Re: [CentOS] CentOS 7.2, nouveau won't go away

[Sorin Srbu]

> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of Akemi Yagi
> Sent: den 3 mars 2016 08:20
> To: CentOS mailing list
> Subject: Re: [CentOS] CentOS 7.2, nouveau won't go away
> 
> On Wed, Mar 2, 2016 at 11:05 PM, Sorin Srbu 
> wrote:
> 
> >
> >
> > > Do you have a sound reason for not using elrepo's packaged nvidia
> driver?
> >
> > I'm guessing the OP's using Nvidias 3D-vision features, which at least
over
> > here never worked properly with the elrepo package.
> >
> Just curious. Is there a Linux driver for Nvidia's 3D vision?

Now when you mention it, I'm not that sure... 8-S
It's been a while since I dabbled with those pesky drivers to enable the
3D-features.

"01:00.0 VGA compatible controller: NVIDIA Corporation GF100GL [Quadro 4000]
(rev a3)"

Used a 3D-monitor as well as outputting the same 3D-image to a 3D-projector.

The computer needing this was only able to output the 3D-image when we used
the proprietary driver from Nvidia.

I recall there were some issues enabling this on Windows 7 as well at the
time, but that's outside the scope of this list. 8-)

-- 
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.2, nouveau won't go away

[Akemi Yagi]

On Wed, Mar 2, 2016 at 11:05 PM, Sorin Srbu 
wrote:

>
>
> > Do you have a sound reason for not using elrepo's packaged nvidia driver?
>
> I'm guessing the OP's using Nvidias 3D-vision features, which at least over
> here never worked properly with the elrepo package.
>
> Just curious. Is there a Linux driver for Nvidia's 3D vision?

Akemi
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.2, nouveau won't go away

[Sorin Srbu]

> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of m.r...@5-cent.us
> Sent: den 29 februari 2016 19:50
> To: CentOS mailing list
> Subject: Re: [CentOS] CentOS 7.2, nouveau won't go away
> 
> Because I was looking late Friday afternoon, and had a vague memory that
> they'd dropped support for this card (the "newer" machine is only six or
> seven years old, as opposed to the 10-yr-old one tht died: this is your
> tax dollars at work, US citizens... and, btw, I see among the things this
> researcher's working on is modelling the Zika virus).
> 
> I was busting butt to get him running; as it was, he couldn't work over
> the weekend, and it took me until lunchtime to get him up and running for
> now (I *adore* NAC on the switches).
> 
> Now that he's running, I just looked, and I see that the legacy 304
> kmod-nvidia driver should support it, so, next time he's out for a day,
> I'll try installing that.
> 
> Thanks for the reminder.

"nvidia-detect" will tell you exactly what elrepo package to use. ;-)

What's the zika-guy using for modelling, the Schrodinger Suite?

-- 
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.2, nouveau won't go away

[Sorin Srbu]

> -Original Message-
> From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
> Behalf Of John Hodrien
> Sent: den 29 februari 2016 17:55
> To: CentOS mailing list
> Subject: Re: [CentOS] CentOS 7.2, nouveau won't go away
>
> >   Fully updated 7.2 system. I installed the correct proprietary NVidia
> > driver (the user's expensive proprietary visualization software won't
> > run with nouveau), I've put nouveau.modeset=0
> > rd.driver.blacklist=nouveau on the kernel line for grub2, and even yum
> > removed the nouveau driver and built a new initrd... which won't boot,
> > it seems to start and than does nothing, with a black screen, and this
> > is just while booting, before it goes to graphical mode.
> >
> >   If I boot the as-built current initramfs, it loads nouveau, though one
> > of the modules listed if I do lsmod | grep nou shows nvidia, in
> > addition to nouveau.
> >
> >   So, in 7, what do I have to do to make nouveau go away? Is it as
simple
> > as creating an /etc/X11/xorg.conf, or...?
> 
> Do you have a sound reason for not using elrepo's packaged nvidia driver?

I'm guessing the OP's using Nvidias 3D-vision features, which at least over
here never worked properly with the elrepo package.


-- 
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-docs] wiki addition for AWS

[Warren Turkal]

Unfortunately, I don't have edit access in the wiki. I can't even create my
own personal info page.

wt

On Tue, Mar 1, 2016 at 4:32 PM, Karanbir Singh  wrote:

> On 22/02/16 22:58, Warren Turkal wrote:
> > My wiki name: WarrenTurkal
> >
> > Page for addition: https://wiki.centos.org/Cloud/AWS
> >
> > Proposed addition: I would like to add a column for the product code
> > for the CentOS images listed with AWS marketplace URLs. I use the
> > product code for "CENTOS-7 x86_64" to find the AMIs to start hosts
> > with that image in each region of AWS.
> >
>
> You should be able to go ahead and put the details in.
>
> I'm also working on making the CentOS images available outside of the
> Market Place shortly, so details for that ( including regions ) will
> likely end up in the same page.
>
> thanks,
>
>
> --
> Karanbir Singh
> +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh
> GnuPG Key : http://www.karan.org/publickey.asc
> ___
> CentOS-docs mailing list
> CentOS-docs@centos.org
> https://lists.centos.org/mailman/listinfo/centos-docs
>
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS-docs] Access to ConfigManagmentSig

[Alan Bartlett]

On 2 March 2016 at 22:06, David Murphy  wrote:
> As per the new Config Management SIG
>
> 3. Send a message to centos-docs@centos.org with the following information:
> - your FirstnameLastname username
>
> DavidMurphy
>
> - inform them that you are a member of the ConfigManagementSig
>
>   member of ConfigManagementSig
>
> - Ask to have access to 1. your personnal page 2.
> https://wiki.centos.org/SpecialInterestGroup/ConfigManagementSIG
>
>
>Can I have access to personal page and the wiki as above.
>
> Thanks
>
>
> dmurph...@gmail.com

A C-wiki home page has now been initialised for you and you have edit
access to the ConfigManagementSIG page, plus any sub-pages.

If you have any problems with the above, please let either Akemi or
myself know via this list.

Alan.
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS-docs] Access to ConfigManagmentSig

[David Murphy]

As per the new Config Management SIG

3. Send a message to centos-docs@centos.org with the following information:
- your FirstnameLastname username

DavidMurphy

- inform them that you are a member of the ConfigManagementSig

  member of ConfigManagementSig

- Ask to have access to 1. your personnal page 2.
https://wiki.centos.org/SpecialInterestGroup/ConfigManagementSIG


   Can I have access to personal page and the wiki as above.

Thanks


dmurph...@gmail.com
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs

[CentOS-virt] CentOS 6

[Gene]

Will Xen4Centos on CentOS 6 be supported all the way through its EOL
(November 30th, 2020)?

If not when will it stop being supported/updated under this SIG?

Thanks.

-Gene
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

Re: [CentOS] problem restoring ssl and vlc

[g]

Steve,  thank you for reply. it made my long night shorter.

On 03/02/2016 05:40 AM, Steve Clark wrote:
<<>>
--

> You can use rpm -v -V -a to check the validity of all your packages or
> rpm -v -V pkgname to check a single package.
>
--

never used '-V'.

"one is never too old to learn something new". and i am one of those 'one'.

> See the following link for details.
> http://www.rpm.org/max-rpm/ch-rpm-verify.html
>
--

that is one nice page to bring understanding of verify.

your reply has brought brought an end to my 'watch word', perseverance.
having always persevered in what i do, this is one time that a command
option has convinced me that i need to wipe a partition and reinstall.

there were close to 2K lines of missing dependencies which is close to
the number of packages installed.

there is now much doubt that i would have been able to repair system
without a lot time and aggravation.

all this does prove one thing, i need to check my biorhythms more often.

biorhythm 2016-0302:
  emotional -85% rising,  physical +90% rising,  intellectual + 8% falling

  http://www.degraeve.com/bio.php

my biorhythm plots are not 100%, but they have proved out about 75% of
time.

btw, i am using my laptop at this time as i no longer trust my desktop. ;-)

now pulling 6.7 netinstall. next is to copy grub.conf and fstab
to ~/geo. after, i will copy /home partition so i can resize '/'
partition and move extended partition down on drive. re-sizing '/' is
because of another -% intellectual day and i made '/' 80GB. :-)

again, i thank you very much for your reply. it was of great help and
will make this day more enjoyable.

take care, have a good one.


-- 

peace out.

--
If Bill Gates got a dime for every time Windows crashes...
 ...oh, wait. He does. THAT explains it!
--
in a world with out fences, who needs gates.
--

CentOS GNU/Linux 6.6

tc,hago.

g
.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-announce] CESA-2016:0346 Important CentOS 7 postgresql Security Update

[Johnny Hughes]

CentOS Errata and Security Advisory 2016:0346 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0346.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
5c458f42b2ef11fcc4b62d7f69c7dc1e033957c471387d65a6d49c0d7df6f128  
postgresql-9.2.15-1.el7_2.i686.rpm
2434cedad6cd2fd921d499c57864e69e8db4ec7166d0f390c055074d50ddd2a7  
postgresql-9.2.15-1.el7_2.x86_64.rpm
f7484385c8df8fa144de7fea6e3fb64f657a3325608e3d25dd5d6e68f32fa7ea  
postgresql-contrib-9.2.15-1.el7_2.x86_64.rpm
1eeabfd3110ad851ad61b68271e2594d2807241617e395427a83f89f1e662d6f  
postgresql-devel-9.2.15-1.el7_2.i686.rpm
62790ddfbb18ad771af372509b674b62284d8d47c390dc397269f71c9fef8df3  
postgresql-devel-9.2.15-1.el7_2.x86_64.rpm
0e787b99e9fddde0900c8dbf2014025ec8ce1c578c684e5ce51c532b52f1abb4  
postgresql-docs-9.2.15-1.el7_2.x86_64.rpm
51c0e1cc0983e2139d11ea212f23f1ce60b6ed25a071743f360515688898aaa5  
postgresql-libs-9.2.15-1.el7_2.i686.rpm
53f4bed4816944cdfd1b896ad6933c799f3429b221d2146d91d462e5c608fae3  
postgresql-libs-9.2.15-1.el7_2.x86_64.rpm
2c9e04943c318f89e8c94d8104e01cbeb1c9dcbf868dee434c3e65505384cb03  
postgresql-plperl-9.2.15-1.el7_2.x86_64.rpm
36021f26db1f2addf89e15707348cc611b34f0b9fe385df77e1f50994c978fa6  
postgresql-plpython-9.2.15-1.el7_2.x86_64.rpm
a9d8728e1b5a7c34ce94b1c339c3017691da43458afcec07f6be207c96877795  
postgresql-pltcl-9.2.15-1.el7_2.x86_64.rpm
5be958fcca92e4b44dcfcae4f50bb16c05386c06b31ddcd36b5cf6c4ffd01af4  
postgresql-server-9.2.15-1.el7_2.x86_64.rpm
8afce69552067b932036be540522b0db2d4c245cedb1fad8eb4762b02586a83d  
postgresql-test-9.2.15-1.el7_2.x86_64.rpm
1e7aa4a53e7cee01fdd305e69bc2e7927f85d97682dd925b3adb0b12e75a9872  
postgresql-upgrade-9.2.15-1.el7_2.x86_64.rpm

Source:
2e7e14805236939e21dd3bb2b293c205206c7cb76c0beb42317a4073aeb9aab0  
postgresql-9.2.15-1.el7_2.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS

___
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

Re: [CentOS-virt] docker 1.10.2 available

[Lokesh Mandvekar]

On Tue, Mar 01, 2016 at 03:37:05PM -0500, Jason Brooks wrote:
> 
> 
> - Original Message -
> > From: "Lokesh Mandvekar" 
> > To: "Discussion about the virtualization on CentOS" 
> > Sent: Tuesday, March 1, 2016 12:09:47 PM
> > Subject: Re: [CentOS-virt] docker 1.10.2 available
> > 
> > On Tue, Mar 01, 2016 at 12:43:32PM -0500, Jason Brooks wrote:
> > > I'm getting this dep error trying to install this:
> > > 
> > > Error: Package: 1:docker-1.10.2-5.git0f5ac89.el7.x86_64
> > > (virt7-docker-common-candidate)
> > >Requires: selinux-policy >= 3.13.1-114
> > >Removing: selinux-policy-3.13.1-60.el7.noarch (@anaconda)
> > >selinux-policy = 3.13.1-60.el7
> > >Updated By: selinux-policy-3.13.1-60.el7_2.3.noarch (updates)
> > >selinux-policy = 3.13.1-60.el7_2.3
> > > Error: Package: 1:docker-selinux-1.10.2-5.git0f5ac89.el7.x86_64
> > > (virt7-docker-common-candidate)
> > >Requires: policycoreutils-python-utils
> > 
> > try this one: https://cbs.centos.org/koji/taskinfo?taskID=79050
> 
> This does install and seems to work
> 
> Jason
> 

Good to hear!

I just moved this build to virt7-docker-common-testing which I guess should
make it available to the wider centos community. 

-- 
Lokesh
Freenode: lsm5
GPG: 0xC7C3A0DD


signature.asc
Description: PGP signature
___
CentOS-virt mailing list
CentOS-virt@centos.org
https://lists.centos.org/mailman/listinfo/centos-virt

[CentOS-announce] CESA-2016:0347 Important CentOS 6 postgresql Security Update

[Johnny Hughes]

CentOS Errata and Security Advisory 2016:0347 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0347.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
28887eb490932c082e1b7b1265d02162825dc1441e4a3a42bb5512b7f4640c22  
postgresql-8.4.20-5.el6_7.i686.rpm
21b0002c1e9c222562e1983daa806617ef41aaac55a0c2e69fc10775b2afda04  
postgresql-contrib-8.4.20-5.el6_7.i686.rpm
ae7607f18010b13d047dea7824218ff37e3ffed61e613079c8f2bc5a86e7d7e2  
postgresql-devel-8.4.20-5.el6_7.i686.rpm
c2d3da027a5532c8776da45a58d8d3ea1cc45c62b32b852f4d025b055a60f14d  
postgresql-docs-8.4.20-5.el6_7.i686.rpm
ab8d3a2bec35fef0477a62dc8aad01af0ce9cb4207392b402620b4a87ba55d16  
postgresql-libs-8.4.20-5.el6_7.i686.rpm
3b97c7a7a81ff2e8ce6235b01337bd5267496491599f5621a8e958f77fe33aba  
postgresql-plperl-8.4.20-5.el6_7.i686.rpm
b215251545d709136b8491aadfeebd68336d65855f68292d1ff849ddd6282f22  
postgresql-plpython-8.4.20-5.el6_7.i686.rpm
4a29d7cdfcb7db337a96919a83c266e8a8f65c5b31beecbb6cb022ca66ff371f  
postgresql-pltcl-8.4.20-5.el6_7.i686.rpm
fe69ec2c0a5be8820d4d6732a79f25011356d95e4cb8c9c3c00353b524794c20  
postgresql-server-8.4.20-5.el6_7.i686.rpm
ee3bcd8a1b0f602d62c3dcc66d4dfba7c1c07dfc0b0325655fdb1089e795917e  
postgresql-test-8.4.20-5.el6_7.i686.rpm

x86_64:
28887eb490932c082e1b7b1265d02162825dc1441e4a3a42bb5512b7f4640c22  
postgresql-8.4.20-5.el6_7.i686.rpm
c7cd7d3d73f7881040d5e76f4602f9b3c99051eeb66bfb16d614fc0e92bb6a72  
postgresql-8.4.20-5.el6_7.x86_64.rpm
0f5d90c73d67b5d75b1d18e38f55cab7a7f14634a44aa5246a8b902a08499e2a  
postgresql-contrib-8.4.20-5.el6_7.x86_64.rpm
ae7607f18010b13d047dea7824218ff37e3ffed61e613079c8f2bc5a86e7d7e2  
postgresql-devel-8.4.20-5.el6_7.i686.rpm
d5138d6cf2d30936b11d07e0f6405edef3b16da393d1b10f19571dc3da67c99b  
postgresql-devel-8.4.20-5.el6_7.x86_64.rpm
787b50591dc468e74ccb804e5a36afc30923e3a416bd5b0711db4ff863d765f6  
postgresql-docs-8.4.20-5.el6_7.x86_64.rpm
ab8d3a2bec35fef0477a62dc8aad01af0ce9cb4207392b402620b4a87ba55d16  
postgresql-libs-8.4.20-5.el6_7.i686.rpm
fc4a053f7f71071c0559d6718e06c7f0eca8026d8df595deaa2ee15b060aa745  
postgresql-libs-8.4.20-5.el6_7.x86_64.rpm
894f0de472b5ce8bac0507f5c3f9c03b1f7c2c7f365f6d78b78084924fe2d2bc  
postgresql-plperl-8.4.20-5.el6_7.x86_64.rpm
4a30da101c89de17815d3428a28f40a2c0abad82ab95ee2bcb5c32bfec373367  
postgresql-plpython-8.4.20-5.el6_7.x86_64.rpm
fef0d25e31d54df816279e46671ad715335705b12af73d63b8f3cc1420d02bb4  
postgresql-pltcl-8.4.20-5.el6_7.x86_64.rpm
02b4bd3d5b2df30694e57e6e35e51437c17f4665c5b0d79abf123efdcd7b7d9f  
postgresql-server-8.4.20-5.el6_7.x86_64.rpm
b7bd6d7f6d4fc310e6eaed09b8f0078037f4631d3c99257610d7e3ef432c3edd  
postgresql-test-8.4.20-5.el6_7.x86_64.rpm

Source:
1d25cec7562ac152fbf1be84b28cd1ec2b57d46e031457188db1f565e02812f8  
postgresql-8.4.20-5.el6_7.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS

___
CentOS-announce mailing list
CentOS-announce@centos.org
https://lists.centos.org/mailman/listinfo/centos-announce

Re: [CentOS] OpenSSL Update - not a security update???

[Leon Fauster]

Am 02.03.2016 um 17:42 schrieb Mark Milhollan :
> I understand that some people might be trying to cherry-pick their 
> updates and the assertion that doing so is not supported.  But that is 
> not the only way in which --security can be used and it is a bit boring 
> to continually see whining about the assumptive use.
> 
> For me it is about scheduling -- it would answer the question: Does this 
> system need updating immediately, vs scheduled for / deferred until a 
> convenient time.
> 
> I wish --security was functional and I do not accept that because it can 
> be abused that it should therefore never be.  That CentOS as yet has no 
> way to make it functional is sad, and I hope that the lack is not due to 
> the assumed use resulting in it being ignored.


As it was said, "yum check-update/update" is the way to go (also for RHEL).

We do not need here something like SCAP, therefore

 http://search.gmane.org/?query=CESA=gmane.linux.centos.announce=date

gives enough informations to schedule the security activities.


--
LF


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Johnny Hughes]

On 03/02/2016 10:42 AM, Mark Milhollan wrote:
> I understand that some people might be trying to cherry-pick their 
> updates and the assertion that doing so is not supported.  But that is 
> not the only way in which --security can be used and it is a bit boring 
> to continually see whining about the assumptive use.
> 
> For me it is about scheduling -- it would answer the question: Does this 
> system need updating immediately, vs scheduled for / deferred until a 
> convenient time.
> 
> I wish --security was functional and I do not accept that because it can 
> be abused that it should therefore never be.  That CentOS as yet has no 
> way to make it functional is sad, and I hope that the lack is not due to 
> the assumed use resulting in it being ignored.

That is not the reason, I have posted the reason several times ..
including in this thread.

We do not have enough space on donated mirrors and the data required for
the xml file is not redistributable.

It is not being ignored, it was designed to be used within rhn and since
we give CentOS away for free, we can't buy the machines or bandwidth we
need to include all rpms in all trees.  Even if we could do that, we
can't steal information and redistribute it if it is not licensed for
such distribution.





signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C7 minimal (1511) firewalld is not installed: logical?

[Johnny Hughes]

On 03/02/2016 08:49 AM, Patrick Bervoets wrote:
> I just installed a host with CentOS-7-x86_64-Minimal-1511.iso
> 
> It seems that firewalld is not included in the minimal set. I wonder why?
> 
> If I recall correctly CentOS-7-x86_64-Minimal-1503-01.iso did include it.
> 
> And, this could be a very stupid question, am I running without a
> firewall or just without a way to control my firewall?
> 

There is no firewall installed by default .. but you can :

yum install firewalld

And get it.

As I said in the other mail .. this is fixed in the latest monthly iso set.




signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C7 minimal (1511) firewalld is not installed: logical?

[Johnny Hughes]

On 03/02/2016 08:49 AM, Patrick Bervoets wrote:
> I just installed a host with CentOS-7-x86_64-Minimal-1511.iso
> 
> It seems that firewalld is not included in the minimal set. I wonder why?
> 
> If I recall correctly CentOS-7-x86_64-Minimal-1503-01.iso did include it.
> 
> And, this could be a very stupid question, am I running without a
> firewall or just without a way to control my firewall?
> 

This is a bug that has been fixed in the latest monthly spin:

http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-Minimal-1602-01.iso




signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Mark Milhollan]

I understand that some people might be trying to cherry-pick their 
updates and the assertion that doing so is not supported.  But that is 
not the only way in which --security can be used and it is a bit boring 
to continually see whining about the assumptive use.

For me it is about scheduling -- it would answer the question: Does this 
system need updating immediately, vs scheduled for / deferred until a 
convenient time.

I wish --security was functional and I do not accept that because it can 
be abused that it should therefore never be.  That CentOS as yet has no 
way to make it functional is sad, and I hope that the lack is not due to 
the assumed use resulting in it being ignored.


/mark
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Valeri Galtsev]

On Wed, March 2, 2016 9:57 am, Chris Adams wrote:
> Once upon a time, Valeri Galtsev  said:
>> We are talking here CentOS and RHEL Linux. yum is an abbreviation of:
>> "Yellowdog Update Manager". It was originally created by YellowDog Linux
>> project for their Linux distribution.
>
> Actually, yum is Yellowdog Updater, Modified.  Seth Vidal (RIP) and
> others at Duke rewrote YUP (the Yellowdog UPdater) to handle Red Hat
> Linux.

Thanks, Chris! My memory ain't that good anymore...

valeri


Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Chris Adams]

Once upon a time, Valeri Galtsev  said:
> We are talking here CentOS and RHEL Linux. yum is an abbreviation of:
> "Yellowdog Update Manager". It was originally created by YellowDog Linux
> project for their Linux distribution.

Actually, yum is Yellowdog Updater, Modified.  Seth Vidal (RIP) and
others at Duke rewrote YUP (the Yellowdog UPdater) to handle Red Hat
Linux.

-- 
Chris Adams 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[m . roth]

One more voice on this: we actually run the yum security plugin, several
times a week, and it does report things... and almost all our systems are
CentOS.

When I see something in there, just as when I see an announcement where
there are updates marked important, and esp. critical, we roll them out,
by themselves if possible, within days, as opposed to waiting until the
maintenance window, which could be 3.5 weeks away.

We only do the full updates during the maintenance window (or via
negotiation with a workstation owner)

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Valeri Galtsev]

On Wed, March 2, 2016 5:24 am, Anthony K wrote:
> On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:
>> On 03/01/2016 09:41 PM, Johnny Hughes wrote:
>> > BUt the security plugins do not work for CentOS and they never have,
>> > Peter is correct, you need to run yum update or call out the specific
>> > packages you want updated.
>> >
>
> I totally understand the necessity of a full system update.  However, this
> begs
> the question "Why code an option into yum that is of no use?"

We are talking here CentOS and RHEL Linux. yum is an abbreviation of:
"Yellowdog Update Manager". It was originally created by YellowDog Linux
project for their Linux distribution. I don't know is they (YellowDog)
actually using this particular feature or not, but RedHat (and hence
CentOS) use features of yum they think fitting in their model.
Incidentally, sometimes even when the project uses his own creature
itself, they may end up abandoning some of the features that were
originally coded in. Everyone who ever architectured some project himself,
know that that often happens.

Valeri

> Was there a
> time
> when this option was functional?  If yes, what caused its removal?  Was it
> a
> system compromise at some big corporation and someone got sued/fired?
> What?
>  Don't spare any gory details either!
>
>
> ak.
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] C7 minimal (1511) firewalld is not installed: logical?

[Patrick Bervoets]

I just installed a host with CentOS-7-x86_64-Minimal-1511.iso

It seems that firewalld is not included in the minimal set. I wonder why?

If I recall correctly CentOS-7-x86_64-Minimal-1503-01.iso did include it.

And, this could be a very stupid question, am I running without a firewall or 
just without a way to control my firewall?

Thanks
Patrick

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Anthony K]

On Wed, 2016-03-02 at 07:33 -0600, Johnny Hughes wrote:

> Hopefully this makes sense.
> 
> You can instead just look at this:
> 
> https://lists.centos.org/pipermail/centos-announce/
> 
> (or subscribe to the CentOS announce mailing list to get emails)
> 
> Both of those places will tell you when there is a security update.
> 
> OR, you can subscribe to RHEL and use the information in the yum
> security plugin.
> 

Thanks for not sparing the gory details (and Alice and James) - much
appreciated!

I normally test my updates on non-critical systems before deploying to
production.  However, in this instance, I had been away from the office and
wanted to quickly patch the openssl vulnerability before other non
-critical/security related.

In the end, I bit the bullet and just upgraded everything and no harm done.


ak.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Johnny Hughes]

On 03/02/2016 05:24 AM, Anthony K wrote:
> On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:
>> On 03/01/2016 09:41 PM, Johnny Hughes wrote:
>>> BUt the security plugins do not work for CentOS and they never have,
>>> Peter is correct, you need to run yum update or call out the specific
>>> packages you want updated.
>>>
> 
> I totally understand the necessity of a full system update.  However, this 
> begs
> the question "Why code an option into yum that is of no use?"  Was there a 
> time
> when this option was functional?  If yes, what caused its removal?  Was it a
> system compromise at some big corporation and someone got sued/fired?  What? 
>  Don't spare any gory details either!
> 
> 
> ak.

It would require 2 things that we currently don't do.

1.  Host all the RPMs every built in one place that every update can hit.

2.  An errata.xml file that contains information that is NOT open source
and not allowed to be gathered by CentOS.  (Although James Hogarth
provided a link to one elsewhere in this thread)

First for #1:

We utilize several hundred servers and free bandwidth that they provide
that are donated to the CentOS Project to distribute updates.  This
'donated network' makes up the DNS names mirror.centos.org,
msync.centos.org,  and cloud.centos.org, etc.  We use this network to
distribute CentOS Linux to more than 630 servers (external mirrors) in
85 countries all over the world.

We could not provide CentOS for free for the last 13 years if we did not
have both the hundreds of donated machines that make up
mirror.centos.org (and msync.centos.org) OR those external mirrors.

The vast majority of our donated mirror network servers do not have room
to host all the RPMs from all active centos versions in one place and to
distribute them to the vast external server network.

We can't afford to replace the hundreds of donated (free) servers with
ones that CAN host that amount of data AND also pay for enough bandwidth
to distribute it to the external mirrors.  Even if we could, not all the
current 635 mirrors would be able to take all that data.

This is one of many reasons why there is a subscription price for RHEL.

Even if we DID all of that. Other than returning a cou0ple of updates
with the yum security plugin command, you STILL need to run 'yum update'
to get all the updates as JUST doing the security ones is not supported
/ does not necessarily fix the security issues.

Then there is #2:

The information that goes INTO the XML file we would need to generate
does not come from the source code from Red Hat Enterprise Linux that we
use to build CentOS Linux.  It would only from screen scraping places like:

https://rhn.redhat.com/errata/rhel-server-7-errata.html

BUT, if you go to the 'terms of use' for Red Hat portals .. here:

https://access.redhat.com/help/terms/

You will see the definition of "Red Hat Content".  While we CAN
distribute the software we build (it is open source) .. we *CAN NOT*
scrape and/or Distribute content that is *NOT* open source but us
copyrighted intellectual property.

To the best of our knowledge, the information needed to make up all the
information needed to create the Errata XML file requires to make the
yum security plugin work is not available in a complete open source way
where we would be able to be distributed.

That is *WHY* the CentOS team does not copy and distribute any content
into our announcements, but only links to open content in our announcements.

So, we can not distribute the information that is required in the XML
file that would make the yum security plugin work .. *BUT* even if we
could, you *STILL* need to run 'yum update' to get all the updates as
JUST doing the security ones is not supported / does not necessarily fix
the security issues.

Hopefully this makes sense.

You can instead just look at this:

https://lists.centos.org/pipermail/centos-announce/

(or subscribe to the CentOS announce mailing list to get emails)

Both of those places will tell you when there is a security update.

OR, you can subscribe to RHEL and use the information in the yum
security plugin.



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Alice Wonder]

On 03/02/2016 03:24 AM, Anthony K wrote:

On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:

On 03/01/2016 09:41 PM, Johnny Hughes wrote:

BUt the security plugins do not work for CentOS and they never have,
Peter is correct, you need to run yum update or call out the specific
packages you want updated.



I totally understand the necessity of a full system update.  However, this begs
the question "Why code an option into yum that is of no use?"  Was there a time
when this option was functional?  If yes, what caused its removal?  Was it a
system compromise at some big corporation and someone got sued/fired?  What?
  Don't spare any gory details either!



yum does not need to be restricted to vendor repositories.

You can add package repositories maintained by anyone, and some of them 
may choose to distinguish between security and non-security updates, so 
it is appropriate for yum as packaged in CentOS to retain that feature 
even if the CentOS repositories themselves do not make use of it.


Personally I think it is a dumb option and is in contrast to KISS.

KISS says keep your system up to date. RHEL/CentOS works really hard to 
prevent updates from breaking a system. That's why many of us use it.


So it doesn't make sense to not update when an update is available, 
making security specific updates kind of worthless.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[James Hogarth]

On 2 March 2016 at 11:24, Anthony K  wrote:

> On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:
> > On 03/01/2016 09:41 PM, Johnny Hughes wrote:
> > > BUt the security plugins do not work for CentOS and they never have,
> > > Peter is correct, you need to run yum update or call out the specific
> > > packages you want updated.
> > >
>
> I totally understand the necessity of a full system update.  However, this
> begs
> the question "Why code an option into yum that is of no use?"  Was there a
> time
> when this option was functional?  If yes, what caused its removal?  Was it
> a
> system compromise at some big corporation and someone got sued/fired?
> What?
>  Don't spare any gory details either!
>
>
>
Specifically it requires errata data within the repo metadata.

It exists in yum since CentOS is a RHEL rebuild and upstream provides that
errata data for RHEL users.

If you set up something like Spacewalk then you can use something like CEFS
to import that errata data to make --security work for centos systems.

 https://cefs.steve-meier.de/

Potentially you could use a combination of his work, a bit of scripting and
createrepo to provide your own errata data.

*That all being said* apply all errata still applies whenever issues arise
;)
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RasPi 3.x and RH-based Distro (Slightly OT)

[Fabian Arrotin]

On 29/02/16 18:59, Benjamin Smith wrote:
> With the release of the Rasberry Pi 3.x, I think we have a platform I could 
> jump on board with. Performance has just been lacking until now! 
> 
> But I really don't want to jump the "RH ship" - I'd rather stick with an 
> environment I am comfortable in. 
> 
> Can anybody comment here on the best way to run RHEL/Fedora/CentOS on a 
> RasPi, 
> or if there's even a useful port? 
> 
> Thanks
> 
> Ben S 

Well, I generated a test image (that I wasn't able to test myself until
now, as my Rpi3 just showed up today) yesterday and I posted the
announce/call for testers on the arm-dev list (see
https://lists.centos.org/pipermail/arm-dev/2016-March/001680.html)

Machine boots fast, but wifi doesn't work, so probably need some binary
blob/firmware from broadcom (yeah, unfortunately ) but can probably
be done (I'll have to investigate, or someone else).
So long story short : feel free to join the fun on the arm-dev list and
participate in helping CentOS on armhfp :-)

-- 
Fabian Arrotin
The CentOS Project | http://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 133, Issue 1

[centos-announce-request]

Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CEBA-2016:0298 CentOS 6 findutils FASTTRACK   BugFix Update
  (Johnny Hughes)
   2. CESA-2016:0301 Important CentOS 6 openssl Security Update
  (Johnny Hughes)
   3. CESA-2016:0301 Important CentOS 7 openssl Security Update
  (Johnny Hughes)
   4. CESA-2016:0302 Important CentOS 5 openssl Security Update
  (Johnny Hughes)


--

Message: 1
Date: Tue, 1 Mar 2016 13:06:38 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEBA-2016:0298 CentOS 6 findutils FASTTRACK
BugFix Update
Message-ID: <20160301130638.ga3...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2016:0298 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2016-0298.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
ed1a7580800b4cb68fd882f39eafe9c4a0d8b2ec9ff6d25358f2f10d9cc3  
findutils-4.4.2-9.el6.i686.rpm

x86_64:
fbbb4d9e91b0a7cac328167d09a3591d9ee50e990d86da45bee99f8020a03db3  
findutils-4.4.2-9.el6.x86_64.rpm

Source:
8f0afaba4a8461e71ea4001750df754ff6406e5a68e5276c8aae4a36a6a9632c  
findutils-4.4.2-9.el6.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Message: 2
Date: Tue, 1 Mar 2016 16:09:29 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2016:0301 Important CentOS 6 openssl
Security Update
Message-ID: <20160301160929.ga26...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2016:0301 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0301.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
31cacdfe88b5e4b420bd2dd1fe6b491b35a2a57c7e3b4ef5b960573b095fc519  
openssl-1.0.1e-42.el6_7.4.i686.rpm
a57701c0598a7c91de1eac55fa5b6ffe2bc096c07f757723d6de65dd092dbc66  
openssl-devel-1.0.1e-42.el6_7.4.i686.rpm
3e62aef02b5a465d587a3c3dfec494b27d55ec2a5dac0a13e6ac842188728d66  
openssl-perl-1.0.1e-42.el6_7.4.i686.rpm
621cd98e6d221febb477906443a1692afd64ffcc79cb843a146ee4583e7224f7  
openssl-static-1.0.1e-42.el6_7.4.i686.rpm

x86_64:
31cacdfe88b5e4b420bd2dd1fe6b491b35a2a57c7e3b4ef5b960573b095fc519  
openssl-1.0.1e-42.el6_7.4.i686.rpm
e5fc87d5031ea23db0eb2be92743a557d8574caa583fad6a1cd16a757ed436f3  
openssl-1.0.1e-42.el6_7.4.x86_64.rpm
a57701c0598a7c91de1eac55fa5b6ffe2bc096c07f757723d6de65dd092dbc66  
openssl-devel-1.0.1e-42.el6_7.4.i686.rpm
17b6a4dbe2f844d3944fa7c4cafe9ccf4d54a8dc23d26201a513fc86bd08d256  
openssl-devel-1.0.1e-42.el6_7.4.x86_64.rpm
4b9ec40e680ad72d6134283f3ab6179d2c4c8a34433aed4f42c5117bfeb300a5  
openssl-perl-1.0.1e-42.el6_7.4.x86_64.rpm
aaaf4d42ef5f48f424ed9d6d04744e906a15d3ae66097bcd3ec60be226879cd6  
openssl-static-1.0.1e-42.el6_7.4.x86_64.rpm

Source:
152d1ec6f40854680bbad1524f2b7766c8f583de6b1a136b635ec9b257d4b088  
openssl-1.0.1e-42.el6_7.4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Message: 3
Date: Tue, 1 Mar 2016 16:41:22 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2016:0301 Important CentOS 7 openssl
Security Update
Message-ID: <20160301164122.ga26...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2016:0301 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2016-0301.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
b2aaed03ed2d01d2a6482ed97a95aec0545ffc4c00ad46c7cafc10c9554e1b58  
openssl-1.0.1e-51.el7_2.4.x86_64.rpm
b1aa349c2ea3a99cc65d031850d415b7feb7924f0a121593c12b439934440eb4  
openssl-devel-1.0.1e-51.el7_2.4.i686.rpm
3e194452a2616702ee91e791b163b739d012da52957f6e91927de9d554e4e203  
openssl-devel-1.0.1e-51.el7_2.4.x86_64.rpm
2e193ea886626e3e8b151f905920503e2e505cc2bdfef31a8d38a581c99e210f  
openssl-libs-1.0.1e-51.el7_2.4.i686.rpm
249cc7d68c0d8d48a26b50066ed29da2d70c7a573d23dc566ee7c99f5c5f71c9  

Re: [CentOS] problem restoring ssl and vlc

[Steve Clark]

On 03/01/2016 10:24 PM, g wrote:

to pass time waiting for reply, went thru kde application launcher.

found this progs have no icon:

   cheese

   audit logs

   media player

   note pad
   regedit
   wineconfig
   winefile
   winehelp
   wine software uninstall
   wine wordpad

   audio cd extractor


running chkrootkit, shows

   Checking `amd'... not found
   Checking `biff'... not found
   Checking `fingerd'... not found
   Checking `inetd'... not found
   Checking `inetdconf'... not found
   Checking `identd'... not found
   Checking `named'... not found
   Checking `pop2'... not found
   Checking `pop3'... not found
   Checking `rlogind'... not found
   Checking `rshd'... not found
   Checking `timed'... not found
   Checking `rexedcs'... not found

can not say what was before now.



You can use rpm -v -V -a to check the validity of all your packages or
rpm -v -V pkgname to check a single package.

See the following link for details.
http://www.rpm.org/max-rpm/ch-rpm-verify.html

--
Stephen Clark
*NetWolves Managed Services, LLC.*
Director of Technology
Phone: 813-579-3200
Fax: 813-882-0209
Email: steve.cl...@netwolves.com
http://www.netwolves.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[Anthony K]

On Tue, 2016-03-01 at 21:58 -0600, Johnny Hughes wrote:
> On 03/01/2016 09:41 PM, Johnny Hughes wrote:
> > BUt the security plugins do not work for CentOS and they never have,
> > Peter is correct, you need to run yum update or call out the specific
> > packages you want updated.
> > 

I totally understand the necessity of a full system update.  However, this begs
the question "Why code an option into yum that is of no use?"  Was there a time
when this option was functional?  If yes, what caused its removal?  Was it a
system compromise at some big corporation and someone got sued/fired?  What? 
 Don't spare any gory details either!


ak.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos