[CentOS-announce] CESA-2013:0847 Moderate CentOS 5 kernel Update
CentOS Errata and Security Advisory 2013:0847 Moderate Upstream details at : https://rhn.redhat.com/errata/RHSA-2013-0847.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ab5044367344e995cb1eae8cfae59c2b6df68a8366ab6830b1b7fff6311de88e kernel-2.6.18-348.6.1.el5.i686.rpm 098b89256fe94e488bc11c7d7d5c9c633f26e6ce2f556027cb6a4c09d83c6b1a kernel-debug-2.6.18-348.6.1.el5.i686.rpm 07934a3d05a145d04f3174247f261ec83865876335ec30735b690a16d2155ffc kernel-debug-devel-2.6.18-348.6.1.el5.i686.rpm 9844fb6c5aa44ab6c81d364f5297d0a79312be417eaff79e14fc857b198c00c6 kernel-devel-2.6.18-348.6.1.el5.i686.rpm c677268f2a1d2eb32508693ccef0813e236b12909e8b32a785ccb472d53740e0 kernel-doc-2.6.18-348.6.1.el5.noarch.rpm de801934133ee709e3c513299db6f9e5876767e6a00ac55928ecad7d9762fdcd kernel-headers-2.6.18-348.6.1.el5.i386.rpm fe04425d4d7c8314ab42b7601be855c02d79a94dbeb5badce6c701acc35c11e6 kernel-PAE-2.6.18-348.6.1.el5.i686.rpm ef9181b7ff77bce3f1bec28a5e37360b8e64932f44531bc66c83216699e7e7e6 kernel-PAE-devel-2.6.18-348.6.1.el5.i686.rpm 765cf57dab52afb57f18bb84cc354f11ae3fa264b9b157bf84914cacb6db2b83 kernel-xen-2.6.18-348.6.1.el5.i686.rpm 347a8b9e89eea05d6b53e1b30fa5569593d62282c16561aff945e1604c7e4465 kernel-xen-devel-2.6.18-348.6.1.el5.i686.rpm x86_64: 02a6c7c2f002543eb61596fc3b16a3cb4a8a9d97218adb4caa8f2482fa062a94 kernel-2.6.18-348.6.1.el5.x86_64.rpm 4d0acfe18f15a26f2d32274a03e2daee04c7cd14043de85348c3e50cc513b5b8 kernel-debug-2.6.18-348.6.1.el5.x86_64.rpm 750bd839ca73cf262309eec0a34b82a2e14e2a5a64f1ad6d67eea47a8b8c95de kernel-debug-devel-2.6.18-348.6.1.el5.x86_64.rpm 1a2351ac39b3080b13e0904b6de03e4daa604f428ffdd038ff53402531977e30 kernel-devel-2.6.18-348.6.1.el5.x86_64.rpm c677268f2a1d2eb32508693ccef0813e236b12909e8b32a785ccb472d53740e0 kernel-doc-2.6.18-348.6.1.el5.noarch.rpm 0e84f4daf0c476e555c6ebf1ff261bd44c5e72a5bbe75fe5f574abb3376f7de4 kernel-headers-2.6.18-348.6.1.el5.x86_64.rpm 2df8bbdbb154d41d699bfec546d64d4ce80fddee4800657cd4c7d981f2519bc0 kernel-xen-2.6.18-348.6.1.el5.x86_64.rpm 96add8d6aeaa2c3cfc8fa2ea93b8ced13230353fbef3025e850d7e3858e704c3 kernel-xen-devel-2.6.18-348.6.1.el5.x86_64.rpm Source: 79f0fd50d589af4bc5772082dfd03ac7a6f1e1954f930c8c18583a84c9afdd56 kernel-2.6.18-348.6.1.el5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2013:0846 CentOS 5 xen Update
CentOS Errata and Bugfix Advisory 2013:0846 Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0846.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: ec631cb6cef6d16171547387d83540ee421f208c37e735064f03a4b61f920930 xen-3.0.3-142.el5_9.3.i386.rpm 52625a828dc04a4f501cad0e3e76c0f760a3934be4d079bad86c88b9ac730b1b xen-3.0.3-142.el5_9.3.i686.rpm a37c1d767aabc0be5a3510f2654b7543fdfe31c9571d982f97666268674d xen-devel-3.0.3-142.el5_9.3.i386.rpm 81f01c550d014391e5008eae46189bee65229401ff197737cc4c7ecb1df7df16 xen-devel-3.0.3-142.el5_9.3.i686.rpm 558ccfff31589f7e2b46a501e9f730d7aea01b81941dd82746b49a4871c36abd xen-libs-3.0.3-142.el5_9.3.i386.rpm 6b1cd54270c7cedf43126b650d6cac68a7441badcaaed58639d439b0a7df8bc2 xen-libs-3.0.3-142.el5_9.3.i686.rpm x86_64: e98666d9db0a5110cc81e925a594ea7bda9a1a5e0fde99c521755db29ac92924 xen-3.0.3-142.el5_9.3.x86_64.rpm a37c1d767aabc0be5a3510f2654b7543fdfe31c9571d982f97666268674d xen-devel-3.0.3-142.el5_9.3.i386.rpm 5feb695b37fd5dde27d223b55fcdf8437321f63f4cf6a228356b77e7ab4024a0 xen-devel-3.0.3-142.el5_9.3.x86_64.rpm 558ccfff31589f7e2b46a501e9f730d7aea01b81941dd82746b49a4871c36abd xen-libs-3.0.3-142.el5_9.3.i386.rpm 1d3f7879976677794109e382f561a36452e02035bb037b897f62e8d3861b0496 xen-libs-3.0.3-142.el5_9.3.x86_64.rpm Source: 9dbfd13241c4e3249f424d32ed6526e2b3662d969f3518dab3287b92926ae32b xen-3.0.3-142.el5_9.3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
Re: [CentOS-es] Uso de xhost display en centos
Debes ejecutar: root@mimaquina: ssh -X root@remotemachine Después en remotemachine ejecutar cualquier aplicación gráfica como por ejemplo firefox, nautilus o el instalador gráfico que necesitas. Ojo que debes tener X-Windows instalado en el server remoto para funcione: yum groupinstall X Window System y creo que las fuentes también deben estar instaladas yum groupinstall Fonts Cheers!! El 20 de mayo de 2013 15:16, Rodrigo Pichiñual Norin rodrigo.pichin...@gmail.com escribió: Hola Resulta que estoy en el siguiente escenario, estoy trabajando en centos y me conecto a una maquina virtual mediante linea de comandos, resulta que en esa maquina quiero instalar un programa, pero quiero instalarlo de manera grafica utilizando los recursos de mi escritorio. mimaquina ip (192.168.1.45) maquinaremote ip (192.168.1.50) root@mimaquina: ssh root@remotemachie root@remotemachine: export DISPLAY=192.168.1.45 pero esto no resulta. orientación al respecto Gracias ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Problemas al Montar Partición GFS2
Saludos Colegas. Estoy montando una Unidad Lógica con Global File System 2. en Centos 6.4-X86_64 pero al intentar montarla me da un error; gfs_controld join connect error: Connection refused error mounting lockproto lock_dlm verifique los modulos dlm y esta OK [root@web ~]# lsmod |grep gfs2 gfs2 381686 0 dlm 124613 1 gfs2 Esta es la informacion del Volumen formateado [root@web ~]# gfs2_tool sb /dev/VolGroup/mysql41 all mh_magic = 0x01161970 mh_type = 1 mh_format = 100 sb_fs_format = 1801 sb_multihost_format = 1900 sb_bsize = 4096 sb_bsize_shift = 12 no_formal_ino = 2 no_addr = 23 no_formal_ino = 1 no_addr = 22 sb_lockproto = lock_dlm sb_locktable = shared:gfs2 uuid = c5a699b3-3883-e1ca-a5e0-5ba62b663783 Alguna Idea o Sugerencia Gracias ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Openfire
Una solucion sucia es agregar ese comando en /etc/rc.local El 21/05/2013 13:39, Leonardo Serrano l...@audiovisuales.icaic.cu escribió: Hola y buenas tardes a todos los listeros, aqui tengo una duda, tengo un servidor openfire corriendo sobre Elastix, todos los usuarios que estan en mi rango de ip 10.*.*.* se conectan perfectamente, pero he tenido que agregar una ruta estatica para que los usuarios que estan incluidos en mi red que son FrameRelay 192.168.*.* puedan ver mi servidor y se conecten a el, todo funciona perfecto, lo que pasa es que cuando se va la corriente o el servidor se apaga por X motivos, luego de encender esta ruta desaparece, ya he buscado en internet pero sin resultado alguno, aqui les dejo la linea que agrego a ver si es que me falta algun parametro o algo asi route add -net 0.0.0.0 netmask 0.0.0.0 gw 10.10.0.50 asi me funciona perfectamente bien, pero bueno ya saben lo que me ocurre, espero si alguien puede me ayude Sin mas, gracias de antemano ___ Instituto Cubano del Arte e Industria Cinematográficos - ICAIC **Visite, Visit** http://www.cubacine.cu ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] security breach - ftp?
On Sun, May 19, 2013 at 9:29 PM, Philipp Duffner phil...@phphaus.com wrote: I think I really hit a snag with this one - I have no idea where to go forward from here. I'd appreciate any ideas. I use aide (akin to tripwire) to keep file signature db. The online db file is immutable but I also keep a copy of it offline (along with sha1sum) Run aide (the static binary) against the db file to detect changes (if any). Also rpm -qa --verify will list files whose MD5 sums have changed, not a full proof method. You may also look at fail2ban, mod_evasive, mod_security (EPEL repo). -- Arun Khan Sent from my non-iphone/non-android device (অরুণ খান্/अरुण खान) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ICMPv6 Neighbour Solication request is not answered by linux when IPv6 address is assigned via Netlink code.
Hi, I have a process which is running as a linux service and assigns IP addresses using netlink to configued interface in linux. For IPv4 addresses i do not see any issue with this assignment. When i try to assign an IPv6 address, the address gets assigned successfully to the interface, but the Neighbour Solication request received for that address is not responded with and hence ping6 from a different machine doesn't work. When i take the same netlink code and run it in a sample program the address gets assigned and the Neighbour solicitation is responded with a advertisement and hence ping6 works. IP assigned by the program : 7000::15/32 IP on client machine from where ping6 is done : 7000::17/32. Bot machines are connected to same Layer-2 switch. I have flushed the ip6tables on both the machines just to rule out any firewall issues. Thanks, Kevin Peterson ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to load balance interrupts of a NIC on the PCI-MSI-edge driver in CentOS? :(
Thanks John!, I understand now. I think there are some NICs that have different queues which are connected to the kernel in the form of different IRQs, and as thus can be load balanced nicely. Ive seen that on 10GigE NICs.. but iam wondering if by any chance you know if the one suggested can do such, or the name of the feature Iam looking for so I can browse myself? Alex On 20 May 2013 23:45, John R Pierce pie...@hogranch.com wrote: On 5/20/2013 10:24 PM, Alex Flex wrote: We run a reverse proxy so our CPU need for that is very small, plus we get syn flooded often.. which is why we have the need to be able to load between cores, i think it is justified. IRQ handlers are not reentrant, as the hardware can't deal with it. you can only have one CPU thread at a time in the IRQ handler for a specific device, so you might as well just handle one device with one CPU. if you have several ethernet adapters, then I'd hope the IRQs could be distributed one device interrupting both cores would cause a lot of trouble with hardware contention, or it would need to be all spinlocked which would make it worse, you'd be CPU bound in TWO cores in spinlocks half the time. but again, a Server adapter like a Intel Pro1000 or whatever, something like... http://www.amazon.com/Intel-1000-Dual-Server-Adapter/dp/B000BMZHX2 will do much better than some $5 realtek junk. -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ICMPv6 Neighbour Solication request is not answered by linux when IPv6 address is assigned via Netlink code.
On 21 May 2013 07:10, Kevin Peterson qh.res...@gmail.com wrote: Hi, I have a process which is running as a linux service and assigns IP addresses using netlink to configued interface in linux. For IPv4 addresses i do not see any issue with this assignment. If you could show ip addr show and ip route show it would help When i try to assign an IPv6 address, the address gets assigned successfully to the interface, but the Neighbour Solication request received for that address is not responded with and hence ping6 from a different machine doesn't work. Does it respond to the fe80:: address for that system or does it not respond on IPv6 at all? When i take the same netlink code and run it in a sample program the address gets assigned and the Neighbour solicitation is responded with a advertisement and hence ping6 works. Just for clarity's sake (since assumptions often lead to issues) this sample program is being run on the same system? Could you post the sample code? IP assigned by the program : 7000::15/32 IP on client machine from where ping6 is done : 7000::17/32. Have you changed these addresses for the purpose of email? Given that 7000:: is well outside of the addresses currently in RFCs there could be an edge case bug surrounding that ... what if you use an appropriate ULA address (fc00::/7) - does the issue appear in that case? You have a very odd subnet mask applied for that IPv6 address ... the general expectation is a single subnet is /64 ...and in fact /32 is huge given that a /32 is generally expected to be assigned to a complete ISP with most end users being between a /48 and a /56 in assignment... So there could be an edge case bug as well given the size of subnet being associated... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 99, Issue 9
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than Re: Contents of CentOS-announce digest... Today's Topics: 1. CEBA-2013:0835 CentOS 6 selinux-policy Update (Johnny Hughes) -- Message: 1 Date: Mon, 20 May 2013 21:40:06 + From: Johnny Hughes joh...@centos.org Subject: [CentOS-announce] CEBA-2013:0835 CentOS 6 selinux-policy Update To: centos-annou...@centos.org Message-ID: 20130520214006.ga40...@n04.lon1.karan.org Content-Type: text/plain; charset=us-ascii CentOS Errata and Bugfix Advisory 2013:0835 Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0835.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: dfb1bb4ec17400b1c6945e2da7063190b60dfb03219dc590bfbd0fb43d985b87 selinux-policy-3.7.19-195.el6_4.5.noarch.rpm 944c8db5d659d526320a9717da0b610619bb6912c8b87097b7d6709b06786bf8 selinux-policy-doc-3.7.19-195.el6_4.5.noarch.rpm 0a28b5bc11f3c2bd554ef548dc3db8338aeb22fe4b63029361a80ad75e094d28 selinux-policy-minimum-3.7.19-195.el6_4.5.noarch.rpm 05d0bddd2d028cf23bcc3fb7a7fd47fb3660e990362b8770cec0ac4ff1a5734c selinux-policy-mls-3.7.19-195.el6_4.5.noarch.rpm b1fda473fea9012d18c2296692a9b0537317c7efc5ef3abbec9cb5aa3b435161 selinux-policy-targeted-3.7.19-195.el6_4.5.noarch.rpm x86_64: dfb1bb4ec17400b1c6945e2da7063190b60dfb03219dc590bfbd0fb43d985b87 selinux-policy-3.7.19-195.el6_4.5.noarch.rpm 944c8db5d659d526320a9717da0b610619bb6912c8b87097b7d6709b06786bf8 selinux-policy-doc-3.7.19-195.el6_4.5.noarch.rpm 0a28b5bc11f3c2bd554ef548dc3db8338aeb22fe4b63029361a80ad75e094d28 selinux-policy-minimum-3.7.19-195.el6_4.5.noarch.rpm 05d0bddd2d028cf23bcc3fb7a7fd47fb3660e990362b8770cec0ac4ff1a5734c selinux-policy-mls-3.7.19-195.el6_4.5.noarch.rpm b1fda473fea9012d18c2296692a9b0537317c7efc5ef3abbec9cb5aa3b435161 selinux-policy-targeted-3.7.19-195.el6_4.5.noarch.rpm Source: dad5529bb99ba4336b4fe96e8bfc0ac371fb6faf068bdfb11da95e2bbc2ac329 selinux-policy-3.7.19-195.el6_4.5.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net -- ___ CentOS-announce mailing list centos-annou...@centos.org http://lists.centos.org/mailman/listinfo/centos-announce End of CentOS-announce Digest, Vol 99, Issue 9 ** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security breach - ftp?
From: Philipp Duffner phil...@phphaus.com ...so I thought! Today the website got hacked again - the same exploit on the pages, meaning same attacker. And again I can see nothing suspicious except for the successful FTP logon just before the modification time of the infected html/php: ... I know for a fact it couldn't have been the website owner because I didn't give him the new FTP password yet. How did you change the password? Remotely? Did you check your own PC? JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ReiserFS - status?
Hi All. What is the status of ReiserFS in CentOS at the moment? I have some servers which use it as a loadable kernel module. I am thinking about a filesystem for database systems and would like to know if ReiserFS will be maintained in CentOS/Linux kernel in the future? Best regards, Rafal. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ReiserFS - status?
Am Tue, 21 May 2013 14:11:31 +0200 schrieb Rafał Radecki radecki.ra...@gmail.com: Hi All. What is the status of ReiserFS in CentOS at the moment? I have some servers which use it as a loadable kernel module. I am thinking about a filesystem for database systems and would like to know if ReiserFS will be maintained in CentOS/Linux kernel in the future? The author and primary developer of the filesystem has some legal troubles and does not have an internet-connection at the moment, AFAIK. Describing the filesystem (and its author's) future as bleak wouldn't be an understatement IMO. Insert inappropriate word-plays and connotations here Is your use-case so extreme that the filesystem actually matters? It's not 2001 anymore. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Script Help
From: James Pifer j...@obrien-pifer.com I have a long file that has lines like this: some text some text2 CN=DATA.OU=XYZ.O=CO some text3 some text4 I need to change the middle line but leave the rest of the file as is like this: some text some text2 CN=XYZ_DATA.OU=XYZ.O=CO some text3 some text4 IFS=.; cat file | while read L; do set $L; if [ $1 = CN=DATA ]; then P1=${1#CN=}; P2=${2#OU=}; echo CN=${P2}_$P1.$2.$3; else echo $*; fi; done JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ReiserFS - status?
Hi All. What is the status of ReiserFS in CentOS at the moment? I have some servers which use it as a loadable kernel module. I am thinking about a filesystem for database systems and would like to know if ReiserFS will be maintained in CentOS/Linux kernel in the future? Since Hans Reiser will be in prison for the next 10 years and the homepage of the company namesys - which is/was the main developing team - is no longer reachable, I think the future will more than vague. I don't even know if there is someone in charge for the development. So I think this filesystem will slowly disappear. CU Hartmut Best regards, Rafal. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ReiserFS - status?
On Tue, May 21, 2013 at 8:40 AM, Woehrle Hartmut SBB CFF FFS (Extern) hartmut.woeh...@sbb.ch wrote: Hi All. What is the status of ReiserFS in CentOS at the moment? I have some servers which use it as a loadable kernel module. I am thinking about a filesystem for database systems and would like to know if ReiserFS will be maintained in CentOS/Linux kernel in the future? Since Hans Reiser will be in prison for the next 10 years and the homepage of the company namesys - which is/was the main developing team - is no longer reachable, I think the future will more than vague. I don't even know if there is someone in charge for the development. So I think this filesystem will slowly disappear. CU Hartmut Best regards, Rafal. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos http://www.serverfocus.org/reiserfs-vs-ext4-vs-xfs-vs-zfs-vs-btrfs To be honest, given Hans Reiser's antagonism to the Linux community and his arrogance to name an FS after himself, well, I hope that that filesystem simply fades. Was rewriting huge chunks of the kernel really necessary? In the above link you can find comparisons between the various file systems, their advantages and disadvantages. Perhaps you can find something more contemporary that can help you? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS source rpm repository setup
Hi. I thought I might set up my CentOS 6 system with a source rpm repository config, so that I'll be able to download srpm files via yumdownloader --source or similar. I'm thinking that in order to this, I have to add something like the following to the yum repos config: [base-source] name=CentOS-$releasever - Base (SRPMS) baseurl=http://mirror.centos.org/centos/$releasever/os/SRPMS gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 #released updates [updates-source] name=CentOS-$releasever - Updates (SRPMS) baseurl=http://mirror.centos.org/centos/$releasever/updates/SRPMS gpgcheck=1 gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-6 The question is, what I specify as baseurl? The above does not actually work, as http://mirror.centos.org/ does not have SRPMS subdirectories, although I believe it did in the past for earlier versions. So, does anyone know of URLs I can use instead? Thanks, - Toralf This e-mail, including any attachments and response string, may contain proprietary information which is confidential and may be legally privileged. It is for the intended recipient only. If you are not the intended recipient or transmission error has misdirected this e-mail, please notify the author by return e-mail and delete this message and any attachment immediately. If you are not the intended recipient you must not use, disclose, distribute, forward, copy, print or rely on this e-mail in any way except as permitted by the author. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Script Help
From: John Doe jd...@yahoo.com From: James Pifer j...@obrien-pifer.com I have a long file that has lines like this: some text some text2 CN=DATA.OU=XYZ.O=CO some text3 some text4 I need to change the middle line but leave the rest of the file as is like this: some text some text2 CN=XYZ_DATA.OU=XYZ.O=CO some text3 some text4 IFS=.; cat file | while read L; do set $L; if [ $1 = CN=DATA ]; then P1=${1#CN=}; P2=${2#OU=}; echo CN=${P2}_$P1.$2.$3; else echo $*; fi; done Oops, if DATA means DATA: IFS=.; cat file | while read L; do set $L; if [ $1 = CN=DATA ]; then P=${2#OU=}; echo CN=${P}_DATA.$2.$3; else echo $*; fi; done If DATA is generic: IFS=.; cat file | while read L; do set $L; if [ ${1%=*} = CN ]; then P1=${1#CN=}; P2=${2#OU=}; echo CN=${P2}_$P1.$2.$3; else echo $*; fi; done JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best configuration for encrypted software RAID 1?
On Mon, May 20, 2013 at 2:07 PM, SilverTip257 silvertip...@gmail.com wrote: On Fri, May 17, 2013 at 9:48 PM, Dave Johansen davejohan...@gmail.comwrote: On Fri, May 17, 2013 at 12:04 PM, SilverTip257 silvertip...@gmail.com wrote: On Fri, May 17, 2013 at 12:42 PM, SilverTip257 silvertip...@gmail.com wrote: On Fri, May 17, 2013 at 11:21 AM, Dave Johansen davejohan...@gmail.comwrote: [0] https://wiki.archlinux.org/index.php/Dm-crypt_with_LUKS Thanks for the feedback. I'm actually doing this through an Anaconda config file and I'm using the following settings: part raid.boota --size=500 --ondisk sda part raid.bootb --size=500 --ondisk sdb raid /boot --fstype=ext4 --level=1 --device=md0 raid.boota raid.bootb part raid.slasha --grow --size=500 --ondisk sda part raid.slashb --grow --size=500 --ondisk sdb raid / --fstype=ext4 --level=1 --encrypted --passphrase=passphrase --device=md1 raid.slasha raid.slashb Is that the right way to do it? Or is there a configuration that would work better? That looks right. Maybe somebody else will have a tip. You might also reference the advanced example here [0]. [0] http://www.centos.org/docs/5/html/Installation_Guide-en-US/s1-kickstart2-options.html#s2-kickstart2-options-part-examples That example is helpful for the RAID stuff, but it doesn't show an example of encryption and so that's what my question is really about. Should the raid line have the encryption like I have in my example? Or should it be on each of the partitions? I'm just curious if there's a It is impossible to encrypt /boot... (you only have one other partition = root) Single LUKS volume = ease of management? So I'm thinking LUKS with LVM inside. Yes, just ease of management. We're not going to be adding/changing disks or anything and only having to type a single passphrase is best. If you encrypt root, but don't encrypt swap you could be exposing data. As far as I've seen if you encrypt root, then you encrypt swap and most/all other partitions. It really depends on what you want encrypted (remember there will be some CPU cycles and additional I/O wait). Thanks for the reminder, but we're actually not using swap on this system. pro/con to each of those options. My very basic/quick testing seemed to indicate that doing it on the raid line was the better solution, ** Where else would you place the encryption? (Please list of scenarios.) ** The encryption could be on the individual partitions and then the raid would use the two encrypted partitions. I tried this and it seemed that then there were two encryption processes running so my very simple testing seemed to indicate that this sort of configuration would double the CPU usage. You'll notice I choose not to put the LUKS passphrase in plain text in the kickstart config (Anaconda asks for one before partitioning the disks). I have an example below with and without LVM. I've done non-LVM encrypted setups in the past, so I haven't tested that recently. But the raid+luks+lvm I kickstarted on a test VM (notice the virtio disks). Thanks the examples are good for comparison. but I was just wondering if anyone had experience with this? # clears ALL partitions on ALL drives clearpart --all --initlabel # set up software raid arrays part raid.01 --size=512 --asprimary --ondisk=vda part raid.02 --size=512 --asprimary --ondisk=vdb part raid.03 --size=1024 --asprimary --ondisk=vda part raid.04 --size=1024 --asprimary --ondisk=vdb part raid.05 --size=5120 --asprimary --grow --ondisk=vda part raid.06 --size=5120 --asprimary --grow --ondisk=vdb # set up partitions on the software raid array (no LVM) #raid /boot --fstype=ext4 --level=RAID1 raid.01 raid.02 #raid swap --fstype=swap --level=RAID0 raid.03 raid.04 --encrypted #raid / --fstype=ext4 --level=RAID1 raid.05 raid.06 --encrypted ## # OR # ## # set up partitions on the software raid array (with LVM) raid /boot --fstype=ext4 --device=md0 --level=RAID1 raid.01 raid.02 raid swap--fstype=swap --device=md1 --level=RAID0 raid.03 raid.04 --encrypted raid pv.01 --fstype=ext4 --device=md2 --level=RAID1 raid.05 raid.06 --encrypted # actual LVM volume group and logical volumes volgroup vg00 pv.01 logvol / --vgname=vg00 --size=4096 --maxsize=6144 --grow --fstype=ext4 --name=rootfs logvol /home --vgname=vg00 --size=512 --grow --fstype=ext4 --name=home Thanks, Dave ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I've noticed the same passphrase is used for both LUKS volumes (Anaconda only asked for a passphrase once) -- swap and the LVM PV are separate softraid MDs. We want the kickstart to be fully automated/unattended. We use a dummy passphrase during the
[CentOS] CentOS Dojo and Barbecue - Aldershot, UK on 12th July 2013
Hi, The next CentOS Dojo is coming to Aldershot, UK - a 45 min train ride from London Waterloo station - on the 12th July 2013. We have a great, and growing list of speakers already on the agenda, and another few waiting to confirm. And, the venue sponsors - catn.com - are going to organise a hog roast barbecue and beet for everyone attending once the talks are done ( 4pm'ish ). So another great reason to come along and say hi. Details on the day: http://wiki.centos.org/Events/Dojo/Aldershot2013 Registration URL : http://centosdojoaldershot.eventbrite.co.uk/# I will post another followup email once we have the agenda finalised, but if you are in the area - or can get to the area on the 12th July - I highly recommend you come along. Its going to be a great event! Regards, -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] semi-OT: flashing the BIOS on an HP dl580 GT, afterward
When last we saw our hero, er, sysadmin, he'd found that the noarch BIOS update was, in fact, a self-extracting .exe file, and he'd extracted it. Finally getting the ok to take the system down, the following hilarity (for small values of hilarity) ensued. First, booting off unetbootin to freedos was fine... except it was try to guess which version - freedos + emm386 + himem, no himem, live CD only, or, finally, no drivers loaded, which works. It gags on something orders of magnitude larger than it was written for, y'know. Then I discover that the builtin type command does *not* have /p, and there's no more command, and I should have read the longer files before I started this. Fun with ctrl-s ensues. Finally, I find what are actually DOS config.sys files, with different extensions, and read them - they're one-liners, and find out how to run the rompaq.exe that runs the utility to flash the drives, and run it. And again. And again. And *finally* get the reason it's failing, and (to save the original name) copied the actual data from an 8.3 name into 7 char, which the utility demands: *exactly* seven chars, no more, no less. And unlike the Dell utility, which give you lots of warm fuzzies (collecting data, this is for this hardware, this is newer, do you want to update?), this just does it. Fortunately, this HBS contains a backup ROM, just in case And a three-finger kill later, it's up. And I put the memory boards back in, so we'll see if the BIOS update fixed the memory problems (remember them? this song's about them) mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ICMPv6 Neighbour Solication request is not answered by linux when IPv6 address is assigned via Netlink code.
Hi Janes, Here is the ouput for ip addr show 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: NO-CARRIER,BROADCAST,MULTICAST,UP mtu 1500 qdisc pfifo_fast state DOWN qlen 1000 link/ether 4c:72:b9:66:02:7f brd ff:ff:ff:ff:ff:ff inet 172.16.8.50/16 brd 172.16.255.255 scope global eth0 inet6 fe80::4e72:b9ff:fe66:27f/64 scope link valid_lft forever preferred_lft forever 3: eth1: BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master bond0 state UP qlen 1000 link/ether 00:03:ba:b1:ad:64 brd ff:ff:ff:ff:ff:ff 4: eth2: BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master bond0 state UP qlen 1000 link/ether 00:03:ba:b1:ad:64 brd ff:ff:ff:ff:ff:ff 5: eth3: BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master bond1 state UP qlen 1000 link/ether 00:03:ba:b1:ad:66 brd ff:ff:ff:ff:ff:ff 6: eth4: BROADCAST,MULTICAST,SLAVE,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master bond1 state UP qlen 1000 link/ether 00:03:ba:b1:ad:66 brd ff:ff:ff:ff:ff:ff 9: bond0: BROADCAST,MULTICAST,MASTER,UP,LOWER_UP mtu 1500 qdisc noqueue state UP link/ether 00:03:ba:b1:ad:64 brd ff:ff:ff:ff:ff:ff inet 172.16.13.100/16 brd 172.16.255.255 scope global bond0 inet6 7000::15/32 scope global valid_lft forever preferred_lft forever inet6 fe80::203:baff:feb1:ad64/64 scope link valid_lft forever preferred_lft forever 10: bond1: BROADCAST,MULTICAST,MASTER,UP,LOWER_UP mtu 1500 qdisc noqueue state UP link/ether 00:03:ba:b1:ad:66 brd ff:ff:ff:ff:ff:ff inet 10.1.8.101/24 brd 10.1.8.255 scope global bond1 inet6 fe80::203:baff:feb1:ad66/64 scope link valid_lft forever preferred_lft forever Output of ip route show is below: [root@hadev1 ~]# ip route show 10.1.8.0/24 dev bond1 proto kernel scope link src 10.1.8.101 169.254.0.0/16 dev eth0 scope link metric 1002 169.254.0.0/16 dev bond0 scope link metric 1009 169.254.0.0/16 dev bond1 scope link metric 1010 172.16.0.0/16 dev bond0 proto kernel scope link src 172.16.13.100 172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.8.50 default via 172.16.6.250 dev bond0 -- 2. I get a response for fe80:: address. 3. Sample program is being run on the same machine. Here is the snippet of code i am using to assign IP address: int AssignIpAddressToInterface(const char *interfaceName, const char *ipAddress, unsigned char routingPrefix, bool assign) { int addrFamily = GetAddrFamily(ipAddress); if (addrFamily == -1) return addrFamily; struct RtNetlinkIpAddressReq rtNetlinkIpAddressReq; int fd; struct sockaddr_nl la; struct sockaddr_nl pa; struct msghdr msgHdr; struct iovec ioVec; int rc; int ifAddrMsgLen; struct rtattr *pRtAttr; fd = socket(AF_NETLINK, SOCK_RAW, NETLINK_ROUTE); bzero(la, sizeof (la)); la.nl_family = AF_NETLINK; la.nl_pid = getpid(); bind(fd, (struct sockaddr*) la, sizeof (la)); bzero(rtNetlinkIpAddressReq, sizeof (rtNetlinkIpAddressReq)); ifAddrMsgLen = sizeof (struct ifaddrmsg); pRtAttr = (struct rtattr *) rtNetlinkIpAddressReq.buf; pRtAttr-rta_type = IFA_ADDRESS; if (addrFamily == AF_INET) { pRtAttr-rta_len = sizeof (struct rtattr) + 4; inet_pton(AF_INET, ipAddress, ((char *) pRtAttr) + sizeof (struct rtattr)); } else if (addrFamily == AF_INET6) { pRtAttr-rta_len = sizeof (struct rtattr) + 16; inet_pton(AF_INET6, ipAddress, ((char *) pRtAttr) + sizeof (struct rtattr)); } ifAddrMsgLen += pRtAttr-rta_len; pRtAttr = (struct rtattr *) (((char *) pRtAttr) + pRtAttr-rta_len); pRtAttr-rta_type = IFA_LOCAL; if (addrFamily == AF_INET) { pRtAttr-rta_len = sizeof (struct rtattr) + 4; inet_pton(AF_INET, ipAddress, ((char *) pRtAttr) + sizeof (struct rtattr)); } else if (addrFamily == AF_INET6) { pRtAttr-rta_len = sizeof (struct rtattr) + 16; inet_pton(AF_INET6, ipAddress, ((char *) pRtAttr) + sizeof (struct rtattr)); } ifAddrMsgLen += pRtAttr-rta_len; rtNetlinkIpAddressReq.nl.nlmsg_len = NLMSG_LENGTH(ifAddrMsgLen); rtNetlinkIpAddressReq.nl.nlmsg_flags = NLM_F_REQUEST | NLM_F_CREATE | NLM_F_APPEND; if (assign) rtNetlinkIpAddressReq.nl.nlmsg_type = RTM_NEWADDR; else rtNetlinkIpAddressReq.nl.nlmsg_type = RTM_DELADDR; if (addrFamily == AF_INET) rtNetlinkIpAddressReq.rt.ifa_family = AF_INET; else if (addrFamily == AF_INET6)
Re: [CentOS] CentOS source rpm repository setup
On 21.Mai.2013, at 15:53, Toralf Lund wrote: Hi. I thought I might set up my CentOS 6 system with a source rpm repository config, so that I'll be able to download srpm files via yumdownloader --source or similar. … The question is, what I specify as baseurl? The above does not actually work, as http://mirror.centos.org/ does not have SRPMS subdirectories, although I believe it did in the past for earlier versions. So, does anyone know of URLs I can use instead? They moved it into the vault some time ago. http://vault.centos.org -- Markus ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Script Help
On Sat, May 18, 2013 at 7:31 PM, James Pifer j...@obrien-pifer.com wrote: Let's say my original lines are: CN=DATA.OU=XYZ.O=CO CN=DATA.OU=XYY.OU=MEM.O=CO CN=DATA.OU=XZZ.OU=OOP.O=CO I want them to look like: CN=XYZ_DATA.OU=XYZ.O=CO CN=XYY_DATA.OU=XYY.OU=MEM.O=CO CN=XZZ_DATA.OU=XZZ.OU=OOP.O=CO So I need to take the data after the FIRST OU and stick in front of DATA with an _ in between. The rest of the line then remains the same. Hope it makes sense. Appreciate the help! This should work as long as the first OU always follows CN=DATA.: sed -e's/DATA.OU=\(\w*\)/\1_DATA.OU=\1/' -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ICMPv6 Neighbour Solication request is not answered by linux when IPv6 address is assigned via Netlink code.
Output of ip route show is below: [root@hadev1 ~]# ip route show 10.1.8.0/24 dev bond1 proto kernel scope link src 10.1.8.101 169.254.0.0/16 dev eth0 scope link metric 1002 169.254.0.0/16 dev bond0 scope link metric 1009 169.254.0.0/16 dev bond1 scope link metric 1010 172.16.0.0/16 dev bond0 proto kernel scope link src 172.16.13.100 172.16.0.0/16 dev eth0 proto kernel scope link src 172.16.8.50 default via 172.16.6.250 dev bond0 -- Please don't top post. Given we are talking about IPv6 - my apologies I forgot ip route show defaults to v4 information ... If you could redo with ip -6 route show that'd be great... Whilst testing (and in general) stick to /64 assignments - that is the expectation and best place to start ... and similarly either use a provided IP space (from a tunnel broker if need be) or use ULA to avoid edge cases there ... if that works then you can test outside the expected areas ... With the behaviour you mention I'm curious as to whether an entry for the network is being entered into the table at all on the system the code snippet is run on versus the one where ip addr add is used... As an example from my system after doing an ip addr add fc0017/64 dev eth0 the routing table looks like: $ ip -6 route show 2001::/32 dev teredo proto kernel metric 256 fc00::/64 dev eth0 proto kernel metric 256 fe80::/64 dev eth0 proto kernel metric 256 fe80::/64 dev teredo proto kernel metric 256 default dev teredo metric 1029 Check before and after you have done your code snippet... You might find it'll work fine if you preconfigure the routing table with that subnet (or just add another ipv6 address on that subnet to have it done automatically that way)... If no route for that network gets entered it may not be surprising not to be able to ping until the first machine has and the neighbour is discovered that way... Are you also 100% sure you are not dropping any ICMPv6 packets between systems - no transparent firewalls or anything? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ReiserFS - status?
On 5/21/2013 5:55 AM, Yves S. Garret wrote: http://www.serverfocus.org/reiserfs-vs-ext4-vs-xfs-vs-zfs-vs-btrfs ... In the above link you can find comparisons between the various file systems, their advantages and disadvantages. Perhaps you can find something more contemporary that can help you? pretty good summary, but I take issue with the XFS summary statement, If you really like to tweak your system to meet your needs, XFS is a great way to go..XFS requires no tweaking at all, just `mkfs.xfs /dev/vg_bigdata/lvwhatever` and mount and go. Its not suitable as the root file system for CentOS (mostly because Anaconda doesn't know how to set it up), but for data volumes, its king.only caveat is, the system MUST be 64bit, and you should have a fair amount of RAM to ensure xfs_check can handle the bajillions of files and links likely to accumulate on larger volumes. -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to load balance interrupts of a NIC on the PCI-MSI-edge driver in CentOS? :(
Thanks John, You have been most helpful. Do you happen to have any suggestion to the following: In my lab test with two identical Core I5 machines I created a syn flood on a gigabit switch: In the originating machine I was able to get 800k pps using one core only and that core was used at 75% with top reporting most of the consumption was at SYS, and SI almost nothing. At the recieving side the core assigned to the IRQ of the NIC was maxed with 100% SI (syn cookies was disabled). Why is clearly so significantly expensive for the recieving side rather than the sending side to process a syn flood if they have identical hardware? Oh and btw the recieving side could only do 400k pps. Thanks! Alex On 05/20/2013 11:45 PM, John R Pierce wrote: On 5/20/2013 10:24 PM, Alex Flex wrote: We run a reverse proxy so our CPU need for that is very small, plus we get syn flooded often.. which is why we have the need to be able to load between cores, i think it is justified. IRQ handlers are not reentrant, as the hardware can't deal with it. you can only have one CPU thread at a time in the IRQ handler for a specific device, so you might as well just handle one device with one CPU. if you have several ethernet adapters, then I'd hope the IRQs could be distributed one device interrupting both cores would cause a lot of trouble with hardware contention, or it would need to be all spinlocked which would make it worse, you'd be CPU bound in TWO cores in spinlocks half the time. but again, a Server adapter like a Intel Pro1000 or whatever, something like... http://www.amazon.com/Intel-1000-Dual-Server-Adapter/dp/B000BMZHX2 will do much better than some $5 realtek junk. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SuperMicro with LSI MegaRaid with Centos 6.0
Everyone, I am trying to install a Centos 6.0 system on a SuperMicro with an LSI MegaRaid SCSI 320-2 controller. I had originally tried to install 6.4, but the 6.4 install DVD does not boot with this configuration. See : http://bugs.centos.org/view.php?id=5377 Fortunately, the 6.0 install DVD worked fine until it failed to identify the hard disc controller. I checked the lsi.com site which had a driver for RH 3 and RH4, but not 5 and not 6. The interesting thing about this machine is that I had Centos 5.0 installed without difficulty (that over time upgraded to 5.9) Does anyone have any idea of a driver I could use to get Centos 6.0 up and running. Thanks Greg Ennis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Force anaconda to use GPT labels on all drives?
On 05/21/2013 01:25 AM, Tucker wrote: did you try setting : X86._disklabel_types = ['gpt'] I have not, as I was unaware this was possible. How/Where do I set that? I assume it's either a kernel option or something I put in %pre (is it a literal in %per?)... ? I found the method that checks that value but am not currently familiar enough with the code involved to trace it back. I dont think you can specify that via the command line, might need to be an updates.img -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SuperMicro with LSI MegaRaid with Centos 6.0
Gregory P. Ennis wrote: I am trying to install a Centos 6.0 system on a SuperMicro with an LSI MegaRaid SCSI 320-2 controller. I had originally tried to install 6.4, but the 6.4 install DVD does not boot with this configuration. See : http://bugs.centos.org/view.php?id=5377 I don't think you understand how to use it. First, BEFORE YOU TRY TO INSTALL, use the firmware option while it's getting up - I think it's ctrl-R, and create a logical drive, whatever RAID level you want, with spares if it's not just RAID 1. Tell it to initialize (you can do a quick initialize). Then exit that, and it'll reboot, and Linux will see it presented by the controller as one physical drive, and it should be happy. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Script Help
Hi James, perl -pne 's/^(CN=)(DATA\.OU=)((.*?)\.O=CO)$/$1$4_$2$3/' /file/name or, if you prefer in-place editing, perl -i.bak -pne 's/(CN=)(DATA\.OU=)((.*?)\.O=CO)/$1$4_$2$3/' /file/name which replaces the file with the modified version and keeps a .bak file around for security. Example: lagavulin:~ pete$ cat /tmp/test some text some text2 CN=DATA.OU=XYZ.O=CO some text3 some text4 some text some text2 CN=DATA.OU=RST.O=CO some text3 some text4 some text some text2 CN=DATA.OU=ABC.O=CO some text3 some text4 some text some text2 CN=DATA.OU=UVWXYZ.O=CO some text3 some text4 lagavulin:~ pete$ perl -pne 's/(CN=)(DATA\.OU=)((.*?)\.O=CO)/$1$4_$2$3/' /tmp/test some text some text2 CN=XYZ_DATA.OU=XYZ.O=CO some text3 some text4 some text some text2 CN=RST_DATA.OU=RST.O=CO some text3 some text4 some text some text2 CN=ABC_DATA.OU=ABC.O=CO some text3 some text4 some text some text2 CN=UVWXYZ_DATA.OU=UVWXYZ.O=CO some text3 some text4 I guess that's what you need. Best regards, Peter. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SuperMicro with LSI MegaRaid with Centos 6.0
Gregory P. Ennis wrote: I am trying to install a Centos 6.0 system on a SuperMicro with an LSI MegaRaid SCSI 320-2 controller. I had originally tried to install 6.4, but the 6.4 install DVD does not boot with this configuration. See : http://bugs.centos.org/view.php?id=5377 I don't think you understand how to use it. First, BEFORE YOU TRY TO INSTALL, use the firmware option while it's getting up - I think it's ctrl-R, and create a logical drive, whatever RAID level you want, with spares if it's not just RAID 1. Tell it to initialize (you can do a quick initialize). Then exit that, and it'll reboot, and Linux will see it presented by the controller as one physical drive, and it should be happy. mark - Mark, Thank you for your response. You are correct in that I may not understand how to configure the LSI, but I had some help that was very familiar with the LSI controller, but not familiar with Linux. Actually the configuration key is ctrl-M or ctrl-H, and we did create a RAID Level 1; we also did an initialization that resulted in a 100% a consistency check. After this, I expected to be able to start the 6.0 install, but when the install disc got to the point of evaluating the hard discs it did not find any, and gave me a prompt screen allowing me to select a driver from a list, or add a driver via a floppy disc. There were (maybe four) LSI drivers in their list, and I tried all of them without success. Thanks again, any other ideas ?? Greg ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Script Help
Oops, I read that too late ... Let's say my original lines are: CN=DATA.OU=XYZ.O=CO CN=DATA.OU=XYY.OU=MEM.O=CO CN=DATA.OU=XZZ.OU=OOP.O=CO I want them to look like: CN=XYZ_DATA.OU=XYZ.O=CO CN=XYY_DATA.OU=XYY.OU=MEM.O=CO CN=XZZ_DATA.OU=XZZ.OU=OOP.O=CO then the perl script would be perl -pne 's/(CN=)(DATA\.OU=)((.*?)\.O.*)$/$1$4_$2$3/' /file/name Best regards, Peter. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best configuration for encrypted software RAID 1?
On 15.Mai.2013, at 18:22, Dave Johansen wrote: My main question is will it be better to encrypt the RAID itself or the two partitions used by the RAID? encrypt data once and let md mirror the encrypted stuff or let md mirror and encrypt data twice, once per raid member. Encryption is CPU hungry. Performance wise the winner seems clear. -- Markus ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SuperMicro with LSI MegaRaid with Centos 6.0
Gregory P. Ennis wrote: Gregory P. Ennis wrote: I am trying to install a Centos 6.0 system on a SuperMicro with an LSI MegaRaid SCSI 320-2 controller. I had originally tried to install 6.4, but the 6.4 install DVD does not boot with this configuration. See : http://bugs.centos.org/view.php?id=5377 I don't think you understand how to use it. First, BEFORE YOU TRY TO INSTALL, use the firmware option while it's getting up - I think it's ctrl-R, and create a logical drive, whatever RAID level you want, with spares if it's not just RAID 1. Tell it to initialize (you can do a quick initialize). Then exit that, and it'll reboot, and Linux will see it presented by the controller as one physical drive, and it should be happy. Thank you for your response. You are correct in that I may not understand how to configure the LSI, but I had some help that was very familiar with the LSI controller, but not familiar with Linux. Actually the configuration key is ctrl-M or ctrl-H, and we did create a RAID Level 1; we also did an initialization that resulted in a 100% a consistency check. After this, I expected to be able to start the 6.0 install, but when the install disc got to the point of evaluating the hard discs it did not find any, and gave me a prompt screen allowing me to select a driver from a list, or add a driver via a floppy disc. There were (maybe four) LSI drivers in their list, and I tried all of them without success. Thanks again, any other ideas ?? If it's any help, some googling suggests that the 320 is what Dell rebranded as a PERC 4. It's kind of possible that there are 32-bit drivers for it - it does seem to be an old controller, though. The firmware for the controller *is* presenting one logical drive, correct? I also found this: http://www.lsi.com/support/Pages/download-search.aspx, so you might mouse around and see what you can find. I see it's on that page under legacy storage, btw. Good luck. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SuperMicro with LSI MegaRaid with Centos 6.0
Gregory P. Ennis wrote: Gregory P. Ennis wrote: I am trying to install a Centos 6.0 system on a SuperMicro with an LSI MegaRaid SCSI 320-2 controller. I had originally tried to install 6.4, but the 6.4 install DVD does not boot with this configuration. See : http://bugs.centos.org/view.php?id=5377 I don't think you understand how to use it. First, BEFORE YOU TRY TO INSTALL, use the firmware option while it's getting up - I think it's ctrl-R, and create a logical drive, whatever RAID level you want, with spares if it's not just RAID 1. Tell it to initialize (you can do a quick initialize). Then exit that, and it'll reboot, and Linux will see it presented by the controller as one physical drive, and it should be happy. Thank you for your response. You are correct in that I may not understand how to configure the LSI, but I had some help that was very familiar with the LSI controller, but not familiar with Linux. Actually the configuration key is ctrl-M or ctrl-H, and we did create a RAID Level 1; we also did an initialization that resulted in a 100% a consistency check. After this, I expected to be able to start the 6.0 install, but when the install disc got to the point of evaluating the hard discs it did not find any, and gave me a prompt screen allowing me to select a driver from a list, or add a driver via a floppy disc. There were (maybe four) LSI drivers in their list, and I tried all of them without success. Thanks again, any other ideas ?? If it's any help, some googling suggests that the 320 is what Dell rebranded as a PERC 4. It's kind of possible that there are 32-bit drivers for it - it does seem to be an old controller, though. The firmware for the controller *is* presenting one logical drive, correct? I also found this: http://www.lsi.com/support/Pages/download-search.aspx, so you might mouse around and see what you can find. I see it's on that page under legacy storage, btw. Good luck. mark --- Mark, Thanks for your help. I will take a look. I was wondering if I may need to get a more recent controller? Greg ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SuperMicro with LSI MegaRaid with Centos 6.0
Gregory P. Ennis wrote: Gregory P. Ennis wrote: Gregory P. Ennis wrote: I am trying to install a Centos 6.0 system on a SuperMicro with an LSI MegaRaid SCSI 320-2 controller. I had originally tried to install 6.4, but the 6.4 install DVD does not boot with this configuration. See : http://bugs.centos.org/view.php?id=5377 I don't think you understand how to use it. First, BEFORE YOU TRY TO INSTALL, use the firmware option while it's getting up - I think it's ctrl-R, and create a logical drive, whatever RAID level you want, with spares if it's not just RAID 1. Tell it to initialize (you can do a quick initialize). Then exit that, and it'll reboot, and Linux will see it presented by the controller as one physical drive, and it should be happy. Thank you for your response. You are correct in that I may not understand how to configure the LSI, but I had some help that was very familiar with the LSI controller, but not familiar with Linux. Actually the configuration key is ctrl-M or ctrl-H, and we did create a RAID Level 1; we also did an initialization that resulted in a 100% a consistency check. After this, I expected to be able to start the 6.0 install, but when the install disc got to the point of evaluating the hard discs it did not find any, and gave me a prompt screen allowing me to select a driver from a list, or add a driver via a floppy disc. There were (maybe four) LSI drivers in their list, and I tried all of them without success. Thanks again, any other ideas ?? If it's any help, some googling suggests that the 320 is what Dell rebranded as a PERC 4. It's kind of possible that there are 32-bit drivers for it - it does seem to be an old controller, though. The firmware for the controller *is* presenting one logical drive, correct? I also found this: http://www.lsi.com/support/Pages/download-search.aspx, so you might mouse around and see what you can find. I see it's on that page under legacy storage, btw. Thanks for your help. I will take a look. I was wondering if I may need to get a more recent controller? Depends on your budget. If software raid works for you, Linux's own md works very nicely. DON'T USE the Intel fakeraid. More money: a Dell PERC 6 or 7 - they're also rebranded LSI's, and work fine, and we use CentOS 5 and 6 almost exclusively, and have had no trouble. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 6.4: Possible bug in system-config-network-cmd
I'm having a puzzling problem with system-config-network-cmd in CentOS 6.4. I have a workstation with a number of different grub boot configurations (a spare for a set of workstations, basically), each of which has a parameter MYHOST=hostname, and I am using system-config-network-cmd to set the boot configuration during the network process (using a small custom system service that runs just before network startup, reads the configuration name from /proc/cmdline and calls system-config-network-cmd -p configname). I have properly disabled NetworkManager, and have /etc/sysconfig/networking/devices and .../profiles set up correctly AFAIK (it was all copied from a CentOS 5 machine, and the hand links were maintained properly as needed; such a PITA that they got rid of the very nice GUI for this). This all works great, EXCEPT that if the machine is booted a fixed-IP profile, the the DHCP ifcfg file also winds up in /etc/sysconfig/network-scripts. So, if I have in profiles/dhcp/ifcfg-eth0_dhcp (with a hardlink in devices/, of course): TYPE=Ethernet DEVICE=eth0 HWADDR=MAC redacted BOOTPROTO=dhcp ONBOOT=yes USERCTL=no IPV6INIT=no PEERDNS=yes and in profiles/fixed/ifcfg-eth0_fixed GATEWAY=x.y.z.1 TYPE=Ethernet DEVICE=eth0 HWADDR=MAC redacted BOOTPROTO=none NETMASK=255.255.255.0 IPADDR=x.y.z.n ONBOOT=yes USERCTL=no IPV6INIT=no PEERDNS=yes If I boot into fixed, I find that ifcfg-eth0_dhcp is also in network-scripts, and it tries to activate this interface, even though this interface is NOT in profiles/fixed in any way! This worked great in CentOS 5, so I think I know what I'm doing here? For now, I am fixing the issue by running a find on network-scripts to remove inappropriate files after running systme-config-network-cmd, but that is complete cheese, of course. Is there something missing from ifcfg-eth0_dhcp that is confusing the system-config-network-cmd script? Is there any documentation on this that's helpful? And is there simply a better way to do this that I've missed? Thanks, -G. -- Glenn Eychaner (geycha...@lco.cl) Telescope Systems Programmer, Las Campanas Observatory ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6.4: Possible bug in system-config-network-cmd
Glenn Eychaner wrote: I'm having a puzzling problem with system-config-network-cmd in CentOS 6.4. I have a workstation with a number of different grub boot configurations (a spare for a set of workstations, basically), each of which has a parameter MYHOST=hostname, and I am using system-config-network-cmd to set the boot configuration during the network process (using a small custom system service that runs just before network startup, reads the configuration name from /proc/cmdline and calls system-config-network-cmd -p configname). I have properly disabled NetworkManager, and have /etc/sysconfig/networking/devices and .../profiles set up correctly AFAIK (it was all copied from a CentOS 5 machine, and the hand links were maintained properly as needed; such a PITA that they got rid of the very nice GUI for this). This all works great, EXCEPT that if the machine is booted a fixed-IP profile, the the DHCP ifcfg file also winds up in /etc/sysconfig/network-scripts. So, if I have in profiles/dhcp/ifcfg-eth0_dhcp (with a hardlink in devices/, of course): snip Hmmm... have you looked at /etc/udev/rules.d/70-persistant-net.rules? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS source rpm repository setup
On 05/21/2013 09:00 AM, Markus Falb wrote: On 21.Mai.2013, at 15:53, Toralf Lund wrote: Hi. I thought I might set up my CentOS 6 system with a source rpm repository config, so that I'll be able to download srpm files via yumdownloader --source or similar. … The question is, what I specify as baseurl? The above does not actually work, as http://mirror.centos.org/ does not have SRPMS subdirectories, although I believe it did in the past for earlier versions. So, does anyone know of URLs I can use instead? They moved it into the vault some time ago. http://vault.centos.org I opened bug #6462 ( http://bugs.centos.org/view.php?id=6462 ) to request this... I think this would be a useful feature to have available by default. -Greg ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6.4: Possible bug in system-config-network-cmd
m.roth: Hmmm... have you looked at /etc/udev/rules.d/70-persistant-net.rules? # PCI device 0x8086:0x104b (e1000e) SUBSYSTEM==net, ACTION==add, DRIVERS==?*, ATTR{address}==00:16:xx:xx:xx:xx, ATTR{type}==1, KERNEL==eth*, NAME=eth0 # PCI device 0x10b7:0x9200 (3c59x) SUBSYSTEM==net, ACTION==add, DRIVERS==?*, ATTR{address}==00:04:xx:xx;xx:xx, ATTR{type}==1, KERNEL==eth*, NAME=eth1 Not sure there's anything relevant there... -G. -- Glenn Eychaner (geycha...@lco.cl) Telescope Systems Programmer, Las Campanas Observatory ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS source rpm repository setup
On 05/21/2013 10:38 PM, Greg Bailey wrote: I opened bug #6462 ( http://bugs.centos.org/view.php?id=6462 ) to request this... I think this would be a useful feature to have available by default. Thanks, we can perhaps roll that in as is, but with sources being repo specific it can get quite noisy. Overall better goal might be to have a single source repo that then covers the point release and splits as well. - KB -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best configuration for encrypted software RAID 1?
On Tue, May 21, 2013 at 3:53 PM, Markus Falb wne...@gmail.com wrote: On 15.Mai.2013, at 18:22, Dave Johansen wrote: My main question is will it be better to encrypt the RAID itself or the two partitions used by the RAID? encrypt data once and let md mirror the encrypted stuff Certainly the simplest. +1 for LVM inside the LUKS volume ;) or let md mirror and encrypt data twice, once per raid member. In my example, my swap was striped, so it made sense (but with the price of RAM there's hardly an excuse for swapping to disk!). Encryption is CPU hungry. I'll second this. I've noticed the iowait is fairly high on my offsite encrypted backup server (backups are on software raid with LUKS on top). And the kcryptd process consumes a fair bit of cpu time. Performance wise the winner seems clear. And kcrypd isn't SMP aware [0] (unless that has changed) so there's another bottleneck. [0] http://www.redhat.com/archives/dm-devel/2009-April/msg00151.html -- Markus ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos