[CentOS-virt] Introduction

2015-06-30 Thread Danilo Falcão 
Hi guys

I'm Danilo Falcão (fcon), a Sys Admin from Brazil and living in Germany.
Recently I have joined Fedora QA  Infrastructure and now the CentOS
project to work with Lokesh (lsm5) building RPMS for Docker and related
packages.

In the past years I've been working a lot with Virtualization (XEN and KVM
mostly) and since Docker appeared I became a big fan of it.

I'm also a Bash scripter and a Python Fabric lover.

If there's anything I can help you guys with, just holla at me @ Freenode
or drop an e-mail :)

Cheers,
Danilo
___
CentOS-virt mailing list
CentOS-virt@centos.org
http://lists.centos.org/mailman/listinfo/centos-virt

[CentOS] CentOS-announce Digest, Vol 124, Issue 17

2015-06-30 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than Re: Contents of CentOS-announce digest...


Today's Topics:

   1. CEBA-2015:1192  CentOS 7 openssl BugFix Update (Johnny Hughes)
   2. CESA-2015:1194 Moderate CentOS 6 postgresql   Security Update
  (Johnny Hughes)
   3. CESA-2015:1193 Moderate CentOS 7 xerces-c Security Update
  (Johnny Hughes)
   4. CESA-2015:1194 Moderate CentOS 7 postgresql   Security Update
  (Johnny Hughes)


--

Message: 1
Date: Mon, 29 Jun 2015 13:10:10 +
From: Johnny Hughes joh...@centos.org
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEBA-2015:1192  CentOS 7 openssl BugFix
Update
Message-ID: 20150629131010.ga18...@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2015:1192 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1192.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
e6c2ef7c0b89fcfacb8e64488d2802271ab082921512860385fb1c0aae46684a  
openssl-1.0.1e-42.el7.9.x86_64.rpm
b96a444096055df0ceec150eb107130a814060558ddaa4ecbec1abcfc0acc99e  
openssl-devel-1.0.1e-42.el7.9.i686.rpm
018b50c925ec2feba99dd5b06e651327da4258b7a0c0a4bb4e551c6f0710ceb0  
openssl-devel-1.0.1e-42.el7.9.x86_64.rpm
7a2778580ee3d50584b8329e859d4be55d93ff749b088f50df2bb9a6879eb817  
openssl-libs-1.0.1e-42.el7.9.i686.rpm
b4dcd15094fc1a2f4e9742169d66e5de06a6751de26f2baa13282cca64954e3d  
openssl-libs-1.0.1e-42.el7.9.x86_64.rpm
13600af8063a7f56cb8686a5261c1c8cf42335a2a5f41ada1038d3e55ef78b08  
openssl-perl-1.0.1e-42.el7.9.x86_64.rpm
3c62e5f755a5db436f16c15af1236b8c80565b69b00d31f60bb4b686f36270c7  
openssl-static-1.0.1e-42.el7.9.i686.rpm
0aae83ae75cbcb9bb61c5c85fe5a06b35a8fc96d5fd35ce2b845d647c243b160  
openssl-static-1.0.1e-42.el7.9.x86_64.rpm

Source:
ad13e94dd6fb298aef32f250d95ea9f27a2de4a62d2f1e9f3e3ecc7c8e034c84  
openssl-1.0.1e-42.el7.9.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 2
Date: Mon, 29 Jun 2015 16:03:44 +
From: Johnny Hughes joh...@centos.org
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2015:1194 Moderate CentOS 6 postgresql
Security Update
Message-ID: 20150629160344.ga21...@n04.lon1.karan.org
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2015:1194 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1194.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
38011c1a69aac2d06e4309c0fa4cf17d8fa3f6393d9b99116365d277bf9df8a4  
postgresql-8.4.20-3.el6_6.i686.rpm
75b8c97fbcc379ff002cc3ec6a9e65c3163966add47d9cc51a09ee8526ba31c7  
postgresql-contrib-8.4.20-3.el6_6.i686.rpm
392b1251aab447568fbb76fd8c4997ff331246061db197b0cd13574a18cd4415  
postgresql-devel-8.4.20-3.el6_6.i686.rpm
dea73d52e9d5185a49ab859220cdecca739c8c7d85f7a51fba49d6dd7bfaa012  
postgresql-docs-8.4.20-3.el6_6.i686.rpm
292276c6e567d46ef194cdd9fff8cb0fb11b7e924d418ad75cc3be1555634aeb  
postgresql-libs-8.4.20-3.el6_6.i686.rpm
e570c1313bfe0e7502299d0af4696feb56f7d8847165896913e2baa3a198ea94  
postgresql-plperl-8.4.20-3.el6_6.i686.rpm
ae287231ae774f9aba82085551e38447eb4a611e2af5cf16887d666de6de0581  
postgresql-plpython-8.4.20-3.el6_6.i686.rpm
dd785db4e8c9f57a86907ac5abab40af293019afbfc731d9801083eaa3ad64ff  
postgresql-pltcl-8.4.20-3.el6_6.i686.rpm
110719e3176139a68fb8a6867b6183feee528b1a56fb45bc23ce8b4e5a3eb072  
postgresql-server-8.4.20-3.el6_6.i686.rpm
d02ede44f9cbd547693b9de880f3aed6583f390c9f478a53df6e25430804dd47  
postgresql-test-8.4.20-3.el6_6.i686.rpm

x86_64:
38011c1a69aac2d06e4309c0fa4cf17d8fa3f6393d9b99116365d277bf9df8a4  
postgresql-8.4.20-3.el6_6.i686.rpm
449c2c72585adb94d9fbfcae049e2bcd3ef329b273c36e55c5a1f6a9f3da1e94  
postgresql-8.4.20-3.el6_6.x86_64.rpm
19ee23df9fd054b6b748b6a91bd1d07a24e14e56eab91c8587e703daaea544ff  
postgresql-contrib-8.4.20-3.el6_6.x86_64.rpm
392b1251aab447568fbb76fd8c4997ff331246061db197b0cd13574a18cd4415  
postgresql-devel-8.4.20-3.el6_6.i686.rpm
5afb7ab33f153c23ec0414273d02e1d0c801bd90878069dbd294873fbcbc5c16  
postgresql-devel-8.4.20-3.el6_6.x86_64.rpm
fff82d8f6ed8594ab0a2ac856cf555175520f03eb02b1227fe46810cf68df140  
postgresql-docs-8.4.20-3.el6_6.x86_64.rpm
292276c6e567d46ef194cdd9fff8cb0fb11b7e924d418ad75cc3be1555634aeb  
postgresql-libs-8.4.20-3.el6_6.i686.rpm

Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server

2015-06-30 Thread ken 

On 06/29/2015 10:43 AM, m.r...@5-cent.us wrote:

James B. Byrne wrote:

On Mon, June 29, 2015 02:14, Sorin Srbu wrote:
OS 6?


Please note: I'm not criticizing, just curious about the argument
behind using a regular OS to do firewall-stuff.


Maintenance.

A consistent set of expectations does wonders for debugging odd-ball
occurrences.  Why learn the idiosyncrasies of two distros when one
suffices?  Just start with a minimal CentOS install on your
router/gateway and add only the packages that you know that you need.
Any critical omission will evidence itself in short order and can be
added then; or the source of the need removed as circumstance
warrants.


Being a longtime RH/CentOS user recently flirting with debian, I have to 
agree.  Another advantage to using a single distro across multiple 
machines is the ability to compare them (e.g., does this system system 
file have the same size and timestamp on all my systems?).




I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly
impressed. I mean, it seems ok, but the project is run in what I can only
describe as amateur, in the worst sense of the word. The several
official developers release a build, and you can choose which one of
who's; people on the mailing list have favorite builds, which is not a
phrase I have *ever* heard used with an o/s before, and I'm afraid to
update, as some of their documentation is out of date, or wrong.


I agree on dd-wrt.  Several docs and occasional forum postings say, 
check the wiki.  Other docs and forum postings say, ignore the wiki, 
it's outdated.  Finding the latest build is like an easter egg hunt. 
The whole project seemed to me to be very disorganized.


Re: administration and docs again:  My router's wifi radio seemed to go 
out one day (after a power outage).  I couldn't connect to the router 
anymore via wifi.  The lack of reliable docs made figuring out the 
settings a guessing game.  And I didn't know what tools existed for 
diagnosing the hardware and software.


I have to sympathize with the dd-wrt developers though.  There are a lot 
of routers on the market.  Most are vastly different in what hardware 
and features they have.  And too, in most case (I'd think) they have 
docs from manufacturers, so have to reverse-engineer the code, and do 
this separately for dozens if not hundreds of routers on the market. 
Given these circumstances, it's amazing they've been able to do what 
they've done.


Waxing further off-topic, a solution to this, IMO, would be something 
very much like a Raspberry Pi router: essentially an RPi with a 
half-dozen RJ45 ports.  It would be nice to have the wifi built into it, 
but because these are country-specific, the wifi-radio would probably 
need to be a separate plug-in part.  But having non-volatile memory on a 
card, as RPi's already have, would make testing and upgrading-- and also 
downgrading-- much easier and worry-free.




At some point, I may just get a PI, and run CentOS, or some
firewall/router distro, though that would mean not having WiFi for guests.


When the radio on my wifi went out, I found it a simple matter to set up 
a secure wifi AP (using hostapd) on an RPi and plug it into an RJ45 on 
my router.







mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Qemu 2.x on CentOS 7?

2015-06-30 Thread Robert Fitzpatrick 
Is there any way to get the latest Qemu to run on CentOS 7? I'm looking 
for a way to create backup snapshots, but the current install says:


[root@vhost1 ~]# virsh snapshot-create-as myvm snapshot1 snapshot1 
description
error: Operation not supported: live disk snapshot not supported with 
this QEMU binary


--
Robert

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] set up login.defs but password still not expire?

2015-06-30 Thread Ashish Yadav 
Hi,

On Tue, Jun 30, 2015 at 1:29 AM, mcclnx mcc mcc...@yahoo.com.tw wrote:

 We have Centos 5.8 on LInux server.I setup /etc/login.defs following:
 PASS_MAX_DAYS   3
 PASS_MIN_DAYS   0
 PASS_MIN_LEN8
 PASS_WARN_AGE   1

 after that I chack user password policy and it show:# chage -l user1
 Last password change: Jun 29, 2015
 Password expires: never
 Password inactive   : never
 Account expires : never
 Minimum number of days between password change  : 0
 Maximum number of days between password change  : 9
 Number of days of warning before password expires   : 7

 anyone know why?   I did reboot server still same.


It will not be applied automatically to existing users, you have to do that
manually by running below command,

For an example,

# chage -E 6/30/2015 -m 5 -M 90 -I 30 -W 14 test ( For more information
read Man page )

If you gonna create a new user after making changes into /etc/login.defs
then password policy will be applied automatically
on new user and you can check it by running chage -l username.

--Regards
Ashishkumar S. Yadav
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] set up login.defs but password still not expire?

2015-06-30 Thread Peter 
On 06/30/2015 07:59 AM, mcclnx mcc wrote:
 We have Centos 5.8 on LInux server.I setup /etc/login.defs following:
 PASS_MAX_DAYS   3

So you're saying that you're running a CentOS that has not been updated
in three years and as such is full of security vulnerabilities and bugs
and yet you are security-conscious enough to want a 3 day password expire?

Do yourself a favor and yum update, that will help you to secure your
system way better than your password policy.


Peter
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] Vpn pptpd

2015-06-30 Thread César Martinez 
Muchas gracias por responder, ahora haciendo una investigación en esta 
empresa ya han tenido antes una VPN pero no se sabe exactamente con que 
VPN está trabajando si es openvpn u otra, tengo al posibilidad de 
verificar en el servidor master que aún existe en la oficina remota,  
ahora la pregunta seria si es una VPN con openvpn que debería hacer en 
este servidor, es decir solo copiar los certificados al nuevo servidor.


Agradezco de antemano su ayuda

--
Saludos Cordiales

|César Martínez | Ingeniero de Sistemas | SERVICOM
|Tel: (593-2)554-271 2221-386 | Ext 4501
|Celular: 0999374317 |Skype servicomecuador
|Web www.servicomecuador.com Síguenos en:
|Twitter: @servicomecuador |Facebook: servicomec
|Zona Clientes: www.servicomecuador.com/billing
|Blog: http://servicomecuador.com/blog
|Dir. Av. 10 de Agosto N29-140 Entre
|Acuña y  Cuero y Caicedo
|Quito - Ecuador - Sudamérica

On 25/06/15 11:16, Javier Aquino wrote:

Hola César,

Para una VPN site-to-site te recomiendo OpenVPN o LibreSWan.

En mi caso, tengo una vpn con LibreSWAN entre mi oficina y otras 10 en
diferentes paises y nunca he tenido inconvenientes salvo por problemas con
el internet.

Saludos y éxitos en tu proyecto.



*JAVIER AQUINO*
Jefe de TI  C
LEXUS EDITORES

El 25 de junio de 2015, 11:08, César Martinez cmarti...@servicomecuador.com

escribió:
Saludos amigos listeros, acudo a ustedes con una consulta, quiero
implementar una VPn con pptp entre dos servidores Linux para unir dos
oficinas distantes, cada una tiene un proveedor de internet diferente y van
a tener un servidor Linux centos con una ip publica fija , he usado pptpd
pero solo con un servidor y los clientes deben realizar una conexión nueva
para conectarse, existe la posibilidad de hacerlo con pptp pero sin
necesidad que los usuarios deban crear esta nueva conexión, es decir solo
van a cualesquiera de las redes de las oficinas ingresan a al red y ya
pueden ver archivos y carpetas de la otra red.

Agradeciendo a todos.

--
Saludos Cordiales

|César Martínez | Ingeniero de Sistemas | SERVICOM
|Tel: (593-2)554-271 2221-386 | Ext 4501
|Celular: 0999374317 |Skype servicomecuador
|Web www.servicomecuador.com Síguenos en:
|Twitter: @servicomecuador |Facebook: servicomec
|Zona Clientes: www.servicomecuador.com/billing
|Blog: http://servicomecuador.com/blog
|Dir. Av. 10 de Agosto N29-140 Entre
|Acuña y  Cuero y Caicedo
|Quito - Ecuador - Sudamérica

___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es


___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es



___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS-docs] wiki.centos.org/TipsAndTricks/VncHeadlessInstall

2015-06-30 Thread Alan Bartlett 
On 30 June 2015 at 05:46, Kevin Bulgrien kbulgr...@att.net wrote:

 (Apologies for the potential duplicate post.  My initial post had a smashed 
 subject line.  This post only adds the subject and this note.)

 I would like permission to edit this page.  The changes I have in mind are:

 1) It is not necessary to burn a CD/DVD to do a headless install in cases 
 where the installed system has a monitor, but for some reason cannot support 
 a graphical install directly.   This can be caused by: a server that has too 
 little memory to run a graphical install, or running the install in a virtual 
 machine where the install does not work properly in the virtual machine 
 console because the display is too small and controls are not shown.

 One situation where I ran into this situation was doing an install of 6.5 on 
 very old server hardware.  The text mode install did not allow me to preserve 
 partitions, and it was critical to preserve the /home mount to avoid data 
 loss.  I had to run the graphical install, but the only way to do it on this 
 hardware was to do a headless install.  I was thankful for the page because 
 it helped me figure out how to do the headless install even though I didn't 
 need to go to the trouble of making bootable media.  It seems potentially 
 beneficial to make notes that help others also learn how to do it without 
 burning media if this could solve their issue.

 Also, just last week I tried to perform a graphical install CentOS 7.1 in a 
 VM under ESXi 6.  The install started out okay, but soon reached a point 
 where installer windows/panels and controls did not fit in the console 
 display.  While one might try to use TAB to select hidden controls, it was 
 unsafe to do so because one could not even see the controls that needed to be 
 manipulated.  As I didn't know how to cure the console size issue during 
 install, it seemed logical to use a headless install method to get a higher 
 resolution install console via a VNC viewer.  This might have worked except 
 that:

 2) The instructions given do not work for CentOS 7.  Something has changed.  
 At this point I am still trying to figure out if the problem is simply a 
 matter of changed kernel options, but after trying many things for a couple 
 of days, it is clear that at least 7.1 does not work.  At the very least, the 
 page could be improved by documenting this difficulty with 7.  I did find a 
 lead tonight that might allow me to proceed with 7, but I haven't tested it 
 yet.  If it works, then the edits would document changes key to making the 
 process work for 7.

 The proposed edits would show how to invoke a headless install by editing 
 kernel parameters at the initial install menu on the console.  Obviously this 
 is not a true headless install, but since it can be used to advantage, and 
 as it is A LOT simpler than burning a CD/DVD, I feel the changes would help 
 others that find themselves in the situation I was in.

 I am proposing to do the in 
 http://wiki.centos.org/TipsAndTricks/VncHeadlessInstall though if it is felt 
 that it is better to have the content be on a sub-page (due to the fact my 
 edits involve using the console), I am amenable to doing that also.

 My wikiuser is:   KevinBulgrien

 I have not created my user page at this time, but would plan to follow the 
 editing guidelines and set it up if I am approved to make these changes.

 Thanks for your consideration of this matter.

 Kevin Bulgrien

Hello Kevin,

I have created a wiki home page for you
(wiki.centos.org/KevinBulgrien) and would suggest that you use it to
lay out your proposed changes in a draft form. When done, just ask on
this list for a review and comments and then your contribution(s) can
be merged.

I have appended a copy of the /TipsAndTricks/VncHeadlessInstall page
to your home page so that you have something to work with.

Alan.
___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS] Qemu 2.x on CentOS 7?

2015-06-30 Thread Nux! 
Hello,

You might be able to use the live feature by using the qemu-kvm-rhev from Ovirt:
http://resources.ovirt.org/pub/ovirt-3.5/rpm/el7/x86_64/

HTH

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
 From: Robert Fitzpatrick rob...@webtent.org
 To: CentOS centos@centos.org
 Sent: Tuesday, 30 June, 2015 14:27:41
 Subject: [CentOS] Qemu 2.x on CentOS 7?

 Is there any way to get the latest Qemu to run on CentOS 7? I'm looking
 for a way to create backup snapshots, but the current install says:
 
 [root@vhost1 ~]# virsh snapshot-create-as myvm snapshot1 snapshot1
 description
 error: Operation not supported: live disk snapshot not supported with
 this QEMU binary
 
 --
 Robert
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6 gcc is a bit old

2015-06-30 Thread Jonathan Billings 

 On Jun 29, 2015, at 16:08, James A. Peltier jpelt...@sfu.ca wrote:
 When you're going to maintain software for long periods of time the Modules 
 environment can come in really handy.  See http://modules.sf.net

You can even use modules with the SCL packages, it is a simple translation. 
Hopefully in the future they will provide native modules. 


--
Jonathan Billings

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Tar CentOS installation and transfer it to new server

2015-06-30 Thread Warren Young 
On Jun 29, 2015, at 6:50 PM, Mike 1100...@gmail.com wrote:
 
 rsync -aAXHx -e 'ssh’ 

-e ssh has been the default in rsync for a very long time.  I believe the 
newest CentOS where -e defaults to rsh instead is CentOS 3.

You only need to give -e nowadays when you need nonstandard ssh options, and 
you don’t want to put them in your ~/.ssh/config file.  A common example is a 
nonstandard port number:

   rsync -e ssh -p 222 ...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Tar CentOS installation and transfer it to new server

2015-06-30 Thread Mike 
On Tue, Jun 30, 2015 at 12:55 PM, Warren Young w...@etr-usa.com wrote:

 On Jun 29, 2015, at 6:50 PM, Mike 1100...@gmail.com wrote:
 
  rsync -aAXHx -e 'ssh’

 -e ssh has been the default in rsync for a very long time.  I believe the
 newest CentOS where -e defaults to rsh instead is CentOS 3.

 You only need to give -e nowadays when you need nonstandard ssh options,
 and you don’t want to put them in your ~/.ssh/config file.  A common
 example is a nonstandard port number:


Thanks Mr. Young.
The man page definitely tracks with your observation.
Appreciated.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] user 'not listed' on login screen

2015-06-30 Thread Valeri Galtsev 

On Tue, June 30, 2015 12:58 pm, g wrote:


 On 06/30/15 12:22, CS DBA wrote:
 All;

 I installed centOS 7 (KDE), I also created a user 'postgres'
 the postgres user does not show up as a user on the login screen.

 How can I make this user show up on the login screen? I've googled it
 with no luck

 log in a root user, check for /home/missing-user.

 in /etc files; group, gshadow, passwd, shadow, for 'missing-user'.

 if missing or present, create user again to see if will correct.

 if it is a daemon as Mark suggest, remove daemon.

As far as I remember, by default postgres user has rather low UID number.
Users with UID below some number will not be shown on login screen. (500
was this number in the past, 1000 may be on some current Linuxes, 100 was
on some Suns if I remember correctly)

Valeri


 hth.


 --

 peace out.

 -+-
 If Bill Gates got a dime for every time Windows crashes...
  ...oh, wait. He does. THAT explains it!
 -+-
 in a world with out fences, who needs gates.
 -+-

 CentOS GNU/Linux 6.6

 tc,hago.

 g
 .

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos




Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] user 'not listed' on login screen

2015-06-30 Thread g 


On 06/30/15 12:22, CS DBA wrote:
 All;

 I installed centOS 7 (KDE), I also created a user 'postgres'
 the postgres user does not show up as a user on the login screen.

 How can I make this user show up on the login screen? I've googled it
 with no luck

log in a root user, check for /home/missing-user.

in /etc files; group, gshadow, passwd, shadow, for 'missing-user'.

if missing or present, create user again to see if will correct.

if it is a daemon as Mark suggest, remove daemon.

hth.


-- 

peace out.

-+-
If Bill Gates got a dime for every time Windows crashes...
 ...oh, wait. He does. THAT explains it!
-+-
in a world with out fences, who needs gates.
-+-

CentOS GNU/Linux 6.6

tc,hago.

g
.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] user 'not listed' on login screen

2015-06-30 Thread John R Pierce 

On 6/30/2015 10:58 AM, g wrote:

log in a root user, check for /home/missing-user.

in /etc files; group, gshadow, passwd, shadow, for 'missing-user'.

if missing or present, create user again to see if will correct.

if it is a daemon as Mark suggest, remove daemon.



if its the daemon account Mark suggests, don't remove it unless you want 
to also remove the postgresql database server thats depending on it.




--
john r pierce, recycling bits in santa cruz

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] user 'not listed' on login screen

2015-06-30 Thread CS DBA 
All;

I installed centOS 7 (KDE), I also created a user 'postgres'
the postgres user does not show up as a user on the login screen.

How can I make this user show up on the login screen? I've googled it
with no luck


Thanks in advance


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] user 'not listed' on login screen

2015-06-30 Thread m . roth 
CS DBA wrote:
 All;

 I installed centOS 7 (KDE), I also created a user 'postgres'
 the postgres user does not show up as a user on the login screen.

 How can I make this user show up on the login screen? I've googled it
 with no luck

I would think that under no circumstances *should* it show up. It's a user
account for a daemon, and no one should be logging in that way, more like
su to it.

   mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] gssproxy items...

2015-06-30 Thread Erik Laxdal 
Hi,

I've been working on some systems trying to get kerberized nfsv4 and
kerberized web services going on 7.  Kerberized nfsv4 was working with
7.0, but with the 7.1 release it stopped working, the key difference
between the two setups is that gssproxy wasn't being used with 7.0, but
seems to be key with 7.1.

The problem I am encountering with Kerberized NFSv4 is that the
directory will mount okay, and I can see it's contents as root, but I
encounter Permission denied errors when trying to access it as a
regular user.  'klist -ce' returns valid results as the user (including
a a line for the server spn that I was trying to access), and I am able
to access Kerberized NFSv4 shares hosted on EL6 servers as the same user.

Kerberized web services have been a recent thing to try in order to see
if they would work with gssproxy - a colleague did get Kerberized web
services going on 7.1 without using gssproxy.  I followed the
instructions at https://fedorahosted.org/gss-proxy/wiki/Apache, but
still didn't have any success until I added the cred_store line
mentioned in comment 6 of
https://bugzilla.redhat.com/show_bug.cgi?id=1168962 as we are running
with selinux enabled.  The success was short-lived for once I started
adding user/group checking it would succeed about 30% of the time as the
user principal was being returned as
elaxdal@REALMH\x86\xf7\x12\x01\x02\x02 instead of just elaxdal@REALM.

Today I tried recompiling the 0.4.1-1 source rpm from Fedora 21's
updates, installed it onto a 7.1 nfsv4/web server, at which point
everything started to consistently work - NFSv4 shares and web services
with user/group checking.  So it appears that the problem I'm
encountering has been addressed.  I've also tried recompiling the
0.3.1-1 and 0.3.1-4 source rpms from Fedora 20 and 21, both of which
show the same problems I see with the 7.1 version of gssproxy.

Some additional background information, the Kerberos server is an AD
server that is maintained by another group.  The system keytab uses a
user account based spn on the AD server, and a computer account based
keytab for the system with aliases for host and http keytabs.

Any thoughts/suggestions as I'd rather stay with the distribution's
version of supplied packages?

Thanks,
Erik

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] gssproxy items...

2015-06-30 Thread Erik Laxdal 
On 06/30/2015 12:13 PM, m.r...@5-cent.us wrote:
 Erik Laxdal wrote:
 The problem I am encountering with Kerberized NFSv4 is that the
 directory will mount okay, and I can see it's contents as root, but I
 encounter Permission denied errors when trying to access it as a
 regular user.  'klist -ce' returns valid results as the user (including
 a a line for the server spn that I was trying to access), and I am able
 to access Kerberized NFSv4 shares hosted on EL6 servers as the same user.
 snip
 Stupid question: selinux?
Not a stupid question, selinux has gotten me with other things from time
to time.  The server was setup with selinux set to enforcing by default,
but I have tried 'setenforce 0', changing it to permissive, and finally
disabled (rebooting after each of these state changes) with no change in
behaviour.

On the client side, I've only tried the 'setenforce 0' command.  The
gssproxy-0.4.1-1 package was only installed on the server and worked
with selinux enabled on both the server and client sides.  The client
side also has no problem accessing Kerberized NFSv4 shares from EL6
systems with selinux enabled on it.

Thanks,
Erik

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] gssproxy items...

2015-06-30 Thread m . roth 
Erik Laxdal wrote:
 Hi,

 I've been working on some systems trying to get kerberized nfsv4 and
 kerberized web services going on 7.  Kerberized nfsv4 was working with
 7.0, but with the 7.1 release it stopped working, the key difference
 between the two setups is that gssproxy wasn't being used with 7.0, but
 seems to be key with 7.1.

 The problem I am encountering with Kerberized NFSv4 is that the
 directory will mount okay, and I can see it's contents as root, but I
 encounter Permission denied errors when trying to access it as a
 regular user.  'klist -ce' returns valid results as the user (including
 a a line for the server spn that I was trying to access), and I am able
 to access Kerberized NFSv4 shares hosted on EL6 servers as the same user.

snip
Stupid question: selinux?

   mark


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CPAN issues

2015-06-30 Thread Kahlil Hodgson 
​From what I can see there you are running cpan as root and installing it
under a local lib /root/perl5. The new cpan executable is is under
/root/perl5/bin/. Thats probably not in your path? Also the modules under
/root/perl5/lib/perl5 are probably not in your module search path.

There is a lot of what your are doing here that is either unsafe or unwise.

Before we go into that, could we step back a bit and discus your
environment and what you are trying to achieve. Specifically, why you feel
the need to upgrade CPAN at a system level?  There may be a better way to
solve the underlying issue.

Cheers,

K
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server

2015-06-30 Thread Sorin Srbu 
 -Original Message-
 From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
 Behalf Of m.r...@5-cent.us
 Sent: den 29 juni 2015 17:25
 To: CentOS mailing list
 Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home
 server
 
  The WiFi solution I use still uses a Centos 6 firewall/router/gateway,
  but one of my inside devices is a WiFi router.  Rather than doing
  double routing, I connect one of the WiFi's LAN connections via a
  switch to my Router via a switch, leaving the WiFi Router's WAN
  conection unused.  That way, my gateway (and not the WiFi router) is
  the DHCP server, and can enforce whatever firewall rules I want to
  apply.
 
  No need to give up your guest WiFi if you stick with a Centos gateway.
 
 Hmmm... that's a thought. On the other hand, for defence in depth, I'm
sort
 of leary about using my own system as a firewall. As I noted, on my old
 firewall/router box, I had almost nothing. That's why I'm considering a
PI

I used to use a similar solution at home with Smoothwall and an AP. Worked
fine till the computer running Smoothwall died.
Worked fine for home use. IDK if it would be a good solution in a
professional environment as well, but scaled up of course.

-- 
//Sorin
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server

2015-06-30 Thread Sorin Srbu 
 -Original Message-
 From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
 Behalf Of Gordon Messmer
 Sent: den 29 juni 2015 19:40
 To: CentOS mailing list
 Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home
 server
 
 On 06/29/2015 06:46 AM, Sorin Srbu wrote:
  Even considering a minimal CentOS install, is that still less minimal
  than e.g. Smoothwall or Ipcop?
 
 Yes, a minimal install of CentOS is probably larger (less minimal) than a
 specialized distribution.
 
  In my world, security has a price and, and that might be the need to
  learn another distro in order to minimize security issues (and maybe
  as in this case minimize attack-surfaces).
 
 When all of your systems are one OS, you can more easily build an
 infrastructure that provides backups, security and bug fix updates,
 monitoring, etc for all of your systems.  Specialized devices are often
left out
 when admins set up infrastructure to provide those services for their
primary
 systems.  That's one way that a general purpose OS can be significantly
 better than a specialized OS.

Those are good points, thanks.

I'm probably somewhat indoctrinated by the Smoothwall community and the
thesis that an appliance like that, that only does one thing is really good
at doing just that.

Thanks all for your thoughts on this!

-- 
//Sorin
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos