Re: [CentOS] [OT] how do I remove a battery

[g]

On 04/26/14 00:06, Michael Hennebry wrote:
> On Fri, 25 Apr 2014, g wrote:
>
>> something i will suggest, being that you pulled cell from
>> a dead board, consider getting another cell.
>>
>> then, wrap cell and package it is in with 'saran wrap', squeeze
>> out as much a possible, then wrap with aluminum foil. place in
>> freezer and it will be waiting for you when you need it. do
>> allow 12 - 16 hours for warm up before using.
>
> Makes sense to me.
> I'll do that the next time I do a mail order.

oops. should have read;

   "squeeze out as much _air_ as possible when folding".

be careful of 'mail order' batteries. not all supply cells and
batteries with current expiration dates. even tho such places
sell a lot of cells and batteries, it does not mean they are
selling 'new' stock.

most all, with exception of equipment suppliers, will have a
code of sum type, letters and/or numbers, or actual date of
when 'shelf life' expires.

also, if you have a 'batteries plus' store in your area, you
may well be better off buying from them, as the cr2032 is a
commonly used cell and would have a high turn over. and you
would save on shipping costs.

>> i have kept batteries and cells in freezer for over 10 years and
>> they still give over 1 year 'shelf life' service. i do not
>> recommend doing such with "silicone" batteries', aka, "gel cell"
>> batteries.
>>
>> also, when you change a cmos cell, you may do so with power
>> supply turned on to preserve cmos settings.
>
> That I did not know.
> 'Tis contrary to a lot of other advice,
> but it makes sense.

in freezing, chemical reaction within cells is reduced,
inverse of what high temps due.

changing a cell with power on is safe because there is usually
a diode, some include a low ohm resistor, in series with cell
to block voltage supplied by ps on. with such, there is no load
on cell and no possible 'current shock' from arching when cell
is removed.


> Other things that I might want to preserve include two power supplies,
> an IDE-only CD reader, an IDE-only DVR writer and an AGP video card.
> I do not have a lot of convenient storage space on my main floor.
> Ideally, none of the five will be used for a while.
> Suggestions regarding storage?

should/may not be a problem, but...

as with all electronics that have polarized electrolytic
capacitors, these capacitors need 'forming' when they have
been with out power for extended periods. the 'dry out' period
various drastically and is more critical with high farad/high
voltage types. less critical in current day digital circuits.
tho this may not hold totally true with power supplies that
have powered down for very long periods.

forming is usually done by bring voltage up slowly and at a
time period on tens of minutes before reaching full state.

if you are storing for periods of months, verses years, there
should not be anything to worry about.

if you actually wanted to stay on a 'safe side' and have a variac,
aka, variable transformer, you could hook one up, start at zero
and step increase to 100% over a 10 to 20 minute period. then
remove power for a short period and repeat process.

not having a variac, a 25 to 50 watt incandescent lamp in series
can work.

adverse effect of not forming is that charge builds too quickly
and capacitor insulation ruptures and a short forms.

if you are real curious about forming and want to see just what
is going on, connect a current meter in series with an 'out of
circuit' capacitor (of large farad) and a volt meter across
capacitor. follow above voltage stepping. each time you repeat
process, you will see a faster current swing and larger 'top
voltage' until you reach a point where 'top voltage' is reached
quickly each time power is applied.


> I also have four 1-GB DDR2 memory cards.
> My two exant computers have two 2-GB DDR2
> memory cards each and room for two more cards,
> As the information does not seem to be on the cards,
> I will probably have to do a search to discovery
> whether the old cards can keep up with the new.

switching frequency of memory chips is what is important.
this can be found by searching the chip part numbers.

> Supposing they can, I am debating between prompt
> install and waiting until I need more memory.
> If I put them in an anti-static bag first,
> would the freezer trick work with the memory cards?

no.

this has gotten way 'off topic'. if you have an more interest
about forming capacitors, contact me "off list".


-- 

peace out.

in a world with out fences, who needs gates.

tc.hago.

g
.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] chromium-34.0.1847.132-1.el6

[Darr247]

On25 April 2014 @22:54 zulu, ngeorgop wrote:
> New version of chromium (34.0.1847.132) chromium-34.0.1847.132-1.el6.i686.rpm
> 
> Source:  chromium-34.0.1847.132-1.el6.src.rpm
>   I was
> *OBLIGED* to patch gtk2-2.20.1 in order to build it:
> gtk2-2.20.1-5.el6.i686.rpm
> 
> gtk2-devel-2.20.1-5.el6.i686.rpm
>   Source:
> gtk2-2.20.1-5.el6.src.rpm
>   Waiting
> for comments
>

Is there a way to install that patched GTK segregated from the rest of 
CentOS so only chromium accesses and uses that version of GTK?

Thanks.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] chromium-34.0.1847.132-1.el6

[SilverTip257]

On Fri, Apr 25, 2014 at 6:59 PM, Richer, Mark (CIV) wrote:

> Is there a version of chromium for CentOS with a new enough flash plug-in
> to work with VMware vSphere client for ESXi 5.5?
>

I'd expect pepperflash is missing from builds due to licensing restrictions
[0] (as Johnny mentioned in relation to his earlier builds).  You'll find
scripts [1] to snag the libraries from official Google Chrome RPMs.

[0] http://lists.centos.org/pipermail/centos/2013-June/135238.html
[1] https://github.com/hughesjr/chromium_el_builder


>
> Thanks,
> Mark
>
> MARK H RICHER, MS CS
> NPS-NCR Digital Forensics Lab IT Manager
> Computer Science Department
> Naval Postgraduate School - National Capital Region (NCR)
> 900 N Glebe Rd, Rm 5-182, Arlington, VA 22203
> 571.858.3254 (o) 571.303.9498 (m)
> mhric...@nps.edu
>
> On Apr 25, 2014, at 18:54, "ngeorgop"  ngeor...@gmail.com>> wrote:
>
> New version of chromium (34.0.1847.132)
> chromium-34.0.1847.132-1.el6.i686.rpm
> <
> https://drive.google.com/file/d/0B9RlkKQB1POSR0pRLXU1Q1JQTmc/edit?usp=sharing
> >
> Source:  chromium-34.0.1847.132-1.el6.src.rpm
>   I was
> *OBLIGED* to patch gtk2-2.20.1 in order to build it:
> gtk2-2.20.1-5.el6.i686.rpm
> 
> gtk2-devel-2.20.1-5.el6.i686.rpm
> 
>  Source:
> gtk2-2.20.1-5.el6.src.rpm
> 
>  Waiting
> for comments
>
>
>
> --
> View this message in context:
> http://centos.1050465.n5.nabble.com/CentOS-chromium-34-0-1847-132-1-el6-tp5726210.html
> Sent from the CentOS mailing list archive at Nabble.com >.
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
---~~.~~---
Mike
//  SilverTip257  //
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] chromium-34.0.1847.132-1.el6

[Richer, Mark (CIV)]

Is there a version of chromium for CentOS with a new enough flash plug-in to 
work with VMware vSphere client for ESXi 5.5?

Thanks,
Mark

MARK H RICHER, MS CS
NPS-NCR Digital Forensics Lab IT Manager
Computer Science Department
Naval Postgraduate School - National Capital Region (NCR)
900 N Glebe Rd, Rm 5-182, Arlington, VA 22203
571.858.3254 (o) 571.303.9498 
(m)mhric...@nps.edu

On Apr 25, 2014, at 18:54, "ngeorgop" 
mailto:ngeor...@gmail.com>> wrote:

New version of chromium (34.0.1847.132) chromium-34.0.1847.132-1.el6.i686.rpm

Source:  chromium-34.0.1847.132-1.el6.src.rpm
  I was
*OBLIGED* to patch gtk2-2.20.1 in order to build it:
gtk2-2.20.1-5.el6.i686.rpm

gtk2-devel-2.20.1-5.el6.i686.rpm
  Source:
gtk2-2.20.1-5.el6.src.rpm
  Waiting
for comments



--
View this message in context: 
http://centos.1050465.n5.nabble.com/CentOS-chromium-34-0-1847-132-1-el6-tp5726210.html
Sent from the CentOS mailing list archive at Nabble.com.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] chromium-34.0.1847.132-1.el6

[ngeorgop]

New version of chromium (34.0.1847.132) chromium-34.0.1847.132-1.el6.i686.rpm
 
Source:  chromium-34.0.1847.132-1.el6.src.rpm
  I was
*OBLIGED* to patch gtk2-2.20.1 in order to build it:
gtk2-2.20.1-5.el6.i686.rpm
  
gtk2-devel-2.20.1-5.el6.i686.rpm
  Source: 
gtk2-2.20.1-5.el6.src.rpm
  Waiting
for comments 



--
View this message in context: 
http://centos.1050465.n5.nabble.com/CentOS-chromium-34-0-1847-132-1-el6-tp5726210.html
Sent from the CentOS mailing list archive at Nabble.com.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Some basic SELinux questions

[Stephen Harris]

Sorry, I got trigger happy with the "delete" key...  so this
message is a little out of order...

Eero Volotinen wrote:
> how about using auditd or ossec ?

And it looks like auditd may be exactly what I need.

Thanks!

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Some basic SELinux questions

[Eero Volotinen]

how about using auditd or ossec ?

--
Eero


2014-04-25 23:32 GMT+03:00 Bowie Bailey :

> On 4/25/2014 4:27 PM, Stephen Harris wrote:
> > On Fri, Apr 25, 2014 at 02:51:40PM -0400, m.r...@5-cent.us wrote:
> >> Stephen Harris wrote:
> >>> a problem when CFe modifies a file that I don't want modified on my
> >>> machine.
> >> Doesn't cfengine allow for logging changes on a per-system basis?
> > I don't control the cfengine configuration, so I don't get to determine
> > the logs, which is why I want to be alerted if it changes one of my
> > files :-)
>
> Aide would seem to be what you are looking for.  It tracks hashes,
> timestamps, permissions, etc of the files on your system and notifies
> you when something changes.
>
> --
> Bowie
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Some basic SELinux questions

[Eero Volotinen]

how about using audits ?


2014-04-25 23:32 GMT+03:00 Bowie Bailey :

> On 4/25/2014 4:27 PM, Stephen Harris wrote:
> > On Fri, Apr 25, 2014 at 02:51:40PM -0400, m.r...@5-cent.us wrote:
> >> Stephen Harris wrote:
> >>> a problem when CFe modifies a file that I don't want modified on my
> >>> machine.
> >> Doesn't cfengine allow for logging changes on a per-system basis?
> > I don't control the cfengine configuration, so I don't get to determine
> > the logs, which is why I want to be alerted if it changes one of my
> > files :-)
>
> Aide would seem to be what you are looking for.  It tracks hashes,
> timestamps, permissions, etc of the files on your system and notifies
> you when something changes.
>
> --
> Bowie
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Some basic SELinux questions

[Bowie Bailey]

On 4/25/2014 4:27 PM, Stephen Harris wrote:
> On Fri, Apr 25, 2014 at 02:51:40PM -0400, m.r...@5-cent.us wrote:
>> Stephen Harris wrote:
>>> a problem when CFe modifies a file that I don't want modified on my
>>> machine.
>> Doesn't cfengine allow for logging changes on a per-system basis?
> I don't control the cfengine configuration, so I don't get to determine
> the logs, which is why I want to be alerted if it changes one of my
> files :-)

Aide would seem to be what you are looking for.  It tracks hashes, 
timestamps, permissions, etc of the files on your system and notifies 
you when something changes.

-- 
Bowie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Some basic SELinux questions

[Stephen Harris]

On Fri, Apr 25, 2014 at 02:51:40PM -0400, m.r...@5-cent.us wrote:
> Stephen Harris wrote:
> > a problem when CFe modifies a file that I don't want modified on my
> > machine.

> Doesn't cfengine allow for logging changes on a per-system basis?

I don't control the cfengine configuration, so I don't get to determine
the logs, which is why I want to be alerted if it changes one of my
files :-)

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RHEL7 beta discussions?

[Les Mikesell]

This one might be more of a GNOME3 question.   I'm running the RHEL7
beta on a laptop where I used to run windows xp.   It's a Dell
Latitude w/docking station and the dock has a coax/digital sound
output.  On windows, it would automatically switch to the analog
headphone jack if I plugged headphones in.  With linux there is a
widget in the top bar on GNOME that has the volume control and a
'sound settings' option that I can open and pick digital or headphone
output but it has to be done manually.  Is there any way to get the
windows behavior of using headphone output whenever they are plugged
in?

-- 
  Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Some basic SELinux questions

[m . roth]

Stephen Harris wrote:
> At my place we don't use SELinux because we have a gazillion tonnes of
> legacy software that just are not compatible with the default policies.
> No one wants to go to the effort of working out everything that needs
> changing.
>
> We also use cfengine for central management.  Which somestimes causes
> a problem when CFe modifies a file that I don't want modified on my
> machine.
>
> So I want to be able to track when specific files were changed.  My
> obvious thought was "create an SELinux audit policy that can track
> file changes, raise a log message", and we can monitor the logs.
>
> At this point I'm at a loss.

Doesn't cfengine allow for logging changes on a per-system basis?

mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Some basic SELinux questions

[Stephen Harris]

At my place we don't use SELinux because we have a gazillion tonnes of
legacy software that just are not compatible with the default policies.
No one wants to go to the effort of working out everything that needs
changing.

We also use cfengine for central management.  Which somestimes causes
a problem when CFe modifies a file that I don't want modified on my
machine.

So I want to be able to track when specific files were changed.  My
obvious thought was "create an SELinux audit policy that can track
file changes, raise a log message", and we can monitor the logs.

At this point I'm at a loss.

Let's say I want to know when /local/app/my_app/etc/myfile.conf has been
modified; how would I do this?

Any ideas?

Failing that I guess I could use inotify, but I don't know how well this
would scale to 100s of files.

Thanks!

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] how do I remove a battery

[Michael Hennebry]

On Fri, 25 Apr 2014, g wrote:

> something i will suggest, being that you pulled cell from
> a dead board, consider getting another cell.
>
> then, wrap cell and package it is in with 'saran wrap', squeeze
> out as much a possible, then wrap with aluminum foil. place in
> freezer and it will be waiting for you when you need it. do
> allow 12 - 16 hours for warm up before using.

Makes sense to me.
I'll do that the next time I do a mail order.

> i have kept batteries and cells in freezer for over 10 years and
> they still give over 1 year 'shelf life' service. i do not
> recommend doing such with "silicone" batteries', aka, "gel cell"
> batteries.
>
> also, when you change a cmos cell, you may do so with power
> supply turned on to preserve cmos settings.

That I did not know.
'Tis contrary to a lot of other advice,
but it makes sense.

Other things that I might want to preserve include two power supplies,
an IDE-only CD reader, an IDE-only DVR writer and an AGP video card.
I do not have a lot of convenient storage space on my main floor.
Ideally, none of the five will be used for a while.
Suggestions regarding storage?

I also have four 1-GB DDR2 memory cards.
My two exant computers have two 2-GB DDR2
memory cards each and room for two more cards,
As the information does not seem to be on the cards,
I will probably have to do a search to discovery
whether the old cards can keep up with the new.

Supposing they can, I am debating between prompt
install and waiting until I need more memory.
If I put them in an anti-static bag first,
would the freezer trick work with the memory cards?

-- 
Michael   henne...@web.cs.ndsu.nodak.edu
"SCSI is NOT magic. There are *fundamental technical
reasons* why it is necessary to sacrifice a young
goat to your SCSI chain now and then."   --   John Woods
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Need Python3 for C6

[James A. Peltier]

- Original Message -
| I need Python 3.4 (latest) on CentOS 6 for development purposes
| (teaching programming).
| 
| Need advice for best method to do this. I am concerned about not
| breaking the internal plumbing of C6. I was thinking about installing
| it into /opt.
| 
| I noticed  http://puias.math.ias.edu/data/puias/computational  has
| 3.3
| but I need 3.4 (asyncio module). Wondering if anyone has tried
| python3
| from puias repo ? Does it break anything?
| 
| Also, found
| http://toomuchdata.com/2014/02/16/how-to-install-python-on-centos/
| 
| Any advice welcome.
| ___
| CentOS mailing list
| CentOS@centos.org
| http://lists.centos.org/mailman/listinfo/centos
| 

Outside of SCL you can also look into the modules environment packages, which 
allow you to temporarily override the base system dynamically.  We use this to 
maintain several version of libraries that do not come with the OS or are newer 
than those provided by the OS to build production software pipelines for 
various research tools.

It's a pretty nice system ;)

-- 
James A. Peltier
Manager, IT Services - Research Computing Group
Simon Fraser University - Burnaby Campus
Phone   : 778-782-6573
Fax : 778-782-3045
E-Mail  : jpelt...@sfu.ca
Website : http://www.sfu.ca/itservices

"Around here, however, we don’t look backwards for very long.  We KEEP MOVING 
FORWARD, opening up new doors and doing things because we’re curious and 
curiosity keeps leading us down new paths." - Walt Disney
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Need Python3 for C6

[Elias Persson]

On 2014-04-25 19:27, Robert Arkiletian wrote:
> I need Python 3.4 (latest) on CentOS 6 for development purposes
> (teaching programming).
>
> Need advice for best method to do this. I am concerned about not
> breaking the internal plumbing of C6. I was thinking about installing
> it into /opt.
>
> I noticed  http://puias.math.ias.edu/data/puias/computational  has 3.3
> but I need 3.4 (asyncio module). Wondering if anyone has tried python3
> from puias repo ? Does it break anything?
>
> Also, found http://toomuchdata.com/2014/02/16/how-to-install-python-on-centos/
>
> Any advice welcome.
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

python 3.3 is available in software collections [1].
Works quite well, is easy enough to use.
If you absolutely must have python 3.4, I don't know.

asyncio for python33 is available on pypi [2].
Don't know if this is exactly compatible with 3.4 though.

[1] https://www.softwarecollections.org/en/
[2] https://pypi.python.org/pypi/asyncio
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Need Python3 for C6

[Robert Arkiletian]

I need Python 3.4 (latest) on CentOS 6 for development purposes
(teaching programming).

Need advice for best method to do this. I am concerned about not
breaking the internal plumbing of C6. I was thinking about installing
it into /opt.

I noticed  http://puias.math.ias.edu/data/puias/computational  has 3.3
but I need 3.4 (asyncio module). Wondering if anyone has tried python3
from puias repo ? Does it break anything?

Also, found http://toomuchdata.com/2014/02/16/how-to-install-python-on-centos/

Any advice welcome.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Solved? - Re: Support for ECDSA in OpenSSL?

[Robert Moskowitz]

On 04/25/2014 12:13 PM, Paul Heinlein wrote:
> On Fri, 25 Apr 2014, Robert Moskowitz wrote:
>
>> Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?
>
> On CentOS 6.5, OpenSSL does but SSH does not.
>
>> How do I test if this works?  (though I should probably ask this on the
>> OpenSSL list)
>
> On a CentOS 6.5 box, asking for an ECDSA key fails:
>
>   [centos-6.5]$ ssh-keygen -f zzz -t ecdsa
>   unknown key type ecdsa

And that is a ssh way of testing for ecdsa support.

It looks like ecdsa IS there and something is wrong with my setup. I 
tried creating a new ecdsa Host Identity:

# hipconf daemon new hi pub ecdsa hip_host_ecdsa_key_pub
Using hostname: oqo1.htt-consult.com
Using format ecdsa and file hip_host_ecdsa_key_pub
dirname=. mode=755
Saving ECDSA keys to: pub='hip_host_ecdsa_key_pub.pub' 
priv='hip_host_ecdsa_key_pub'
Key saved.

It looks like it did work.  But when I went to use it:

# hipconf daemon add hi pub ecdsa hip_host_ecdsa_key_pub
Using hostname: oqo1.htt-consult.com
Using format ecdsa and file hip_host_ecdsa_key_pub
Could not open private key file /etc/hip/hip_host_ecdsa_key_anon for reading
Loading of the ECDSA key failed

there is a problem.  It should not be trying to read an anon file.

Bottom line.  Looks like ecdsa is in OpenSSL for Centos 6.5 and that the 
HIPL build is using it.  Just something wrong on my install.

Sorry for the noise.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Support for ECDSA in OpenSSL?

[Paul Heinlein]

On Fri, 25 Apr 2014, Robert Moskowitz wrote:


Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?


On CentOS 6.5, OpenSSL does but SSH does not.


How do I test if this works?  (though I should probably ask this on the
OpenSSL list)


On a CentOS 6.5 box, asking for an ECDSA key fails:

  [centos-6.5]$ ssh-keygen -f zzz -t ecdsa
  unknown key type ecdsa

On a Debian jessie box, it succeeds:

  [debian]$ ssh-keygen -f zzz -t ecdsa
  Generating public/private ecdsa key pair.
  Enter passphrase (empty for no passphrase):
  Enter same passphrase again:
  Your identification has been saved in zzz.
  Your public key has been saved in zzz.pub.

If I scp the newly created zzz key to a CentOS box, its openssl binary 
can understand it:


  [centos-6.5]$ openssl ec -in zzz
  read EC key
  writing EC key
  -BEGIN EC PRIVATE KEY-
  ...
  -END EC PRIVATE KEY-

That's the best test I know.

--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SELInux and POSTFIX

[James B. Byrne]

On Wed, April 23, 2014 16:44, Daniel J Walsh wrote:
> Looks like this is allowed in rhel6.5 policy. You could try
>
> selinux-policy-3.7.19-235.el6
> on people.redhat.com/dwalsh/SELinux/RHEL6
>

yum --enablerepo=localfile update selinux\*
Loaded plugins: downloadonly, fastestmirror, priorities
Loading mirror speeds from cached hostfile
 * Webmin: download.webmin.com
 * base: centos.mirror.rafal.ca
 * epel: fedora.mirror.nexicom.net
 * extras: mirror.netflash.net
 * updates: mirror.csclub.uwaterloo.ca
Setting up Update Process
Resolving Dependencies
--> Running transaction check
---> Package selinux-policy.noarch 0:3.7.19-231.el6_5.1 will be updated
--> Processing Dependency: selinux-policy = 3.7.19-231.el6_5.1 for package:
selinux-policy-targeted-3.7.19-231.el6_5.1.noarch
--> Processing Dependency: selinux-policy = 3.7.19-231.el6_5.1 for package:
selinux-policy-targeted-3.7.19-231.el6_5.1.noarch
---> Package selinux-policy.noarch 0:3.7.19-235.el6 will be an update
--> Finished Dependency Resolution
Error: Package: selinux-policy-targeted-3.7.19-231.el6_5.1.noarch (@updates)
   Requires: selinux-policy = 3.7.19-231.el6_5.1
   Removing: selinux-policy-3.7.19-231.el6_5.1.noarch (@updates)
   selinux-policy = 3.7.19-231.el6_5.1
   Updated By: selinux-policy-3.7.19-235.el6.noarch (localfile)
   selinux-policy = 3.7.19-235.el6
   Available: selinux-policy-3.7.19-231.el6.noarch (base)
   selinux-policy = 3.7.19-231.el6
 You could try using --skip-broken to work around the problem
 You could try running: rpm -Va --nofiles --nodigest


I have these packages in /root/RPMS/repo/Packages:

total 3776
-rw-r--r--. 1 root root   69264 Apr 24 20:52 opendmarc-1.1.3-3.1.x86_64.rpm
-rw-r--r--. 1 root root  845052 Apr 23 16:41
selinux-policy-3.7.19-235.el6.noarch.rpm
-rw-r--r--. 1 root root 2946848 Apr 23 16:41
selinux-policy-targeted-3.7.19-235.el6.noarch.rpm

I have run 'createrepo --database --update /root/RPMS/repo'

What do I not understand respecting performing this update?

I only noted this issue following implementation of an spf policy daemon with
Postfix.  However, that change was the reason I was looking at the log files
to begin with so the situation may have been present for a very long time
before that.

-- 
***  E-Mail is NOT a SECURE channel  ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Support for ECDSA in OpenSSL?

[Robert Moskowitz]

On 04/25/2014 08:53 AM, Robert Moskowitz wrote:
> On 04/25/2014 08:07 AM, Reindl Harald wrote:
>> Am 25.04.2014 13:57, schrieb Robert Moskowitz:
>>> Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?
>>>
>>> How do I test if this works?  (though I should probably ask this on the
>>> OpenSSL list)
>>>
>>> The reason I suspect a problem is that HIPL for Centos
>>> (http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity,
>>> whereas my Fedora installation IS creating the ECDSA HI
>> the OpenSSL version does (one of the news in 6.5)
>> but sadly OpenSSH was not rebuilt against the new OpenSSL
>> so no, currently no ECDSA before RHEL7-Beta1
> This is not OpenSSH, but HIP for Linux.
>
> The HIPL binaries for Centos were compiled on a 6.5 system with all
> current updates.  Or so the developer told me :)
>
> Is there some switch that is needed?

I checked with the HIPL developer and got:

 >HIPL checks during ./configure if ECC is missing from OpenSSL and 
disables all ECC code if it is unuvailable.

So I am checking more into this.  What is ./configure actually doing to 
check if ECC is present or not?  Was there something wrong with my 
install, and I need to install again?  That is is there a test I can do 
directly against my OpenSSL to determine if NOW I have ECC and did not 
have something right at that time?

thanks all for any help


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Support for ECDSA in OpenSSL?

[Robert Moskowitz]

On 04/25/2014 08:07 AM, Reindl Harald wrote:
>
> Am 25.04.2014 13:57, schrieb Robert Moskowitz:
>> Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?
>>
>> How do I test if this works?  (though I should probably ask this on the
>> OpenSSL list)
>>
>> The reason I suspect a problem is that HIPL for Centos
>> (http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity,
>> whereas my Fedora installation IS creating the ECDSA HI
> the OpenSSL version does (one of the news in 6.5)
> but sadly OpenSSH was not rebuilt against the new OpenSSL
> so no, currently no ECDSA before RHEL7-Beta1

Harald, I thank you for this insight.  It seems when I hit a truly 
knotty issue you come through with the pointers to get me going in the 
right direction.

This is not OpenSSH, but HIP for Linux.

The HIPL binaries for Centos were compiled on a 6.5 system with all 
current updates.  Or so the developer told me :)

Is there some switch that is needed?

> here you go for the history
> https://bugzilla.redhat.com/show_bug.cgi?id=319901#c108

Interesting and so sad.  I did a lot of review of drafts for rfc6090 
with Dr. McGrew; more on style than math ("David, I don't understand 
what you are trying to say here."  ;) ).  Plus look at the errata pages; 
cfrg is talking about issuing a new rfc to include all the errata.

The supposed inside story is that NSA got really upset that their 
licensing of the patents was not getting them COTS products, as sales to 
DoD is a small portion for these vendors.  So Kevin joined David as 
co-author.

This is mission critical.  We can live with RSA for the pilot, but MUST 
be on ECDSA for launch.  Since my day job is a major RedHat customer, I 
can have someone from that side of the company do a bug submission 
against RH6 to get this addressed.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Support for ECDSA in OpenSSL?

[John Doe]

From: Robert Moskowitz 

> Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?

Google finds:

"ECDSA Support in OpenSSL
Elliptic Curve Digital Signature Algorithm (ECDSA) is a variant of the Digital 
Signature Algorithm (DSA) which uses Elliptic Curve Cryptography (ECC). Note 
that only the nistp256 and nistp384 curves are supported."

https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.5_Release_Notes/bh-chap-security.html

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 110, Issue 12

[centos-announce-request]

Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. Downtime for centos mail and list services 2014-04-24 14:00
  UTC to 15:00 UTC (Karanbir Singh)
   2. CEBA-2014:0431  CentOS 6 pacemaker Update (Johnny Hughes)


--

Message: 1
Date: Thu, 24 Apr 2014 14:44:53 +0100
From: Karanbir Singh 
Subject: [CentOS-announce] Downtime for centos mail and list services
2014-04-24 14:00 UTC to 15:00 UTC
To: CentOS Announcements List 
Message-ID: <53591555.4040...@centos.org>
Content-Type: text/plain; charset=ISO-8859-1

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hi

We need to take all mail and lists services offline for a hardware
swap out, this is to address reliability issues we've had in the last
48 hrs.

This is going to take about an hour starting from 14:00 UTC today,
24th Apr 2014, and we hope to have all services restored by 15:00 UTC.

There will be backup mail exchangers and we will freeze + thaw the
mailqueues, so there should not be any mail loss during this period of
time.

for any questions, comments or feedback please drop into #centos-devel
on irc.freenode.net and speak with Fabian Arrotin ( Arrfab on irc ) or
find me ( kbsingh on irc )

regards,


- -- 
Karanbir Singh, Project Lead, The CentOS Project
+44-207-0999389 | http://www.centos.org/ | twitter.com/CentOS
GnuPG Key : http://www.karan.org/publickey.asc
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iEYEARECAAYFAlNZFVQACgkQMA29nj4Tz1vpJACcDbMl1VBuToPjih2UTq4u4M03
v3oAn17WW27KPOKkVJj2jxd8YbllLUqU
=DbZW
-END PGP SIGNATURE-


--

Message: 2
Date: Thu, 24 Apr 2014 10:53:25 +
From: Johnny Hughes 
Subject: [CentOS-announce] CEBA-2014:0431  CentOS 6 pacemaker Update
To: centos-annou...@centos.org
Message-ID: <20140424105325.ga56...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2014:0431 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0431.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
be459071999bdd14ab9c26ebcf75995af637fe4b14cd0b737808cbc27f1b2fd7  
pacemaker-1.1.10-14.el6_5.3.i686.rpm
ad51cc5e99faecbf9b2a0609b52c5332c1e3822866b33c5fe40ae07fe27c33ad  
pacemaker-cli-1.1.10-14.el6_5.3.i686.rpm
b10a2c564b21494d9698f9a93747059c9e7ae9ccc1237f94b23e9a528f1ff72f  
pacemaker-cluster-libs-1.1.10-14.el6_5.3.i686.rpm
6059b63e53cf6c266560a80436a0f77da6ab8183d31084ac767d1746557a9296  
pacemaker-cts-1.1.10-14.el6_5.3.i686.rpm
3e43468befc9782276629b559184994f8540b42e0965d2c3fc713c5fc2adf790  
pacemaker-doc-1.1.10-14.el6_5.3.i686.rpm
9c4dad75691aed70487f90c965b7d78d564d7f5b59c9dfb3e16349237b18e2e7  
pacemaker-libs-1.1.10-14.el6_5.3.i686.rpm
7de4efeb19e09cd3b46ea94ac08093f898bf27248848fadae828c03b48d0e5d0  
pacemaker-libs-devel-1.1.10-14.el6_5.3.i686.rpm
7637d5957cc60e817488e41d12684f51d4bc49ecc15d4273445eb655a69b10f1  
pacemaker-remote-1.1.10-14.el6_5.3.i686.rpm

x86_64:
d588fb0d2b29708f0f4d609ee19d1f80c81b670ca13816cc3ab024ea1ad79578  
pacemaker-1.1.10-14.el6_5.3.x86_64.rpm
87a64420a735ee470c61158119b328d43150ec18ed20df2dcfcf2ccd73fdd7a5  
pacemaker-cli-1.1.10-14.el6_5.3.x86_64.rpm
b10a2c564b21494d9698f9a93747059c9e7ae9ccc1237f94b23e9a528f1ff72f  
pacemaker-cluster-libs-1.1.10-14.el6_5.3.i686.rpm
6c55a5dcdc1b0515234e7f8a5212215064a3844547eedfb42a6f145ea0b3bb02  
pacemaker-cluster-libs-1.1.10-14.el6_5.3.x86_64.rpm
8b7af46ba368335dd2d2f2e22ebbccbe7328041a03e2f5de2b05a3bf8e16bffc  
pacemaker-cts-1.1.10-14.el6_5.3.x86_64.rpm
9d6e8f7ae17774650bdda09aa096fbda07b6ec5e84008dcd9960ec52926df372  
pacemaker-doc-1.1.10-14.el6_5.3.x86_64.rpm
9c4dad75691aed70487f90c965b7d78d564d7f5b59c9dfb3e16349237b18e2e7  
pacemaker-libs-1.1.10-14.el6_5.3.i686.rpm
784f46fe173dc6128f368438168283215e4b939c6f48ac109b1fe5b268958978  
pacemaker-libs-1.1.10-14.el6_5.3.x86_64.rpm
7de4efeb19e09cd3b46ea94ac08093f898bf27248848fadae828c03b48d0e5d0  
pacemaker-libs-devel-1.1.10-14.el6_5.3.i686.rpm
cd534faeb81ced18b3dabf2ca140dec2c887d532b40d40e886011837a139d0ee  
pacemaker-libs-devel-1.1.10-14.el6_5.3.x86_64.rpm
33a215b040a8b212af188158967eebbd26f57578f6452fd1d41987daa7f678fb  
pacemaker-remote-1.1.10-14.el6_5.3.x86_64.rpm

Source:
7f879cc269222d6f2b235f6e4a8195d3758e12e521258d88bf94322b914ce3d5  
pacemaker-1.1.10-14.el6_5.3.src.rpm



-- 
Johnny Hughes
CentOS Project { http:/

[CentOS] Support for ECDSA in OpenSSL?

[Robert Moskowitz]

Does the version of OpenSSL on Centos 6.5 support ECDSA keypairs?

How do I test if this works?  (though I should probably ask this on the 
OpenSSL list)

The reason I suspect a problem is that HIPL for Centos 
(http://infrahip.hiit.fi/) is not creating the ECDSA Host Identity, 
whereas my Fedora installation IS creating the ECDSA HI.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ulimit problem - CentOS 5.10

[Leon Fauster]

Am 24.04.2014 um 19:44 schrieb James Pearson :
> Nathan Duehr wrote:
>> 
>> Attempting to force the ulimit up inside the RC script has no effect, since 
>> the package is running
>> as a non-root user.  It fails to raise the limit.
> 
> init.d scripts run as root so you should be able to set a hard/soft limit in 
> the init.d script before the package is started


to survive updates, the init script should include one config 
file under /etc/sysconfig/ - there should such a entry be safe. 

--
LF

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos