set up an incorrect mask, fixing it up. Modules linked in: Pid: 0, comm: swapper Not tainted 2.6.32-220.2.1.el6.x86_64 #1 Call Trace: [81069997] ? warn_slowpath_common+0x87/0xc0 [81069a86] ? warn_slowpath_fmt+0x46/0x50 [8102713e] ? generic_get_mtrr+0x11e/0x140 [81c2bfd1] ? mtrr_cleanup+0x8c/0x3fd [81c2ae47] ? get_mtrr_state+0x2ec/0x2fb [81c2a988] ? mtrr_bp_init+0x1ab/0x1d2 [81c254d8] ? setup_arch+0x4b8/0xaea [814ec4c5] ? printk+0x41/0x44 [81c1fc2e] ? start_kernel+0xdc/0x430 [81c1f33a] ? x86_64_start_reservations+0x125/0x129 [81c1f438] ? x86_64_start_kernel+0xfa/0x109 time - 1326805905 component - kernel hostname - fst.srv.net reason - WARNING: at arch/x86/kernel/cpu/mtrr/generic.c:467 generic_get_mtrr+0x11e/0x140() (Not tainted) cmdline - ro root=/dev/mapper/VolGroup00-root rd_NO_LUKS LANG=en_US.UTF-8 rd_MD_UUID=435d8e67:5dceefb3:85c46cf3:9f6cb0df rd_LVM_LV=VolGroup00/swap SYSFONT=latarcyrheb-sun16 rhgb crashkernel=129M@0M quiet rd_LVM_LV=VolGroup00/root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM kernel_tainted_short - -W analyzer - Kerneloops os_release - CentOS release 6.2 (Final) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM question
On Mon, 16 Jan 2012, Jonathan Vomacka wrote: It is to my understanding that the /boot partition should never be placed on LVM and should be a physical partition on the hard drives (or on top of a RAID array). Is this an accurate statement? /boot on LVM is quite safe as long as it is below 2GB. Hopefully it is. Also please advise if the SWAP filesystem is safe to be placed under LVM, or if this should be a hard partition / hard limit as well. Swap on LVM is quite safe; in fact it is desired. -s ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedicated Firewall/Router
CentOS Linux + Fwbuilder FTW! El 17/01/12 14:38, Steve Thompson escribió: On Mon, 16 Jan 2012, Jason T. Slack-Moehrle wrote: I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics) I use two Dell R310's in a master/backup setup with shorewall and keepalived. -s ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Lorenzo Martinez Rodriguez Visit me: http://www.lorenzomartinez.es Mail me to: lore...@lorenzomartinez.es My blog: http://www.securitybydefault.com My twitter: @lawwait PGP Fingerprint: 97CC 2584 7A04 B2BA 00F1 76C9 0D76 83A2 9BBC BDE2 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On Mon, Jan 16, 2012 at 11:26 PM, Hugh E Cruickshank h...@forsoft.com wrote: If not LessFS can you suggest an alternate deduplication software? Backuppc dedups (and compresses) at the file level using hardlinks. Trust you to always come up with an interesting suggestion or two. I will have a further look at this but, on first blush, I do not think that this will be very effective in our environment. We will be backing up several small databases 1-8 GB each along with the related programs from our development system, out users home directories which include their Outlook PST files, Word/Excel files, etc. While the compression should work for all files I can not see the dedup working for much beyond the Word/Excel files. We will definitely have a look at it. Big disks are cheap these days - I wouldn't worry that much about the total space that much and you'll still be able to keep a lot online. The db's are probably best handled in a pre-backup script that dumps/compresses them, then excluding the live files - and then even block de-dup won't help. Pst's are a problem any way you look at them but more because of Outlook's locking than their size. Backuppc is packaged in EPEL so it's easy to install and shows the compression and file re-use stats so you'll know in a few runs how it will handle your data. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM question
On 01/17/2012 11:40 AM, Steve Thompson wrote: on LVM is quite safe as long as it is below 2GB It's not possible put /boot on LVM when you working with GRUB. Grub works with 2 stages: 1º - MBR ( Master Boot Record ) , with instruction to access the partition where store kernel , initrd and grub.conf 2º - Reads the partition indicated on 1º stage (MBR), to read grub.conf with all instruction to boot the OS. Now the question why we cannot use /boot on LVM. LVM is a Logical Volume Manager, GRUB no have support yet to read LVM. You'll see this LVM structure after the kernel boot and load the LVM modules. You could see what filesystems are support by Grub access your /boot after installation, looking into /boot/grub. Only Grub version 2 could access partitions /boot with LVM. ( I find this information now ) - You'll not have problem using SWAP on LVM, but we need think about all situations. If you running some software that use too much SWAP area, recommend you put your SWAP on the firsts primary partition on your disk, because there are area more fast I/O. If you want know more about that looking for about ZCAV. (This is applicable to electrical mechanical disk, no Solid State Disks,SSD). Let's think you need more SWAP space, but your using SWAP on LVM, you could create a new LVM and add to SWAP area. swapon -s (you could see information how many swap partition or files you have and how much is the use of them) best regards, --aslan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Errors in /var/spool/mail/root
On 01/17/2012 11:38 AM, Jonathan Vomacka wrote: CentOS Experts, I am receiving the following in /var/spool/mail/root. I cleaned out the file and then rebooted and the same errors came back. Is it possible to analyze the data and advise if there is an issue with my system? This is a completely fresh install. From u...@localhost.srv.net Tue Jan 17 08:11:56 2012 Return-Path: u...@localhost.srv.net X-Original-To: root@localhost Delivered-To: r...@localhost.srv.net Received: by fst.srv.net (Postfix, from userid 0) id 6F02E2A0078; Tue, 17 Jan 2012 08:11:56 -0500 (EST) Date: Tue, 17 Jan 2012 08:11:56 -0500 From: u...@localhost.srv.net To: r...@localhost.srv.net Subject: [abrt] full crash report Message-ID: 4f15739c.MHhrv8Xn0YkMj8Xp%user@localhost User-Agent: Heirloom mailx 12.4 7/29/08 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Duplicate check = Common information = architecture - x86_64 package - kernel kernel - 2.6.32-220.2.1.el6.x86_64 Additional information = kernel_tainted_long - Taint on warning. kernel_tainted - 512 backtrace - WARNING: at arch/x86/kernel/cpu/mtrr/generic.c:467 generic_get_mtrr+0x11e/0x140() (Not tainted) Hardware name: empty mtrr: your BIOS has set up an incorrect mask, fixing it up. Modules linked in: Pid: 0, comm: swapper Not tainted 2.6.32-220.2.1.el6.x86_64 #1 Call Trace: [81069997] ? warn_slowpath_common+0x87/0xc0 [81069a86] ? warn_slowpath_fmt+0x46/0x50 [8102713e] ? generic_get_mtrr+0x11e/0x140 [81c2bfd1] ? mtrr_cleanup+0x8c/0x3fd [81c2ae47] ? get_mtrr_state+0x2ec/0x2fb [81c2a988] ? mtrr_bp_init+0x1ab/0x1d2 [81c254d8] ? setup_arch+0x4b8/0xaea [814ec4c5] ? printk+0x41/0x44 [81c1fc2e] ? start_kernel+0xdc/0x430 [81c1f33a] ? x86_64_start_reservations+0x125/0x129 [81c1f438] ? x86_64_start_kernel+0xfa/0x109 time - 1326805905 component - kernel hostname - fst.srv.net reason - WARNING: at arch/x86/kernel/cpu/mtrr/generic.c:467 generic_get_mtrr+0x11e/0x140() (Not tainted) cmdline - ro root=/dev/mapper/VolGroup00-root rd_NO_LUKS LANG=en_US.UTF-8 rd_MD_UUID=435d8e67:5dceefb3:85c46cf3:9f6cb0df rd_LVM_LV=VolGroup00/swap SYSFONT=latarcyrheb-sun16 rhgb crashkernel=129M@0M quiet rd_LVM_LV=VolGroup00/root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM kernel_tainted_short - -W analyzer - Kerneloops os_release - CentOS release 6.2 (Final) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Hi, After reboot check your kernel messages, running on terminal this command 'dmesg'. Check if this information appears to you, if yes could be a bug or hardware problem. best regards --aslan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On 1/16/2012 3:13 PM, Eero Volotinen wrote: Well I wasn't necessarily advocating it here, just asking whether people would feel more or less secure using CentOS if such a prize program existed (whether run by CentOS or RHEL), and why or why not. Well, no. Usually attacks to system are caused by misconfiguration of server or firewall or bugs in web applications *) *) https://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project Well one of the lessons of the recent threads seems to be that there is a lot of disagreement over what constitutes a misconfigured server. Some people consider a server misconfigured if it doesn't use a firewall to limit access to sshd, some people consider it misconfigured if sshd uses passwords instead of keys, some people consider the server misconfigured if it doesn't use SELinux, etc. Because there are mutually contradictory definitions of misconfigured, if you find out that a server was broken into you can always come up with a reason, after the fact, why the server should be considered misconfigured, depending on whose definition you use. But there seems to be some consensus, at least, that exploits do get found which allow apache to run arbitrary code (even under its unprivileged account), and exploits do get found that elevate an unprivileged user to root privileges. So you could offer, for example, a bounty for anyone who finds a way to elevate the privilege of an unprivileged account. That's a lot less powerful than a complete exploit that can be used against any server on the Internet, but it's the kind of thing an attacker might use as part of a larger exploit. So would you feel safer using CentOS/Red Hat if Red Hat, for example, offered a prize to anyone who could find a privilege-escalation exploit like that? Knowing that it would reduce the chance of a black hat finding the exploit and using it as part of an attack? Bennett ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
Well one of the lessons of the recent threads seems to be that there is a lot of disagreement over what constitutes a misconfigured server. Some people consider a server misconfigured if it doesn't use a firewall to limit access to sshd, some people consider it misconfigured if sshd uses passwords instead of keys, some people consider the server misconfigured if it doesn't use SELinux, etc. Because there are mutually contradictory definitions of misconfigured, if you find out that a server was broken into you can always come up with a reason, after the fact, why the server should be considered misconfigured, depending on whose definition you use. Well, first you need to select security baseline and apply it to server. (for example: http://benchmarks.cisecurity.org/tools2/linux/CIS_RHEL_5.0-5.1_Benchmark_v1.1.2.pdf) But there seems to be some consensus, at least, that exploits do get found which allow apache to run arbitrary code (even under its unprivileged account), and exploits do get found that elevate an unprivileged user to root privileges. So you could offer, for example, a bounty for anyone who finds a way to elevate the privilege of an unprivileged account. That's a lot less powerful than a complete exploit that can be used against any server on the Internet, but it's the kind of thing an attacker might use as part of a larger exploit. So would you feel safer using CentOS/Red Hat if Red Hat, for example, offered a prize to anyone who could find a privilege-escalation exploit like that? Knowing that it would reduce the chance of a black hat finding the exploit and using it as part of an attack? well, not really. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On Tue, Jan 17, 2012 at 9:04 AM, Bennett Haselton benn...@peacefire.org wrote: But there seems to be some consensus, at least, that exploits do get found which allow apache to run arbitrary code (even under its unprivileged account), Web servers are particularly prone to this because webapps are typically designed to map user input to some action in a fairly flexible way (i.e.by mapping the URL to a program and its inputs) and people can easily manipulate the URLs they send. That leaves a lot of levels where buffer overflows or mis-parsing can let unintended code execute. and exploits do get found that elevate an unprivileged user to root privileges. And it is best to assume that there are more that haven't been found... So you could offer, for example, a bounty for anyone who finds a way to elevate the privilege of an unprivileged account. That's a lot less powerful than a complete exploit that can be used against any server on the Internet, but it's the kind of thing an attacker might use as part of a larger exploit. So would you feel safer using CentOS/Red Hat if Red Hat, for example, offered a prize to anyone who could find a privilege-escalation exploit like that? Knowing that it would reduce the chance of a black hat finding the exploit and using it as part of an attack? You'll never know when the last bug is found. And if you don't know that, what have you gained by painting a target on your head? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
I've read that it's not recommended to automatically apply updates via yum-updated on production servers, but I keep encountering servers that have this enabled. Are any of you doing automatic yum updates on production servers in CentOS 5 via yum-updatesd? Have you experienced any negative side effects? The only thing I can think of is if say a client had a custom version of PHP installed that was not properly excluded in yum and then it was over written. Unless I'm missing something else that could go horribly wrong. Any feedback is appreciated. (if this question has already been asked my apologies, searching the archive didn't find what I was looking for) Thanks, -PJ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
On 01/17/2012 02:30 PM, P J wrote: I've read that it's not recommended to automatically apply updates via yum-updated on production servers, but I keep encountering servers that have this enabled. Are any of you doing automatic yum updates on production servers in CentOS 5 via yum-updatesd? Have you experienced any negative side effects? The only thing I can think of is if say a client had a custom version of PHP installed that was not properly excluded in yum and then it was over written. Unless I'm missing something else that could go horribly wrong. Any feedback is appreciated. (if this question has already been asked my apologies, searching the archive didn't find what I was looking for) Thanks, -PJ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Hi PJ, Good practices is don't update any package on server directly without test before. It's because some update may not full compatible with your configuration. I do the update first on test server to ensure that update will not break my system. I didn't update directly without test this new package before, so I never get troubles on updates to my servers. If you have many server with same package to update, first try one in Testing (of Dev) Environment, if no have problems, send your servers update the packages. best regrads --aslan best regards. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Mediatomb under CentOS-6
On Tue, Jan 17, 2012 at 2:54 AM, Timothy Murphy gayle...@eircom.net wrote: Is anyone running mediatomb under CentOS-6? I've installed it from rpmforge.repo (I think it used to be in the epel repository under CentOS-5) but I don't know how to configure it. I'm trying to use it to see photos on my Samsung Smart TV (model D5520). Unsure if it helps with photo issue but for Samsung TV to work this is what I needed to add to my mediatomb configuration: custom-http-headers !-- Samsung needs it -- add header=transferMode.dlna.org: Streaming/ add header=contentFeatures.dlna.org: DLNA.ORG_OP=01;DLNA.ORG_CI=0;DLNA.ORG_FLAGS=0150/ /custom-http-headers http://shishworks.blogspot.com/2012/01/mediatomb-and-samsung-tv.html Let me know if it helps. -- Mikael ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
Best reason I can think of is application feature deprecation. If an update contains changes to the default configuration file then the file will normally be installed with the '.rpmnew' extension. If an application decides to deprecate and phase out options which you actually use in the current configuration then the automatic update will invalidate your configuration and the service will not start. This would cause downtime for your servers. In the case of some services e.g. ssh, it could be catastrophic, requiring you to physically visit the servers, would could incur a cost to you. If you're OK with that, then you're not really in a high-availability production environment and you can use the automatic update daemon if you wish. On Tue, January 17, 2012 17:30, P J wrote: I've read that it's not recommended to automatically apply updates via yum-updated on production servers, but I keep encountering servers that have this enabled. Are any of you doing automatic yum updates on production servers in CentOS 5 via yum-updatesd? Have you experienced any negative side effects? The only thing I can think of is if say a client had a custom version of PHP installed that was not properly excluded in yum and then it was over written. Unless I'm missing something else that could go horribly wrong. Any feedback is appreciated. (if this question has already been asked my apologies, searching the archive didn't find what I was looking for) Thanks, -PJ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
From: P J pauljfli...@gmail.com I've read that it's not recommended to automatically apply updates via yum-updated on production servers, but I keep encountering servers that have this enabled. Some parameters/configurations/functionalities might change/appear/disappear, depending on the type of development (some projects are stable and other projects just do not care about backward compatibility). If you do manual updates, you will notice that some configuration files may change in the process (see the .rpmnew and .rpmsave)... If your server is critical, you'd better test the updates on a non critical server before. JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Mediatomb under CentOS-6
On Tue, Jan 17, 2012 at 8:47 AM, Timothy Murphy gayle...@eircom.net wrote: For example, I want to access a directory /Photos/ on my TV, but I've no idea how to add this to the sqlite database, if indeed one has to do this. I can access the local web-page at 192.168.2.2:50500 but this does not help me. Are you actually running mediatomb under CentOS? If you can't get mediatomb to work or just want to try some alternatives, there is ps3mediaserver (which will work with some but not all other devices): https://code.google.com/p/ps3mediaserver/downloads/list and serviio: (exceptionally good for Sony blu-ray players, but also works with others) http://www.serviio.org/download with slightly different feature sets. I've only used the mac versions but they are both mostly java with local libs for transcoding so linux should be very similar. They both present a web service for configuration and adding media locations. I haven't looked at mediatomb for a while - mostly because the last time I did, the others had more features. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On 1/17/2012 8:11 AM, Les Mikesell wrote: On Tue, Jan 17, 2012 at 9:04 AM, Bennett Haseltonbenn...@peacefire.org wrote: But there seems to be some consensus, at least, that exploits do get found which allow apache to run arbitrary code (even under its unprivileged account), Web servers are particularly prone to this because webapps are typically designed to map user input to some action in a fairly flexible way (i.e.by mapping the URL to a program and its inputs) and people can easily manipulate the URLs they send. That leaves a lot of levels where buffer overflows or mis-parsing can let unintended code execute. and exploits do get found that elevate an unprivileged user to root privileges. And it is best to assume that there are more that haven't been found... So you could offer, for example, a bounty for anyone who finds a way to elevate the privilege of an unprivileged account. That's a lot less powerful than a complete exploit that can be used against any server on the Internet, but it's the kind of thing an attacker might use as part of a larger exploit. So would you feel safer using CentOS/Red Hat if Red Hat, for example, offered a prize to anyone who could find a privilege-escalation exploit like that? Knowing that it would reduce the chance of a black hat finding the exploit and using it as part of an attack? You'll never know when the last bug is found. Well I'm assuming there is no last bug; rather, that as more and more bugs are found and fixed, the mean time to find the next one will get measurably larger. Pretty much all software testing is predicated on this notion -- that as you find and fix more bugs (of any kind, not just security bugs), eventually the mean time to find the next bug should get larger. Otherwise, what's the point, if at the end of all your testing and fixing, users keep running into bugs at the same frequency as before? The idea is that if you find and fix enough of them, eventually the mean time to find the next one, and hence the cost of finding the next one, will exceed the black-market value of the exploit, so it's no longer profitable for black hats to go looking for them. On the other hand, it is conceivable that above a certain effort-threshold, the number of exploits to be found is essentially unlimited. Maybe at the $25,000 level, the number of bugs to be found is so large, that no matter how many are found and fixed, the mean time to find the next one will always average about $25,000. Meanwhile, if the black-market value of an exploit is more than that (say, $50,000), then the black hats will *never* run out of exploits. This would have the unfortunate implication that not only is there no point in paying out bounties at that level (since it wouldn't make it any harder for a black hat to find a new exploit), but there would be no point in finding and fixing exploits at that level at all (unless you know a particular exploit is being used in the wild) -- since it will never get any harder for a black hat to find one! And if you don't know that, what have you gained by painting a target on your head? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On Tue, Jan 17, 2012 at 11:12 AM, Bennett Haselton benn...@peacefire.org wrote: Pretty much all software testing is predicated on this notion -- that as you find and fix more bugs (of any kind, not just security bugs), eventually the mean time to find the next bug should get larger. Otherwise, what's the point, if at the end of all your testing and fixing, users keep running into bugs at the same frequency as before? Look though the changelogs of any major application or the kernel itself. See if it looks like the world is running out of bugs. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM question
On 01/16/2012 07:26 PM, Jonathan Vomacka wrote: It is to my understanding that the /boot partition should never be placed on LVM and should be a physical partition on the hard drives (or on top of a RAID array). Is this an accurate statement? Not necessarily never but not if your boot loader is GRUB 0.95. /boot should be on a regular partition or an MD RAID1 partition on storage that is available to the BIOS (single drive or RAID volume on a controller with a boot ROM). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM question
On 01/16/2012 07:38 PM, Muhammad Panji wrote: even if you need more swap you can make (additional) swap file. Swap files are just *awful*. Performance when swapping is bad enough, but going through the filesystem layer means updating atime and mtime on reads and writes. Things get real ugly with swap files. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtual Machine Manager error
On 01/16/2012 09:48 PM, Rajagopal Swaminathan wrote: I am getting the following error when I start the Virtual machine manager ... Error polling connection 'qemu:///system': internal error Cannot find suitable emulator for x86_64 Install libvirt and run the libvirtd service. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
On 01/17/2012 10:30 AM, P J wrote: I've read that it's not recommended to automatically apply updates via yum-updated on production servers, but I keep encountering servers that have this enabled. Are any of you doing automatic yum updates on production servers in CentOS 5 via yum-updatesd? Have you experienced any negative side effects? The only thing I can think of is if say a client had a custom version of PHP installed that was not properly excluded in yum and then it was over written. Unless I'm missing something else that could go horribly wrong. Any feedback is appreciated. (if this question has already been asked my apologies, searching the archive didn't find what I was looking for) I would always say it is best practice to manually install updates on at least one machine of a specific type and make sure everything is OK ... then automatically machines that are like that one after you are happy. We do automatically upgrade all the CentOS infrastructure servers all the time ... but I do not do that for my $work servers. There are hardly ever any issues ... but I always test and then push. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On 1/17/2012 9:25 AM, Les Mikesell wrote: On Tue, Jan 17, 2012 at 11:12 AM, Bennett Haselton benn...@peacefire.org wrote: Pretty much all software testing is predicated on this notion -- that as you find and fix more bugs (of any kind, not just security bugs), eventually the mean time to find the next bug should get larger. Otherwise, what's the point, if at the end of all your testing and fixing, users keep running into bugs at the same frequency as before? Look though the changelogs of any major application or the kernel itself. See if it looks like the world is running out of bugs. Well if the software itself is constantly being modified in other ways (addition of new features) then of course you'll never run out of new bugs either :) But even for software where the features are frozen, bugs in a given category should eventually get harder to find, and/or should be less severe than at the beginning of the cycle (which seemed to be the case whenever I worked in testing). If this were not the case, then what would even be the point of doing any testing and bug-fixing at all? Unless you expect that eventually the remaining bugs become rarer or less severe. Bennett ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bounties for exploits against CentOS?
On 01/17/2012 12:13 PM, Bennett Haselton wrote: On 1/17/2012 9:25 AM, Les Mikesell wrote: On Tue, Jan 17, 2012 at 11:12 AM, Bennett Haselton benn...@peacefire.org wrote: Pretty much all software testing is predicated on this notion -- that as you find and fix more bugs (of any kind, not just security bugs), eventually the mean time to find the next bug should get larger. Otherwise, what's the point, if at the end of all your testing and fixing, users keep running into bugs at the same frequency as before? Look though the changelogs of any major application or the kernel itself. See if it looks like the world is running out of bugs. Well if the software itself is constantly being modified in other ways (addition of new features) then of course you'll never run out of new bugs either :) But even for software where the features are frozen, bugs in a given category should eventually get harder to find, and/or should be less severe than at the beginning of the cycle (which seemed to be the case whenever I worked in testing). If this were not the case, then what would even be the point of doing any testing and bug-fixing at all? Unless you expect that eventually the remaining bugs become rarer or less severe. Regardless, CentOS would not be publishing said Bug Fixes except for items in our extras or plus repositories. CentOS builds the upstream sources directly whenever possible. We only make modifications when required to do so for Branding reasons ... or if something needs to be added to get the build correct, etc. Therefore, any bugfix changes would need to be made by Red Hat to the RHEL source code, which would then trickle down into CentOS, since we build the upstream EL sources. If one wanted to offer bounties to find and fix issues, and then submit that info to the upstream RH bugzilla, I am sure they would appreciate it. CentOS does make upstream Red Hat bugzilla entries all the time when we get issues reported to us that are valid and in the upstream code. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] what to do about [abrt] full crash report kernel taint?
Are we sure this is the same problem? On Fri, Jan 13, 2012 at 9:02 PM, Peter Brady pdbr...@ans.com.au wrote: On Fri, Jan 13, 2012 at 1:55 PM, Alexander Dalloz ad+li...@uni-x.org wrote: Am 14.01.2012 00:16, schrieb Thomas Burns: don't know how to investigate this. What should I do? https://access.redhat.com/kb/docs/DOC-68014 Ignore it. When I follow that link, I get: The resource you requested is available exclusively to Red Hat customers with an active Red Hat or JBoss subscription. Should I ignore it because it is a known bug that will soon be fixed? Why all the secrecy? Can't help with the secrecy question but the relevant text from the linked document is copied below. Looks like its already been removed from Fedora. Cheers -pete *** SNIPPED TEXT BELOW *** Environment -Red Hat Enterprise Linux 6 -kernel-2.6.32-220.2.1.el6 Resolution -No action necessary. Red Hat may remove the harmless WARN_ON_ONCE() call from the kernel in a future kernel errata. Root Cause -When a system encounters this issue it will only print the warning once. -There are no adverse effects on a system that encounters this warning. -This is resolved upstream by removing the WARN_ON_ONCE() from sched(). This sounds like a harmless extraneous warning message. I get an email sent to root, some stuff in the log, and then the system crashes. No adverse effects? So ... this does not help me understand what is wrong and what I am supposed to do (apparently nothing?). What process did you go through to find this answer? I appreciate you doing my work for me, but I'd appreciate it even more if you gave me some hints how to figure this out myself next time. mahalo, Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
On Tue, Jan 17, 2012 at 9:59 AM, Johnny Hughes joh...@centos.org wrote: On 01/17/2012 10:30 AM, P J wrote: I've read that it's not recommended to automatically apply updates via yum-updated on production servers, but I keep encountering servers that have this enabled. Are any of you doing automatic yum updates on production servers in CentOS 5 via yum-updatesd? Have you experienced any negative side effects? The only thing I can think of is if say a client had a custom version of PHP installed that was not properly excluded in yum and then it was over written. Unless I'm missing something else that could go horribly wrong. Any feedback is appreciated. (if this question has already been asked my apologies, searching the archive didn't find what I was looking for) I would always say it is best practice to manually install updates on at least one machine of a specific type and make sure everything is OK ... then automatically machines that are like that one after you are happy. We do automatically upgrade all the CentOS infrastructure servers all the time ... but I do not do that for my $work servers. There are hardly ever any issues ... but I always test and then push. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Thanks for the feedback guys, I agree about best practices but it's nice to get direct feedback from your peers. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
From: John R Pierce Sent: January 16, 2012 21:45 I hope you know, dedup systems rarely scale well, as the corpus of files get bigger and bigger, they can really grind to a halt. Thanks, I have read that but I have not seen any quantitative qualifications on this so I was planning on doing some testing to see if our requirements would be practical or not. Regards, Hugh -- Hugh E Cruickshank, Forward Software, www.forward-software.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
From: Nataraj Sent: January 16, 2012 23:56 The ZFSonlinux project from LLNL looks promising (native mode kernel implementation, pool version 28), although the version that supports mountable filesystems is still in the RC stage. I would want some solid testing before deploying in a backup system. http://zfsonlinux.org/ Hi Nataraj: Thanks. I had not seen this one. It does look more promising than the zfs-fuse package. Regards, Hugh -- Hugh E Cruickshank, Forward Software, www.forward-software.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
From: David Hrbác Sent: January 16, 2012 22:55 I've got something in my repo http://fs12.vsb.cz/hrb33/el5/hrb/stable/i386/repoview/fuse-les sfs.html. Might be somewhat outdated. You can try it and we can build new versions. As to alternatives I'm happy with rdiff-backup. Hi David: Both suggestions look interesting and we will check them both out. Thanks, Hugh -- Hugh E Cruickshank, Forward Software, www.forward-software.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
From: Lars Hecking Sent: January 17, 2012 01:51 Maybe try CentOS6. We've had numerous fuse issues with other software on CentOS5 and one recommendation was to use a newer kernel, which essentially means a newer distro. I had considered this but I have been avoiding it. All our production servers are currently running RHEL5 and I have been specifically using CentOS5 on all our backup and development systems in order to maintain as much consistency between servers as possible. Later this year or early next year we will replacing all our production servers and use the latest RHEL available at the time (probably RHEL6). We will then look at upgrading all the backup and development servers to the corresponding CentOS version (CentOS6?). Regards, Hugh -- Hugh E Cruickshank, Forward Software, www.forward-software.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On Tue, Jan 17, 2012 at 2:40 PM, Hugh E Cruickshank h...@forsoft.com wrote: Later this year or early next year we will replacing all our production servers and use the latest RHEL available at the time (probably RHEL6). We will then look at upgrading all the backup and development servers to the corresponding CentOS version (CentOS6?). Don't you usually get some experience with things on the development side first? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
From: Les Mikesell Sent: January 17, 2012 05:56 Big disks are cheap these days - I wouldn't worry that much about the total space that much and you'll still be able to keep a lot online. This is true for current hardware however I am attempting to reuse our existing hardware that has been pulled from our production systems. It tends to be older technology but still usable. In this case, it is a set of disk arrays using SCSI3 drives. The db's are probably best handled in a pre-backup script that dumps/compresses them, then excluding the live files - and then even block de-dup won't help. Pst's are a problem any way you look at them but more because of Outlook's locking than their size. Backuppc is packaged in EPEL so it's easy to install and shows the compression and file re-use stats so you'll know in a few runs how it will handle your data. While all of this is true I was kind of hoping that I could come up with something that was more plug and play. The LessFS looked promising. I will continue to check this concept out further (be it LessFS, ZFS, or something else) but I am going to be avoiding the bleeding edge and can only afford to spend a limited amount of time chasing this down before I have to bite the bullet and go with what we have. Thanks again of your feedback and to all the others who have responded. Everyone's comments have been greatly appreciated. Regards, Hugh -- Hugh E Cruickshank, Forward Software, www.forward-software.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/12 1:00 PM, Hugh E Cruickshank wrote: From: Les Mikesell Sent: January 17, 2012 05:56 Big disks are cheap these days - I wouldn't worry that much about the total space that much and you'll still be able to keep a lot online. This is true for current hardware however I am attempting to reuse our existing hardware that has been pulled from our production systems. It tends to be older technology but still usable. In this case, it is a set of disk arrays using SCSI3 drives. penny wise, and pound foolish comes to mind here. that older server probably has 1-2 single core processors, too, right? a 2 socket modern 2U could virtualize a dozen of those and outperform each one. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Transition to CentOS - RAID HELP!
Hi Folks, I've inherited an old RH7 system that I'd like to upgrade to CentOS6.1 by means of wiping it clean and doing a fresh install. However, the system has a software raid setup that I wish to keep untouched as it has data on that I must keep. Or at the very least, TRY to keep. If all else fails, then so be it and I'll just recreate the thing. I do plan on backing up the data first in case of disasters. But I'm hoping I don't have to considering there's some 500GiB on it. The previous owner sent me a breakdown of how they build the raid when it was first done. I've included an explanation below this message with the various command outputs. Apparently their reason for doing it the way they did was so they can easily add drives to the raid and grow everything equally. It just seems a bit convoluted to me. Here's my problem: I have no idea what the necessary steps are to recreate it, as in, in what order. I presume it's pretty much the way they explained it to me: - create partitions - use mdadm to create the various md volumes - use pvcreate to create the various physical volumes - use lvcreate to create the two logical volumes If that's the case, great. However, can I perform a complete system wipe, install CentOS 6.1, and re-attach the raid and mount the logical volumes without much trouble? What follows is the current setup, or at least, the way it was originally configured. The system has 5 drives in it: sda = main OS drive (80 GiB) sdb, sdc, sdd, and sde: raid drives, 500 GiB each. The setup for the raid as I've been explained was done something like this: First the four drives were each partitioned into 10 equal size partitions. fdisk shows me this: fdisk -l /dev/sdb Disk /dev/sdb: 500.1 GB, 500107862016 bytes 255 heads, 63 sectors/track, 60801 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdb1 1608048837568+ 83 Linux /dev/sdb26081 1216048837600 83 Linux /dev/sdb3 12161 1824048837600 83 Linux /dev/sdb4 18241 60801 341871232+ 5 Extended /dev/sdb5 18241 2432048837568+ 83 Linux /dev/sdb6 24321 3040048837568+ 83 Linux /dev/sdb7 30401 3648048837568+ 83 Linux /dev/sdb8 36481 4256048837568+ 83 Linux /dev/sdb9 42561 4864048837568+ 83 Linux /dev/sdb10 48641 5472048837568+ 83 Linux /dev/sdb11 54721 6080048837568+ 83 Linux Then they took each partition on one drive and linked it with the same partition on the other drive. So when I look at mdadm for each /dev/md[0-9] device, I see this: mdadm --detail /dev/md0 /dev/md0: Version : 00.90.03 Creation Time : Wed Aug 29 07:01:34 2007 Raid Level : raid5 Array Size : 146512128 (139.72 GiB 150.03 GB) Used Dev Size : 48837376 (46.57 GiB 50.01 GB) Raid Devices : 4 Total Devices : 4 Preferred Minor : 0 Persistence : Superblock is persistent Update Time : Tue Jan 17 13:49:49 2012 State : clean Active Devices : 4 Working Devices : 4 Failed Devices : 0 Spare Devices : 0 Layout : left-symmetric Chunk Size : 256K UUID : 43d48349:b58e26df:bb06081a:68db4903 Events : 0.4 Number Major Minor RaidDevice State 0 8 170 active sync /dev/sdb1 1 8 331 active sync /dev/sdc1 2 8 492 active sync /dev/sdd1 3 8 653 active sync /dev/sde1 ... and pvscan says: pvscan PV /dev/md0 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md1 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md2 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md3 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md4 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md5 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md6 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md7 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md8 VG VolGroup00 lvm2 [139.72 GB / 0free] PV /dev/md9 VG VolGroup00 lvm2 [139.72 GB / 139.72 GB free] Total: 10 [1.36 TB] / in use: 10 [1.36 TB] / in no VG: 0 [0 ] (evidently /dev/md9 isn't being used ... emergency spare?) And from there, they created the logical volumes which lvscan says are: lvscan ACTIVE'/dev/VolGroup00/LogVol00' [1.09 TB] inherit ACTIVE'/dev/VolGroup00/LogVol01' [139.72 GB] inherit ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedicated Firewall/Router
On Tuesday, January 17, 2012, Lorenzo Martínez Rodríguez lore...@lorenzomartinez.es wrote: CentOS Linux + Fwbuilder FTW! El 17/01/12 14:38, Steve Thompson escribió: On Mon, 16 Jan 2012, Jason T. Slack-Moehrle wrote: I want to build a dedicated firewall/router as I am launching a NPO and I can host this in my garage. (Comcast offered me a 100 x 20 circuit for $99/mo with 5 statics) I use two Dell R310's in a master/backup setup with shorewall and keepalived. -s ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Lorenzo Martinez Rodriguez Visit me: http://www.lorenzomartinez.es Mail me to: lore...@lorenzomartinez.es My blog: http://www.securitybydefault.com My twitter: @lawwait PGP Fingerprint: 97CC 2584 7A04 B2BA 00F1 76C9 0D76 83A2 9BBC BDE2 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Sevonded' ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
On Tue, Jan 17, 2012 at 12:59 PM, Johnny Hughes joh...@centos.org wrote: I would always say it is best practice to manually install updates on at least one machine of a specific type and make sure everything is OK ... then automatically machines that are like that one after you are happy. I would like to expand on this a little. Once you get a certain number of machine it probably makes sense to have your own internal mirror. That way you can update your test machines from upstream, do the tests, then once you are satisfied you can update the internal mirror. This would give you consistency on what is installed on your Production machines without having to worry about the whole crap, I just updated the wrong server. Also this would give you a level of protection if you do choose to automatically update your Production machines because it takes the extra step of updating the local mirror to really push any changes. -- William Hooper ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
From: John R Pierce Sent: January 17, 2012 13:17 penny wise, and pound foolish comes to mind here. that older server probably has 1-2 single core processors, too, right? a 2 socket modern 2U could virtualize a dozen of those and outperform each one. This may be true in your environment but I have hardware that is capable of doing the job that I am looking for so why should I buy new hardware? I would never get approval for the purchase because there is no way that I could justify the expenditure. Regards, Hugh -- Hugh E Cruickshank, Forward Software, www.forward-software.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Transition to CentOS - RAID HELP!
On 01/17/12 1:30 PM, Ashley M. Kirchner wrote: Hi Folks, I've inherited an old RH7 system that I'd like to upgrade to CentOS6.1 by means of wiping it clean and doing a fresh install. However, the system has a software raid setup that I wish to keep untouched as it has data on that I must keep. Or at the very least, TRY to keep. If all else fails, then so be it and I'll just recreate the thing. I do plan on backing up the data first in case of disasters. But I'm hoping I don't have to considering there's some 500GiB on it. frankly, I'd temporarily hang a 1TB drive on that thing, format it as a simple volume, and backup your file systems to it, that raid is a *MESS*.It would make much more sense to have 1 partition on each physical disk be a member of the MD raid5, then put that md in the volgroup, rather than having 9 sets of raids, I can only imagine they did it the way they did due to limitations of that ancient linux kernel in RH Linux 7.x (early Kernel 2.4, I believe). but, a newer linux kernel should see those md volumes, and should be able to import the LVM VG on them, if you really want to keep it intact. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/2012 09:29 PM, Hugh E Cruickshank wrote: From: Nataraj Sent: January 16, 2012 23:56 The ZFSonlinux project from LLNL looks promising (native mode kernel implementation, pool version 28), although the version that supports mountable filesystems is still in the RC stage. I would want some solid testing before deploying in a backup system. http://zfsonlinux.org/ Hi Nataraj: Thanks. I had not seen this one. It does look more promising than the zfs-fuse package. As much as I could deduce, Btrfs outperforms ZFS, and it is at the moment only missing btrfsck (in development). And it supports (almost) all features. I was really hot for ZFS, but I have seen one thorough test with various sizes of data and in some cases Btrfs outperformed ZFS, but I cleaned my Firefox cache and history for the first time in at least a year :( and I can not find it now. Btrfs is pushed and sponsored by Oracle, for their uses, and since ZFS is also theirs, I guess they will implement all ZFS's good featuries. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Java+Tomcat on CentOS 6.x
So whats good practice for installing Java/JDK and Tomcat for EL6 these days? The base repository included Tomcat6.6 is built with GCJ which I'd rather avoid. I'm fine with using OpenJDK ... Do most folks just use the Apache tarball for Tomcat and install it in a user directory or /opt/something ? -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Theoretical Firewall Specs?
So, the more I look at various ways to lay out my infrastructure, the more I am thinking about specs for hardware. Starting with firewalling. How does one determine the specs for a firewall? What I mean is: 1. motherboard/CPU - p4? Dual-Core? Intel i3, i5, i7? 2. RAM? 4gb? 8gb? More? 32gb? 3. Obviously GB Nics! I am bring about 300gb of traffic a month right now and I expect that to increase significantly with my next offerings. Obviously one answer is to but a beefy motherboard that supports lots of RAM and add more as needed, but where does one start out? How do I know if my firewall would need more RAM? How do I know if the CPU is good enough? I still go back to my Cisco PIX days where these devices were amazing on just 256MB of RAM. We piloted a large chunk of Cornell University's Lab Of Ornithology on 2 of these, but now-a-days it seems that a PIX would not be good enough. Is it because the nature of the internet and data and attacks has changed over time? more aggressive? -Jason ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On Tue, Jan 17, 2012 at 3:00 PM, Hugh E Cruickshank h...@forsoft.com wrote: Big disks are cheap these days - I wouldn't worry that much about the total space that much and you'll still be able to keep a lot online. This is true for current hardware however I am attempting to reuse our existing hardware that has been pulled from our production systems. It tends to be older technology but still usable. In this case, it is a set of disk arrays using SCSI3 drives. If they have a backplane and hotswap bays you'd have to use an external case, but stuff in a sata controller and move on. The db's are probably best handled in a pre-backup script that dumps/compresses them, then excluding the live files - and then even block de-dup won't help. Pst's are a problem any way you look at them but more because of Outlook's locking than their size. Backuppc is packaged in EPEL so it's easy to install and shows the compression and file re-use stats so you'll know in a few runs how it will handle your data. While all of this is true I was kind of hoping that I could come up with something that was more plug and play. If you haven't used backuppc, try it. Other than setting up the ssh keys it is as easy as it gets. There are even web forms where you can fill in the pre/post backup scripts - and you aren't going to get reliable database snapshots without them using any system. The LessFS looked promising. I will continue to check this concept out further (be it LessFS, ZFS, or something else) but I am going to be avoiding the bleeding edge and can only afford to spend a limited amount of time chasing this down before I have to bite the bullet and go with what we have. I wouldn't trust any of the software block-dedup systems with my only copy of something important - plus they need a lot of RAM which your old systems probably don't have either. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
On Tue, Jan 17, 2012 at 2:14 PM, P J pauljfli...@gmail.com wrote: Thanks for the feedback guys, I agree about best practices but it's nice to get direct feedback from your peers. In general it is very, very rare for an update to break anything - after all that is the whole point of the 'enterprise' distribution and it is well tested upstream. However, it is still possible, especially if you have local apps and modifications, and it is very difficult to back out any changes the updates make so it is always best to test on a similar system before making changes on a production box where downtime would be a problem. For boxes that are internet exposed, I'd consider it more dangerous to go for long intervals with no updates than to auto-update, though. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Theoretical Firewall Specs?
On 01/17/12 3:36 PM, Jason T. Slack-Moehrle wrote: So, the more I look at various ways to lay out my infrastructure, the more I am thinking about specs for hardware. Starting with firewalling. How does one determine the specs for a firewall? What I mean is: 1. motherboard/CPU - p4? Dual-Core? Intel i3, i5, i7? 2. RAM? 4gb? 8gb? More? 32gb? 3. Obviously GB Nics! I am bring about 300gb of traffic a month right now and I expect that to increase significantly with my next offerings. Obviously one answer is to but a beefy motherboard that supports lots of RAM and add more as needed, but where does one start out? How do I know if my firewall would need more RAM? How do I know if the CPU is good enough? a pure firewall at gigE speeds really doesn't need that much ram and only a fair-to-middling processor. more than 2 cores would likely be wasted. Its when you start layering other server functionality on top of the firewall system is when you need more hardware. I'd expect with a firewall-centric OS distribution like pfSense, a dual core 2-3Ghz I3 could easily keep up with gigE and quite complex rule sets, several network zones. No storage requirements at all, unless you plan on keeping your logging local on the firewall. to maintain gigE throughput you'll want to use server grade NICs and not cheap desktop ones. If you're using a lot of VPN encryption, more and/or faster CPU cores would be useful. a few 100MB of ram is plenty for 100s of 1000s of concurrent connections, so unless you're doing other ram intensive stuff like Snort or NetTop, 1GB ram would be plenty. -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java+Tomcat on CentOS 6.x
On Tue, Jan 17, 2012 at 4:40 PM, John R Pierce pie...@hogranch.com wrote: So whats good practice for installing Java/JDK and Tomcat for EL6 these days? The base repository included Tomcat6.6 is built with GCJ which I'd rather avoid. I'm fine with using OpenJDK ... Do most folks just use the Apache tarball for Tomcat and install it in a user directory or /opt/something ? I didn't do anything special and ps says /usr/lib/jvm/java/bin/java is running it. And /usr/lib/jvm/java/bin/java -version says java version 1.6.0_22 OpenJDK Runtime Environment (IcedTea6 1.10.4) (rhel-1.42.1.10.4.el6_2-x86_64) OpenJDK 64-Bit Server VM (build 20.0-b11, mixed mode) Maybe you do have to install java-1.6.0-openjdk if it hasn't been pulled in by something else - and it should set alternatives to use itself. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/2012 03:36 PM, Les Mikesell wrote: I wouldn't trust any of the software block-dedup systems with my only copy of something important - plus they need a lot of RAM which your old systems probably don't have either. I am interested in backuppc, however from what I read online it appears that zfs is a very featureful robust high performance filesystem that is heavily used in production environments. It has features that allow you to specify that if the reference count for a block goes above certain levels it should keep two or three copies of that block and that could be on separate storage devices within the pool. It also supports compression. With backuppc deduplication, your still hosed if your only copy of the file goes bad. Why should block level deduplication be any worse than file level deduplication? Furthermore, zfs has very high redundancy and recovery ability for the internal filesystem data structures. Here's a video describing ZFS's deduplication implementation: http://blogs.oracle.com/video/entry/zfs_dedup At this point I am only reading the experience of others, but I am inclined to try it. I backup a mediawiki/mysql database and the new records are added to the database largely by appending. Even with compression, it's a pain to backup the whole thing every day. Block level dedup seems like it would be a good solution for that. I'm not a big fan of Oracle, but from a technical standpoint zfs sounds quite good. I'm thinking of trying it on my laptop, because it's supposed to work well for storing things like virtual machines, and if a decent implementation runs on CentOS, Why not? Les, do you run backuppc on ext3 or ext4 filesystems? I remember a while back, someone saying that a filesystem with more inodes was required for substantial backuppc deployment. Nataraj ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/2012 02:36 PM, Ljubomir Ljubojevic wrote: On 01/17/2012 09:29 PM, Hugh E Cruickshank wrote: From: Nataraj Sent: January 16, 2012 23:56 The ZFSonlinux project from LLNL looks promising (native mode kernel implementation, pool version 28), although the version that supports mountable filesystems is still in the RC stage. I would want some solid testing before deploying in a backup system. http://zfsonlinux.org/ Hi Nataraj: Thanks. I had not seen this one. It does look more promising than the zfs-fuse package. As much as I could deduce, Btrfs outperforms ZFS, and it is at the moment only missing btrfsck (in development). And it supports (almost) all features. I was really hot for ZFS, but I have seen one thorough test with various sizes of data and in some cases Btrfs outperformed ZFS, but I cleaned my Firefox cache and history for the first time in at least a year :( and I can not find it now. Btrfs is pushed and sponsored by Oracle, for their uses, and since ZFS is also theirs, I guess they will implement all ZFS's good featuries. Is btrfs widely deployed and running solidly in production environments? I thought the dedup code for btrfs was still a bunch of patches that had to be applied and not in the mainstream implementation yet. The LLNL zfs port is a loadable kernel module. Nataraj ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/18/2012 01:46 AM, Nataraj wrote: On 01/17/2012 02:36 PM, Ljubomir Ljubojevic wrote: On 01/17/2012 09:29 PM, Hugh E Cruickshank wrote: From: Nataraj Sent: January 16, 2012 23:56 The ZFSonlinux project from LLNL looks promising (native mode kernel implementation, pool version 28), although the version that supports mountable filesystems is still in the RC stage. I would want some solid testing before deploying in a backup system. http://zfsonlinux.org/ Hi Nataraj: Thanks. I had not seen this one. It does look more promising than the zfs-fuse package. As much as I could deduce, Btrfs outperforms ZFS, and it is at the moment only missing btrfsck (in development). And it supports (almost) all features. I was really hot for ZFS, but I have seen one thorough test with various sizes of data and in some cases Btrfs outperformed ZFS, but I cleaned my Firefox cache and history for the first time in at least a year :( and I can not find it now. Btrfs is pushed and sponsored by Oracle, for their uses, and since ZFS is also theirs, I guess they will implement all ZFS's good featuries. Is btrfs widely deployed and running solidly in production environments? I thought the dedup code for btrfs was still a bunch of patches that had to be applied and not in the mainstream implementation yet. The LLNL zfs port is a loadable kernel module. Nataraj No, Btrfs is still not production worthy. But ZFS is not either. It is still missing a lot of stuff, and stability??? I do not think so (This is only what I have read about it). I should have been more clear, I think Btrfs will much faster reach it's goal, since both Oracle and (Red Hat) want it as their default FS, as soon as possible. At the moment, if you want ZFS you better install Solaris. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/12 4:41 PM, Nataraj wrote: On 01/17/2012 03:36 PM, Les Mikesell wrote: I wouldn't trust any of the software block-dedup systems with my only copy of something important - plus they need a lot of RAM which your old systems probably don't have either. I am interested in backuppc, however from what I read online it appears that zfs is a very featureful robust high performance filesystem that is heavily used in production environments. ZFS is very memory intensive on larger file systems. I believe they recommend on the order of 1GB ram per terabyte of storage for decent performance. Personally, I would only run ZFS for any sort of production application on a Solaris 10/11 system where its natively supported, and then only with a support contract from Oracle. When its good, its very good, when its bad, its reformat and restore from backup time... -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] anyone doing automatic yum updates via yum-updatesd on production servers?
On 1/17/2012 3:41 PM, Les Mikesell wrote: On Tue, Jan 17, 2012 at 2:14 PM, P Jpauljfli...@gmail.com wrote: Thanks for the feedback guys, I agree about best practices but it's nice to get direct feedback from your peers. In general it is very, very rare for an update to break anything - after all that is the whole point of the 'enterprise' distribution and it is well tested upstream. However, it is still possible, especially if you have local apps and modifications, and it is very difficult to back out any changes the updates make so it is always best to test on a similar system before making changes on a production box where downtime would be a problem. For boxes that are internet exposed, I'd consider it more dangerous to go for long intervals with no updates than to auto-update, though. That's what I meant hen I said I thought it would be better for CentOS to have auto-updates enabled by default out of the box. Power users can always change the defaults. But for all the servers where the admin neglects the server or doesn't know enough to change it -- YES people can pontificate all they want about how those people shouldn't be server admins -- but the fact being that those servers are out there, it would seem less risky to have auto-updates turned on than to have no updates at all. Bennett ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A little confused with video drivers
On 01/17/2012 02:35 PM, Phil Savoie wrote: Thank you for this. Guess I'm stuck then. Great... No wireless and limited video. I guess I really know how to pick 'em. Again, thank you for your time. Go to ElRepo site, or ElRepo mailing list and report a problem. As for wireless, use Elrepo DeviceID page http://elrepo.org/tiki/DeviceIDs to find out if they have the driver for it. I just finished installing 3 Acer 5349 laptops with Atheros LAN and Broadcom WiFi. I luckily had USB NIC (Ralink or Realtek) that I used to install kmod packages from ElRepo repository. -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Mic Plugged into sound card not working
On 01/16/2012 07:11 PM, Mark LaPierre wrote: Hey guys, I have a mic plugged into my sound card. It worked late last night but not today. When I try to select the mic using System/Preferences/Sound I'm provided with several options to choose from. On the Hardware tab I choose the Internal Audio device and set it to Analog Stereo Duplex. On the Input tab I choose Internal Audio Analog Stereo there are two Analog Microphone Inputs, 1 and 2, to choose from. Each of those inputs has Microphone 1 and 2 to choose from. When I try to record from the mic in Audacity I get a flat signal if I choose Input 1 no matter which Microphone, 1 or 2, I choose. If I choose Input 2, no matter which Microphone I choose, the wave form freezes until I return the selection to Input 1. alsamixer -c0 does not indicate any input settings being muted. In fact its indications change in response to changes in Sound Preferences and Sound Preferences indications change in response to changes in alsamixer -c0. CentOS 6.2 Advanced Linux Sound Architecture Driver Version 1.0.21 /proc/asound/cards 0 [V8237 ]: VIA8237 - VIA 8237 VIA 8237 with ALC655 at 0xd400, irq 22 /proc/asound/devices 2:: timer 3:: sequencer 4: [ 0- 1]: digital audio playback 5: [ 0- 1]: digital audio capture 6: [ 0- 0]: digital audio playback 7: [ 0- 0]: digital audio capture 8: [ 0] : control 9: [ 1- 0]: digital audio capture 10: [ 1] : control 11: [ 2- 0]: digital audio playback 12: [ 2- 0]: digital audio capture 13: [ 2] : control /proc/asound/pcm 00-00: VIA 8237 : VIA 8237 : playback 4 : capture 1 00-01: VIA 8237 : VIA 8237 : playback 1 : capture 1 01-00: USB Audio : USB Audio : capture 1 02-00: USB Audio : USB Audio : playback 1 : capture 1 I tested the mic by plugging it into my wife's XP machine. The mic works fine but the XP machine doesn't. Very frustrated. Anyone have any idea what else I can check? Alright, I guess I asked the wrong question. Is there a way to probe the sound card so that I can figure out where in the software chain the problem is? I suspect an issue with some library file somewhere but I don't know how to tell what library I hosed up. -- _ °v° /(_)\ ^ ^ Mark LaPierre Registerd Linux user No #267004 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Theoretical Firewall Specs?
On Tue, Jan 17, 2012 at 6:52 PM, John R Pierce pie...@hogranch.com wrote: a pure firewall at gigE speeds really doesn't need that much ram and only a fair-to-middling processor. more than 2 cores would likely be wasted. Its when you start layering other server functionality on top of the firewall system is when you need more hardware. I'd expect with a firewall-centric OS distribution like pfSense, a dual core 2-3Ghz I3 could easily keep up with gigE and quite complex rule sets, several network zones. No storage requirements at all, unless you plan on keeping your logging local on the firewall. to maintain gigE throughput you'll want to use server grade NICs and not cheap desktop ones. If you're using a lot of VPN encryption, more and/or faster CPU cores would be useful. a few 100MB of ram is plenty for 100s of 1000s of concurrent connections, so unless you're doing other ram intensive stuff like Snort or NetTop, 1GB ram would be plenty. pfSense and Vyatta are both excellent platforms to build a firewall on. Vyatta has a command line interface and IPv6 support. pfSense has a web interface with good rrd graphs. Give them both a try and see what works best. There is always the Cisco ASA 5510 if you can deal with the price tag. I've hit a bug once or twice in Vyatta where a config change didn't work until I rebooted. I haven't had that happen with Cisco. I have been using Vyatta with a Supermicro Atom D525 motherboard, dual port Intel gigabit nic, 2GB of memory, and 4GB Transcend SSD. If you go with the Supermicro front I/O case the bottom holes of a 40mm fan will line up with the vent in the back of the case. I know these are rated to run without a fan, but even a low airflow fan will drop the CPU 20-30F. You can build one of these for around $550 and the power usage comes in at 21 watts. If you need encryption the Core i5 and higher have the AES instruction set. The list of supporting software is on the wiki below. Openssl is on the list with patches, not sure if an official build with these has been released. http://en.wikipedia.org/wiki/AES_instruction_set Ryan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Theoretical Firewall Specs?
On Tue, 2012-01-17 at 20:24 -0500, Ryan Wagoner wrote: http://en.wikipedia.org/wiki/AES_instruction_set something to keep in mind... wikipedia will be dark Wednesday, Jan 18th on account of their joining the stop SOPA protest. http://sopastrike.com/ for the next 32 hours, linky goodness might be less than goodness. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Transition to CentOS - RAID HELP!
On 01/17/2012 01:30 PM, Ashley M. Kirchner wrote: I've inherited an old RH7 system that I'd like to upgrade to CentOS6.1 by means of wiping it clean and doing a fresh install. However, the system has a software raid setup that I wish to keep untouched as it has data on that I must keep. If you boot the CentOS installer, it should detect any existing RAID and LVM volumes. You'll be able to select individual filesystems to mount in the new system, and optionally format them. Assuming that your data is on a volume of its own, you can select the system filesystems and format only those. You shouldn't have to manually recreate anything. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java+Tomcat on CentOS 6.x
From: John R Pierce pie...@hogranch.com To: CentOS mailing list centos@centos.org Sent: Tuesday, January 17, 2012 2:40 PM Subject: [CentOS] Java+Tomcat on CentOS 6.x So whats good practice for installing Java/JDK and Tomcat for EL6 these days? The base repository included Tomcat6.6 is built with GCJ which I'd rather avoid. I'm fine with using OpenJDK ... Do most folks just use the Apache tarball for Tomcat and install it in a user directory or /opt/something ? -- john r pierce N 37, W 122 santa cruz ca mid-left coast We still like our customers to use the Oracle / Sun JDK, and the Apache tarball. Our ops people recommend putting it all in /usr/local/ourcompany. /opt is probably a better place. OpenJDK for Java 6 has issues, and I / we don't trust Java 7 of any flavor yet. Tomcat 7 is good. John Kienitz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/2012 04:59 PM, John R Pierce wrote: On 01/17/12 4:41 PM, Nataraj wrote: On 01/17/2012 03:36 PM, Les Mikesell wrote: I wouldn't trust any of the software block-dedup systems with my only copy of something important - plus they need a lot of RAM which your old systems probably don't have either. I am interested in backuppc, however from what I read online it appears that zfs is a very featureful robust high performance filesystem that is heavily used in production environments. ZFS is very memory intensive on larger file systems. I believe they recommend on the order of 1GB ram per terabyte of storage for decent performance. I think that is not so unreasonable for the features you are getting. I wonder if it would be possible to put the file system data structures on an SSD? I also have read that it is a good idea to use ECC memory on such a fileserver, but that's really true of any computer. Undetected memory errors will cause data loss. Personally, I would only run ZFS for any sort of production application on a Solaris 10/11 system where its natively supported, and then only with a support contract from Oracle. I am inclined to agree. If I was setting it up for a serious production environment, I would bite the bullet and run Solaris as well. When its good, its very good, when its bad, its reformat and restore from backup time... We'll maybe I'll live with backuppc for now. Nataraj ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On Tue, Jan 17, 2012 at 6:41 PM, Nataraj incoming-cen...@rjl.com wrote: I wouldn't trust any of the software block-dedup systems with my only copy of something important - plus they need a lot of RAM which your old systems probably don't have either. I am interested in backuppc, however from what I read online it appears that zfs is a very featureful robust high performance filesystem that is heavily used in production environments. It has features that allow you to specify that if the reference count for a block goes above certain levels it should keep two or three copies of that block and that could be on separate storage devices within the pool. It also supports compression. It's probably fine on Solaris where it has had years of development and testing. But I don't expect the linux ports to be very mature yet - hence the lack of trust. With backuppc deduplication, your still hosed if your only copy of the file goes bad. Why should block level deduplication be any worse than file level deduplication? Nothing will fix a file if the disk underneath goes bad and you aren't running raid. And in my case I run raid1 and regularly swap disks out for offsite copies and resync. But, backuppc makes the links based on an actual comparison, so if an old copy is somehow corrupted, the next full will be stored separately, not linked. Furthermore, zfs has very high redundancy and recovery ability for the internal filesystem data structures. Here's a video describing ZFS's deduplication implementation: http://blogs.oracle.com/video/entry/zfs_dedup I agree that the design sounds good and I'd probably be using it if I used solaris - or maybe even the freebsd. At this point I am only reading the experience of others, but I am inclined to try it. I backup a mediawiki/mysql database and the new records are added to the database largely by appending. Even with compression, it's a pain to backup the whole thing every day. Block level dedup seems like it would be a good solution for that. You are still going to have to go through the motions of copying the whole thing and letting the receiving filesystem do hash comparisons on each block to accomplish the dedup. Les, do you run backuppc on ext3 or ext4 filesystems? I remember a while back, someone saying that a filesystem with more inodes was required for substantial backuppc deployment. That really depends on the size of the files you back up and how much churn there is in the history you keep. I wouldn't expect it to be a problem unless you have a lot of users with big maildir type directories. Eons ago when I used it with smaller drives and the alternative was ext2 I used reiserfs, but more recently I just use ext3 (and 4 in the newest setup) with the defaults. Some people on the backuppc mail list prefer xfs, though. -- Les Mikesell lesmikes...@gmail.com Nataraj ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On 01/17/2012 07:31 PM, Les Mikesell wrote: Nothing will fix a file if the disk underneath goes bad and you aren't running raid. And in my case I run raid1 and regularly swap disks out for offsite copies and resync. But, backuppc makes the links based on an actual comparison, so if an old copy is somehow corrupted, the next full will be stored separately, not linked. ZFS has an option to turn on full data comparison instead of just checksums. At this point I am only reading the experience of others, but I am inclined to try it. I backup a mediawiki/mysql database and the new records are added to the database largely by appending. Even with compression, it's a pain to backup the whole thing every day. Block level dedup seems like it would be a good solution for that. You are still going to have to go through the motions of copying the whole thing and letting the receiving filesystem do hash comparisons on each block to accomplish the dedup. I'm not sure about that. They support deduplication over the network. There is a command somethink like 'zfs send', but maybe it requires that the filesystem you are backing up is also zfs. Nataraj ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS and LessFS
On Tue, Jan 17, 2012 at 9:43 PM, Nataraj incoming-cen...@rjl.com wrote: At this point I am only reading the experience of others, but I am inclined to try it. I backup a mediawiki/mysql database and the new records are added to the database largely by appending. Even with compression, it's a pain to backup the whole thing every day. Block level dedup seems like it would be a good solution for that. You are still going to have to go through the motions of copying the whole thing and letting the receiving filesystem do hash comparisons on each block to accomplish the dedup. I'm not sure about that. They support deduplication over the network. There is a command somethink like 'zfs send', but maybe it requires that the filesystem you are backing up is also zfs. Yes, you can make a filesystem snapshot on zfs and do an incremental 'send' to a remote copy of the previous snapshot where the receive operation will merge the changed blocks. That does sound efficient in terms of bandwidth, but would require a one-to-one setup for every filesystem you want to back up, and I'm not sure what kind of contortions it takes to get the whole snapshot back and revert it to the live filesystem. If you run backuppc over low bandwidth connections you might come out ahead copying an uncompressed database dump with rsync as the transport because it may match up some existing data and avoid the network hop. However, the way backuppc works if the file has changed at all, the server side will end up reconstructing the whole file and saving a complete new copy. On a fast local connection you are probably better off compressing the db dump (and they usually compress a lot) and letting it copy the whole thing. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Transition to CentOS - RAID HELP!
Just make sure you have a verified backup before you do anything !! If it's not backed up data, it's not important data. I don't remember what version of the ext filesystem was current during the RH7 days, but I would seriously consider dumping the raid and reloading in onto a newly formatted ext4 filesystem. There may be good reasons (or bad ones) why you really can't wipe everything and reload. I'm just suggesting you think long and hard about it. Also, the hard drives in a system that old have got be really tired. Consider new drives. In fact even a low-end new system will seriously out perform a system that old. Even a pure softraid raid1 would do so and be more reliable. Good Luck On 01/17/2012 06:47 PM, Gordon Messmer wrote: On 01/17/2012 01:30 PM, Ashley M. Kirchner wrote: I've inherited an old RH7 system that I'd like to upgrade to CentOS6.1 by means of wiping it clean and doing a fresh install. However, the system has a software raid setup that I wish to keep untouched as it has data on that I must keep. If you boot the CentOS installer, it should detect any existing RAID and LVM volumes. You'll be able to select individual filesystems to mount in the new system, and optionally format them. Assuming that your data is on a volume of its own, you can select the system filesystems and format only those. You shouldn't have to manually recreate anything. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Theoretical Firewall Specs?
On 01/17/12 6:38 PM, Craig White wrote: On Tue, 2012-01-17 at 20:24 -0500, Ryan Wagoner wrote: http://en.wikipedia.org/wiki/AES_instruction_set something to keep in mind... wikipedia will be dark Wednesday, Jan 18th on account of their joining the stop SOPA protest. http://sopastrike.com/ for the next 32 hours, linky goodness might be less than goodness. rumor has it, the mobile wiki stays up.. http://en.m.wikipedia.org/ http://en.m.wikipedia.org/?useformat=mobile -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos