Re: [CentOS] Broken Selinux Postfix Policy?
Am 26.04.2015 um 06:22 schrieb E.B.:
Trying to restart postfix installed from yum. Restart fails, I get:
type=AVC msg=audit(1430429813.721:12167): avc: denied { unlink } for
pid=31624 comm=master name=defer dev=dm-0 ino=981632
scontext=system_u:system_r:postfix_master_t:s0
tcontext=system_u:object_r:postfix_spool_maildrop_t:s0 tclass=sock_file
I guess it needs to remove the /var/spool/postfix/defer socket file.
audit2allow says this will fix it:
allow postfix_master_t postfix_spool_maildrop_t:sock_file unlink;
But how do I add this permission to the existing Postfix Selinux policy???
Why was it missing???
Multiple question marks are not necessary.
You missed to tell us which precise CentOS release you are running and
which version of Postfix.
On my CentOS 6.6 the defer socket has SELinux type different than yours:
# ls -alZ /var/spool/postfix/private/defer
srw-rw-rw-. postfix postfix system_u:object_r:postfix_private_t:s0
/var/spool/postfix/private/defer
By the way, I also had AVCs when I tried to add another instance of
Postfix smtpd on local port 20025. Very frustrating there is no docs
how to add a rule for this common change. I don't know if I did the
right thing:
semanage port -a -t smtp_port_t -p tcp 20025
Is this the right way? Why isn't this documented somewhere?
That's well documented .
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html-single/Managing_Confined_Services/#chap-Managing_Confined_Services-Postfix
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
[CentOS] Boot message of a modprobe.d conf file that does not exist
Hi all, I got a message at boot: dracut-pre-udev: libkmod: kmod_config_parse: /etc/modprobe.d/thinkpad_battery.conf line 2: ignoring bad line starting with 'options' I have had this file to load modules for my thinkpad (acpi_call tp_smapi) but I removed it after recompiling the modules for a new kernel and using make install load. My question is, why this nonexistent file is still demanded. Thanks in advance Tim ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Route traffic through private IP for only certain hosts
Hi I am having a weird problem which I cant figure out - so I was hoping someone here could give me a hand. First off the end goal is that a specific server in my network runs an IPSEC connection to another company and I want all other servers to route traffic for the IP on that network through this single server. Server 1 in this example is the server that runs the IPSEC connection. (CentOS 6.6) Server 2 in this example is an app server that would route traffic for only that specific IP through server 1. (CentOS 6.5) **Some IP's that will be used below:** Server 1 pre Server 1 Public IP: x.x.x.x Server 1 Public Broadcast: x.x.x.y Server 1 Public Gateway: x.x.x.z Server 1 Internal IP: 10.0.64.10/24 /pre Server 2 pre Server 2 Public IP: y.y.y.y Server 2 Public Broadcast: y.y.y.z Server 2 Public Gateway: y.y.y.a Server 2 Internal IP: 10.0.64.150/24 /pre Those servers have full connectivity between them internally (i.e. I can ping, ssh etc from one to the other without problem). They also both have full acceess to the internet and can be reached that way -- **Server 1** Here is an *ip a* for that pre# ip a 1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:99:12:85 brd ff:ff:ff:ff:ff:ff inet x.x.x.x/28 brd x.x.x.y scope global eth0 inet6 :::/64 scope link valid_lft forever preferred_lft forever 3: eth1: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 00:0c:29:99:12:8f brd ff:ff:ff:ff:ff:ff inet 10.0.64.10/24 brd 10.0.64.255 scope global eth1 inet6 fe80::20c:29ff:fe99:128f/64 scope link valid_lft forever preferred_lft forever /pre Here is an *ip route* pre# ip route x.x.x.y/28 dev eth0 proto kernel scope link src x.x.x.x 10.0.64.0/24 dev eth1 proto kernel scope link src 10.0.64.10 169.254.0.0/16 dev eth0 scope link metric 1002 169.254.0.0/16 dev eth1 scope link metric 1003 default via x.x.x.z dev eth0 /pre Here is a *sysctl -p* pre # sysctl -p net.ipv4.conf.default.rp_filter = 1 net.ipv4.conf.default.accept_source_route = 0 kernel.sysrq = 0 kernel.core_uses_pid = 1 net.ipv4.tcp_syncookies = 1 kernel.msgmnb = 65536 kernel.msgmax = 65536 kernel.shmmax = 68719476736 kernel.shmall = 4294967296 net.ipv4.ip_forward = 1 net.ipv6.conf.all.forwarding = 1 net.ipv4.conf.default.proxy_arp = 1 net.ipv4.conf.all.rp_filter = 1 kernel.sysrq = 1 net.ipv4.conf.default.send_redirects = 1 net.ipv4.conf.all.send_redirects = 1 /pre -- **Server 2** I've added a single test ip (8.8.8.8) to server two to test if it works before bringing IPSEC into the equation Here is an *ip a* pre # ip a 1: lo: LOOPBACK,UP,LOWER_UP mtu 16436 qdisc noqueue state UNKNOWN link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:0c:29:15:8b:01 brd ff:ff:ff:ff:ff:ff inet y.y.y.y/29 brd y.y.y.z scope global eth0 inet6 fe80::20c:29ff:fe15:8b01/64 scope link valid_lft forever preferred_lft forever 3: eth1: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc mq state UP qlen 1000 link/ether 00:0c:29:15:8b:0b brd ff:ff:ff:ff:ff:ff inet 10.0.64.150/24 brd 10.0.64.255 scope global eth1 inet6 fe80::20c:29ff:fe15:8b0b/64 scope link valid_lft forever preferred_lft forever /pre Here is an *ip route* pre # ip route 8.8.8.8 via 10.0.64.10 dev eth1 y.y.y.z/29 dev eth0 proto kernel scope link src y.y.y.y 10.0.64.0/24 dev eth1 proto kernel scope link src 10.0.64.150 default via y.y.y.a dev eth0 /pre -- Now when I try do a ping from Server 2 - 8.8.8.8 here are the tcpdumps from each server: **Server 2** If I tcpdump on eth0 i get no matches (so the route appears right!). eth1 gets matches: pre # tcpdump -vvv -i eth1 -n host 8.8.8.8 tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes 11:25:55.609902 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.0.64.150 8.8.8.8: ICMP echo request, id 17999, seq 1, length 64 11:25:56.609262 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.0.64.150 8.8.8.8: ICMP echo request, id 17999, seq 2, length 64 /pre **Server 1 (The hopeful gateway for 8.8.8.8)** On eth1 (Private) pre # tcpdump -vv -i eth1 -n host 8.8.8.8 tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 65535 bytes 11:27:20.608766 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto ICMP (1), length 84) 10.0.64.150 8.8.8.8: ICMP echo request, id 17999, seq 86, length 64
Re: [CentOS] can't install gd-devel on centos 7.1
On 4/26/2015 1:54 PM, Tim Dunphy wrote: Hey guys, I'm trying to instal gd-devel onto a CentOS 7 host. -- Finished Dependency Resolution Error: Package: gd-last-devel-2.1.1-2.el7.remi.x86_64 (remi) Requires: libvpx-devel(x86-64) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest But when I try to do that I get the error you see above. These are the repos I have installed and enabled: repo id repo name status epel/x86_64 Extra Packages for Enterprise 7,718 puppetlabs-deps/x86_64 Puppet Labs Dependencies El 717 puppetlabs-products/x86_64 Puppet Labs Products El 7 - x 162 remi Les RPM de remi pour Enterpri 1,928 rhui-REGION-client-config-server-7/x86_64Red Hat Update Infrastructure 4 rhui-REGION-rhel-server-releases/7Server/x86_64 Red Hat Enterprise Linux Serv 6,851 rhui-REGION-rhel-server-rh-common/7Server/x86_64 Red Hat Enterprise Linux Serv 131 rpmforge RHEL 7Server - RPMforge.net - 245 webtatic/x86_64 Webtatic Repository EL7 - x86 519 I originally had nothing more than the base CentOS repo enabled. Along with the puppetlabs repo and epel when I first encountered this error. But then I tried adding some repos to find out if I could find the needed package in any of them. As others said, that RHUI stuff suggests licensed redhat subscriptions, NOT centos. here's a stock centos 7.1, that only has EPEL enabled. # cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) # yum install gd-devel Loaded plugins: fastestmirror base | 3.6 kB 00:00:00 epel/x86_64/metalink | 14 kB 00:00:00 epel | 4.4 kB 00:00:00 extras | 3.4 kB 00:00:00 updates | 3.4 kB 00:00:00 epel/x86_64/primary_db | 4.2 MB 00:00:00 (1/2): epel/x86_64/updateinfo | 358 kB 00:00:00 (2/2): epel/x86_64/pkgtags | 1.4 MB 00:00:00 Loading mirror speeds from cached hostfile * base: centos.sonn.com * epel: mirror.prgmr.com * extras: mirrors.usc.edu * updates: mirrors.usc.edu Resolving Dependencies -- Running transaction check --- Package gd-devel.x86_64 0:2.0.35-26.el7 will be installed -- Processing Dependency: gd = 2.0.35-26.el7 for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: zlib-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: libpng-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: libjpeg-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: libXpm-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: libX11-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: freetype-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: fontconfig-devel for package: gd-devel-2.0.35-26.el7.x86_64 -- Processing Dependency: libgd.so.2()(64bit) for package: gd-devel-2.0.35-26.el7.x86_64 -- Running transaction check --- Package fontconfig-devel.x86_64 0:2.10.95-7.el7 will be installed -- Processing Dependency: pkgconfig(expat) for package: fontconfig-devel-2.10.95-7.el7.x86_64 --- Package freetype-devel.x86_64 0:2.4.11-10.el7_1.1 will be installed --- Package gd.x86_64 0:2.0.35-26.el7 will be installed -- Processing Dependency: libXpm.so.4()(64bit) for package: gd-2.0.35-26.el7.x86_64 --- Package libX11-devel.x86_64 0:1.6.0-2.1.el7 will be installed -- Processing Dependency: pkgconfig(xcb) = 1.1.92 for package: libX11-devel-1.6.0-2.1.el7.x86_64 -- Processing Dependency: pkgconfig(xproto) for package: libX11-devel-1.6.0-2.1.el7.x86_64 -- Processing Dependency: pkgconfig(xcb) for package: libX11-devel-1.6.0-2.1.el7.x86_64 -- Processing Dependency: pkgconfig(kbproto) for package: libX11-devel-1.6.0-2.1.el7.x86_64 --- Package libXpm-devel.x86_64 0:3.5.10-5.1.el7 will be installed --- Package libjpeg-turbo-devel.x86_64 0:1.2.90-5.el7 will be installed --- Package libpng-devel.x86_64 2:1.5.13-5.el7 will be installed --- Package zlib-devel.x86_64 0:1.2.7-13.el7 will be installed -- Running transaction check --- Package expat-devel.x86_64 0:2.1.0-8.el7 will be installed --- Package libXpm.x86_64 0:3.5.10-5.1.el7 will be installed --- Package libxcb-devel.x86_64 0:1.9-5.el7 will be installed -- Processing Dependency: pkgconfig(xau) = 0.99.2 for package: libxcb-devel-1.9-5.el7.x86_64 --- Package xorg-x11-proto-devel.noarch 0:7.7-8.el7.1 will be installed -- Running transaction check --- Package libXau-devel.x86_64 0:1.0.8-2.1.el7 will be installed -- Finished Dependency Resolution Dependencies Resolved === Package Arch Version Repository
Re: [CentOS] can't install gd-devel on centos 7.1
2015-04-27 1:30 GMT+03:00 John R Pierce pie...@hogranch.com: On 4/26/2015 1:54 PM, Tim Dunphy wrote: Hey guys, I'm trying to instal gd-devel onto a CentOS 7 host. -- Finished Dependency Resolution Error: Package: gd-last-devel-2.1.1-2.el7.remi.x86_64 (remi) Requires: libvpx-devel(x86-64) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest But when I try to do that I get the error you see above. These are the repos I have installed and enabled: repo id repo name status epel/x86_64 Extra Packages for Enterprise 7,718 puppetlabs-deps/x86_64 Puppet Labs Dependencies El 717 puppetlabs-products/x86_64 Puppet Labs Products El 7 - x 162 remi Les RPM de remi pour Enterpri 1,928 rhui-REGION-client-config-server-7/x86_64Red Hat Update Infrastructure 4 rhui-REGION-rhel-server-releases/7Server/x86_64 Red Hat Enterprise Linux Serv 6,851 rhui-REGION-rhel-server-rh-common/7Server/x86_64 Red Hat Enterprise Linux Serv 131 rpmforge RHEL 7Server - RPMforge.net - 245 webtatic/x86_64 Webtatic Repository EL7 - x86 519 I originally had nothing more than the base CentOS repo enabled. Along with the puppetlabs repo and epel when I first encountered this error. But then I tried adding some repos to find out if I could find the needed package in any of them. As others said, that RHUI stuff suggests licensed redhat subscriptions, NOT centos. here's a stock centos 7.1, that only has EPEL enabled. # cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) Commercial rhel split repos weird way. so, this user might need to enable some more redhat repos using subscription-manager or similar. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Prevent network setup from changing the hostname
How can I block network setup (via NetworkManager) from changing the machine's hostname whenever the network configuration changes? The problem: When my graphical login session starts, the xauth database gets an token that is labeled with the hostname at that time. If there is not yet a network connection, that will be localhost.localdomain. When a network connection is then made (my wireless connection needs the key from my login), the hostname changes. That breaks X session sharing because there is no xauth token that matches the current hostname. If I get a root shell with su -, commands launched from that shell cannot access the display. If I set up an ssh connection with ssh -X, I get a complaint about missing xauth data. On systems with an ONBOOT=yes network connection, there is no problem since the hostname is set before the X session starts. It's just when the hostname changes during the X session that there is a problem. I am running CentOS 6, fully updated. It's taken me a long time to track down the root cause of this problem. Now I just need a solution, preferably something less ham-fisted than xhost -. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
Make it a system connection instead of a user connection. Or give the host a static name on install and don't allow dhcp to override it. On 04/26/2015 07:26 PM, Robert Nichols wrote: How can I block network setup (via NetworkManager) from changing the machine's hostname whenever the network configuration changes? The problem: When my graphical login session starts, the xauth database gets an token that is labeled with the hostname at that time. If there is not yet a network connection, that will be localhost.localdomain. When a network connection is then made (my wireless connection needs the key from my login), the hostname changes. That breaks X session sharing because there is no xauth token that matches the current hostname. If I get a root shell with su -, commands launched from that shell cannot access the display. If I set up an ssh connection with ssh -X, I get a complaint about missing xauth data. On systems with an ONBOOT=yes network connection, there is no problem since the hostname is set before the X session starts. It's just when the hostname changes during the X session that there is a problem. I am running CentOS 6, fully updated. It's taken me a long time to track down the root cause of this problem. Now I just need a solution, preferably something less ham-fisted than xhost -. -- Regards Peter Larsen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
On 04/26/2015 06:31 PM, Peter Larsen wrote: On 04/26/2015 07:26 PM, Robert Nichols wrote: How can I block network setup (via NetworkManager) from changing the machine's hostname whenever the network configuration changes? Make it a system connection instead of a user connection. Or give the host a static name on install and don't allow dhcp to override it. Making my wireless connection a system connection increases the exposure of my WPA key and doesn't solve the problem of the network configuration changing, perhaps because I connected or disconnected an ethernet cable or the machine went to sleep on one WLAN and woke up on another. Do you know of a place I can set a static name that NetworkManager won't override? That would be ideal. I just doesn't make sense that the machine's internal relationships would depend on its external connections. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
On Sun, 26 Apr 2015 19:25:27 -0500 Robert Nichols wrote: Do you know of a place I can set a static name that NetworkManager won't override? What about this: hostnamectl set-hostname whateveryouwant -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] can't install gd-devel on centos 7.1
Hey guys, I'm trying to instal gd-devel onto a CentOS 7 host. -- Finished Dependency Resolution Error: Package: gd-last-devel-2.1.1-2.el7.remi.x86_64 (remi) Requires: libvpx-devel(x86-64) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest But when I try to do that I get the error you see above. These are the repos I have installed and enabled: repo id repo name status epel/x86_64 Extra Packages for Enterprise 7,718 puppetlabs-deps/x86_64 Puppet Labs Dependencies El 717 puppetlabs-products/x86_64 Puppet Labs Products El 7 - x 162 remi Les RPM de remi pour Enterpri 1,928 rhui-REGION-client-config-server-7/x86_64Red Hat Update Infrastructure 4 rhui-REGION-rhel-server-releases/7Server/x86_64 Red Hat Enterprise Linux Serv 6,851 rhui-REGION-rhel-server-rh-common/7Server/x86_64 Red Hat Enterprise Linux Serv 131 rpmforge RHEL 7Server - RPMforge.net - 245 webtatic/x86_64 Webtatic Repository EL7 - x86 519 I originally had nothing more than the base CentOS repo enabled. Along with the puppetlabs repo and epel when I first encountered this error. But then I tried adding some repos to find out if I could find the needed package in any of them. The package that it seems to be complaining about not having is called: libvpx-devel(x86-64) But when I try to instal that this is the result I get: [root@monitor1:~] #yum install libvpx-devel Loaded plugins: amazon-id, rhui-lb No package libvpx-devel available. Error: Nothing to do Does anybody have any ideas on how I can get around this problem? I only want to install gd-devel. Seems like it should be so simple! But not in this case. :( Thanks!! Tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't install gd-devel on centos 7.1
2015-04-27 0:05 GMT+03:00 John R. Dennison j...@gerdesas.com: On Sun, Apr 26, 2015 at 11:56:18PM +0300, Eero Volotinen wrote: Disable remi repo and try again.. And perhaps ask Red Hat as you apparently aren't running CentOS. Yep. looks like expensive rhel host on amazon ec2. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't install gd-devel on centos 7.1
Disable remi repo and try again.. 26.4.2015 11.54 ip. Tim Dunphy bluethu...@gmail.com kirjoitti: Hey guys, I'm trying to instal gd-devel onto a CentOS 7 host. -- Finished Dependency Resolution Error: Package: gd-last-devel-2.1.1-2.el7.remi.x86_64 (remi) Requires: libvpx-devel(x86-64) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest But when I try to do that I get the error you see above. These are the repos I have installed and enabled: repo id repo name status epel/x86_64 Extra Packages for Enterprise 7,718 puppetlabs-deps/x86_64 Puppet Labs Dependencies El 717 puppetlabs-products/x86_64 Puppet Labs Products El 7 - x 162 remi Les RPM de remi pour Enterpri 1,928 rhui-REGION-client-config-server-7/x86_64Red Hat Update Infrastructure 4 rhui-REGION-rhel-server-releases/7Server/x86_64 Red Hat Enterprise Linux Serv 6,851 rhui-REGION-rhel-server-rh-common/7Server/x86_64 Red Hat Enterprise Linux Serv 131 rpmforge RHEL 7Server - RPMforge.net - 245 webtatic/x86_64 Webtatic Repository EL7 - x86 519 I originally had nothing more than the base CentOS repo enabled. Along with the puppetlabs repo and epel when I first encountered this error. But then I tried adding some repos to find out if I could find the needed package in any of them. The package that it seems to be complaining about not having is called: libvpx-devel(x86-64) But when I try to instal that this is the result I get: [root@monitor1:~] #yum install libvpx-devel Loaded plugins: amazon-id, rhui-lb No package libvpx-devel available. Error: Nothing to do Does anybody have any ideas on how I can get around this problem? I only want to install gd-devel. Seems like it should be so simple! But not in this case. :( Thanks!! Tim -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't install gd-devel on centos 7.1
On Sun, Apr 26, 2015 at 11:56:18PM +0300, Eero Volotinen wrote: Disable remi repo and try again.. And perhaps ask Red Hat as you apparently aren't running CentOS. John -- Are you really sure that a floor can't also be a ceiling? -- Maurits Cornelis (M.C.) Escher (1898-1972), Dutch artist, M.C. Escher, His Life and Complete Graphic Work: with a fully illustrated catalogue, Volume 1982, Part 1, H. N. Abrams (1982) pgpl_F7pwAUFl.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
On 04/26/2015 07:37 PM, Frank Cox wrote: On Sun, 26 Apr 2015 19:25:27 -0500 Robert Nichols wrote: Do you know of a place I can set a static name that NetworkManager won't override? What about this: hostnamectl set-hostname whateveryouwant # which hostnamectl /usr/bin/which: no hostnamectl in (/usr/lib64/qt-3.3/bin:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin) # yum provides \*/hostnamectl ''' No Matches found Apparently does not exist for CentOS 6. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
On 04/26/2015 07:57 PM, Peter Larsen wrote: On 04/26/2015 08:25 PM, Robert Nichols wrote: On 04/26/2015 06:31 PM, Peter Larsen wrote: On 04/26/2015 07:26 PM, Robert Nichols wrote: How can I block network setup (via NetworkManager) from changing the machine's hostname whenever the network configuration changes? Make it a system connection instead of a user connection. Or give the host a static name on install and don't allow dhcp to override it. If you move networks and you are slaving your hostname to the DHCP offered name, then yes. But why do that? In /etc/dhcp/dhclient.conf you can configure exactly what you want and don't want from the server. There's a lot of options (man dhclient.conf is very helpful) but here's an example: NetworkManager invokes dhclient with a generated config file that ignores /etc/dhcp/dhclient.conf: dhclient ... -cf /var/run/nm-dhclient-wlan0.conf ... I ran across another report that suggests setting HOSTNAME to something other than localhost.localdomain in /etc/sysconfig/network would fix the problem. For the moment, that seems to be working. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
On 04/26/2015 08:25 PM, Robert Nichols wrote: On 04/26/2015 06:31 PM, Peter Larsen wrote: On 04/26/2015 07:26 PM, Robert Nichols wrote: How can I block network setup (via NetworkManager) from changing the machine's hostname whenever the network configuration changes? Make it a system connection instead of a user connection. Or give the host a static name on install and don't allow dhcp to override it. If you move networks and you are slaving your hostname to the DHCP offered name, then yes. But why do that? In /etc/dhcp/dhclient.conf you can configure exactly what you want and don't want from the server. There's a lot of options (man dhclient.conf is very helpful) but here's an example: send dhcp-client-identifier = hardware; request subnet-mask, broadcast-address, time-offset, routers, domain-search, domain-name, domain-name-servers, host-name; Just take out the host-name and you won't get (a new) one. You should however make sure that all your servers have a hostname configured before you do that. /etc/sysconfig/network is where you do that on CentOS6. Making my wireless connection a system connection increases the exposure of my WPA key and doesn't solve the problem of the network configuration changing, perhaps because I connected or disconnected an ethernet cable or the machine went to sleep on one WLAN and woke up on another. So your key isn't visible and only root can change a system device. A system device gets activated before the desktop. So you're not depending on having access to gconf etc. https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/sec-User_and_System_Connections.html Do you know of a place I can set a static name that NetworkManager won't override? That would be ideal. I just doesn't make sense that the machine's internal relationships would depend on its external connections. See above. It's standard dhclient options. -- Regards Peter Larsen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Prevent network setup from changing the hostname
On 04/26/2015 09:19 PM, Robert Nichols wrote: On 04/26/2015 07:57 PM, Peter Larsen wrote: On 04/26/2015 08:25 PM, Robert Nichols wrote: On 04/26/2015 06:31 PM, Peter Larsen wrote: On 04/26/2015 07:26 PM, Robert Nichols wrote: How can I block network setup (via NetworkManager) from changing the machine's hostname whenever the network configuration changes? Make it a system connection instead of a user connection. Or give the host a static name on install and don't allow dhcp to override it. If you move networks and you are slaving your hostname to the DHCP offered name, then yes. But why do that? In /etc/dhcp/dhclient.conf you can configure exactly what you want and don't want from the server. There's a lot of options (man dhclient.conf is very helpful) but here's an example: NetworkManager invokes dhclient with a generated config file that ignores /etc/dhcp/dhclient.conf: dhclient ... -cf /var/run/nm-dhclient-wlan0.conf ... Well, true to a degree. Put the file in /etc/dhcp/dhclient.d and it'll be executed. Just make sure the script out-puts to stdout what goes into the dhclient configuration file used by NetworkManager. I ran across another report that suggests setting HOSTNAME to something other than localhost.localdomain in /etc/sysconfig/network would fix the problem. For the moment, that seems to be working. Strange - you may have a dhcp server that accepts host names from the clients - which of course would fit your use case. Just realize that not all dhcp servers are setup to be that lenient when it comes to preserving the host name picked by a client. But I am happy you got it working. -- Regards Peter Larsen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 /boot location
--On Sunday, April 26, 2015 11:13:02 PM -0400 Peter Larsen pe...@peterlarsen.org wrote: On 04/25/2015 01:43 PM, Devin Reade wrote: I noticed that (in a case with a two disk md mirror and lvm), the CentOS 7 installer is now placing /boot as the *last* partition on the disk. The position doesn't really matter. Correct, and I wasn't sufficiently clear. Not only did the installer put /boot on the last partition, but on the last sectors of the disk (which is really what caught my attention). And yes, both are forced to primary partitions: # fdisk -l /dev/sda Device Boot Start End Blocks Id System /dev/sda12048 975749119 487873536 fd Linux raid autodetect /dev/sda2 * 975749120 976773119 512000 fd Linux raid autodetect I wasn't so much surprised at the partition number but rather the sector offset of /boot. Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't install gd-devel on centos 7.1
Commercial rhel split repos weird way. so, this user might need to enable some more redhat repos using subscription-manager or similar. Hmm yeah guys. Sorry for the obvious screw up! Not much was done on this host yet. Actually it's a free tier t-2 on AWS. So I think I'll just trash it and start up an **actual** CentOS host and try again. Gotta learn to be in less of a hurry... ;) Thanks anyways! Tim On Sun, Apr 26, 2015 at 6:52 PM, Eero Volotinen eero.voloti...@iki.fi wrote: 2015-04-27 1:30 GMT+03:00 John R Pierce pie...@hogranch.com: On 4/26/2015 1:54 PM, Tim Dunphy wrote: Hey guys, I'm trying to instal gd-devel onto a CentOS 7 host. -- Finished Dependency Resolution Error: Package: gd-last-devel-2.1.1-2.el7.remi.x86_64 (remi) Requires: libvpx-devel(x86-64) You could try using --skip-broken to work around the problem You could try running: rpm -Va --nofiles --nodigest But when I try to do that I get the error you see above. These are the repos I have installed and enabled: repo id repo name status epel/x86_64 Extra Packages for Enterprise 7,718 puppetlabs-deps/x86_64 Puppet Labs Dependencies El 717 puppetlabs-products/x86_64 Puppet Labs Products El 7 - x 162 remi Les RPM de remi pour Enterpri 1,928 rhui-REGION-client-config-server-7/x86_64Red Hat Update Infrastructure 4 rhui-REGION-rhel-server-releases/7Server/x86_64 Red Hat Enterprise Linux Serv 6,851 rhui-REGION-rhel-server-rh-common/7Server/x86_64 Red Hat Enterprise Linux Serv 131 rpmforge RHEL 7Server - RPMforge.net - 245 webtatic/x86_64 Webtatic Repository EL7 - x86 519 I originally had nothing more than the base CentOS repo enabled. Along with the puppetlabs repo and epel when I first encountered this error. But then I tried adding some repos to find out if I could find the needed package in any of them. As others said, that RHUI stuff suggests licensed redhat subscriptions, NOT centos. here's a stock centos 7.1, that only has EPEL enabled. # cat /etc/redhat-release CentOS Linux release 7.1.1503 (Core) Commercial rhel split repos weird way. so, this user might need to enable some more redhat repos using subscription-manager or similar. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- GPG me!! gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 /boot location
On 04/25/2015 01:43 PM, Devin Reade wrote: I noticed that (in a case with a two disk md mirror and lvm), the CentOS 7 installer is now placing /boot as the *last* partition on the disk. The position doesn't really matter. Some old bios needed the boot sector inside the LBA (first 1024 cylinders) - but the partition number doesn't equate to the sectors/cylinders you're assigning to them. So you may want to look at the actual addresses for each partition. I'm assuming that others are seeing this behavior. Does anyone know why it's now the last instead of the first? (Seems to work, though.) It should work. My guess is that you may have forgotten to set force primary on the boot partition. Again, grub doesn't care if it's a primary partition but they usually are created first if that matters to you. Devin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Regards Peter Larsen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
