Re: [CentOS] KeePassX replacement

[Sorin Srbu]

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Valeri Galtsev
Sent: den 19 september 2017 17:16
To: CentOS mailing list 
Subject: Re: [CentOS] KeePassX replacement

> OT-sidetrack:
>
> What is/are a good cloud-less password manager if I'd need it in a
> cross-platform scenario;  Windows, CentOS, Ubuntu and Android?
>
> A cloud enabled manager would be okay I guess if I could move the password
> database to say my own private cloud and be able to access it from there
> from all platforms.
>
> KeepassX seemed like a good choice until I found out it didn't do Android.

When I mentioned I use KeePassX on FreeBSD, Linux, Windows and Android, I
failed to mention the name of Android application I access KeePassX
database with. It is

KeePassDroid

With KeePassDroid in the mix all of your system choices seem to be covered.


I also didn't mention that when we choose application like that we
investigate how well security wise the author(s) thought it through.
KeePassX shined in that respect from multiple prospectives. I joined then
the support for nomination of KeeePassX author for award (never new if he
won that). One of the features I remember that impressed me: it creates
encryption key from your passphrase by hashing that about 1,000,000 times
over and over again. This basically slows brute force attack by the same
factor. That time I estimated that if I lost, say, my pocket device and
bad guys got hold of my keepassx encrypted password database, they will
need about a Month to crack that if they have at their disposal whole
composed computing power of my University. So, I have plenty of time to
change all passwords if that happens.

This if why we stay with the tools we chose for long-long time: it takes
significant effort to select the great ones. It is almost same costly
effort as hiring new employee.

Just my $0.02

Valeri

--

Thanks Valeri!

I've until now stayed away from password managers, so I can't really tell
which ones are "okay" to use from a security point.

Googling for "best secure password manager list" gives everybody and their
dogs opinions.

Suggestions from users on this list ranks higher in my book. ;-)

Now, this KeePassDroid though. Is it trustable?
As they say, no chain is stronger than the weakest link.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Fred Smith]

On Tue, Sep 19, 2017 at 11:18:15AM -0600, Frank Cox wrote:
> On Tue, 19 Sep 2017 16:40:52 +
> Richard wrote:
> 
> > The mate-gtk2/3 issue effects windows/menus/scrollbars and the like,
> > not the login screen. See:
> > 
> > 
> > 
> > for that issue. I switched to the Adwaita theme, as suggested there.
> 
> Clearlooks-phenix also works fine with the latest C7/Mate and looks more like 
> a "traditional" Gnome 2 desktop.
> 
> yum install clearlooks-phenix-gtk2-theme clearlooks-phenix-gtk3-theme
> 
> Go to the look and feel preferences setting on your desktop and select 
> Clearlooks-phenix from the list.
> 
> And afterward you can
> 
> yum remove mate-themes
> 
> if you want because it's not needed any more.

Hey Frank, thanks for that pointer. I don't particularly care for
the adwaita theme, the phenix theme is much more to my liking.

Fred
-- 
---
Under no circumstances will I ever purchase anything offered to me as
the result of an unsolicited e-mail message. Nor will I forward chain
letters, petitions, mass mailings, or virus warnings to large numbers
of others. This is my contribution to the survival of the online
community.
 --Roger Ebert, December, 1996
- The Boulder Pledge -
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] Resumen de CentOS-es, Vol 128, Envío 2

[Facundo Cevey]

Para solucionar tu problema deberías de cambiar el cifrado en Filezilla y
listo! Contanos cómo te fue luego.
Saludos a tod@s

El 14 sept. 2017 4:44 p. m.,  escribió:

> Envíe los mensajes para la lista CentOS-es a
> centos-es@centos.org
>
> Para subscribirse o anular su subscripción a través de la WEB
> https://lists.centos.org/mailman/listinfo/centos-es
>
> O por correo electrónico, enviando un mensaje con el texto "help" en
> el asunto (subject) o en el cuerpo a:
> centos-es-requ...@centos.org
>
> Puede contactar con el responsable de la lista escribiendo a:
> centos-es-ow...@centos.org
>
> Si responde a algún contenido de este mensaje, por favor, edite la
> linea del asunto (subject) para que el texto sea mas especifico que:
> "Re: Contents of CentOS-es digest...". Además, por favor, incluya en
> la respuesta sólo aquellas partes del mensaje a las que está
> respondiendo.
>
>
> Asuntos del día:
>
>1. Ftp red local windows - centos 6 (L.C. - Salman PSL)
>2. Re: Ftp red local windows - centos 6 (Ricardo J. Barberis)
>3. Re: Ftp red local windows - centos 6 (Ernesto Pérez Estévez)
>4. Re: Ftp red local windows - centos 6 (L.C. - Salman PSL)
>5. Re: Ftp red local windows - centos 6 (Ricardo J. Barberis)
>
>
> --
>
> Message: 1
> Date: Thu, 14 Sep 2017 18:23:03 +0200
> From: "L.C. - Salman PSL" 
> To: centos-es@centos.org
> Subject: [CentOS-es] Ftp red local windows - centos 6
> Message-ID: <51ef9add-af26-a846-dde7-51b5ff330...@salman.net>
> Content-Type: text/plain; charset=windows-1252; format=flowed
>
>
> ::Buenos dias.
>
> Recurro a la lista por que ya no se que consultar ni configurar.
>
> Yo uso en los servidores centos 5 vsftpd, nunca me ha dado ningun
> problema, y desde mi ordenador en win-8 hacia los servidores en
> data-centers va bien.
>
> Ahora por distintas circunstancias, he instalado en mi oficina un Centos
> 6.9.
>
> ordenador en windows 192.168.0.10
> ordenador en Centos  192.168.0.20
>
> En el router he redirigido las peticiones a distintos puertos ( 22, 80,
> 1) hacia el servidor en linux, y todo funciona perfectamente accedo
> a la consola a la web, y al webmin todo correcto.
>
> Puedo acceder a la consola desde mi ordenador principal bien, y desde
> otros servidores externos sin problemas ( todo configurado mediante
> clave RSA.
>
> Hasta aqui me ha ido todo mejor de lo que me esperaba.
>
> Hasta que he llegado al FTP.
>
> En el router he redirigido los puertos 20 y 21 hacia la ip interna del
> servidor linux.
>
> En el linux, he instalado el vsftpd que aparentemente esta funcionando
> correctamente.
>
> Pero cuando intento entrar desde el ordenador en windows con FileZilla
> al servidor en Linux, aparentemente el usuario se conecta correctamente,
> ( lo veo tanto en el Filezilla como en el "ps" y log del Centos.
>
> Sun Sep  3 13:44:23 2017 [pid 8690] [ftp_oficina] OK LOGIN: Client
> "192.168.0.10"
> Sun Sep  3 13:44:33 2017 [pid 8694] CONNECT: Client "192.168.0.10"
> Sun Sep  3 13:44:33 2017 [pid 8693] [ftp_oficina] OK LOGIN: Client
> "192.168.0.10"
>
> Pero y aqui viene el problema, el Filezilla, no me muestra el listado
> del usuario en el Centos y se acaba desconectando con el error:
>
> Estado:Conectando a 192.168.0.20:21...
> Estado:Conexión establecida, esperando el mensaje de bienvenida...
> Estado:Logged in
> Estado:Retrieving directory listing of "/"...
> Comando:CWD /
> Respuesta:250 Directory successfully changed.
> Comando:PWD
> Respuesta:257 "/"
> Comando:TYPE I
> Respuesta:200 Switching to Binary mode.
> Comando:PASV
> Respuesta:227 Entering Passive Mode (192,168,0,20,208,181).
> Comando:LIST
> Error:Connection timed out after 10 seconds of inactivity
> Error:Error al recuperar el listado del directorio
>
>
> ¿ Alguna idea de donde puede estar el problema ?
>
> Gracias anticipadas.
>
> --
> ::
>
> >> *** Fin del mensaje *** <<
>
> Saludos
> Salvador Guzman
> Salman PSL
> Vigo, Galicia, España
> +34 986.21.30.27
> +34 60 400 30 20
> www.Salman.EU
>
>
>
> --
>
> Message: 2
> Date: Thu, 14 Sep 2017 13:46:58 -0300
> From: "Ricardo J. Barberis" 
> To: centos-es@centos.org
> Subject: Re: [CentOS-es] Ftp red local windows - centos 6
> Message-ID: <201709141346.58883.rica...@palmtx.com.ar>
> Content-Type: text/plain;  charset="iso-8859-1"
>
> Lo primero que puedes probar es desactivar el modo pasivo en FileZilla y/o
> en
> el vsftpd, que suele traer problemas con los firewalls.
>
> Saludos,
>
> El Jueves 14/09/2017 a las 13:23, L.C. - Salman PSL escribió:
> > ::Buenos dias.
> >
> > Recurro a la lista por que ya no se que consultar ni configurar.
> >
> > Yo uso en los servidores centos 5 vsftpd, nunca me ha dado ningun
> > problema, y desde mi ordenador en win-8 

Re: [CentOS] Block internet access for some users on the LAN ?

[Frank Cox]

On Tue, 19 Sep 2017 13:05:24 -0700
Kenneth Porter wrote:

> > all it takes is one kid, who then shares his 'trick' with other kids, and
> > blam.
> 
> Hire that kid to be head of security. :D

Only if he has a degree in music composition.

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Block internet access for some users on the LAN ?

[m . roth]

Kenneth Porter wrote:
> --On Tuesday, September 19, 2017 9:57 AM -0700 John R Pierce
>  wrote:
>
>> all it takes is one kid, who then shares his 'trick' with other kids,
>> and blam.
>
> Hire that kid to be head of security. :D
>

Um, let's step back a bit here: this is clearly not a large organization.
And only one person can use one MAC address. Anyone beyond the one kid
would have to find others. And, the instant that someone on staff can't
get on, they report it, and you, the admin, either force an expiration of
the lease, or block that IP with a temporary, runtime iptables -A INPUT -s
192.160.10.whatever -J DROP, and they're dead meat.

And then, teachers get to announce that whoever spoofed it will fail the
quarter if they do it again, and the will turn off their device NOW.

See? Simple.

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[m . roth]

Valeri Galtsev wrote:
>
> On Tue, September 19, 2017 1:42 pm, Nux! wrote:
>> Unfortunately the same can be said about Ruby, RoR, Python etc etc etc.
>
> It is not as much true about languages themselves (though it is true, and
> I for one call python "sneaky snake" just because of that ;-), as about

Yeah, in addition to my reaction to "you're using *whitespace* as a syntax
element?!", I had an early dislike of python, when each new sub-release
broke things that had worked in the previous.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Block internet access for some users on the LAN ?

[Kenneth Porter]

--On Tuesday, September 19, 2017 9:57 AM -0700 John R Pierce 
 wrote:



all it takes is one kid, who then shares his 'trick' with other kids, and
blam.


Hire that kid to be head of security. :D


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[wwp]

Hello Frank,


On Tue, 19 Sep 2017 11:18:15 -0600 Frank Cox  wrote:

> On Tue, 19 Sep 2017 16:40:52 +
> Richard wrote:
> 
> > The mate-gtk2/3 issue effects windows/menus/scrollbars and the like,
> > not the login screen. See:
> > 
> > 
> > 
> > for that issue. I switched to the Adwaita theme, as suggested there.  
> 
> Clearlooks-phenix also works fine with the latest C7/Mate and looks more like 
> a "traditional" Gnome 2 desktop.
> 
> yum install clearlooks-phenix-gtk2-theme clearlooks-phenix-gtk3-theme
> 
> Go to the look and feel preferences setting on your desktop and select 
> Clearlooks-phenix from the list.
> 
> And afterward you can
> 
> yum remove mate-themes
> 
> if you want because it's not needed any more.

Interesting.. I could apply it here (C7/mate) and it's true that this
theme works on GTK2/GTK3. BUT customizing colors in Appearance
Preferences in Mate prefs doesn't apply to GTK3 apps.


Regards,

-- 
wwp


pgpRv_lUJn4bt.pgp
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Valeri Galtsev]

On Tue, September 19, 2017 1:42 pm, Nux! wrote:
> Unfortunately the same can be said about Ruby, RoR, Python etc etc etc.

It is not as much true about languages themselves (though it is true, and
I for one call python "sneaky snake" just because of that ;-), as about
how the software using these languages is written. E.g. well known
mailman. I never had it give me any trouble wherever I have/had it
installed, even though it is written in "sneaky snake" (python). This is
example of brilliantly written software! So, all these incompatibilities
and upgrade trouble, or rather absence of thereof, is about how well the
programmers have written their code. Namely, whether they use only
fundamental abilities of the language which are unlikely to change for
long time, or chase after one day fancy features that tend to evaporate
quickly, or get transformed soon.

I probably should have put "rant" tags... or maybe shouldn't.

Valeri

>
> Personally I think it's perfectly reasonable to track Nextcloud upgrades
> combined with SCL major upgrades once every couple of years.
>
> Check life times here:
> https://access.redhat.com/support/policy/updates/rhscl
>
> --
> Sent from the Delta quadrant using Borg technology!
>
> Nux!
> www.nux.ro
>
> - Original Message -
>> From: "Jonathan Billings" 
>> To: "CentOS mailing list" 
>> Sent: Tuesday, 19 September, 2017 19:06:55
>> Subject: Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version
>> dilemma
>
>> On Tue, Sep 19, 2017 at 07:59:00PM +0200, rai...@ultra-secure.de wrote:
>>> With PHP, I try to stay as close to upstream as possible.
>>> If upstream EOLs a version, it's time to upgrade.
>>>
>>> If you want something stable, don't run PHP.
>>
>> Unfortunately, with that philosophy but not much systems management
>> experience, you end up with custom-compiled and local installs of PHP
>> that get no security updates, particularly as you get version lock-in
>> by the web application developers, or when you have a sysadmin move on
>> to a new position or company.
>>
>> I think the statement "If you want something stable, don't run PHP" is
>> a very wise statement though.
>>
>> --
>> Jonathan Billings 
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] Arranque servicios en Centos 6.9 y conexion FTP windows - centos red local

[Carlos Martinez]

Saludos.

Veo varias posibilidades con este tema:

1) Runlevel. El runlevel está por defecto en 1 o en 2. Ejecuta el
comando runlevel. Este debe estar en 3 ó 5. Para cambiarlo: init 3 ó
init 5

2) Se bajaron los servicios en el runlevel actual. Ejecuta el comando
chkconfig --list y ver que los servicios estén activos en el runlevel
actual (ver punto 1). Los servicios se activan con chkconfig
 on.

3) Hardware malo, poco espacio en /var, partición raíz llena: dmesg,
df -h, df -hi

4) Se borró alguna librería importante del sistema o algún archivo. La
situación se corrige así:
 a) Levantar la interfaz de red (IP, GW, DNS)
 b) crear un directorio vacío y entrar al mismo: mkdir /root/vacio
&& cd /root/vacio
 c) reinstalar todos los paquetes: yum reinstall *
 d) reiniciar y probar (asegurarse que está en el runlevel 3).

5) Volver a empezar. Duele, pero a veces es lo más rápido.

Cuéntanos cuál era el problema para que todos aprendamos un poco más.

Hasta la próxima.

Carlos Martínez.


2017-09-19 8:29 GMT-05:00 L.C. - Salman PSL :
>
>
> :: Tan solo informaros que he vuelto a instalar todo desde cero en un disco 
> viejo para hacer pruebas, y aparentemente ahora funciona todo.
>
>
> Lo del arranque cambie en el webmin -> arranque/parada -> boot system de 
> autodetectar ( tomaba por defecto Upsstar ) por Sys V init y manejo
>  lo que quiero arrancar o parar como siempre.
>
> Y lo del FTP abri en el firewall el puerto 21 para la IP interna del otro 
> servidor y funciona correctamente.
>
> Ahora la cuestion, es que estoy instalando todo otra vez en un disco nuevo, y 
> no se si sere capaz de reproducir toda la configuracion de iptables y el 
> vsftpd ya que el disco en que funciona todo esta disconectado.
>
> En fin que no tengo muy claro por que paso lo que paso, pero parece que todo 
> esta funcionando como deberia haber funcionado desde el principio.
>
>
>
>
>
>  >> *** Fin del mensaje *** <<
>
> Saludos
> Salvador Guzman
> Salman PSL
> Vigo, Galicia, España
> +34 986.21.30.27
> +34 60 400 30 20
> www.Salman.EU
>
>
> ___
> CentOS-es mailing list
> CentOS-es@centos.org
> https://lists.centos.org/mailman/listinfo/centos-es
___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[rainer]

Am 2017-09-19 20:06, schrieb Jonathan Billings:

On Tue, Sep 19, 2017 at 07:59:00PM +0200, rai...@ultra-secure.de wrote:

With PHP, I try to stay as close to upstream as possible.
If upstream EOLs a version, it's time to upgrade.

If you want something stable, don't run PHP.


Unfortunately, with that philosophy but not much systems management
experience, you end up with custom-compiled and local installs of PHP
that get no security updates, particularly as you get version lock-in
by the web application developers, or when you have a sysadmin move on
to a new position or company.




Yep.
We've got a lot of those "abandoned" PHP webs that can't be moved 
because they only run on anything between PHP 4.4 and 5.5


Usually it's Typo3 or so.
To move from Typo3 4.3 on PHP 5.3 to PHP 7, you'd have to upgrade to 
Typo3 6.something on that PHP5.3 host, then move that installation to a 
PHP 5.5 host, where you could upgrade to Typo3 7 LTS, which you could 
then move to a PHP 7 host.
Obviously, none of the custom extensions and a lot of "hacks" would 
survive even the first upgrade/move - and thankfully usually everybody 
is sane enough to even think about doing that.


You'd have to start from scratch, which would cost the customer real 
money (would have to pay some agency to re-design the website), so it 
never gets done.
This is especially true for customers from the hospitality sector, which 
are especially stingy for any kind of expenditures. Because, as 
everybody can see, the website still runs and as such it does not need 
an upgrade.



I think the statement "If you want something stable, don't run PHP" is
a very wise statement though.



PHP is not stable in the same sense as RHEL 7 is stable.
On RHEL, it's sort-of stable - but only for a rather small amount of PHP 
modules.
And as such, it's not (IMO) useful for anything but legacy stuff that 
you can't move or upgrade.





___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Nux!]

Unfortunately the same can be said about Ruby, RoR, Python etc etc etc.

Personally I think it's perfectly reasonable to track Nextcloud upgrades 
combined with SCL major upgrades once every couple of years.

Check life times here:
https://access.redhat.com/support/policy/updates/rhscl

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "Jonathan Billings" 
> To: "CentOS mailing list" 
> Sent: Tuesday, 19 September, 2017 19:06:55
> Subject: Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

> On Tue, Sep 19, 2017 at 07:59:00PM +0200, rai...@ultra-secure.de wrote:
>> With PHP, I try to stay as close to upstream as possible.
>> If upstream EOLs a version, it's time to upgrade.
>> 
>> If you want something stable, don't run PHP.
> 
> Unfortunately, with that philosophy but not much systems management
> experience, you end up with custom-compiled and local installs of PHP
> that get no security updates, particularly as you get version lock-in
> by the web application developers, or when you have a sysadmin move on
> to a new position or company.
> 
> I think the statement "If you want something stable, don't run PHP" is
> a very wise statement though.
> 
> --
> Jonathan Billings 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Jonathan Billings]

On Tue, Sep 19, 2017 at 07:59:00PM +0200, rai...@ultra-secure.de wrote:
> With PHP, I try to stay as close to upstream as possible.
> If upstream EOLs a version, it's time to upgrade.
> 
> If you want something stable, don't run PHP.

Unfortunately, with that philosophy but not much systems management
experience, you end up with custom-compiled and local installs of PHP
that get no security updates, particularly as you get version lock-in
by the web application developers, or when you have a sysadmin move on
to a new position or company.

I think the statement "If you want something stable, don't run PHP" is
a very wise statement though.

-- 
Jonathan Billings 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[rainer]

Am 2017-09-19 09:36, schrieb Nicolas Kovacs:

Hi,

I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
CentOS 7 server. I've been using OwnCloud for the last two years for my
own purposes on a Slackware server, and I'm quite happy with it.

In my humble opinion, every admin who wants to host OwnCloud or
Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.

1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite 
some

time, but Red Hat will provide security update backports until 2024.
Which is fine.

2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
pull in PHP 5.6 from Webtatic, for example, I only get the "official"
PHP support, which will end in 2018 for the 5.6 branch. And no security
backports.

3. The solution would be to go with Nextcloud 10, which only requires
PHP 5.4, and which is also provided in package form by EPEL. 'yum info
nextcloud' shows that the current EPEL version is 10.0.4... but a peek
on the Nextcloud homepage shows me that this version is officially
unsupported. Uh oh.

4. Some of the stuff I'm hosting on my CentOS 7 server (like CMSMS) is
not compatible with PHP 7.x versions.

So right now I don't see a solution for this. As far as I can see, the
"least evil" solution would be to pull in PHP 5.6 from Webtatic and go
for Nextcloud 11.x, and have an EOL for both around next summer.

I'd be curious if some of you are familiar with this sort of dilemma (I
guess so) and how you manage it.



I'm not familiar with running PHP on CentOS at all.

IMO, the default PHP-RPMs are not designed to be used for anything as 
dynamic as Own or NextCloud (or just about any other PHP project that 
isn't already dead).


PHP has a completely different release-model than RHEL.

As such, the version of PHP that comes with RHEL will almost always be 
outdated.



RedHat knows this and it seems it's available via SCL (Software 
Collections).



There's this KB article about it:

https://access.redhat.com/solutions/2146821


The gist of this is:

"Resolution
PHP v7.0 is available , however PHP v7.1 is still not available. We are 
already tracking this in a Feature Request to include rh-php-71 under 
Bug 1435193.
PHP v7.0 was first made available for RHEL 6 & RHEL 7 via Red Hat 
Software Collections (RHSCL) v2.3 as the rh-php70 collection

RHEA-2016:2730 - Product Enhancement Advisory"


https://www.softwarecollections.org/en/scls/rhscl/rh-php70/


With PHP, I try to stay as close to upstream as possible.
If upstream EOLs a version, it's time to upgrade.

If you want something stable, don't run PHP.





___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Jonathan Billings]

On Sep 19, 2017, at 11:01 AM, Pete Geenhuizen  wrote:
> I upgraded from 7.3 to 7.4 over the weekend.  Everything went well except 
> that I can't login because the screen is black with a cursor.


The text console (PC console) black screen with an underline cursor, or the X11 
blank console with an X cursor?

If it’s the text console, can you control-alt-F2 to a login prompt?

--
Jonathan Billings 


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] update to 7.4

[Jonathan Billings]

On Sep 19, 2017, at 12:51 PM, Jerry Geis  wrote:
> If I drop back to a previous kernel the machine is alive. So how do I say
> "forget the previous yum update" and start all over and do it again.


Since you are mid-transaction, you should at least try:

yum-complete-transaction

This is the safest route.  

If that fails, you might be able to use yum history to back out the last 
transaction, but that probably would fail because you’d have to download and 
install the packages in the previous release, which might not be available 
anymore.

You can also use:

package-cleanup —cleandupes

… to clean out any duplicate packages that might be both installed.  

This has happened to me more often than I’d like to admit.  Usually because I 
didn’t start the yum update in a tmux shell and one of the updates caused the 
SSH connection to fail.

--
Jonathan Billings 


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Frank Cox]

On Tue, 19 Sep 2017 16:40:52 +
Richard wrote:

> The mate-gtk2/3 issue effects windows/menus/scrollbars and the like,
> not the login screen. See:
> 
> 
> 
> for that issue. I switched to the Adwaita theme, as suggested there.

Clearlooks-phenix also works fine with the latest C7/Mate and looks more like a 
"traditional" Gnome 2 desktop.

yum install clearlooks-phenix-gtk2-theme clearlooks-phenix-gtk3-theme

Go to the look and feel preferences setting on your desktop and select 
Clearlooks-phenix from the list.

And afterward you can

yum remove mate-themes

if you want because it's not needed any more.

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] update to 7.4

[Jon Pruente]

You'll want to look into 'yum history' with the 'info' and 'undo'
subcommands. Not sure how well it works for larger updates but I've had
success on broken packages.

On Tue, Sep 19, 2017 at 11:51 AM, Jerry Geis  wrote:

> I was doing an update to 7.4 and somewhere in middle the machine died.
>
> If I drop back to a previous kernel the machine is alive. So how do I say
> "forget the previous yum update" and start all over and do it again.
>
> Booting into the new kernel I get a kernel fault. So going back one level
> on teh boot screen solves that - I just need to start the update again. How
> is that?
>
> Thanks,
>
> Jerry
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



-- 





*Jon Pruente*Systems Engineer

Office / 913.685.6530

jprue...@riskanalytics.com 

[image: RiskAnalytics]   [image: Twitter]
  [image: LinkedIn]
  [image: Facebook]


CONFIDENTIAL:
The information in this email (and any attachments) is confidential.  If
you are not the intended recipient, you must not read, use or disseminate
the information.  Please reply to the sender and take the steps necessary
to delete the message completely from your computer system. Although this
email and any attachments are believed to be free of any virus or other
defect that might affect any computer system into which it is received and
opened, it is the responsibility of the recipient to ensure that it is
virus free and no responsibility is accepted by RiskAnalytics, LLC for any
loss or damage arising in any way from its use.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] update to 7.4

[John R Pierce]

On 9/19/2017 9:51 AM, Jerry Geis wrote:

I was doing an update to 7.4 and somewhere in middle the machine died.

If I drop back to a previous kernel the machine is alive. So how do I say
"forget the previous yum update" and start all over and do it again.

Booting into the new kernel I get a kernel fault. So going back one level
on teh boot screen solves that - I just need to start the update again. How
is that?


I think I'd try

    yum remove kernel-(broken version)
    yum update



--
john r pierce, recycling bits in santa cruz

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] update to 7.4

[Jerry Geis]

I was doing an update to 7.4 and somewhere in middle the machine died.

If I drop back to a previous kernel the machine is alive. So how do I say
"forget the previous yum update" and start all over and do it again.

Booting into the new kernel I get a kernel fault. So going back one level
on teh boot screen solves that - I just need to start the update again. How
is that?

Thanks,

Jerry
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Richard]

> Date: Tuesday, September 19, 2017 12:32:00 -0400
> From: Pete Geenhuizen 
> 
> On 09/19/17 11:58, Richard wrote:
>> 
>> 
>>> Date: Tuesday, September 19, 2017 11:53:24 -0400
>>> From: Pete Geenhuizen 
>>> 
>>> On 09/19/17 11:44, m.r...@5-cent.us wrote:
 Pete Geenhuizen wrote:
> I upgraded from 7.3 to 7.4 over the weekend.  Everything went
> well except that I can't login because the screen is black with
> a cursor.
> 
> If reboot boot the 7.3 kernel 3.10.0-514.26.2.el7.x86_64 kernel
> everything works just fine, so my guess is that there's a kernel
> issue with the hardware, specifically the Skylake processor.
> 
 Video, not the CPU, unless the CPU's also doing video.
 
   mark, fighting 7.4 and two users who need the 304 NVidia
   drivers
 
 
>>> Agreed if I was using an add-on video card, however I'm just using
>>> the no-board video.
>>> 
>> 
>> I'm using 7.4/Mate on a Dell machine with Skylake i5-7500/Graphics
>> 630, without any issues. I installed 7.3 then did initial updates
>> via CR, and then the final ones when released the other day. Had to
>> change my default mate theme (due to gtk2/3 issues) but otherwise
>> all has been fine.
>> 
> Hmm I did the same thing other than the Dell and i5-7500, I didn't
> use CR but waited for the official release.  I wonder if I'm
> experiencing the same theme issue with my mate these  If that is
> the what should I look for to verify that gtk2/3 is the issue, or
> what theme are you using?
> 
> Pete
> 

The mate-gtk2/3 issue effects windows/menus/scrollbars and the like,
not the login screen. See:



for that issue. I switched to the Adwaita theme, as suggested there.



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Pete Geenhuizen]

On 09/19/17 11:58, Richard wrote:




Date: Tuesday, September 19, 2017 11:53:24 -0400
From: Pete Geenhuizen 

On 09/19/17 11:44, m.r...@5-cent.us wrote:

Pete Geenhuizen wrote:

I upgraded from 7.3 to 7.4 over the weekend.  Everything went
well except that I can't login because the screen is black with a
cursor.

If reboot boot the 7.3 kernel 3.10.0-514.26.2.el7.x86_64 kernel
everything works just fine, so my guess is that there's a kernel
issue with the hardware, specifically the Skylake processor.


Video, not the CPU, unless the CPU's also doing video.

  mark, fighting 7.4 and two users who need the 304 NVidia
  drivers



Agreed if I was using an add-on video card, however I'm just using
the no-board video.



I'm using 7.4/Mate on a Dell machine with Skylake i5-7500/Graphics
630, without any issues. I installed 7.3 then did initial updates via
CR, and then the final ones when released the other day. Had to
change my default mate theme (due to gtk2/3 issues) but otherwise all
has been fine.

Hmm I did the same thing other than the Dell and i5-7500, I didn't use 
CR but waited for the official release.  I wonder if I'm experiencing 
the same theme issue with my mate these  If that is the what should I 
look for to verify that gtk2/3 is the issue, or what theme are you using?


Pete

--
Unencumbered by the thought process.
 -- Click and Clack the Tappet brothers


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Richard]

> Date: Tuesday, September 19, 2017 11:53:24 -0400
> From: Pete Geenhuizen 
> 
> On 09/19/17 11:44, m.r...@5-cent.us wrote:
>> Pete Geenhuizen wrote:
>>> I upgraded from 7.3 to 7.4 over the weekend.  Everything went
>>> well except that I can't login because the screen is black with a
>>> cursor.
>>> 
>>> If reboot boot the 7.3 kernel 3.10.0-514.26.2.el7.x86_64 kernel
>>> everything works just fine, so my guess is that there's a kernel
>>> issue with the hardware, specifically the Skylake processor.
>>> 
>> Video, not the CPU, unless the CPU's also doing video.
>> 
>>  mark, fighting 7.4 and two users who need the 304 NVidia
>>  drivers
>> 
>> 
> Agreed if I was using an add-on video card, however I'm just using
> the no-board video.
> 


I'm using 7.4/Mate on a Dell machine with Skylake i5-7500/Graphics
630, without any issues. I installed 7.3 then did initial updates via
CR, and then the final ones when released the other day. Had to
change my default mate theme (due to gtk2/3 issues) but otherwise all
has been fine.





___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Block internet access for some users on the LAN ?

[John R Pierce]

On 9/19/2017 8:39 AM, m.r...@5-cent.us wrote:

As a response to someone else's cmts, the set of kids who knows how
they're being blocked is a small subset of all kids, and those who know
that a MAC address can be forged is a small subset of the previous. And
*then*  they'd have to find out a valid MAC address.


all it takes is one kid, who then shares his 'trick' with other kids, 
and blam.


On top of that, it would seem to me that the ones for whom you have a
registered MAC address is either hardwired, and so on, permanently, or the
teachers and staff are in before the students, mostly, and so when a
student tries to spoof the MAC, they get refused, since the real system
already has the IP address.


that presumes all the reserved systems are on 24/7.


--
john r pierce, recycling bits in santa cruz

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[Pete Geenhuizen]

On 09/19/17 11:44, m.r...@5-cent.us wrote:

Pete Geenhuizen wrote:

I upgraded from 7.3 to 7.4 over the weekend.  Everything went well
except that I can't login because the screen is black with a cursor.

If reboot boot the 7.3 kernel 3.10.0-514.26.2.el7.x86_64 kernel
everything works just fine, so my guess is that there's a kernel issue
with the hardware, specifically the Skylake processor.


Video, not the CPU, unless the CPU's also doing video.

 mark, fighting 7.4 and two users who need the 304 NVidia drivers

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Agreed if I was using an add-on video card, however I'm just using the 
no-board video.


--
Unencumbered by the thought process.
 -- Click and Clack the Tappet brothers


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] upgrade or install to Centos 7.4.1708

[m . roth]

Pete Geenhuizen wrote:
> I upgraded from 7.3 to 7.4 over the weekend.  Everything went well
> except that I can't login because the screen is black with a cursor.
>
> If reboot boot the 7.3 kernel 3.10.0-514.26.2.el7.x86_64 kernel
> everything works just fine, so my guess is that there's a kernel issue
> with the hardware, specifically the Skylake processor.
>
Video, not the CPU, unless the CPU's also doing video.

mark, fighting 7.4 and two users who need the 304 NVidia drivers

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Block internet access for some users on the LAN ?

[m . roth]

Chase, Brian E. wrote:
> The way to do this is with ACL's.  Access Control Lists
> IPtables can perform this function, or an internet gateway router can also
> be used.
> The ISR 4000 Series Cisco router family is where I would start, especially
> if you're in the need for a blade server in the same chassis.
>
> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Nicolas
> Kovacs
> Sent: Monday, September 18, 2017 1:04 PM
> To: Centos Mailing List
> Subject: [CentOS] Block internet access for some users on the LAN ?
>
> Hi,
>
> In our local school we have two servers and roughly 80 clients. The
> network is 192.168.10.0/255.255.255.0, and DHCP+DNS is managed by
> Dnsmasq.
>
> School PCs (teachers and management) are registered via MAC address and
> get an IP address in a specific range:

> If a client (like a student's laptop, tablet or smartphone) is not
> registered, it gets an IP address in the range between 192.168.10.100 and
> 192.168.10.200.
>
> Up until recently I've been using a combination of Squid and Squidguard to
> filter Internet access.
>
> This year the school's director wants to completely block Internet access
> for all the student's personal devices.

If nixspam doesn't gag me again - tried to respond yesterday.

Put anyone whose MAC address isn't registered on a different subnet, like
192.168.11.x, and give your router no route to 9.0.9.9, only to the
internal.

As a response to someone else's cmts, the set of kids who knows how
they're being blocked is a small subset of all kids, and those who know
that a MAC address can be forged is a small subset of the previous. And
*then* they'd have to find out a valid MAC address.

On top of that, it would seem to me that the ones for whom you have a
registered MAC address is either hardwired, and so on, permanently, or the
teachers and staff are in before the students, mostly, and so when a
student tries to spoof the MAC, they get refused, since the real system
already has the IP address.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Block internet access for some users on the LAN ?

[Bill Gee]

> School PCs (teachers and management) are registered via MAC address and get
> an IP address in a specific range:
 
> 192.168.10.2 - 192.168.10.50 - management + teachers
> 
> 192.168.10.201 - 192.168.10.220 - computer room
> 
> 192.168.10.246 - 192.168.10.247 - printers
> 
> 192.168.10.251 - 192.168.10.253 - wireless access points
> 
> If a client (like a student's laptop, tablet or smartphone) is not
> registered, it gets an IP address in the range between 192.168.10.100 and
> 192.168.10.200.
 
> Up until recently I've been using a combination of Squid and Squidguard to
> filter Internet access.
 
> This year the school's director wants to completely block Internet access
> for all the student's personal devices.
 
> The Linux server acts as a transparent gateway. Unfortunately with Squid I
> can only filter/block HTTP connections, but not HTTPS (well, I could, but
> this is way too complicated to setup).
 
> The firewall is managed by a simple Iptables script. Now I *think* the
> easiest way to block a certain IP range from Internet access would be
> through Iptables (correct me if I'm wrong). If this is the case, what would
> that look like?

It seems to me you could accomplish some of this by using 802.1x switch port 
security.  Set up an OpenRADIUS server, configure the network switch ports, 
then put a key on each workstation - especially those whose physical Ethernet 
jack could be unplugged by a student.  If someone does try to plug their 
device into the network, it not only won't get an address - it won't even get 
an open port!

Someone commented that using static IP addresses can be worked around pretty 
easily.  I agree ...  It is just a form of security by obscurity, and we all 
know that really means no security at all.  

There would be some effort to get the key onto the authorized workstations, 
but once there it would not need anything further.  It could also be 
incorporated into the base coreloads.  There is also some effort to reprogram 
the switch ports - also a one-time task.

The WiFi segment should be protected by a WPA2 password.

Bill Gee
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

[Valeri Galtsev]

On Tue, September 19, 2017 4:18 am, Sorin Srbu wrote:
> -Original Message-
> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of FHDATA
> Sent: den 18 september 2017 18:10
> To: CentOS mailing list 
> Subject: Re: [CentOS] KeePassX replacement
>
> On Mon, 18 Sep 2017, Valeri Galtsev wrote:
>
>>> You may have reasons to prefer KeePassX over KeePass 2, though.
>>
>> I for one use keepassx. My password database is synchronized between
>> variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
>> Windows, Android (and should be able on any derivatives of those). I
>> didn't try iOS as currently I don't have a need in that.
>>
>> Incidentally, does anybody know if there is any necessity in keepassx to
>> be patched? Did I read the original post correctly: there is no activity
>> on the development site for long time? Should there be any? (As, I would
>> say for comparison: cvs is so established software that there is no
>> development to expect, only if there are any security holes found those
>> need to be patched). Any insight on KeePassX anybody?
>>
>> Valeri
>
> hello
>
> using keepassx probably for 10 years or so across linux,win,mac,ios
>
> in late 2015 there was a security issue found and folks @ keepassx.org
> patched it fairly  quickly and patch propagated
> up to epel quickly as well ...
>
> passwd manager {non-cloud ones} , in my opinion,
> is a "static"  concept ...
> unless no issues with the underlying frameworks,
> what's there to patch ...
>
> -
>
> OT-sidetrack:
>
> What is/are a good cloud-less password manager if I'd need it in a
> cross-platform scenario;  Windows, CentOS, Ubuntu and Android?
>
> A cloud enabled manager would be okay I guess if I could move the password
> database to say my own private cloud and be able to access it from there
> from all platforms.
>
> KeepassX seemed like a good choice until I found out it didn't do Android.

When I mentioned I use KeePassX on FreeBSD, Linux, Windows and Android, I
failed to mention the name of Android application I access KeePassX
database with. It is

KeePassDroid

With KeePassDroid in the mix all of your system choices seem to be covered.


I also didn't mention that when we choose application like that we
investigate how well security wise the author(s) thought it through.
KeePassX shined in that respect from multiple prospectives. I joined then
the support for nomination of KeeePassX author for award (never new if he
won that). One of the features I remember that impressed me: it creates
encryption key from your passphrase by hashing that about 1,000,000 times
over and over again. This basically slows brute force attack by the same
factor. That time I estimated that if I lost, say, my pocket device and
bad guys got hold of my keepassx encrypted password database, they will
need about a Month to crack that if they have at their disposal whole
composed computing power of my University. So, I have plenty of time to
change all passwords if that happens.

This if why we stay with the tools we chose for long-long time: it takes
significant effort to select the great ones. It is almost same costly
effort as hiring new employee.

Just my $0.02

Valeri


>
> Suggestions greatly appreciated!
>
> Thanks.
>
> --
> //Sorin
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

[H]

On September 19, 2017 7:53:47 AM EDT, Sorin Srbu  
wrote:
>-Original Message-
>From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Leon
>Fauster
>Sent: den 19 september 2017 13:44
>To: CentOS mailing list 
>Subject: Re: [CentOS] KeePassX replacement
>
>> Am 19.09.2017 um 11:18 schrieb Sorin Srbu :
>> 
>> Suggestions greatly appreciated!
>
>https://www.passwordstore.org/
>
>--
>LF
>
>-
>
>Thanks!
>
>Is Passwordstora a de facto-standard with many of you on this list?
>
>
>--
>//Sorin
>___
>CentOS mailing list
>CentOS@centos.org
>https://lists.centos.org/mailman/listinfo/centos

I would not store my passwords at any site.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] upgrade or install to Centos 7.4.1708

[Pete Geenhuizen]

I upgraded from 7.3 to 7.4 over the weekend.  Everything went well 
except that I can't login because the screen is black with a cursor.


If reboot boot the 7.3 kernel 3.10.0-514.26.2.el7.x86_64 kernel 
everything works just fine, so my guess is that there's a kernel issue 
with the hardware, specifically the Skylake processor.


Has anyone else run into this problem and if so can how I resolve the 
problem other than using the previous kernel?


ASUSTeK COMPUTER INC.  Z170M-PLUS
VGA compatible controller: Intel Corporation HD Graphics 530 (rev 06)
Intel(R) Core(TM) i5-6600K CPU @ 3.50GHz Skylake

Any help with this would be greatly appreciated.

Pete

--
Unencumbered by the thought process.
 -- Click and Clack the Tappet brothers


--
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KVM SSL with wget

[Nux!]

Do you have ca-certificates installed in the VM

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "MOKRANI Rachid" 
> To: "CentOS mailing list" 
> Sent: Tuesday, 19 September, 2017 15:34:37
> Subject: [CentOS] KVM SSL with wget

> Hi,
> I installed KVM on a CentOS 7.4 host. The guest is also installed in CentOS 
> 7.4,
> the network works perfectly.
> 
> Both Host and Guest machines have the same OS.
> 
> I do not understand why I have an SSL error on the guest and not on the host
> while the two computers have the same OS installation.
> 
> The firewalld, selinux, fail2ban services are not installed on host and guest.
> 
> Is there an extra manipulation that I have forgotten to do?
> Many thanks.
> Below my log on Host and Guest.
> 
> Host
> /usr/bin/wget --version
> GNU Wget 1.14 built on linux-gnu.
> 
> wget https://www.google.com
> --2017-09-19 16:15:44--  https://www.google.com/
> Resolving www.google.com
> (www.google.com)... 2a00:1450:4009:809::2004,
> 216.58.198.164
> Connecting to www.google.com
> (www.google.com)|2a00:1450:4009:809::2004|:443...
> connected.
> HTTP request sent, awaiting response... 302 Found
> Location: https://www.google.fr/?gfe_rd=cr=0=kCbBWe-fOMnU8gfBmLmABA
> [following]
> --2017-09-19 16:15:44--
> https://www.google.fr/?gfe_rd=cr=0=kCbBWe-fOMnU8gfBmLmABA
> Resolving www.google.fr
> (www.google.fr)... 2a00:1450:4009:814::2003, 
> 216.58.204.3
> Connecting to www.google.fr
> (www.google.fr)|2a00:1450:4009:814::2003|:443...
> connected.
> HTTP request sent, awaiting response... 200 OK
> Length: unspecified [text/html]
> Saving to: 'index.html.10'
>[ <=>
>]
>10,853  --.-K/s   in 0s
> 2017-09-19 16:15:45 (41.9 MB/s) - 'index.html.10' saved [10853]
> 
> 
> 
> 
> 
> Guest VM
> ping www.google.com
> return OK
> 
> 
> /usr/bin/wget --version
> GNU Wget 1.14 built on linux-gnu.
> 
> My Pb on the guest :
> 
> wget https://www.google.com
> --2017-09-19 16:16:03--  https://www.google.com/
> Resolving www.google.com
> (www.google.com)... 216.58.198.164,
> 2a00:1450:4009:809::2004
> Connecting to www.google.com
> (www.google.com)|216.58.198.164|:443... connected.
> OpenSSL: error:1408D07B:SSL routines:ssl3_get_key_exchange:bad signature
> Unable to establish SSL connection.
> 
> 
> 
> 
> 
> 
> 
> __
> Avant d'imprimer, pensez à l'environnement ! Please consider the environment
> before printing !
> Ce message et toutes ses pièces jointes sont confidentiels et établis à
> l'intention exclusive de ses destinataires. Toute utilisation non conforme à 
> sa
> destination, toute diffusion ou toute publication, totale ou partielle, est
> interdite, sauf autorisation expresse. IFP Energies nouvelles décline toute
> responsabilité au titre de ce message. This message and any attachments are
> confidential and intended solely for the addressees. Any unauthorised use or
> dissemination is prohibited. IFP Energies nouvelles should not be liable for
> this message.
> __
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Nux!]

+1 SCL, as Johnny says this is what they are for.
You can easily run multiple PHP versions via php-fpm, fastcgi etc.

--
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro

- Original Message -
> From: "johnny" 
> To: "CentOS mailing list" 
> Sent: Tuesday, 19 September, 2017 14:25:08
> Subject: Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

> On 09/19/2017 06:41 AM, Leon Fauster wrote:
>> Am 19.09.2017 um 09:36 schrieb Nicolas Kovacs :
>>>
>>> I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
>>> CentOS 7 server. I've been using OwnCloud for the last two years for my
>>> own purposes on a Slackware server, and I'm quite happy with it.
>>>
>>> In my humble opinion, every admin who wants to host OwnCloud or
>>> Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.
>>>
>>> 1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
>>> time, but Red Hat will provide security update backports until 2024.
>>> Which is fine.
>>>
>>> 2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
>>> branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
>>> pull in PHP 5.6 from Webtatic, for example, I only get the "official"
>>> PHP support, which will end in 2018 for the 5.6 branch. And no security
>>> backports.
>> 
>> Try to ask upstream (bugzilla) to evaluate an officially upgrade
>> from 5.4 to 5.6, that would give you support until EOL of EL7.
> 
> Or, how about you just use SCLs .. that is what they are for:
> 
> http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php56/
> 
> Or even
> 
> http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php70/
> 
> See:
> 
> https://wiki.centos.org/SpecialInterestGroup/SCLo
> 
> 
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] KVM SSL with wget

[MOKRANI Rachid]

Hi,
I installed KVM on a CentOS 7.4 host. The guest is also installed in CentOS 
7.4, the network works perfectly.

Both Host and Guest machines have the same OS.

I do not understand why I have an SSL error on the guest and not on the host 
while the two computers have the same OS installation.

The firewalld, selinux, fail2ban services are not installed on host and guest.

Is there an extra manipulation that I have forgotten to do?
Many thanks.
Below my log on Host and Guest.

Host
/usr/bin/wget --version
GNU Wget 1.14 built on linux-gnu.

 wget https://www.google.com
--2017-09-19 16:15:44--  https://www.google.com/
Resolving www.google.com 
(www.google.com)... 2a00:1450:4009:809::2004, 
216.58.198.164
Connecting to www.google.com 
(www.google.com)|2a00:1450:4009:809::2004|:443... 
connected.
HTTP request sent, awaiting response... 302 Found
Location: https://www.google.fr/?gfe_rd=cr=0=kCbBWe-fOMnU8gfBmLmABA 
[following]
--2017-09-19 16:15:44--  
https://www.google.fr/?gfe_rd=cr=0=kCbBWe-fOMnU8gfBmLmABA
Resolving www.google.fr 
(www.google.fr)... 2a00:1450:4009:814::2003, 216.58.204.3
Connecting to www.google.fr 
(www.google.fr)|2a00:1450:4009:814::2003|:443... 
connected.
HTTP request sent, awaiting response... 200 OK
Length: unspecified [text/html]
Saving to: 'index.html.10'
[ <=>   
  ] 
10,853  --.-K/s   in 0s
2017-09-19 16:15:45 (41.9 MB/s) - 'index.html.10' saved [10853]





Guest VM
ping www.google.com
return OK


/usr/bin/wget --version
GNU Wget 1.14 built on linux-gnu.

My Pb on the guest :

 wget https://www.google.com
--2017-09-19 16:16:03--  https://www.google.com/
Resolving www.google.com 
(www.google.com)... 216.58.198.164, 
2a00:1450:4009:809::2004
Connecting to www.google.com 
(www.google.com)|216.58.198.164|:443... connected.
OpenSSL: error:1408D07B:SSL routines:ssl3_get_key_exchange:bad signature
Unable to establish SSL connection.







__
Avant d'imprimer, pensez à l'environnement ! Please consider the environment 
before printing ! 
Ce message et toutes ses pièces jointes sont confidentiels et établis à 
l'intention exclusive de ses destinataires. Toute utilisation non conforme à sa 
destination, toute diffusion ou toute publication, totale ou partielle, est 
interdite, sauf autorisation expresse. IFP Energies nouvelles décline toute 
responsabilité au titre de ce message. This message and any attachments are 
confidential and intended solely for the addressees. Any unauthorised use or 
dissemination is prohibited. IFP Energies nouvelles should not be liable for 
this message.
__
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Leon Fauster]

> Am 19.09.2017 um 15:25 schrieb Johnny Hughes :
> 
> On 09/19/2017 06:41 AM, Leon Fauster wrote:
>> Am 19.09.2017 um 09:36 schrieb Nicolas Kovacs :
>>> 
>>> I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
>>> CentOS 7 server. I've been using OwnCloud for the last two years for my
>>> own purposes on a Slackware server, and I'm quite happy with it.
>>> 
>>> In my humble opinion, every admin who wants to host OwnCloud or
>>> Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.
>>> 
>>> 1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
>>> time, but Red Hat will provide security update backports until 2024.
>>> Which is fine.
>>> 
>>> 2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
>>> branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
>>> pull in PHP 5.6 from Webtatic, for example, I only get the "official"
>>> PHP support, which will end in 2018 for the 5.6 branch. And no security
>>> backports.
>> 
>> Try to ask upstream (bugzilla) to evaluate an officially upgrade 
>> from 5.4 to 5.6, that would give you support until EOL of EL7.
> 
> Or, how about you just use SCLs .. that is what they are for:
> 
> http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php56/


SCL's support for rh-php56 has ended (April 2018).

PHP's official support until 31 Dec 2018.



> Or even
> 
> http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php70/


SCL's support until Nov 2019.

PHP's official support until 3 Dec 2018.

So, reasonable. 


> See:
> 
> https://wiki.centos.org/SpecialInterestGroup/SCLo


Expecting that the next SCL release will provide PHP 7.1.

SCL packages should be preferred, instead of using 3rd party 
repositories (not arguing against any of them - more focusing 
manageability, integration, dependencies etc.).   


--
LF


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Block internet access for some users on the LAN ?

[Chase, Brian E.]

The way to do this is with ACL's.  Access Control Lists
IPtables can perform this function, or an internet gateway router can also be 
used.
The ISR 4000 Series Cisco router family is where I would start, especially if 
you're in the need for a blade server in the same chassis.

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Nicolas Kovacs
Sent: Monday, September 18, 2017 1:04 PM
To: Centos Mailing List
Subject: [CentOS] Block internet access for some users on the LAN ?

Hi,

In our local school we have two servers and roughly 80 clients. The network is 
192.168.10.0/255.255.255.0, and DHCP+DNS is managed by Dnsmasq.

School PCs (teachers and management) are registered via MAC address and get an 
IP address in a specific range:

192.168.10.2 - 192.168.10.50 - management + teachers

192.168.10.201 - 192.168.10.220 - computer room

192.168.10.246 - 192.168.10.247 - printers

192.168.10.251 - 192.168.10.253 - wireless access points

If a client (like a student's laptop, tablet or smartphone) is not registered, 
it gets an IP address in the range between 192.168.10.100 and 192.168.10.200.

Up until recently I've been using a combination of Squid and Squidguard to 
filter Internet access.

This year the school's director wants to completely block Internet access for 
all the student's personal devices.

The Linux server acts as a transparent gateway. Unfortunately with Squid I can 
only filter/block HTTP connections, but not HTTPS (well, I could, but this is 
way too complicated to setup).

The firewall is managed by a simple Iptables script. Now I *think* the easiest 
way to block a certain IP range from Internet access would be through Iptables 
(correct me if I'm wrong). If this is the case, what would that look like?

Any suggestions?

Niki Kovacs

--
Microlinux - Solutions informatiques durables 7, place de l'église - 30730 
Montpezat Web  : http://www.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 
66 63 10 32 ___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Johnny Hughes]

On 09/19/2017 08:25 AM, Johnny Hughes wrote:
> On 09/19/2017 06:41 AM, Leon Fauster wrote:
>> Am 19.09.2017 um 09:36 schrieb Nicolas Kovacs :
>>>
>>> I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
>>> CentOS 7 server. I've been using OwnCloud for the last two years for my
>>> own purposes on a Slackware server, and I'm quite happy with it.
>>>
>>> In my humble opinion, every admin who wants to host OwnCloud or
>>> Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.
>>>
>>> 1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
>>> time, but Red Hat will provide security update backports until 2024.
>>> Which is fine.
>>>
>>> 2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
>>> branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
>>> pull in PHP 5.6 from Webtatic, for example, I only get the "official"
>>> PHP support, which will end in 2018 for the 5.6 branch. And no security
>>> backports.
>>
>> Try to ask upstream (bugzilla) to evaluate an officially upgrade 
>> from 5.4 to 5.6, that would give you support until EOL of EL7.
> 
> Or, how about you just use SCLs .. that is what they are for:
> 
> http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php56/
> 
> Or even
> 
> http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php70/
> 
> See:
> 
> https://wiki.centos.org/SpecialInterestGroup/SCLo

Or use openshift origin and setup a unique set of containers for each
application that is a mix of whatever versions of things that you need:

https://wiki.centos.org/SpecialInterestGroup/PaaS

https://wiki.centos.org/SpecialInterestGroup/PaaS/OpenShift



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS-es] Arranque servicios en Centos 6.9 y conexion FTP windows - centos red local

[L.C. - Salman PSL]

:: Tan solo informaros que he vuelto a instalar todo desde cero en un 
disco viejo para hacer pruebas, y aparentemente ahora funciona todo.



Lo del arranque cambie en el webmin -> arranque/parada -> boot system de 
autodetectar ( tomaba por defecto Upsstar ) por Sys V init y manejo
 lo que quiero arrancar o parar como siempre.

Y lo del FTP abri en el firewall el puerto 21 para la IP interna del otro 
servidor y funciona correctamente.

Ahora la cuestion, es que estoy instalando todo otra vez en un disco nuevo, y 
no se si sere capaz de reproducir toda la configuracion de iptables y el vsftpd 
ya que el disco en que funciona todo esta disconectado.

En fin que no tengo muy claro por que paso lo que paso, pero parece que todo 
esta funcionando como deberia haber funcionado desde el principio.





 >> *** Fin del mensaje *** <<

Saludos
Salvador Guzman
Salman PSL
Vigo, Galicia, España
+34 986.21.30.27
+34 60 400 30 20
www.Salman.EU


___
CentOS-es mailing list
CentOS-es@centos.org
https://lists.centos.org/mailman/listinfo/centos-es

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Johnny Hughes]

On 09/19/2017 06:41 AM, Leon Fauster wrote:
> Am 19.09.2017 um 09:36 schrieb Nicolas Kovacs :
>>
>> I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
>> CentOS 7 server. I've been using OwnCloud for the last two years for my
>> own purposes on a Slackware server, and I'm quite happy with it.
>>
>> In my humble opinion, every admin who wants to host OwnCloud or
>> Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.
>>
>> 1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
>> time, but Red Hat will provide security update backports until 2024.
>> Which is fine.
>>
>> 2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
>> branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
>> pull in PHP 5.6 from Webtatic, for example, I only get the "official"
>> PHP support, which will end in 2018 for the 5.6 branch. And no security
>> backports.
> 
> Try to ask upstream (bugzilla) to evaluate an officially upgrade 
> from 5.4 to 5.6, that would give you support until EOL of EL7.

Or, how about you just use SCLs .. that is what they are for:

http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php56/

Or even

http://mirror.centos.org/centos/7/sclo/x86_64/rh/rh-php70/

See:

https://wiki.centos.org/SpecialInterestGroup/SCLo




signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Leon Fauster]

> Am 19.09.2017 um 14:50 schrieb Nicolas Kovacs :
> 
> Le 19/09/2017 à 13:41, Leon Fauster a écrit :
>> Try to ask upstream (bugzilla) to evaluate an officially upgrade 
>> from 5.4 to 5.6, that would give you support until EOL of EL7.
> 
> Unfortunately I don't have a Red Hat account, so I can't submit any bug
> reports.

https://bugzilla.redhat.com/createaccount.cgi

--
LF






___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Nicolas Kovacs]

Le 19/09/2017 à 13:41, Leon Fauster a écrit :
> Try to ask upstream (bugzilla) to evaluate an officially upgrade 
> from 5.4 to 5.6, that would give you support until EOL of EL7.

Unfortunately I don't have a Red Hat account, so I can't submit any bug
reports.

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Web  : http://www.microlinux.fr
Mail : i...@microlinux.fr
Tél. : 04 66 63 10 32
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

[Sorin Srbu]

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Leon Fauster
Sent: den 19 september 2017 13:44
To: CentOS mailing list 
Subject: Re: [CentOS] KeePassX replacement

> Am 19.09.2017 um 11:18 schrieb Sorin Srbu :
> 
> Suggestions greatly appreciated!

https://www.passwordstore.org/

--
LF

-

Thanks!

Is Passwordstora a de facto-standard with many of you on this list?


--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

[Leon Fauster]

> Am 19.09.2017 um 11:18 schrieb Sorin Srbu :
> 
> Suggestions greatly appreciated!

https://www.passwordstore.org/

--
LF

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Leon Fauster]

Am 19.09.2017 um 09:36 schrieb Nicolas Kovacs :
> 
> I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
> CentOS 7 server. I've been using OwnCloud for the last two years for my
> own purposes on a Slackware server, and I'm quite happy with it.
> 
> In my humble opinion, every admin who wants to host OwnCloud or
> Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.
> 
> 1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
> time, but Red Hat will provide security update backports until 2024.
> Which is fine.
> 
> 2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
> branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
> pull in PHP 5.6 from Webtatic, for example, I only get the "official"
> PHP support, which will end in 2018 for the 5.6 branch. And no security
> backports.

Try to ask upstream (bugzilla) to evaluate an officially upgrade 
from 5.4 to 5.6, that would give you support until EOL of EL7.

--
LF

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KeePassX replacement

[Sorin Srbu]

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of FHDATA
Sent: den 18 september 2017 18:10
To: CentOS mailing list 
Subject: Re: [CentOS] KeePassX replacement

On Mon, 18 Sep 2017, Valeri Galtsev wrote:

>> You may have reasons to prefer KeePassX over KeePass 2, though.
>
> I for one use keepassx. My password database is synchronized between
> variety of systems, and I can view/edit it on: CentOS, FreeBSD, MS
> Windows, Android (and should be able on any derivatives of those). I
> didn't try iOS as currently I don't have a need in that.
>
> Incidentally, does anybody know if there is any necessity in keepassx to
> be patched? Did I read the original post correctly: there is no activity
> on the development site for long time? Should there be any? (As, I would
> say for comparison: cvs is so established software that there is no
> development to expect, only if there are any security holes found those
> need to be patched). Any insight on KeePassX anybody?
>
> Valeri

hello

using keepassx probably for 10 years or so across linux,win,mac,ios

in late 2015 there was a security issue found and folks @ keepassx.org
patched it fairly  quickly and patch propagated
up to epel quickly as well ...

passwd manager {non-cloud ones} , in my opinion,
is a "static"  concept ...
unless no issues with the underlying frameworks,
what's there to patch ...

-

OT-sidetrack: 

What is/are a good cloud-less password manager if I'd need it in a
cross-platform scenario;  Windows, CentOS, Ubuntu and Android?

A cloud enabled manager would be okay I guess if I could move the password
database to say my own private cloud and be able to access it from there
from all platforms.

KeepassX seemed like a good choice until I found out it didn't do Android.

Suggestions greatly appreciated!

Thanks.

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Timotheus Pokorra]

This may be a very far-fetched idea, but here goes. I don't know much
about Docker, just fiddled around with it a couple hours in a VM. Since
I have to host various PHP applications with different requirements
(some require 5.4, some 5.6, some 7.0), I wonder if it would be a
solution in theory to host several PHP versions (e. g. several 
different

LAMP servers) on the same physical machine using Docker.


Try LXC containers.
An LXC container is much more like a virtual machine, without much 
overhead.

It has less a learning curve than Docker.

I have some scripts for setting up my lxc containers, and maintaining 
them:

https://github.com/tpokorra/lxc-scripts
See the Readme.

Hope this is useful,
  Timotheus


Diese Nachricht wurde versandt mit Webmail von www.tbits.net.
This message was sent using webmail of www.tbits.net.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Sorin Srbu]

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Nicolas Kovacs
Sent: den 19 september 2017 10:01
To: centos@centos.org
Subject: Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

Le 19/09/2017 à 09:48, Sorin Srbu a écrit :
> I agree however, everytime I want to mess with OC I get to do the php-dance...
> Irritating, but I guess that's the deal if you want the stability and 
> compatibility CentOS is offering.

This may be a very far-fetched idea, but here goes. I don't know much
about Docker, just fiddled around with it a couple hours in a VM. Since
I have to host various PHP applications with different requirements
(some require 5.4, some 5.6, some 7.0), I wonder if it would be a
solution in theory to host several PHP versions (e. g. several different
LAMP servers) on the same physical machine using Docker.

Any suggestions?



For me that would be over-kill, but for others that have bigger solutions it 
might be a good idea.
Docker is however bit of a white area on my map, here there be dragons. :-)

--
//Sorin
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Nicolas Kovacs]

Le 19/09/2017 à 09:48, Sorin Srbu a écrit :
> I agree however, everytime I want to mess with OC I get to do the php-dance...
> Irritating, but I guess that's the deal if you want the stability and 
> compatibility CentOS is offering.

This may be a very far-fetched idea, but here goes. I don't know much
about Docker, just fiddled around with it a couple hours in a VM. Since
I have to host various PHP applications with different requirements
(some require 5.4, some 5.6, some 7.0), I wonder if it would be a
solution in theory to host several PHP versions (e. g. several different
LAMP servers) on the same physical machine using Docker.

Any suggestions?

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Web  : http://www.microlinux.fr
Mail : i...@microlinux.fr
Tél. : 04 66 63 10 32
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Sorin Srbu]

-Original Message-
From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Nicolas Kovacs
Sent: den 19 september 2017 09:37
To: CentOS mailing list 
Subject: [CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

Hi,

I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
CentOS 7 server. I've been using OwnCloud for the last two years for my
own purposes on a Slackware server, and I'm quite happy with it.

In my humble opinion, every admin who wants to host OwnCloud or
Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.

1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
time, but Red Hat will provide security update backports until 2024.
Which is fine.

2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
pull in PHP 5.6 from Webtatic, for example, I only get the "official"
PHP support, which will end in 2018 for the 5.6 branch. And no security
backports.

3. The solution would be to go with Nextcloud 10, which only requires
PHP 5.4, and which is also provided in package form by EPEL. 'yum info
nextcloud' shows that the current EPEL version is 10.0.4... but a peek
on the Nextcloud homepage shows me that this version is officially
unsupported. Uh oh.

4. Some of the stuff I'm hosting on my CentOS 7 server (like CMSMS) is
not compatible with PHP 7.x versions.

So right now I don't see a solution for this. As far as I can see, the
"least evil" solution would be to pull in PHP 5.6 from Webtatic and go
for Nextcloud 11.x, and have an EOL for both around next summer.

I'd be curious if some of you are familiar with this sort of dilemma (I
guess so) and how you manage it.






Been there, still doing that.

At work we have an OC-server v9 running off of CentOS 7.3 on which I installed 
PHP 5.6. I don't dare installing PHP 7 in case something breaks.

On my own private OC at home, I have OC v10 running with PHP 7.0.
The only other service I have on that service is Piwigo which runs just fine 
with that php-version.

I agree however, everytime I want to mess with OC I get to do the php-dance...
Irritating, but I guess that's the deal if you want the stability and 
compatibility CentOS is offering.
--
//Sorin

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS, PHP & OwnCloud/Nextcloud: the version dilemma

[Nicolas Kovacs]

Hi,

I'm currently experimenting with OwnCloud and Nextcloud on a sandbox
CentOS 7 server. I've been using OwnCloud for the last two years for my
own purposes on a Slackware server, and I'm quite happy with it.

In my humble opinion, every admin who wants to host OwnCloud or
Nextcloud on a RHEL/CentOS server is confronted with a version dilemma.

1. CentOS 7 sports PHP 5.4, which has been officially EOL for quite some
time, but Red Hat will provide security update backports until 2024.
Which is fine.

2. Currently supported versions of Nextcloud (namely the 11.x and 12.x
branch) require a minimum of PHP 5.6. Which seems reasonable. But if I
pull in PHP 5.6 from Webtatic, for example, I only get the "official"
PHP support, which will end in 2018 for the 5.6 branch. And no security
backports.

3. The solution would be to go with Nextcloud 10, which only requires
PHP 5.4, and which is also provided in package form by EPEL. 'yum info
nextcloud' shows that the current EPEL version is 10.0.4... but a peek
on the Nextcloud homepage shows me that this version is officially
unsupported. Uh oh.

4. Some of the stuff I'm hosting on my CentOS 7 server (like CMSMS) is
not compatible with PHP 7.x versions.

So right now I don't see a solution for this. As far as I can see, the
"least evil" solution would be to pull in PHP 5.6 from Webtatic and go
for Nextcloud 11.x, and have an EOL for both around next summer.

I'd be curious if some of you are familiar with this sort of dilemma (I
guess so) and how you manage it.

Cheers,

Niki Kovacs
-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Web  : http://www.microlinux.fr
Mail : i...@microlinux.fr
Tél. : 04 66 63 10 32
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos