Re: [CentOS] XScreenSaver
On 9 April 2018 at 04:47, Tom Gracewrote: > On 09/04/2018 07:47, Nicolas Kovacs wrote: >> I didn't know a screensaver was that critical. > > It's critical in that XScreenSaver deals with locking the screen/dealing > with passwords. I believe the fancy animation bits are separate. > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos xscreensaver is security critical for the following reasons: 1. Several of the screensavers take user input which may not be the main user. If the software has a security problem. those plugins could overwrite the users data. 2. If the user is expecting that the xscreensaver is locking out a user and it does not then that is security related 3. The way X works is that every X application can listen to all mouse and keyboard actions. This also has a security context. For many sites, any of these make Xscreensaver into a high security item. It makes perfect sense from jwz's point of view because several times something 'simple' in an xscreensaver code has turned into a meltdown somewhere. And the fact that people email him before emailing the EPEL maintainer or opening a bugzilla about it says his time is better served saying "not my problem mate." -- Stephen J Smoogen. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS-announce] CESA-2018:0648 Important CentOS 7 thunderbird Security Update
CentOS Errata and Security Advisory 2018:0648 Important Upstream details at : https://access.redhat.com/errata/RHSA-2018:0648 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 78c170024613cdf14dc70084dda0c83a321f6829959333ee0e6c518bc772c501 thunderbird-52.7.0-1.el7.centos.x86_64.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net Twitter: @JohnnyCentOS ___ CentOS-announce mailing list CentOS-announce@centos.org https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2018:0649 Important CentOS 6 libvorbis Security Update
CentOS Errata and Security Advisory 2018:0649 Important Upstream details at : https://access.redhat.com/errata/RHSA-2018:0649 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 2e06e17e114f1fb82b38494b2a749d03a24ab1ad4c7bd5802ca8c7d6d604dcdb libvorbis-1.2.3-5.el6_9.1.i686.rpm 40e0518e9a1bca52011bbd00605f55bcdc2bf571dfc8b34847b3fa662c7bc55d libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm d833b6e19caceb7df39ca2bcc782f73f1b7774d7bd52abd6704ac29d778bb882 libvorbis-devel-docs-1.2.3-5.el6_9.1.noarch.rpm x86_64: 2e06e17e114f1fb82b38494b2a749d03a24ab1ad4c7bd5802ca8c7d6d604dcdb libvorbis-1.2.3-5.el6_9.1.i686.rpm e2b276ee079787afa938fc33d26255a167e592670303c74656e84b96c09ace5b libvorbis-1.2.3-5.el6_9.1.x86_64.rpm 40e0518e9a1bca52011bbd00605f55bcdc2bf571dfc8b34847b3fa662c7bc55d libvorbis-devel-1.2.3-5.el6_9.1.i686.rpm e043eec9adabbada05e9229f7669b1f1de85693265dd8fb98366b36ee23886a4 libvorbis-devel-1.2.3-5.el6_9.1.x86_64.rpm d833b6e19caceb7df39ca2bcc782f73f1b7774d7bd52abd6704ac29d778bb882 libvorbis-devel-docs-1.2.3-5.el6_9.1.noarch.rpm Source: cf05cdba31b5c0bd71bbe2e333821dc586a9c2eddd8a6fe762c4d35ee836934d libvorbis-1.2.3-5.el6_9.1.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net Twitter: @JohnnyCentOS ___ CentOS-announce mailing list CentOS-announce@centos.org https://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2018:0647 Important CentOS 6 thunderbird Security Update
CentOS Errata and Security Advisory 2018:0647 Important Upstream details at : https://access.redhat.com/errata/RHSA-2018:0647 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 8faab804fa19089343fd1e489a02b3d351cec5544ed592b6dbec7a3006af99cf thunderbird-52.7.0-1.el6.centos.i686.rpm x86_64: 647747711d64e16d5b2e1529f7e5974464bb0b510cdbcad045f08048dba0d0da thunderbird-52.7.0-1.el6.centos.x86_64.rpm Source: 5089b20a8b1521a7ff70fc6ff5f053a6c6ab5ff2f6fa7f4a0a9af812c8774933 thunderbird-52.7.0-1.el6.centos.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net Twitter: @JohnnyCentOS ___ CentOS-announce mailing list CentOS-announce@centos.org https://lists.centos.org/mailman/listinfo/centos-announce
Re: [CentOS] Semi-OT: install python package in userspace
On 2018-04-09, Valeri Galtsevwrote: > > > On 04/09/18 11:15, Paul Heinlein wrote: >> On Sat, 7 Apr 2018, Pete Biggs wrote: >> Does CentOS changed the package management? :-) >>> >>> Quite. >>> >>> This is not an Ubuntu dig, but when I challenge some of the users >>> about the more dangerous sudo's they try, inevitably they say they >>> got the command from the net, and by that they usually mean Ubuntu >>> forums. >> >> Whether the instructions come from the Ubuntu forums or not, we >> regularly experience the same thing: users unthinkingly following >> instructions in a REAME or posted on a web page. My experience >> suggests these folks are just on autopilot. > > Sadly, people became zombies. The ability to categorize (hence use the > menu) is wiped completely. Even the majority of "modern" Desktop > Environment interfaces expect you to search for what you need instead > of giving the menu: everything arranged by category. That's why I > switched to MATE quite a while ago. I guess, I didn't blend in into > iPad generation... [...] Both GNOME and KDE Plasma offer you a menu of applications by category, if that is what you want. I don't see the problem. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Do you blog about CentOS?
Le 09/04/2018 à 15:33, Rich Bowen a écrit : > Do you blog about CentOS? Or about Linux in general? We need your voice. My french tech blog has a heavy CentOS bias. https://blog.microlinux.fr/ CentOS on the desktop: https://blog.microlinux.fr/poste-de-travail/ CentOS on a LAN server: https://blog.microlinux.fr/serveur-lan/ CentOS on a public server in a datacenter: https://blog.microlinux.fr/serveur-dedie/ CentOs-based application hosting: https://blog.microlinux.fr/hebergement/ I'm adding articles to it on a regular basis. Cheers, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Semi-OT: install python package in userspace
On 04/09/18 11:15, Paul Heinlein wrote: On Sat, 7 Apr 2018, Pete Biggs wrote: Does CentOS changed the package management? :-) Quite. This is not an Ubuntu dig, but when I challenge some of the users about the more dangerous sudo's they try, inevitably they say they got the command from the net, and by that they usually mean Ubuntu forums. Whether the instructions come from the Ubuntu forums or not, we regularly experience the same thing: users unthinkingly following instructions in a REAME or posted on a web page. My experience suggests these folks are just on autopilot. Sadly, people became zombies. The ability to categorize (hence use the menu) is wiped completely. Even the majority of "modern" Desktop Environment interfaces expect you to search for what you need instead of giving the menu: everything arranged by category. That's why I switched to MATE quite a while ago. I guess, I didn't blend in into iPad generation... Soon we will ask google how much money we have in our wallet ;-) Valeri We don't even follow up any more on most of the alerts; they'll ask us if it's important. So we rarely give out sudo on shared systems and when we do there's some "extreme vetting" going on. Also, Python has such a mature virtual-environment setup that more publicly posted instructions are using that route anyway. -- Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Semi-OT: install python package in userspace
On Sat, 7 Apr 2018, Pete Biggs wrote: Does CentOS changed the package management? :-) Quite. This is not an Ubuntu dig, but when I challenge some of the users about the more dangerous sudo's they try, inevitably they say they got the command from the net, and by that they usually mean Ubuntu forums. Whether the instructions come from the Ubuntu forums or not, we regularly experience the same thing: users unthinkingly following instructions in a REAME or posted on a web page. My experience suggests these folks are just on autopilot. We don't even follow up any more on most of the alerts; they'll ask us if it's important. So we rarely give out sudo on shared systems and when we do there's some "extreme vetting" going on. Also, Python has such a mature virtual-environment setup that more publicly posted instructions are using that route anyway. -- Paul Heinlein heinl...@madboa.com 45°38' N, 122°6' W ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] iscsiadm: Could not perform SendTargets discovery: encountered non-retryable iSCSI login failure
Hello I know this not the place to ask help, but i can't send messages to iscsi list. :( I have 3 CentOS 6 connecting to a ISCSI server with Targecli suddenly they lost connection and i receive this error when i performance iscsiadm --mode discovery --type sendtargets --portal x.x.x.x iscsiadm: Could not perform SendTargets discovery: encountered non-retryable iSCSI login failure I have already changed the password for the ACLs. Thanks for attention. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Do you blog about CentOS?
Do you blog about CentOS? Or about Linux in general? We need your voice. As mentioned on https://blog.centos.org/2018/04/seven-centos-org-is-dead-long-life-to-blog-centos-org/ this morning, authentication for blog.centos.org is tied to accounts.centos.org (through OpenID). So if you have a CentOS account, you have an account on the blog server. We would love to have your articles there - hear about what you're doing on top of this awesome platform. On the other hand, if you have your own blog, and you're writing CentOS content there, please let me know about that, too. Our aggregator - planet.centos.org - is where we collect the various sites with quality CentOS content, and we'd love to add you there. Send me an RSS/Atom URL for your content - preferably one that's filtered by tag/keyword, so that it's just the CentOS/Linux content, and not your posts about your cat and your skiing trip - and we'll get you added. There's a HUGE amount of clickbait/spammy content out there about CentOS ("How to Install Bash On CentOS In Twelve Easy Steps!") and we need to combat that with quality, substantive content. Thanks! -- Rich Bowen - rbo...@redhat.com @RDOcommunity // @CentOSProject // @rbowen ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] XScreenSaver
On 09/04/2018 07:47, Nicolas Kovacs wrote: > I didn't know a screensaver was that critical. It's critical in that XScreenSaver deals with locking the screen/dealing with passwords. I believe the fancy animation bits are separate. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 + MariaDB + phpMyAdmin
Hello, You should contact your control panel supplier as they are known to heavily modify the stock settings and packages and are not really supported here. -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro - Original Message - > From: "Frank M. Ramaekers"> To: "CentOS mailing list" > Sent: Sunday, 8 April, 2018 04:12:57 > Subject: [CentOS] CentOS 7 + MariaDB + phpMyAdmin > I can't seem to get phpMyAdmin working. I got the ip address problem > (permission) resolved, but now I'm getting a "Parallels H-Sphere" error "Error > 404: File Not found". I've looked in all the logs and cannot determine what > file is not found. > > Frank M. Ramaekers Jr. | Systems Programmer | Information Technology | > American > Income Life Insurance Company | 254-761-6649 (732-6649) > > -- > This message contains information which is privileged and confidential and is > solely for the use of the intended recipient. If you are not the intended > recipient, be aware that any review, disclosure, copying, distribution, or use > of the contents of this message is strictly prohibited. If you have received > this in error, please destroy it immediately and notify us at > privacy...@torchmarkcorp.com. > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] XScreenSaver
> It's not rocket science: someone on your distro's team just needs to > update it ONCE A YEAR. If that is too onerous for them, then I'd prefer > that they not distribute my software at all. And that just goes to show that he knows not what CentOS is - since clearly he doesn't realise that it is NOT distributed by CentOS at all. I suspect RH don't touch it for this very reason. > > If you don't like the way XScreenSaver works, then don't run it. I hear > GNOME Screensaver is a thing that also exists. See how that works out > for you instead." > > I didn't know a screensaver was that critical. > I tend to go along with Gnome when it comes to screen savers: they serve no purpose what so ever other than eye candy. Don't bother with them. Just configure Gnome to lock the session and blank the screen so the monitor turns off. If your corporate masters require uplifting messages to be shown on all the screens, then require them to provide you with the resources to sort out the software. P. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] XScreenSaver
Hello, On Sun, 08 Apr 2018 18:10:35 -0700 Keith Kellerwrote: > On 2018-04-08, Nicolas Kovacs wrote: > > Le 09/04/2018 à 00:33, Keith Keller a écrit : > >> I think you can use the --no-splash switch. > >> > >> https://www.jwz.org/xscreensaver/man1.html > >> > >> There's probably also a config setting in .xscreensaver. > > > > No, there's no configuration setting. And no way to turn it off. > > Not even --no-splash? That option shows up right on JWZ's site. Years ago I was using xscreensaver with --no-splash and had no problem with it. But, I must admit that I gave up with xscreensaver just because I was using the blank screen feature + power management settings, and the screensaver service provided by GNOME is just equivalent and more simple to get (anything but a blank screen is NOT a screen or energy *saver*, it's an entertainment). I presume KDE has its own too, so, with regards to the feature, we really don't need xscreensaver and the whole discussion here and without the author is a loss of time. Even to the OP of this thread, I'd not recommend using xscreensaver for school computers administration, he's losing time and energy. Regards, -- wwp pgpZlEImimtA0.pgp Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] XScreenSaver
Le 09/04/2018 à 03:04, Chris Adams a écrit : > It's Open Source - patching to remove such a nag is legal and a service > to the users. > > It's a screensaver program - how many updates does it need anyway? If > it is just updates to add more fancy animations, there is zero reason to > demand people upgrade. Here's the exact response I got from the developer after asking for help: "I am not going to go out of my way to help you run security-critical software that is YEARS out of date. In fact, I consider it my responsibility to do exactly the opposite. It's not rocket science: someone on your distro's team just needs to update it ONCE A YEAR. If that is too onerous for them, then I'd prefer that they not distribute my software at all. If you don't like the way XScreenSaver works, then don't run it. I hear GNOME Screensaver is a thing that also exists. See how that works out for you instead." I didn't know a screensaver was that critical. Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Site : https://www.microlinux.fr Blog : https://blog.microlinux.fr Mail : i...@microlinux.fr Tél. : 04 66 63 10 32 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos