Re: [CentOS-es] Ayuda con ingreso interfaz
[offtopic]Diablos, casi me sangraron los ojos con el mail de luis rodrigues[/offtopic] Para intentar resolver tu problema Luis, primero tienes que ver si el sistema reconoce que tienes tarjetas de red. Para eso te convendría usar el comando '*lspci -vv*' y buscar el apartado que diga *Network*. Bajo ese apartado tendrás todas las opciones de tus tarjetas de red, incluyendo los módulos que debes cargar en el kernel para poder trabajar con dichos componentes. Luego, con '*lsmod | grep el módulo que buscas*' tienes que revisar si dicho módulo está activo. Y si no está activo, con '*modprobe módulo*' puedes cargar el módulo que te falta. Finalmente, cuando llegas a este paso, '*service network restart*' y luego ' *ip link set eth0 up*' Si ni con eso te levanta la tarjeta de red, edita el archivo que está en * /etc/sysconfig/network-scripts/ifcfg-ethX*, donde X corresponde a la tarjeta de red que quieres revisar (puedes editar con vim, nano, emacs, pico, gedit, el editor que sea). Lo que tienes que revisar es que la opción ONBOOT esté seteada en yes. En otras palabras, que ONBOOT esté así: ONBOOT=yes Ya, si con eso no funciona, arroja la tarjeta de red a la basura, no se me ocurre cómo poder ver si está buena o no esa cosa. El 14 de febrero de 2013 04:46, Tranc3 Music edgarr...@gmail.com escribió: El 13/02/13, Robyir Antonio Loreto Ruiz robyirlor...@gmail.com escribió: Buenas tardes...hermano y tienes que usar CentOS obligatoriamente? Supongo que no es obligatorio, el puede usar el sistema operativo que mejor domine, recuerde que esta es una lista de CentOS y por aqui se impulsa el uso de CentOS. te recomiendo Ubuntu Server 12.10 ..ya que reconoce un montón de dispositivos y no te dará ese problema del driver de red...pero debes CentOS también reconoce la mayoría de hardware, es un SO con mayor soporte y tiene por decir el respaldo de redhat, es un clon de él. Yo creo que no es problema de drivers, supongo que no conoce el sistema y no esta familiarizado, porque CentOS en su release 6.3 es un Fedora 12 y debería de reconocer la mayoría de hardware común en el mercado, hardware extraño o muy nuevo tal vez no reconozca, pero dudo que no reconozca. manejar la terminal..igual te puedes imprimir una chuleta de comandos linux para estar mas seguro..además de saber que archivo modificar para establecer ip dinámica ó estática...Saludos desde Venezuela -- Robyir Loreto TSU en Informática ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity. -- Dennis M. Ritchie Mis bits: http://bitsenlared.wordpress.com Live free or die! ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Saludos *Héctor Herrera Anabalón* Egresado ICCI UNAP Servicio Arquitectura Galatea - Oficina Técnica http://www.galatea.cl Miembro USoLIX Victoria Registered User #548600 (LinuxCounter.net) ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Ayuda con ingreso interfaz
en centos la tarjeta de red biene desactivada por defecto, para solucionarlo debes entrar a la consola y escribir lo siguiente: para la eternet: nano /etc/sysconfig/network-scripts/ifcfg-eth0 para la wifi: nano /etc/sysconfig/network-scripts/ifcfg-wlan0 cambia la linea ONBOOT=no a yes para habilitar la tarjeta ONBOOT=yes reinicia las interfaces de red: service network restart si este último comando no funciona, reinicia centos: init 6 saludos. El 13/02/13, Aland Laines aland.lai...@gmail.com escribió: Robyir, el sentido de esta lista es tratar de impulsar el uso y manejo de CentOS, si tienes alguna solución al problema mencionado con nuestra distro, pues bienvenida sea. Saludos desde Perú. *Aland Laines Calonge* Twitter: @lainessolutions http://about.me/aland.laines El 13 de febrero de 2013 14:42, Robyir Antonio Loreto Ruiz robyirlor...@gmail.com escribió: Buenas tardes...hermano y tienes que usar CentOS obligatoriamente? te recomiendo Ubuntu Server 12.10 ..ya que reconoce un montón de dispositivos y no te dará ese problema del driver de red...pero debes manejar la terminal..igual te puedes imprimir una chuleta de comandos linux para estar mas seguro..además de saber que archivo modificar para establecer ip dinámica ó estática...Saludos desde Venezuela -- Robyir Loreto TSU en Informática ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- un saludo Agustín Martínez programador de aplicaciones correo: agustinmartinez...@gmail.com fono: 82690241 skype: agustin20001 twitter: @agustin__1990 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Ayuda con ingreso interfaz
El 13/02/13, agustin adolfo Martinez Hernandez agustinmartinez...@gmail.com escribió: en centos la tarjeta de red biene desactivada por defecto, para solucionarlo debes entrar a la consola y escribir lo siguiente: para la eternet: nano /etc/sysconfig/network-scripts/ifcfg-eth0 para la wifi: nano /etc/sysconfig/network-scripts/ifcfg-wlan0 cambia la linea ONBOOT=no a yes para habilitar la tarjeta ONBOOT=yes Desde la instalación ya se puede configurar las tarjetas de red y por lo tanto ya es una forma de ver si reconoce dicho hardaware. Los primeros comandos básicos para ver las interfaces deberían de usarse: #ifconfig Si arriba no muestra otras interfaces como eth0, eth1, etc. etc., recién mirar con otro comando. #ifconfig -a El comando de arriba mostrará todas las interfaces, encontradas, estén activas o no, como dijo un amigo por defecto las últimas releases desactivan el inicio automático, pero eso se puede cambiar desde la instalación; con ifconfig -a debería ser suficiente, yo creo que si la reconoce, pero de todos modos doy el derecho a duda. Luego, aunque lo dudo (valga la redundancia) usar comandos como lspci | grep Ethernet, etc, etc. y otros para revisar, pero por qué no ir de lo simple primero? digo no? :) Luego pues a mirar los archivos: #less /etc/sysconfig/network-script/ifc...eth... y configurar a mano, o usar otras herramientas como setup y otras. Creo que se desvió el tema, la pregunta era Ayuda con ingreso interfaz, en fin..., pero vale, saludos. reinicia las interfaces de red: service network restart si este último comando no funciona, reinicia centos: init 6 saludos. El 13/02/13, Aland Laines aland.lai...@gmail.com escribió: Robyir, el sentido de esta lista es tratar de impulsar el uso y manejo de CentOS, si tienes alguna solución al problema mencionado con nuestra distro, pues bienvenida sea. Saludos desde Perú. *Aland Laines Calonge* Twitter: @lainessolutions http://about.me/aland.laines El 13 de febrero de 2013 14:42, Robyir Antonio Loreto Ruiz robyirlor...@gmail.com escribió: Buenas tardes...hermano y tienes que usar CentOS obligatoriamente? te recomiendo Ubuntu Server 12.10 ..ya que reconoce un montón de dispositivos y no te dará ese problema del driver de red...pero debes manejar la terminal..igual te puedes imprimir una chuleta de comandos linux para estar mas seguro..además de saber que archivo modificar para establecer ip dinámica ó estática...Saludos desde Venezuela -- Robyir Loreto TSU en Informática ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- un saludo Agustín Martínez programador de aplicaciones correo: agustinmartinez...@gmail.com fono: 82690241 skype: agustin20001 twitter: @agustin__1990 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- UNIX is basically a simple operating system, but you have to be a genius to understand the simplicity. -- Dennis M. Ritchie Mis bits: http://bitsenlared.wordpress.com Live free or die! ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] selinux and tinydns
tinydns starts up fine, selinux reports no issues (now after a day of clearing errors). If I turn selinux back to permissive in /etc/sysconfig/selinux, and reboot, tinydns responds to queries. If I turn selinux back to enforcing and reboot, tinydns does not respond. Monitoring /var/log/messages shows no errors from iptables/shorewall or selinux. The only way I can find an error is performing the following:- netstat -npl | grep tinydns # gives me the process id strace -f -p process id From this I can see that tinydns is reporting an error of:- recvfrom(3, 0x606720, 513, 0, 0x7fffc7321ec0, 0x7fffc7321edc) = -1 EACCES (Permission denied) I've got setroubleshoot set to send me an alert on first occurrence of an issue, so far none received. Does anyone know how I should proceed from here ? May be you can see what is there is in the audit log and audit2allow tool might help you http://wiki.centos.org/HowTos/SELinux You may also try to temporarily disable dontadit rules: # semodule -DB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pcl to pdf
On Thu, Feb 14, 2013 at 1:37 AM, Gregory P. Ennis po...@pomec.net wrote: On Thu, Feb 14, 2013 at 12:56 AM, Eero Volotinen eero.voloti...@iki.fi wrote: 2013/2/14 Gregory P. Ennis po...@pomec.net: Everyone, I am currently using a vsifax program (pcltotiff) to convert pcl files to tiff files on a SCO Unix box, and then I am using tiff2pdf on a Centos 5.9 box to convert the file to a pdf. There are other commands that deal with multiple page tiff's and pdf's that are part of the process, but the above basic process has worked very well. The only thing I would like to enhance is a better resolution of the tif file and therefore the pdf file; the problem being the resolution capability of pcltotiff that comes with vsifax. I am limited on the SCO box as to what I can install; it is too old to admit to, and is scheduled to be upgraded to a new Centos system. Obviously, I can get the pcl file to the Centos system easily, do any of you have suggestions of being able to convert a pcl file to pdf on the Centos system. GhostPCL might work: http://www.ghostscript.com/GhostPCL.html http://forums.fedoraforum.org/showthread.php?t=88464 I've just been tackling the same issue - PCL pre-formatted print jobs which I can save as files and then want to convert to PDF for email purposes. I seem to have found the solution with Ghostscript GhostPCL http://www.ghostscript.com/awki/GhostPCL I downloaded version ghostpcl_1.41p1.tar.bz2 (problems experienced with the latest version on FC5). The README was a little confusing and I finished up running: make clean make make install then tested with: pcl6 -sDEVICE=pdfwrite -sOutputFile=laser.pdf laser.pcl laser.pdf opens fine with acroread but I seem to have a minor issue with paper size (I use A4 as my standard size pcl6 seems to use US Letter as the default). Still, early days yet and I am very impressed with the results so far! -- Eero I hadn't heard of this app... why did you choose this. For a fax server i thought Hylafax was a good choice. I use efax but that's home use, and from cli rather than the front end efax-gtk. james --- James, The SCO Unix box is a real legacy system, and vsifax was the only fax server that we could use at the time. When we convert the SCO Unix system over to Centos we plan to look at Hylafax, but I have no experience with it at this point. However, if we can not find a pcl converter that gives us a decent resolution of the pdf file, we may have to purchase and do new install of vsifax on the new Centos machine in order to use vsifax's pcltotiff converter. Greg I was just wondering that's all. I found Hylafax a pig to set up when other folk said it was easy. I've no doubt you have better IT knowledge than myself. efax has worked faultlessly for me but the efax-gtk i wasn't impressed with and has about 4 releases a year and they don't often work. I just use efax on the cli with necessary options and that's fine - but only a non network solution. james ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
On 02/13/13 17:53, John R Pierce wrote: On 2/13/2013 7:46 AM, m.r...@5-cent.us wrote: That's tease me about my age, and I'll beat you with my cane.g And RH9 was fine - that's what I ran on my firewall/router box for*years*, with few updates. my home firewall/router box is STILL running something that started life as RHL6 but is heavily hacked up. hasn't ever been broken into, so I've not had a lot of incentive to rip it apart and redo it. I started, I think, with either 5 or 5.2 for a firewall router, and ran Bastille Linux on it. Never got invaded, as far as I could tell. mark -- This email transmission contains information. If it was confidential, I'dbe telling you it on the phone. It's intended for the addresses. The FBI, CIA, NSA, and Homeland Security Theater (and anyone else) can keep their mitts off it unless they have a warrant; they may *not* kiss my ass, because I don't want their lips anywhere near me. If you're going to disseminate it, check with me first, unless I ask dissemination. Anything else is artificial dissemination, and you're fucked. If you are not the intended recipient(s), delete before reading; in fact, delete it before you receive it. Only dead critters from the Cretaceous and before were harmed by the creation of this message, and they haven't cared since the comet hit. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Overdue upgrade of bind
On Wed, February 13, 2013 10:03, Robert Moskowitz wrote: On 02/13/2013 06:26 AM, Lars Hecking wrote: I missed it in my searches. My search fu is weak. Please provide me with a url? https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/ch-DNS_Servers.html OK. Read this. Nothing really new here for me. I have been managing my own DNS since '94 and started in on DNS in '92. Always something new with releases (adding views was a real mind switch) and something missed. So nothing on what /etc/named/ directory is for. Why it is there created in the chroot tree and empty. I am going to ask on the bind-users isc.org list. Probably present to technically, if not substantively, comply with this: http://www.pathname.com/fhs/ -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Eclipse CDT not working properly
On 07/02/13 18:40, Paul Norton wrote: Hello Toralf Removed the 32bit JRE and set the default to 64bit which java Check here https://bugzilla.redhat.com/show_bug.cgi?id=477766 Or set the vm from the shell as mentioned here http://wiki.eclipse.org/IRC_FAQ#I_just_installed_Eclipse_on_Linux.2C_but_it_does_not_start._What_is_the_problem.3F I have only a 64-bit (OpenJDK) JRE, as far as I can tell, and specifying the path on the command line makes no difference, unfortunately. From here. http://www.eclipse.org/downloads/ Download Eclipse ide for c/c++ developers This is essentially what I did on CentOS 5, but I was hoping that this wouldn't be necessary on release 6, but that the bundled version would be sufficiently up-to-date and usable. But perhaps this isn't really the case :-( - Toralf I have run eclipse(C/C++) on xfce with OpenJDK. No problems. It works fine for C. All the best Paul On Thu, Feb 7, 2013 at 1:06 PM, Toralf Lundtoralf.l...@pgs.com wrote: Hello again, Another problem with my new CentOS 6 installation: The C/C++ support in Eclipse seems to be partial or missing - even though eclipse-cdt is installed. Eclipse starts all right, and I get a C/C++ perspective, but: 1. If I open a C++ file, it's sent to an external editor. 2. C or C++ is not mentioned in Preferences. 3. I can't find a reference to CDT under Help-About Eclipse Platform-Installation Details I've tried reinstalling all the eclipse packages, and also resetting the workspace as well as the settings in ~/.eclipse, but it made no difference. On startup I get the following messages: CompilerOracle: exclude org/eclipse/core/internal/dtree/DataTreeNode.forwardDeltaWith CompilerOracle: exclude org/eclipse/jdt/internal/compiler/lookup/ParameterizedMethodBinding.init CompilerOracle: exclude org/eclipse/cdt/internal/core/dom/parser/cpp/semantics/CPPTemplates.instantiateTemplate CompilerOracle: exclude org/eclipse/cdt/internal/core/pdom/dom/cpp/PDOMCPPLinkage.addBinding CompilerOracle: exclude org/python/pydev/editor/codecompletion/revisited/PythonPathHelper.isValidSourceFile CompilerOracle: exclude org/python/pydev/ui/filetypes/FileTypesPreferencesPage.getDottedValidSourceFiles Has anyone else seen this? Any idea what's wrong? Is anyone here are using Eclipse for C++ development, anyway? Eclipse platform version is 3.6.1-6.13.el6.x86_64, CDT 7.0.1-4.el6.x86_64 (those are the latest from updates.) - Toralf This e-mail, including any attachments and response string, may contain proprietary information which is confidential and may be legally privileged. It is for the intended recipient only. If you are not the intended recipient or transmission error has misdirected this e-mail, please notify the author by return e-mail and delete this message and any attachment immediately. If you are not the intended recipient you must not use, disclose, distribute, forward, copy, print or rely on this e-mail in any way except as permitted by the author. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos This e-mail, including any attachments and response string, may contain proprietary information which is confidential and may be legally privileged. It is for the intended recipient only. If you are not the intended recipient or transmission error has misdirected this e-mail, please notify the author by return e-mail and delete this message and any attachment immediately. If you are not the intended recipient you must not use, disclose, distribute, forward, copy, print or rely on this e-mail in any way except as permitted by the author. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I want an advice
On Wed, February 13, 2013 17:48, Bassem Sossan wrote: Hello I've changed from Ms Windows 2008 R2 to CentOS 6 recently, and there are many aspects to learn in relation to command line ( Bash scripting, package system managing, file system and so on )... I need to apply as much as I can of Network Infrastructure knowledge ( DNS, DHCP and Virtualization ) concepts using CentOS 6 GUI... I know that I must learn dealing with linux using command tools and that will come, but it has much more of time, so, Am I forced as a learner to follow command line tools before going to GUI or I can get a good knowledge and experience by implementing my skills on GUI ? So sorry to pothering First, I am a *nix heretic. Second, I have been using one form of Redhat or another since v5.2 c.1999. For the past 11 years or so I have used Webmin (shielded through IPTables for those horrified at the security implications) to administer my servers, both local and remote. I simply could not get my job done in the time available without it or something much like it. The CLI of the underlying utilities is the final arbitrator of course and there 'man utility_name' is your ever-present friend (usually). Nonetheless, the syntax of even the most common *nix commands is often arcane and similar utilities frequently have such subtly different variations that ones mind is sometimes driven to distraction with the inconsistencies. A GUI, whether web based or not, at least clears away that problem for many routine tasks. In any case you will be forced to learn the cli for some utilities from the outset because there is no safe way of using them otherwise. And situations will arise where knowing how to creatively combine utilities with pipes on the command line will save a great deal of time and trouble. A GUI will never give you those opportunities. But for most day-to-day stuff a GUI saves a considerable amount of effort and prevents a great deal of error. Both of which for a newcomer to Linux are of great value. As others suggested, having a test server for experimentation is a really, really good idea. I tend to fire up guest instances on my kvm desktop for such 'proof of concept' trials but I suppose any crash-and-burn system would suffice. Good luck and welcome. Regards, -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I want an advice
James B. Byrne wrote: On Wed, February 13, 2013 17:48, Bassem Sossan wrote: Hello I've changed from Ms Windows 2008 R2 to CentOS 6 recently, and there are many aspects to learn in relation to command line ( Bash scripting, package system managing, file system and so on )... I need to apply as much as I can of Network Infrastructure knowledge ( DNS, DHCP and Virtualization ) concepts using CentOS 6 GUI... I know that I must learn dealing with linux using command tools and that will come, but it has much more of time, so, Am I forced as a learner to follow command line tools before going to GUI or I can get a good knowledge and experience by implementing my skills on GUI ? So sorry to pothering There's already a lot of GUI built into every desktop. Have you looked at them? snip it. The CLI of the underlying utilities is the final arbitrator of course and there 'man utility_name' is your ever-present friend (usually). Nonetheless, the syntax of even the most common *nix commands is often arcane and similar utilities frequently have such subtly different variations that ones mind is sometimes driven to distraction with the inconsistencies. I keep hearing this arcane - even the author of xkcd commented about not remembering tar flags... and yet, 80%-90% of them are trivially obvious to me - -r (or -R) for recursion, -f for file. For configuration, such as firewalls, there's always copy an existing line and edit, then do a syntax check. mark but then, I also spent decades as a programmer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] motherboard for cents 6.3
Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. Every motherboard I looked at is using the realtek 8111 chipset and a northbridge that is not supported. Example: GIGABYTE GA-970A-DS3, does not work with linux I tried disabling the onboard NIC and using a PCI-E intel card I always use and that would not work either. The north or south bridge is messing with the network card. The card asks for a PXE boot but after centos starts it can no longer find kickstart files, network is messed up. I was using Asus M5A88-M and they are no longer available. Anyway - anyone have a suggestion for and AMD motherboard that works with linux be great if it has onboard video (gaming is not needed), onboard network, SATA nothing super special just working. Thanks, jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Bind - built in root hints?
Over on the bind-us...@lists.isc.org list, I am in a discussion about building the named.zone file, as Centos 6.3 does not provide it. It DOES provide a named.ca which is already old (wrt records) compared to the named.zone provided by internic. A few contributors have stated that now the hints are built into bind and you can see this with: strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET Well it looks like Centos has it at /usr/sbin/named and there are no such strings in there. Oh, these hints come from lib/dns/rootns.c in the source code tree. So are the hints built in here? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] motherboard for cents 6.3
Jerry Geis wrote: Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. First I've heard of this. What kind are you looking at, for a workstation at home? Every motherboard I looked at is using the realtek 8111 chipset and a northbridge that is not supported. The 8111 isn't new. Check http://www.realtek.com.tw/Downloads/downloadsView.aspx?Langid=1PNid=13PFid=5Level=5Conn=4DownTypeID=3GetDown=false And I was under the impression northbridge is northbridge. Why, is it something other than Ivy, Sandy, or whatever? Example: GIGABYTE GA-970A-DS3, does not work with linux I tried disabling the onboard NIC and using a PCI-E intel card I always use and that would not work either. The north or south bridge is messing with the network card. The card asks for a PXE boot but after centos starts it can no longer find kickstart files, network is messed up. You actually do want to do a pxeboot? Sounds to me like the issue here is that the kickstart needs to load a driver for the NIC, and isn't doing so. What does the messages screen say (f,um, 4? 6?) I was using Asus M5A88-M and they are no longer available. Anyway - anyone have a suggestion for and AMD motherboard that works with linux be great if it has onboard video (gaming is not needed), onboard network, SATA nothing super special just working. I'll tell you that it works on every hardware we've bought, including fairly new Dell 720's with a Tesla add-on card - standard CentOS 6.3. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] motherboard for cents 6.3
Sorry to hear about the ASUS because that is what we have too. Another board that works on our Linux cluster is TYAN S4980G2NR Thunder n3600QE There are a series of Tyan boards that are based on AMD architecture. Last time I looked there were still on the face of the earth. John On Feb 14, 2013, at 1:28 PM, Jerry Geis ge...@pagestation.com wrote: Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. Every motherboard I looked at is using the realtek 8111 chipset and a northbridge that is not supported. Example: GIGABYTE GA-970A-DS3, does not work with linux I tried disabling the onboard NIC and using a PCI-E intel card I always use and that would not work either. The north or south bridge is messing with the network card. The card asks for a PXE boot but after centos starts it can no longer find kickstart files, network is messed up. I was using Asus M5A88-M and they are no longer available. Anyway - anyone have a suggestion for and AMD motherboard that works with linux be great if it has onboard video (gaming is not needed), onboard network, SATA nothing super special just working. Thanks, jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] motherboard for cents 6.3
m.r...@5-cent.us wrote: Jerry Geis wrote: Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. snip I'll tell you that it works on every hardware we've bought, including fairly new Dell 720's with a Tesla add-on card - standard CentOS 6.3. Sorry, that's Intel. However, we've got some hot Penguin servers, with Opteron 6274, 64-core, and they were supported out of the box on the supermicro m/b Penguin builds with. ON THE OTHER HAND, having dealt with them, there's *no* *way* I'd buy a Supermicro board: their q/a,q/c is lousy. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I want an advice
On Thu, Feb 14, 2013 at 9:07 AM, m.r...@5-cent.us wrote: I keep hearing this arcane - even the author of xkcd commented about not remembering tar flags... and yet, 80%-90% of them are trivially obvious to me - -r (or -R) for recursion, -f for file. For configuration, such as firewalls, there's always copy an existing line and edit, then do a syntax check. The 'arcane' issue isn't so much per-process as it is knowing which program does what and how or if they interact in a way that affects your upper-level task. For example, I don't think it is very obvious what you have to do for common things like giving a dhcp address with an associated dns name to a specific device. Or maybe setting up a group of users with some special file system access, samba shares, web logins with group access for several different web apps, and an email group address. And as for tar flags, if you use it for backups, which one will make your restored system bootable? mark but then, I also spent decades as a programmer Then maybe it makes sense for you for each program needed above to not do much in the way of integrating with the others. From the perspective of a user it can seem complicated. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
Les Mikesell lesmikesell@... writes: On Wed, Feb 13, 2013 at 9:13 AM, David G. Miller dave@... wrote: Red Hat Linux is ancient. SNIP I started with Red Hat Linux 5 in 1998. Mind your manners when calling RHL 9 ancient or I'll come over and hit you with my walker. In computer years, that's like a century ago. SNIP I guess that means the IBM and CDC mainframes I started out on in the '70s and '80s were prehistoric. Funny thing is that an application I helped write in the early 1980s was still being used by the customer in the mid-1990s (long story how I found out). It had been ported from the original platform (IBM S/370) to a SUN workstation and the customer still loved it. Wouldn't surprise me if they aren't still using it. After all, they still fly B-52s that are even older. But real books don't have that 'search' box up at the top... SNIP Agree with one of the other responders about that's what the index is for. One of my tests for a book on the subject is to go to the index and see how easy it is to find the answers to some of the questions I have that have moved me to buy a book on the subject. Cheers, Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I want an advice
Les Mikesell wrote: On Thu, Feb 14, 2013 at 9:07 AM, m.r...@5-cent.us wrote: I keep hearing this arcane - even the author of xkcd commented about not remembering tar flags... and yet, 80%-90% of them are trivially obvious to me - -r (or -R) for recursion, -f for file. For configuration, such as firewalls, there's always copy an existing line and edit, then do a syntax check. The 'arcane' issue isn't so much per-process as it is knowing which program does what and how or if they interact in a way that affects your upper-level task. For example, I don't think it is very obvious what you have to do for common things like giving a dhcp address with an associated dns name to a specific device. Or maybe setting up a group of users with some special file system access, samba shares, web logins with group access for several different web apps, and an email True - but that's getting into nontrivial tasks, if you're doing it for more than your own machine at home. There are security issues, and organization policies, etc. group address. And as for tar flags, if you use it for backups, which one will make your restored system bootable? grub-install? g mark but then, I also spent decades as a programmer Then maybe it makes sense for you for each program needed above to not do much in the way of integrating with the others. From the perspective of a user it can seem complicated. No. One of the reasons I really, *really* like all versions of *Nix is that most programs *can* work together, through switches and filters. But then, as you progress from novice to craftsman, one of the chief things you need to do is learn what the tools are, and how to use them, and how to use them at *least* as intended. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
David G. Miller wrote: Les Mikesell lesmikesell@... writes: On Wed, Feb 13, 2013 at 9:13 AM, David G. Miller dave@... wrote: Red Hat Linux is ancient. SNIP I started with Red Hat Linux 5 in 1998. Mind your manners when calling RHL 9 ancient or I'll come over and hit you with my walker. In computer years, that's like a century ago. SNIP I guess that means the IBM and CDC mainframes I started out on in the '70s and '80s were prehistoric. Funny thing is that an application I helped write in the early 1980s was still being used by the customer in the mid-1990s (long story how I found out). It had been ported from the original platform (IBM Yep. 370, timeshare, 4300's S/370) to a SUN workstation and the customer still loved it. Wouldn't surprise me if they aren't still using it. After all, they still fly B-52s that are even older. But real books don't have that 'search' box up at the top... SNIP Agree with one of the other responders about that's what the index is for. One of my tests for a book on the subject is to go to the index and see how easy it is to find the answers to some of the questions I have that have moved me to buy a book on the subject. Reminds me of the *only* O'Reilly book I didn't like: I think it was Larry's original book on Perl - the index was *dreadful*, couldn't find anything. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I want an advice
On 14/02/2013 16:00, m.r...@5-cent.us wrote: Les Mikesell wrote: On Thu, Feb 14, 2013 at 9:07 AM, m.r...@5-cent.us wrote: I keep hearing this arcane - even the author of xkcd commented about not remembering tar flags... and yet, 80%-90% of them are trivially obvious to me - -r (or -R) for recursion, -f for file. For configuration, such as firewalls, there's always copy an existing line and edit, then do a syntax check. The 'arcane' issue isn't so much per-process as it is knowing which program does what and how or if they interact in a way that affects your upper-level task. For example, I don't think it is very obvious what you have to do for common things like giving a dhcp address with an associated dns name to a specific device. Or maybe setting up a group of users with some special file system access, samba shares, web logins with group access for several different web apps, and an email True - but that's getting into nontrivial tasks, if you're doing it for more than your own machine at home. There are security issues, and organization policies, etc. Windows lures us into a false sense of security anyway: Under Windows you just run the security policy program, click next, next, finish and 'hey' you're done, all secure At least when you have to think about something you can get more real confidence that you've done it right!! -- Regards, Giles Coochey, CCNA, CCNAS NetSecSpec Ltd +44 (0) 7983 877438 http://www.coochey.net http://www.netsecspec.co.uk gi...@coochey.net ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
On Thu, Feb 14, 2013 at 10:15 AM, m.r...@5-cent.us wrote: But real books don't have that 'search' box up at the top... SNIP Agree with one of the other responders about that's what the index is for. One of my tests for a book on the subject is to go to the index and see how easy it is to find the answers to some of the questions I have that have moved me to buy a book on the subject. If you know the right question ahead of time you probably really don't need the book. Reminds me of the *only* O'Reilly book I didn't like: I think it was Larry's original book on Perl - the index was *dreadful*, couldn't find anything. On the other hand, if you wrote a perl program following those examples, it would almost certainly still run today, with the only change it might need being to escape @ symbols that you had in double-quoted strings. That's pretty rare. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
Les Mikesell wrote: On Thu, Feb 14, 2013 at 10:15 AM, m.r...@5-cent.us wrote: But real books don't have that 'search' box up at the top... SNIP Agree with one of the other responders about that's what the index is for. One of my tests for a book on the subject is to go to the index and see how easy it is to find the answers to some of the questions I have that have moved me to buy a book on the subject. If you know the right question ahead of time you probably really don't need the book. Not necessarily. Sometimes, you know *something* the book covers, but not all, or not nearly all. You can look for answers to stuff you've had trouble solving. Reminds me of the *only* O'Reilly book I didn't like: I think it was Larry's original book on Perl - the index was *dreadful*, couldn't find anything. On the other hand, if you wrote a perl program following those examples, it would almost certainly still run today, with the only change it might need being to escape @ symbols that you had in double-quoted strings. That's pretty rare. Well, yes. And I can do the same with my favorite language of all, ANSI C. Breaking a language, unless there's no other answer, is NOT something I have any sympathy with, he says, remembering how ever sub-release of python 10-12 years ago would break previous system scripts, or then there's ruby now mark the fault, dear Brutus, is not in our language, but in our code ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I want an advice
On Wed, Feb 13, 2013 at 09:50:28PM -0500, Digimer wrote: On 02/13/2013 05:48 PM, Bassem Sossan wrote: Hello I've changed from Ms Windows 2008 R2 to CentOS 6 recently, and there are many aspects to learn in relation to command line ( Bash scripting, package system managing, file system and so on )... there's a lengthy online document on scripting with BASH: http://tldp.org/LDP/abs/html/ or as a single PDF file: http://www.tldp.org/LDP/abs/abs-guide.pdf and there's a beginner's BASH guide here: http://www.tldp.org/LDP/Bash-Beginners-Guide/html/Bash-Beginners-Guide.html and another one here: http://www.ibm.com/developerworks/aix/library/au-getstartedbash/index.html and yet another: http://tldp.org/HOWTO/Bash-Prog-Intro-HOWTO.html and another: https://en.wikibooks.org/wiki/Bash_Shell_Scripting good luck! Fred -- Fred Smith -- fre...@fcshome.stoneham.ma.us - I can do all things through Christ who strengthens me. -- Philippians 4:13 --- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
On Thu, Feb 14, 2013 at 10:49 AM, m.r...@5-cent.us wrote: Reminds me of the *only* O'Reilly book I didn't like: I think it was Larry's original book on Perl - the index was *dreadful*, couldn't find anything. On the other hand, if you wrote a perl program following those examples, it would almost certainly still run today, with the only change it might need being to escape @ symbols that you had in double-quoted strings. That's pretty rare. Well, yes. And I can do the same with my favorite language of all, ANSI C. Umm, yeah - now. In 1987 when perl was released you'd have been using KR C which needed some changes when compilers started demanding the syntax from the ANSI changes. Or worse, some compiler with it's own unique syntax. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] motherboard for cents 6.3
Have built two workstations in last few months using Gigabyte GA-880GA-UD3H motherboards. One Rev. 2101, the other Rev. 3001. Both DVD installs of 6.3 w/o a hitch. Using software Raid 10 on both with four sata III drives. Zero issues known. HTH. B.J. CentOS release 6.3 (Final) On Thu, 2013-02-14 at 10:28 -0500, Jerry Geis wrote: Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. Every motherboard I looked at is using the realtek 8111 chipset and a northbridge that is not supported. Example: GIGABYTE GA-970A-DS3, does not work with linux I tried disabling the onboard NIC and using a PCI-E intel card I always use and that would not work either. The north or south bridge is messing with the network card. The card asks for a PXE boot but after centos starts it can no longer find kickstart files, network is messed up. I was using Asus M5A88-M and they are no longer available. Anyway - anyone have a suggestion for and AMD motherboard that works with linux be great if it has onboard video (gaming is not needed), onboard network, SATA nothing super special just working. Thanks, jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: UPS battery vendor, cont'd
On 2/13/2013 06:12, mark wrote: Huh. No, I want to pay on the order of $12/individual battery, Please don't misuse order. It's a corruption of the scientific term order of magnitude[1][2] which, used correctly, means that the values you're comparing use the same factor of 10 in scientific notation. If we take your claim literally, you'd be satisfied with any complete battery that cost less than $120 * 8 = $960. (I will also come after you if you misuse literally. :) ) $100 or so for the set of 8; You've got one low-ball quote, and now you're demanding that everyone else meet it? Sigh... The way I see it is, you've also got a whole bunch of people offering the same thing for $20-30 per VRLA[3] unit. That means either: a) $20-30/VRLA is a good price and consequently you should be worrying about how others are managing to low-ball that; or b) there's widespread price-fixing. Given how many news stories you can find about misbehaving cheap batteries, I'd bet on option a). Just because the label has the same voltage and amp-hour rating as what came out of the APC UPS, doesn't mean it's exactly the same thing. Batteries are tricky. Boeing and Tesla Motors are both in the news now because too few people really understand batteries. If you're willing to open up the APC sled and replace the individual VRLAs directly, the cheapest *reputable* vendor I've found is Mouser. Their part # 632-GP1245 looks close, but don't take my word on that. I'm just eyeballing photos and springboarding off the McMaster dimensions; I have no direct experience on that particular swap. Mouser wants $16.30 each of these in qty 10. Just for reference, one of Mouser's direct competitors, DigiKey, wants about $25 for the same thing. That put's the $22-26 McMaster quote you've tried to reject right in the same range. I also don't see that you're accounting for return shipping and the cost of the sled. If you buy the pack from APC, they ship you a complete, assembled battery pack, along with a reusable box and return shipping label. You put the old one back in the box you got the new one in, and send it back for recycling. That's worth something. When you buy individual VRLAs, you have to account for your time opening up the sled, swapping VRLAs, and reassembling it all. Then you add in your time to dispose of the spent VRLAs. I'm sure you can find plenty of places locally that will take them, but I'll bet your salary and gas costs will wipe out your DIY savings. You're probably not counting opportunity costs[4], either. - [1] https://en.wikipedia.org/wiki/On_the_order_of [2] http://mathworld.wolfram.com/OrderofMagnitude.html [3] https://en.wikipedia.org/wiki/VRLA [4] https://en.wikipedia.org/wiki/Opportunity_cost ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] motherboard for cents 6.3
On Thu, Feb 14, 2013 at 10:28 AM, Jerry Geis ge...@pagestation.com wrote: Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. Every motherboard I looked at is using the realtek 8111 chipset and a northbridge that is not supported. Most hardware I work on has Broadcom or Intel chipsets. Intel is the way to go if you're buying new. (Well except for the EEPROM bug caused by some equipment manufacturers [4], which isn't Intel's fault per se.) Looks like fun: [0] [1] [2] [3] Driver that is included in vanilla Linux kernel is actually a driver for a different network adapter, but works with 8111E too. Sort of works. Realtek made new official driver that fixes the problem, but disables the old driver. Which could be a problem for you if you have RTL8169/8110 and RTL8168/8. [2] [0] http://www.linuxquestions.org/questions/linux-networking-3/no-network-detected-realtek-8111-8168-issue-615047/ [1] http://forums.linuxmint.com/viewtopic.php?f=49t=80757 [2] http://www.twm-kd.com/linux/realtek-rtl81688111e-and-ubuntu-linux/ [3] http://unixblogger.wordpress.com/2011/10/18/the-pain-of-an-realtek-rtl8111rtl8168-ethernet-card/ [4] http://blog.krisk.org/2013/02/packets-of-death-update.html Example: GIGABYTE GA-970A-DS3, does not work with linux I tried disabling the onboard NIC and using a PCI-E intel card I always use and that would not work either. The north or south bridge is messing with the network card. The card asks for a PXE boot but after centos starts it can no longer find kickstart files, network is messed up. I was using Asus M5A88-M and they are no longer available. Anyway - anyone have a suggestion for and AMD motherboard that works with linux be great if it has onboard video (gaming is not needed), onboard network, SATA nothing super special just working. Thanks, jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
On Thu, Feb 14, 2013 at 11:00 AM, Les Mikesell lesmikes...@gmail.com wrote: Reminds me of the *only* O'Reilly book I didn't like: I think it was Larry's original book on Perl - the index was *dreadful*, couldn't find anything. On the other hand, if you wrote a perl program following those examples, it would almost certainly still run today, with the only change it might need being to escape @ symbols that you had in double-quoted strings. That's pretty rare. Well, yes. And I can do the same with my favorite language of all, ANSI C. Umm, yeah - now. In 1987 when perl was released you'd have been using KR C which needed some changes when compilers started demanding the syntax from the ANSI changes. Or worse, some compiler with it's own unique syntax. And I forgot my favorite issue with 'C': a failing 'include' is fatal. So, even though the language is mostly portable you can't, within the language, write code that will compile across systems that provide different include files. So you have to use some other less portable preprocessing toolset to get your code to a point where the compiler has a chance of accepting it - something that has turned into one of the most arcane arts you are likely to ever see. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bind - built in root hints?
On Thu, 14 Feb 2013, Robert Moskowitz wrote: Over on the bind-us...@lists.isc.org list, I am in a discussion about building the named.zone file, as Centos 6.3 does not provide it. It DOES provide a named.ca which is already old (wrt records) compared to the named.zone provided by internic. A few contributors have stated that now the hints are built into bind and you can see this with: strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET Well it looks like Centos has it at /usr/sbin/named and there are no such strings in there. Oh, these hints come from lib/dns/rootns.c in the source code tree. So are the hints built in here? See /var/named/named.ca (also visible in /var/named/chroot/var/named). -- Paul Heinlein heinl...@madboa.com 45°38' N, 122°6' W___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bind - built in root hints?
On 02/14/2013 12:29 PM, Paul Heinlein wrote: On Thu, 14 Feb 2013, Robert Moskowitz wrote: Over on the bind-us...@lists.isc.org list, I am in a discussion about building the named.zone file, as Centos 6.3 does not provide it. It DOES provide a named.ca which is already old (wrt records) compared to the named.zone provided by internic. A few contributors have stated that now the hints are built into bind and you can see this with: strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET Well it looks like Centos has it at /usr/sbin/named and there are no such strings in there. Oh, these hints come from lib/dns/rootns.c in the source code tree. So are the hints built in here? See /var/named/named.ca (also visible in /var/named/chroot/var/named). Yes. I know about that. But as I said, the discussion is that this is no longer needed as the hints are now built into bind if no explicit hint is provided. I am asking if the above stub is included in the Redhat/Centos build. It does not seem so. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Installing SOGo on Centos 5
Hello, I was following directions at: http://www.sogo.nu/english/support/faq/article/how-to-install-sogo-and-sope-through-yum-1.html to install SOGo on CentOS 5.9 and, noticing that among the dependencies is memcached and rpmforge includes a much more recent version than EPEL, I preferred rpmforge and therefore I set a higher priority for rpmforge repo (see below). [Note: I guess I could have left out epel in the first place, because I saw that no package was used from there, yet I thought I should follow the directions at the above page, which claim that epel should be enabled, just in case.] So I did: # yum --enablerepo=rpmforge,epel,rpmforge-extras,sogo-rhel5 install sogo sogo-devel sogo-debuginfo where I have the following priorities set: [base] priority=1 enabled=1 [updates] priority=1 enabled=1 [addons] priority=1 enabled=1 [extras] priority=5 enabled=1 [centosplus] priority=6 gpgcheck=1 enabled=0 [contrib] priority=15 [rpmforge] priority = 2 enabled = 0 [rpmforge-extras] priority = 2 enabled = 0 [epel] priority=5 enabled=0 [sogo-rhel5] enabled=0 priority=3 but I got: ... perl-AnyEvent-5.340-1.el5.rfx.x86_64 from rpmforge-extras has depsolving problems -- Missing Dependency: perl(Net::SSLeay) = 1.33 is needed by package perl-AnyEvent-5.340-1.el5.rfx.x86_64 (rpmforge-extras) Error: Missing Dependency: perl(Net::SSLeay) = 1.33 is needed by package perl-AnyEvent-5.340-1.el5.rfx.x86_64 (rpmforge-extras) However, it seems an RPM is available at rpmforge-extras (and is 1.33): # yum --enablerepo=rpmforge,rpmforge-extras,rpmforge-testing info perl-Net-SSLeay ... Available Packages Name : perl-Net-SSLeay Arch : x86_64 Version: 1.36 Release: 1.el5.rfx Size : 334 k Repo : rpmforge-extras Summary: Net-SSLeay module for perl URL: http://search.cpan.org/dist/Net-SSLeay/ License: Artistic/GPL Description: Net-SSLeay module for perl. Why this package isn't being used during dep solving? Any ideas? Am I doing something wrong? Please advise. Thanks, Nick ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bind - built in root hints?
On 02/14/2013 12:47 PM, Reindl Harald wrote: Am 14.02.2013 18:37, schrieb Robert Moskowitz: On 02/14/2013 12:29 PM, Paul Heinlein wrote: On Thu, 14 Feb 2013, Robert Moskowitz wrote: Over on the bind-us...@lists.isc.org list, I am in a discussion about building the named.zone file, as Centos 6.3 does not provide it. It DOES provide a named.ca which is already old (wrt records) compared to the named.zone provided by internic. A few contributors have stated that now the hints are built into bind and you can see this with: strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET Well it looks like Centos has it at /usr/sbin/named and there are no such strings in there. Oh, these hints come from lib/dns/rootns.c in the source code tree. So are the hints built in here? See /var/named/named.ca (also visible in /var/named/chroot/var/named). Yes. I know about that. But as I said, the discussion is that this is no longer needed as the hints are now built into bind if no explicit hint is provided. I am asking if the above stub is included in the Redhat/Centos build. It does not seem so. and even if - how would this be updated without the need for a security fix since otherwise there are no updates in RHEL I asked this on the bind-users list, as records are slowly being added to each root, and got back: No need to worry. They are only hints, and named uses them to get the current list of root name servers at startup. Even if they are 15 years out of date it will still work, because the root name servers do not change very often. So take that with whatever size of salt grain you prefer. ftp://ftp.internic.net/domain/named.cache and update /var/named/chroot/var/named/named.ca with it is the way to go What I am doing. But so far something is not set right, as I am not getting responses back, but I think I know why and it is a grrr moment. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bind - built in root hints?
On 02/14/2013 12:47 PM, Reindl Harald wrote: Am 14.02.2013 18:37, schrieb Robert Moskowitz: On 02/14/2013 12:29 PM, Paul Heinlein wrote: On Thu, 14 Feb 2013, Robert Moskowitz wrote: Over on the bind-us...@lists.isc.org list, I am in a discussion about building the named.zone file, as Centos 6.3 does not provide it. It DOES provide a named.ca which is already old (wrt records) compared to the named.zone provided by internic. A few contributors have stated that now the hints are built into bind and you can see this with: strings /usr/local/sbin/named | grep A.ROOT-SERVERS.NET Well it looks like Centos has it at /usr/sbin/named and there are no such strings in there. Oh, these hints come from lib/dns/rootns.c in the source code tree. So are the hints built in here? See /var/named/named.ca (also visible in /var/named/chroot/var/named). Yes. I know about that. But as I said, the discussion is that this is no longer needed as the hints are now built into bind if no explicit hint is provided. I am asking if the above stub is included in the Redhat/Centos build. It does not seem so. and even if - how would this be updated without the need for a security fix since otherwise there are no updates in RHEL Oh, I have checked and eventhough we are stuck at ver 9.8.2, we are current on security patches per the alerts listed by isc. So our 9.8.2 is NOT quite 9.8.2 ftp://ftp.internic.net/domain/named.cache and update /var/named/chroot/var/named/named.ca with it is the way to go ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Really changing the hostname
I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Really changing the hostname
On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. To make the change permanent, edit /etc/ssyconfig/network and set the desired hostname after HOSTNAME=. -- Digimer Papers and Projects: https://alteeve.ca/w/ What if the cure for cancer is trapped in the mind of a person without access to education? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Really changing the hostname
On 02/14/2013 01:13 PM, Digimer wrote: On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. To make the change permanent, edit /etc/ssyconfig/network and set the desired hostname after HOSTNAME=. Sorry, I typo'd that; # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=your.new.hostname -- Digimer Papers and Projects: https://alteeve.ca/w/ What if the cure for cancer is trapped in the mind of a person without access to education? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Really changing the hostname
On Thu, Feb 14, 2013 at 12:15 PM, Digimer li...@alteeve.ca wrote: On 02/14/2013 01:13 PM, Digimer wrote: On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. To make the change permanent, edit /etc/ssyconfig/network and set the desired hostname after HOSTNAME=. Sorry, I typo'd that; # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=your.new.hostname This will get picked up on the next reboot. You will have to use the hostname command to make it take effect immediately, but some applications only pick it up when they start so things like your login prompt won't change until the next login. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Really changing the hostname
On Thu, Feb 14, 2013 at 12:15 PM, Digimer li...@alteeve.ca wrote: On 02/14/2013 01:13 PM, Digimer wrote: On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. To make the change permanent, edit /etc/ssyconfig/network and set the desired hostname after HOSTNAME=. Sorry, I typo'd that; # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=your.new.hostname This will get picked up on the next reboot. You will have to use the hostname command to make it take effect immediately, but some applications only pick it up when they start so things like your login prompt won't change until the next login. One could also run service network restart to have it take a more immediate effect. The disconnect from the network is momentarily, and one's session isn't even severed. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Error: headerRead failed: hdr blob
It's working fine now. There was some issue with the way I packaged the OS updates rpms. Thanks On Mon, Feb 11, 2013 at 6:51 PM, Karanbir Singh kbsi...@centos.org wrote: On 02/11/2013 12:35 PM, Anumeha Prasad wrote: error: bind-libs-9.3.6-20.P1.el5_8.6.x86_64.rpm: headerRead failed: hdr blob(48062): BAD, read returned 515 error: bind-libs-9.3.6-20.P1.el5_8.6.x86_64.rpm cannot be installed This could be a big problem potentially: rerun the samw command, but add a -d7 to yum's command line and put the results at http://pastebin.centos.org and post the url to that here to the list. - KB -- Karanbir Singh, The CentOS Project +44-207-0999389 | http://www.centos.org/ | twitter.com/CentOS GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Really changing the hostname
On Thu, Feb 14, 2013 at 1:15 PM, Digimer li...@alteeve.ca wrote: On 02/14/2013 01:13 PM, Digimer wrote: On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. To make the change permanent, edit /etc/ssyconfig/network and set the desired hostname after HOSTNAME=. Sorry, I typo'd that; # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=your.new.hostname -- Digimer You also probably want to update /etc/hosts, though it strictly does not itself set the hostname for the machine. ❧ Brian Mathis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A question
Les Mikesell wrote: On Thu, Feb 14, 2013 at 10:49 AM, m.r...@5-cent.us wrote: Reminds me of the *only* O'Reilly book I didn't like: I think it was Larry's original book on Perl - the index was *dreadful*, couldn't find anything. On the other hand, if you wrote a perl program following those examples, it would almost certainly still run today, with the only change it might need being to escape @ symbols that you had in double-quoted strings. That's pretty rare. Well, yes. And I can do the same with my favorite language of all, ANSI C. Umm, yeah - now. In 1987 when perl was released you'd have been using KR C which needed some changes when compilers started demanding the syntax from the ANSI changes. Or worse, some compiler with it's own unique syntax. True... but in '87, I was still on mainframes, and using *GAG* DOS/VSE/SP (and whatever letters have been added since). I didn't get to use C until '89, and perl... no one had heard of it were I was working in TX until about '92 or '93. Yes, I did start with KR, and have my copy of the Bible (KR, ANSI version). Syntax on languages shouldn't change, anyway mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: UPS battery vendor, cont'd
Warren Young wrote: On 2/13/2013 06:12, mark wrote: Huh. No, I want to pay on the order of $12/individual battery, Please don't misuse order. It's a corruption of the scientific term order of magnitude[1][2] which, used correctly, means that the values you're comparing use the same factor of 10 in scientific notation. If we take your claim literally, you'd be satisfied with any complete battery that cost less than $120 * 8 = $960. Now, this is serious nitpicking, and it also argues over common usage. But if you *really* want to get into it, I could note that I want on the order, base 2. (I will also come after you if you misuse literally. :) ) $100 or so for the set of 8; You've got one low-ball quote, and now you're demanding that everyone else meet it? Sigh... I take it you haven't done a lot of purchasing, where alternatives were considered? APC offers it at the highest price for their own UPSes. Many other companies offer compatibles, and this kind of rate - the lower one - is what I've been paying for over three years. Actually, since of the three or four with the ballpark (go ahead, argue *that*) of $100 for the set of 8, none offer GSA, I've checked with my manager, and I'll just go ahead and get three quotes for open market value. snip Given how many news stories you can find about misbehaving cheap batteries, I'd bet on option a). Just because the label has the same voltage and amp-hour rating as what came out of the APC UPS, doesn't mean it's exactly the same thing. Batteries are tricky. Boeing and Tesla Motors are both in the news now because too few people really understand batteries. No. The only *real* issue is getting the vendor to understand that every single battery manufacturer is lying, because they *haven't* tested them on rackmount server UPSes, and yes, I don't care what the OEM says - and I've spoken, personally, to two or three OEMs - they MUST be HR (high rate) batteries; nothing else will make the UPSes happy. The compatible batteries I've bought and put in the UPSes in '10 are only *starting* to go, so three years (including '10, since most of them were in the first half of the years) isn't bad, esp, when, with our wonderful power that blinks at least once a day to the server rooms, they do get hit. If you're willing to open up the APC sled and replace the individual VRLAs directly, the cheapest *reputable* vendor I've found is Mouser. Their part # 632-GP1245 looks close, but don't take my word on that. I'm just eyeballing photos and springboarding off the McMaster dimensions; I have no direct experience on that particular swap. Oh, sorry if I wasn't clear: that's what I do, open the sled and replace with the new set of eight individual batteries. Not a big deal. snip When you buy individual VRLAs, you have to account for your time opening up the sled, swapping VRLAs, and reassembling it all. Then you add in your time to dispose of the spent VRLAs. I'm sure you can find plenty of places locally that will take them, but I'll bet your salary and gas costs will wipe out your DIY savings. Nope. I bring the old batteries to my cube, and when I've got enough to make it worth it, I call the folks in hazardous waste who explicitly take care of recycling batteries, and they come get them. You're probably not counting opportunity costs[4], either. And you're not looking at the bigger picture: I'm a sysadmin. We're not overworked, though there's plenty to do. The Republicans in Congress pretend to cut the budget; therefore, saving the US gov't, in the form of my division, budget dollars, since I'm on a fixed rate, is cheaper than trying to get more money out of Congress to save my time by shipping the entire sled and recycling that. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: UPS battery vendor, cont'd
Mark did you look at atbatt.com, I have been looking recently and they are ones that I have been looking to go with, not sure if they do GSA though... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: UPS battery vendor, cont'd
Tom Bishop wrote: Mark did you look at atbatt.com, I have been looking recently and they are ones that I have been looking to go with, not sure if they do GSA though... Just looked at them. They're about half-way between full APC prices and the discounters I've been looking at. They do have a page about organizational purchases, but no GSA. Thanks, though. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Really changing the hostname
Les Mikesell wrote: On Thu, Feb 14, 2013 at 12:15 PM, Digimer li...@alteeve.ca wrote: On 02/14/2013 01:13 PM, Digimer wrote: On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. To make the change permanent, edit /etc/ssyconfig/network and set the desired hostname after HOSTNAME=. Sorry, I typo'd that; # cat /etc/sysconfig/network NETWORKING=yes HOSTNAME=your.new.hostname This will get picked up on the next reboot. You will have to use the hostname command to make it take effect immediately, but some applications only pick it up when they start so things like your login prompt won't change until the next login. Yep, what les says. If you don't reboot, things like syslog/rsyslog won't change it in messages. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] motherboard for cents 6.3
On 02/14/2013 09:28 AM, Jerry Geis wrote: Seems like overnight every motherboard that worked with linux has DROPPED off the face of the earth. Every motherboard I looked at is using the realtek 8111 chipset and a northbridge that is not supported. Example: GIGABYTE GA-970A-DS3, does not work with linux I tried disabling the onboard NIC and using a PCI-E intel card I always use and that would not work either. The north or south bridge is messing with the network card. The card asks for a PXE boot but after centos starts it can no longer find kickstart files, network is messed up. I was using Asus M5A88-M and they are no longer available. Anyway - anyone have a suggestion for and AMD motherboard that works with linux be great if it has onboard video (gaming is not needed), onboard network, SATA nothing super special just working. I use the M5A99X EVO R2.0 board from ASUS ... I just built 2 machines with it the other day and installed CentOS-6.3 on there. I did not hook up sound, but network and sata work fine. I also did not use any of the hardware raid options, but there are 6 sata ports (6GB/sec), 6 e-sata ports (6GB/sec), and USB 3.0 support. It has AM3+ socket with support for a huge number of AMD CPUs from a single core Sempron 100 series to the 8 core FX-8350. The bios adjustments are amazing and there are several buttons on the board itself if you get a bit too aggressive on the memory settings, overclocking, etc. This will do a self diagnostic and set things at default for the Memory, CPU, and get you back to working settings. You can also flash the bios from a usb key while booted into the bios, so no DOS booting to upgrade the firmware. Needless to say ... I love these boards :) They also seem to be very close to what you were already using (M5A88-M), so any spare parts you have laying around should work (CPUs, Memory, etc). It does NOT have built in Video though ... and it requires a pci-e 2.0 video card. I had some GeForce cards on the shelf that would work. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] chrooted bind -- addition to rsyslog.conf
In /etc/sysconfig/named that gets installed along with bind-chroot there is a comment that basically says: Don't forget to add $AddUnixListenSocket /var/named/chroot/dev/log line to your /etc/rsyslog.conf file. All these little touches you need to find out about. But is there any order in rsyslog.conf? Do I just add this line to the end of it? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Done - Re: Really changing the hostname
Thanks all. Changed /etc/sysconfig/network and rebooted and all is well. At least so far! /etc/hosts did not have an entry for the host there. Maybe because I have installed bind on this system. On 02/14/2013 01:11 PM, Robert Moskowitz wrote: I need to change the host name on a test server, and in the past when I used hostname to change the hostname, it did not seem to change it everywhere. I really don't want to do a rebuild just yet, but I have to feel confident that hostname is really changed (reboot is not too much of an issue). What is the recommened practice? Other than get it right the first time. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Problem with installing DHCP
I'm trying to install DHCP on CentOS 6 yum install dhcp, but the installation doesn't complete... I get a message that tell me that there is a conflict with file from package dhclient... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] chrooted bind -- addition to rsyslog.conf
On 02/14/2013 04:00 PM, Robert Moskowitz wrote: In /etc/sysconfig/named that gets installed along with bind-chroot there is a comment that basically says: Don't forget to add $AddUnixListenSocket /var/named/chroot/dev/log line to your /etc/rsyslog.conf file. All these little touches you need to find out about. But is there any order in rsyslog.conf? Do I just add this line to the end of it? add your file in /etc/rsyslog.d/*whatever*.conf and restart rsyslog. [user@dns01 ~]# cat /etc/rsyslog.d/MSU.named.chroot.conf $AddUnixListenSocket /var/named/chroot/dev/log ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem with installing DHCP
the official documentation by redhat: https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/s1-dhcp-configuring-server.html or http://m.krizna.com/centos/install-configure-dhcp-server-centos-6/ I advise you to use the software dhcp and delete dhclient let me know for any questions On Feb 14, 2013 11:18 PM, Bassem Sossan bayrnmun...@gmail.com wrote: I'm trying to install DHCP on CentOS 6 yum install dhcp, but the installation doesn't complete... I get a message that tell me that there is a conflict with file from package dhclient... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] chrooted bind -- addition to rsyslog.conf
On 02/14/2013 05:58 PM, Steven Tardy wrote: On 02/14/2013 04:00 PM, Robert Moskowitz wrote: In /etc/sysconfig/named that gets installed along with bind-chroot there is a comment that basically says: Don't forget to add $AddUnixListenSocket /var/named/chroot/dev/log line to your /etc/rsyslog.conf file. All these little touches you need to find out about. But is there any order in rsyslog.conf? Do I just add this line to the end of it? add your file in /etc/rsyslog.d/*whatever*.conf and restart rsyslog. [user@dns01 ~]# cat /etc/rsyslog.d/MSU.named.chroot.conf $AddUnixListenSocket /var/named/chroot/dev/log Got it. this makes more sense than what the comments tell you to do. thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: UPS battery vendor, cont'd
On 2/14/2013 11:41 AM, m.r...@5-cent.us wrote: Tom Bishop wrote: Mark did you look at atbatt.com, I have been looking recently and they are ones that I have been looking to go with, not sure if they do GSA though... Just looked at them. They're about half-way between full APC prices and the discounters I've been looking at. They do have a page about organizational purchases, but no GSA. do be sure you're comparing pears with pears and not apples with oranges. serious UPS's are supplied with high discharge rate UPS certified VRLA batteries, which are NOT the same as the typical cheaper VRLA's you'll find at a discounter, intended for use as burglar alarm etc batteries. standard VRLA batteries are usually specified by their voltage and amp*hour rating for a 20 hour discharge rate, while UPS batteries use Watts at a 10 minute discharge rate. example: Panasonic LC-R127R2P is a standard VRLA 12V 7.2AH (at 20 hour rate) battery, thats rated at a 0.36 amp discharge rate. UP-VW1245P1 is the high discharge rate UPS version, rated at 268 watts (45 watts per cell) for 10 minutes, which is about 3.5 amp hours at a 22 amp discharge rate. these two batteries are physically equivalent in size, weight. yes, you can use the regular ones in your UPS and save a bundle. I have a old(!) SmartUPS 2000 powering my home network, loaded with 4 x LC1220P's (12V 20AH). My total load on this UPS is only like 500 watts, so it will last for HOURS during extended power failures (winter storms, typically). I wouldn't want to pull 2000VA out of this, however. -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] bind-chroot rpm only builds chroot tree?
I just downloaded the bind-chroot rpm and looked into it with Archive manager (so I am lazy), and no files, just the chroot tree. I am assuming there is some script that Archive manager does not show, or I am just missing it, because the ROOTDIR= did get added to /etc/sysconfig/named (and the one in the bind rpm is without this line). Just interesting that if you chroot, you are expected to know that everything needs to be placed there. And they leave the /etc/named.conf there untouched. Seems they should remove this or make it a symlink? And what about /etc/rndc.key? your chrooted bind uses the /var/named/chroot/etc/rndc.key and rndc uses the /etc/rndc.key, or so it seems, so your rndc.key is left unprotected outside of the chroot jail? Am I missing something in the rndc setup with chrooted bind? I am not seeing any special instructions on this in the Redhat documentation. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bind-chroot rpm only builds chroot tree?
On 02/14/2013 08:47 PM, Robert Moskowitz wrote: I just downloaded the bind-chroot rpm and looked into it with Archive manager (so I am lazy), and no files, just the chroot tree. I am assuming there is some script that Archive manager does not show, or I am just missing it, because the ROOTDIR= did get added to /etc/sysconfig/named (and the one in the bind rpm is without this line). Just interesting that if you chroot, you are expected to know that everything needs to be placed there. And they leave the /etc/named.conf there untouched. Seems they should remove this or make it a symlink? I just went back to the Centos 5.5 bind-chroot rpm (which I have on my local repo server) and it is the same. Wow, that means I have been caring this stuff around further back than that? But one thing is in 5.5 it created /var/named/chroot/var/named/ data and slave which 6.3 are not. And I am having permission problems with these two subdirectories and I am NOT seeing the problem. Hope it is not a selinux issue. And what about /etc/rndc.key? your chrooted bind uses the /var/named/chroot/etc/rndc.key and rndc uses the /etc/rndc.key, or so it seems, so your rndc.key is left unprotected outside of the chroot jail? Am I missing something in the rndc setup with chrooted bind? I am not seeing any special instructions on this in the Redhat documentation. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Selinux blocking bind access to named/data and slave directories
I was getting permission errors (seen in /var/log/messages) in accessing these two directories within my chroot tree. I was pulling out what little hair I have, as the permissions were identical to those on my Centos 5.5 server. So I switched selinux into permissive mode and now I have /var/named/chroot/var/named/data/named.run and my /named/slave/ stubs. What is the selinux magic to allow bind to write here? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Selinux blocking bind access to named/data and slave directories
Robert, Send output of this two commands: ps -eZ | grep named ls -alZ into directorys that you want to allow bind to write Att, Frederico Madeira fmade...@gmail.com www.madeira.eng.br 2013/2/14 Robert Moskowitz r...@htt-consult.com I was getting permission errors (seen in /var/log/messages) in accessing these two directories within my chroot tree. I was pulling out what little hair I have, as the permissions were identical to those on my Centos 5.5 server. So I switched selinux into permissive mode and now I have /var/named/chroot/var/named/data/named.run and my /named/slave/ stubs. What is the selinux magic to allow bind to write here? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Boot failures
Hello All, I was having some issues with samba configuration and was going to remove the packages and reinstall again. I think I might have rebooted before all of the package removal tasks were finished running and might have corrupted something. The system successfully boots up to the grub menu, but after that the boot process stalls when the centos logo comes up. I can't boot into single user mode either. I'd rather not have to re-install the OS. What, if any, options are available at this point? CentOS version is 6.3. Thanks in advance for any tips. Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bind-chroot rpm only builds chroot tree?
On Thu, 14 Feb 2013 at 20:47 -, Robert Moskowitz wrote: I just downloaded the bind-chroot rpm and looked into it with Archive manager (so I am lazy), and no files, just the chroot tree. I am assuming there is some script that Archive manager does not show, or I am just missing it, because the ROOTDIR= did get added to /etc/sysconfig/named (and the one in the bind rpm is without this line). Just interesting that if you chroot, you are expected to know that everything needs to be placed there. And they leave the /etc/named.conf there untouched. Seems they should remove this or make it a symlink? And what about /etc/rndc.key? your chrooted bind uses the /var/named/chroot/etc/rndc.key and rndc uses the /etc/rndc.key, or so it seems, so your rndc.key is left unprotected outside of the chroot jail? Am I missing something in the rndc setup with chrooted bind? I am not seeing any special instructions on this in the Redhat documentation. It has been quite a while, but I think there might be some stuff in the main bind package which makes chroot work right when bind-chroot is installed. Did you look at what that package installs? -- I've never been lost; I was once bewildered for three days, but never lost! -- Daniel Boone ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Selinux blocking bind access to named/data and slave directories
On 14/02/13 7:23 PM, Robert Moskowitz wrote: I was getting permission errors (seen in /var/log/messages) in accessing these two directories within my chroot tree. I was pulling out what little hair I have, as the permissions were identical to those on my Centos 5.5 server. So I switched selinux into permissive mode and now I have /var/named/chroot/var/named/data/named.run and my /named/slave/ stubs. What is the selinux magic to allow bind to write here? Hi, This may start a debate but it is my understanding that RH recommends to not use chroot jails with bind as selinux is more secure. For some additional information see the following extract from the BIND 9 FAQ: https://scs.senecac.on.ca/~raymond.chan/nad810/0701/SELinux-DNS.html Right now I can't locate this on the new ISC website though. There is also an selinux section in the named(8) manual page, for example: http://linux.die.net/man/8/named which states pretty much the same. If you wish to stay with chroot then the key is probably to install the bind-chroot package and ensure that the ROOTDIR variable is set correctly in: /etc/sysconfig/named For what its worth I'm running a number of master/slave DNS servers under selinux no problems. Any updates on the master propagates happily to the slaves. Mind you these are low traffic DNS servers that sit behind a firewall. Cheers -pete -- Peter Brady Email: pdbr...@ans.com.au Skype: pbrady77 signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Questions about software RAID, LVM.
On 02/04/2013 06:40 PM, Robert Heller wrote: I am planning to increase the disk space on my desktop system. It is running CentOS 5.9 w/XEN. I have two 160Gig 2.5 laptop (2.5) SATA drives in two slots of a 4-slot hot swap bay configured like this: Disk /dev/sda: 160.0 GB, 160041885696 bytes 255 heads, 63 sectors/track, 19457 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 125 1004031 fd Linux raid autodetect /dev/sda2 126 19457 155284290 fd Linux raid autodetect Disk /dev/sdb: 160.0 GB, 160041885696 bytes 255 heads, 63 sectors/track, 19457 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdb1 * 1 125 1004031 fd Linux raid autodetect /dev/sdb2 126 19457 155284290 fd Linux raid autodetect sauron.deepsoft.com% cat /proc/mdstat Personalities : [raid1] md0 : active raid1 sdb1[1] sda1[0] 1003904 blocks [2/2] [UU] md1 : active raid1 sdb2[1] sda2[0] 155284224 blocks [2/2] [UU] unused devices:none That is I have two RAID1 arrays: a small (1Gig) one mounted as /boot and a larger 148Gig one that is a LVM Volume Group (which contains a pile of file systems, some for DOM0 and some that are for other VMs). What I plan on doing is getting a pair of 320Gig 2.5 (laptop) SATA disks and fail over the existing disks to this new pair. I believe I can then 'grow' the second RAID array to be like ~300Gig. My question is: what happens to the LVM Volume Group? Will it grow when the RAID array grows? Not on its own, but you can grow it. I believe the recommended way to do the LVM volume is to partition new drive as type fd install new PV on new partition (will be new, larger size) make new PV part of old volume group migrate all volumes on old PV onto new PV remove old PV from volume group You have to do this separately for each drive, but it isn't very hard. Of course your boot partition will have to be handled separately. Or should I leave /dev/md1 its current size and create a new RAID array and add this as a second PV and grow the Volume Group that way? That is a solution to a different problem. You would end up with a VG of about 450 GB total. If that is what you want to do, that works too. The documentation is not clear as to what happens -- the VG is marked 'resisable'. sauron.deepsoft.com% sudo pvdisplay --- Physical volume --- PV Name /dev/md1 VG Name sauron PV Size 148.09 GB / not usable 768.00 KB Allocatable yes PE Size (KByte) 4096 Total PE 37911 Free PE 204 Allocated PE 37707 PV UUID ttB15B-3eWx-4ioj-TUvm-lAPM-z9rD-Prumee sauron.deepsoft.com% sudo vgdisplay --- Volume group --- VG Name sauron System ID Formatlvm2 Metadata Areas1 Metadata Sequence No 65 VG Access read/write VG Status resizable MAX LV0 Cur LV17 Open LV 12 Max PV0 Cur PV1 Act PV1 VG Size 148.09 GB PE Size 4.00 MB Total PE 37911 Alloc PE / Size 37707 / 147.29 GB Free PE / Size 204 / 816.00 MB VG UUID qG8gCf-3vou-7dp2-Ar0B-p8jz-eXZF-3vOONr Doesn't look like anyone answered your question, so I'll tell you that the answer is Yes. Ted Miller ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Selinux blocking bind access to named/data and slave directories
On 02/14/2013 11:09 PM, Peter Brady wrote: On 14/02/13 7:23 PM, Robert Moskowitz wrote: I was getting permission errors (seen in /var/log/messages) in accessing these two directories within my chroot tree. I was pulling out what little hair I have, as the permissions were identical to those on my Centos 5.5 server. So I switched selinux into permissive mode and now I have /var/named/chroot/var/named/data/named.run and my /named/slave/ stubs. What is the selinux magic to allow bind to write here? Hi, This may start a debate but it is my understanding that RH recommends to not use chroot jails with bind as selinux is more secure. Oh NO!!! A security debate!!! Well this system is only for bind and as an internal ntp server, so maybe I can keep selinux on. But then I am a communications security specialist not an OS security specialist, so I can't contribute as to which is more limiting on bind's access to things it should not see. For some additional information see the following extract from the BIND 9 FAQ: https://scs.senecac.on.ca/~raymond.chan/nad810/0701/SELinux-DNS.html More reading. Right now I can't locate this on the new ISC website though. A number of them are my IETF buddies, so I can (and will) ask them directly. There is also an selinux section in the named(8) manual page, for example: http://linux.die.net/man/8/named which states pretty much the same. If you wish to stay with chroot then the key is probably to install the bind-chroot package and ensure that the ROOTDIR variable is set correctly in: /etc/sysconfig/named Done but that did not help with selinux and the named/data directory. For what its worth I'm running a number of master/slave DNS servers under selinux no problems. Any updates on the master propagates happily to the slaves. Mind you these are low traffic DNS servers that sit behind a firewall. This will sit behind a firewall, but has an external view. Another thing is I have to learn about supporting the 4096 possible UDP source ports on my firewall. That is yet another thing to fix. And STILL not yet to DNSSEC config. I will probably rebuild the test box over the weekend and try without chroot. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos