Re: [CentOS] USB Serial Ports
> -Original Message- > From: Chris Olson [mailto:chris_e_ol...@yahoo.com] > Sent: Thursday, November 16, 2017 5:42 PM > To: CentOS Mailing List > Subject: [CentOS] USB Serial Ports > > We have several CentOS 6 systems that are used in various configurations > of test equipment. One of the primary functions of these systems is the > connectivity to serial ports of some operational systems that have serial > port control requirements. Lack of interface bus slots led us to the use > of USB connected serial ports on these CentOS 6 systems. > > We first used these USB connected serial ports in our RHEL 5 test equipment > systems. With RHEL 5, shut down and boot up of the systems would often > cause the serial ports to have a different driver name, even though we had > not changed the ports where the USB devices were plugged in. This caused > software access problems until we discovered what could be done using the > udev rules to lock in the driver names. > > This problem seems to have gone away in our newer systems with CentOS 6, > and we would like to make sure that it does not return. We are deploying > some of the systems and do not want to have software access issues in the > field where fixes are more difficult. We would like to know if there is > some underlying factor that has solved this problem for us. Any ideas on > what to check would be greatly appreciated. > I have no idea why it is working better under 6, but it is possible to use UDEV rules to force them to be at expected /dev/my_tty* locations using vendor_ID/device_ID/serial_number combinations. Once you figure that out, you should even be able to use the same (or at least similar) rules under 7. -- Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to blacklist a device driver (sysemd)
> -Original Message- > From: James Pearson [mailto:jame...@moving-picture.com] > Sent: Friday, November 17, 2017 5:21 AM > To: CentOS mailing list; Frank Thommen > Subject: Re: [CentOS] How to blacklist a device driver (sysemd) > > Frank Thommen wrote: > > Hi, > > > > how can a specific device driver in CentOS 7 be blacklisted, so that it > > doesn't load at boot time? We have Infiniband adapters which are not > > completely supported by CentOS and we want to silence the error messages > > for the time being. > > > > I tried with the files > > > > /etc/modprobe.d/blacklist > > /etc/modprobe.d/blacklist.conf > > > > None of these entries helps. mlx5_core and mlx5_ib are still loaded and > > the system is flooded with error messages. > > They are probably being loaded via the initramfs at boot time - i.e. > before the real root is mounted (where the blacklist entries exist) > Having had to blacklist things like this in the past, it has been my experience that James is correct. If the driver is available in the existing initrd (created before the updates to the blacklists), then the driver WILL be loaded prior to the blacklists being read. For me I found two solutions that worked: 1) (re)install a new kernel after blacklist creation (which causes an dracut run with all the correct parameters) 2) create the blacklists, then workout the correct dracut parameters and run it. obviously from the point of avoiding research time, doing a boot into an _older_ kernel, 'yum remove kernel-currentversion; yum update kernel' is easier, but once you figure out how to tell Dracut to use it's usual parameters for each machine you can avoid the time of doing the extra reboot on a bunch of machines. It has been ~4 years since I looked at this so I don't remember how to automate using the right options per machine. Or you could wait for the next CentOS 7 kernel update...Unfortunately the CVE's for the 6 kernel that just came out were all fixed in the 7 kernel back in October, so I have no expectation of a new 7 kernel anytime soon. -- Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] home on nfs
> -Original Message- > From: hw [mailto:h...@adminart.net] > Sent: Monday, October 30, 2017 12:02 PM > To: CentOS mailing list > Subject: Re: [CentOS] home on nfs > > Jonathan Billingswrites: > > > On Oct 28, 2017, at 23:15, hw wrote: > >> > >> Jonathan Billings writes: > >> > On Oct 27, 2017, at 10:21, hw wrote: > > Hi, > > I have the home directory of a user on an nfs server and mount it on a > client. When the user logs in, they end up in the root directory rather > than in their actual home directory and need to cd into it. > > The user can read and write to their home directory, so it kinda works > fine --- but only kinda. When the user starts emacs, some of the > settings in ~/.emacs are not applied, but the saved desktop is being > loaded. > > Both machines are running Centos 7.4. What could be wrong with the nfs > mount? > >>> > >>> Sounds like you haven’t set the selinux Boolean for NFS homedirs. > >>> setsebool -P use_nfs_home_dirs 1 > >> > >> Oh, indeed, I didn´t know that I need to do that. > >> > >> Do I do this on the client or on the server or both? > > > > Just the client. > > Thanks, I tried that and it works now :) > If you find that the problem comes back in the near future (or perhaps check as a preventative), you should look to see if the client machine is using the 'soft' mount option instead of 'hard,intr' on the home dirs. A few years ago it took me better than a month to figure out that some other admin had (on some machines) thought that using soft would cause less waiting on reboots, but we found that the side effect on home directories was corrupt data and strange issues on user login. (soft can work OK if there is a longish timeout between mount request and mount use, but if it is quick like autofs at login, then soft falls down.) -- Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] TeX Live on CentOS 7
> -Original Message- > From: Nicolas Kovacs [mailto:i...@microlinux.fr] > Sent: Friday, July 21, 2017 2:29 AM > To: CentOS > Subject: [CentOS] TeX Live on CentOS 7 > > Hi, > > I just installed the OpenVAS vulnerability scanner on my CentOS 7 > workstation. Everything seems to work fine, except PDF generation. The > 'openvas-check-setup' script tells me that PDF generation works fine, > but whenever I want to generate a report, the result is unusable and > can't open in Evince or Okular. > > After googling a bit, I found out that several users complained that Tex > Live is broken under RHEL/CentOS 7. > > While I did use LaTeX a long time ago to write documents, I don't use it > anymore nowadays (just Markdown or LibreOffice). But I do need a working > installation of TeX Live for OpenVAS PDF reports. > > What can I do now? Perform a manual installation of TeX Live with their > provided installer (to /opt) and then blacklist all texlive* packages? I > admit I'm a bit surprised that a distribution like RHEL/CentOS that > prises quality wouldn't provide a working TeX Live in their package > repositories. > > Any suggestions? The users that were complaining, were they all OpenVAS user? Going from my experiences on CentOS 6, I find it surprising that LaTeX is not working. Does even the trivial.tex from [0] compile? Can you get the LaTeX file that OpenVAS is generating, and on the command line run pdflatex (or other latex compile command) on it and capture the error messages? This might point to missing packages/fonts. It may be possible that not enough of texlive has been installed. I tend to do a `yum install \*latex\*` (and answer no) to see what is available and then install every latex thing that is not a -devel package. That way I never have to think about getting packages again, or if I do I will pretty much know I'll have to get it from CTAN myself. seeing [1] from the opanvas wiki makes me think you should try `yum install \*latex\*extra\*` and see if it is now available. And as seen elsewhere [2] sometimes rpm packager's don't name them the same as LaTeX packagers. And it looks like[3] a lot of folks take the same 'trash the distro' perspective as openvas[1] which is unfortunate. Perhaps we could ask the CentOS-extras (and a RHEL or EPEL ticket) folks if they would be willing to rebuild the needed packages from an old Fedora RPM if they are not yet available in a EL repository. Have you checked EPEL? [0] https://www.centos.org/forums/viewtopic.php?t=48421 [1] https://wiki.openvas.org/index.php/Generate_a_PDF_report#CentOS_7 [2] https://tex.stackexchange.com/a/166140 [3] https://www.centos.org/forums/viewtopic.php?t=54410 -- Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What besides Postfix should not start until system time set?
From: Robert Moskowitz [r...@htt-consult.com] Sent: Thursday, April 20, 2017 5:00 PM To: CentOS mailing list Subject: [CentOS] What besides Postfix should not start until system time set? > > So I have learned that Postfix should delay until Chronyd has moved the > system time from 0 to current. Something you might consider to make the time delta _less_ drastic, is to create a service which on system shutdown touches a file {in /etc/} and on boot early in the start-up {make some other services depend on it} checks to see if the system date is before the time on that file, if it is then use the time stamp {+ a few sec} on the file to set the current time. That way time would at least move forward. in the olden days we used to use `hwclock --badyear` mitigate part of it. perhaps you could extend hwclock for --dead-batteries and make it easier for every one with an arm {assuming hwclock is still used in the boot process to pull the initial time from the clock}. :) Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Compiling custom "vmlinuz" PXE kernel?
> From: Locane [loc...@gmail.com] > Sent: Monday, April 03, 2017 8:33 PM > To: CentOS mailing list > Subject: [CentOS] Compiling custom "vmlinuz" PXE kernel? > > Hello CentOS list, I still need help. > > Does anyone know how I would go about creating my own "vmlinuz" PXE > kernel? I'm still trying to get the NUC6CAYH to load to a LiveCD, and I'm > getitng nowhere with Intel. > > My company wants to do hundreds of these per month; we're not above paying > for professional help at this point. > > My current line of reasoning is to get whatever specialized memory and CPU > drivers the NUC6CAYH requires to recognize properly and bake them in to a > custom vmlinuz PXE kernel that loads the initial ramdisk image. This > kernel is located in a regular CentOS 7.3 DVD at > CentOS-7-x86_64-DVD-1611/images/pxeboot/vmlinuz. > > Has anyone done this before? Is there documentation online? If I understand correctly you are wanting to build a kernel to boot the install process with, i.e., boot to run anaconda. For some reason I never had any luck [with EL4] replacing the modules in the anaconda initrd.img with the ones for the kernel I built, so I took a more *brittle* path. I built a kernel that included *_all_* the drivers I needed (and only those *_needed_*) built into the kernel itself, i.e., *not* as modules. I then set the process up to boot from the vmlinuz I built. It was not right to ignore the mods in the initrd, but it worked enough to get us going, IIRC it was because some USB driver we needed was not built in and we were installing from a USB hard drive. Also note, you need to grab the kernel config for an EL kernel of your distro and start modifying from there because some of the later tools in the install chain expect most of the kernel to be configured as RH would do it. *_all_* - using this method you can't depend on ANY modules, everything you need to activate all the hardware in the system has to be in the kernel image (vmlinuz). If you can figure out how to correctly mod the initrd then you can use some modules again, and then only the modules you need to boot and read the initrd have to be in vmlinuz. Also I don't recall what they are, but there are some size limits to how big vmlinuz can be, so don't just build every driver into the kernel. Good luck. -- Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Nvidia related kernel panic on boot, *unless* the keyboard is tapped
> -Original Message- > From: Duncan Brown [mailto:cent...@duncb.co.uk] > Sent: Wednesday, March 01, 2017 5:49 AM > To: CentOS@centos.org > Subject: [CentOS] Nvidia related kernel panic on boot, *unless* the keyboard > is tapped > > So here is an odd one > > Ever since the upgrade to 7.3, when using the el-repo kmod-nvidia, boot > hangs around the 'mounted /boot' point. If left it then kernel panics > > However at that point, tapping the keyboard gets it going again. As I'm > using a wireless keyboard, even the act of switching the keyboard on > gets it going again > > This doesn't happen without the kmod, and I'm in the process of > capturing the panic to file the bug report with el-repo, but for the > sake of conversation has anyone seen anything like this before, or have > any idea why that could happen? > > cheers > > Dunc > I have not checked to see if elrepo has kicked out all the new drivers to fix it since then, but apparently RH changed some kernel 'pointers' in 7.3 which kind of messes up some of the kmods: https://elrepo.org/bugs/view.php?id=715 https://elrepo.org/bugs/view.php?id=710 I am betting that you installed the kmod-nvidia before the upgrade to 7.3 and thus did not get the kind of warning that those folks did. Perhaps even related to this issue: https://elrepo.org/bugs/view.php?id=693 which kmod-nvidia do you have? At the bottom of 693, pperry indicates: "kmod-nvidia-367.57-2.el7.elrepo.x86_64 is for EL7.3". Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, firefox, PIV cards
m.roth at 5-cent.us further wrote: ## m.roth at 5-cent.us wrote: > Hi, folks, > >Up until a few weeks ago, it worked as it has been for years: firefox, > security device is libcoolkey, and pcscd. > >Today, I go to use it (I have done updates sine I last used it), and > try preferences->advanced->certificates, and it hangs. My most recent > try was for over 20 min. If you move something over the window, then > move it away, it's a blank window. Pull out the card, and *some* of the > time, it pops up the window showing no certs, having never asked for a > PIN. The rest of the time, firefox crashes, hard. > >I know the pcscd part works - I used it via a script this morning from > the command line, as does pkcs15-tool from the command line. > >Anyone got any clues? Maybe I should downgrade (if I can) firefox? > Additional info: I tried bringing up firefox with two other profiles. One didn't have coolkey as a security device, but when I tried to add it, it responded with "cannot add module". Yet a third profile, that had both libcoolky and the older onepin, and that popped up a window saying I needed to authenticate, sat there with no way to put a pin in, then, when I pulled the card, it flashed the popup window with my certs. Yes, at this time, I'm looking at issues with firefox. So - has anyone else had this problem? mark # Not yet had the issue(s) but I do have some questions: 1) is this with the same physical PIV that you have been using "Up until a few weeks ago", that is did you (or the affected person) get a new PIV recently? 1a) does firefox have the certificate authorities loaded which cover the card in question (make sure to trace back to the root CA, there have been changes)? 2) have you tried just `yum downgrade firefox` and see if it works? 2a) I would be tempted to do something on the order of `rpm -qa --last |head -50` and then for each package seen there do an rpm -q --verify (syntax unsure) on them to be sure all the packages got installed correctly. 3) same as (2) but with recent nss|coolkey|pcscd updates? 4) interrupted updates? i.e., `yum complete-transaction` (sp???) `yum reinstall firefox nss coolkey pcscd` Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6.7->6.8, ssh-add issue, followup, more info
Thu Jul 28 17:39:16 UTC 2016 , m.roth at 5-cent.us wrote: > What I > used to do was ssh-add -s libcoolkeypk11.so. It would then ask for a PIN, > and add it. Now, it still asks for the PIN, but then announces that it > failed to add it to the agent. Not sure if this is good or bad news :-/ On up to date RHEL6.8 the following looks like it worked. $ ssh-add -D All identities removed. $ ssh-add -s libcoolkeypk11.so Enter passphrase for PKCS#11: Card added: libcoolkeypk11.so $ ssh-add -l #lists all three expected finger prints. $ ssh -XA PKIneedingUser@localhost [PKIneedingUser@localhost]$ Nothing good is ever easy. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6.7->6.8, ssh-add issue, followup, more info
Tue Jul 26 21:17:40 UTC 2016, m.roth at 5-cent.us wrote: > I could try the reinstall, but it's very odd - everything worked, and now, > after the upgrade, it doesn't. Oh, and here's another twist on this: Under > 6.7, if I'd logged into my webmail via firefox, and while that was > happening, I stuck my AA ("Logical token" card) into the keyboard slot, > and used it in logging onto one server (using sccr), it just chugged > along. Now, at 6.8, *everything* in firefox hangs - even a google search, > until I pull the card out of the keyboard. It's clearly trying to > authenticate the client, not just the server rpm -qa --last \*pcsc\* \*cool\* \*nss-\* \*ssh\* ccid\* in 6.7 the last nss was 3.21.0-0.3.el6_7 in 6.8 it is 3.21.0-8.el6 --changelog is confusing, as there is no 3.21.0-0.3, and there is a "Rebase RHEL 6.8 to NSS 3.21" even though we where ALREADY on 3.21? --changelog ccid shows changes the Omnikey 3022 behavior, and added more ccids and "Allow longer ccid messages" Fortunately/Unfortunately the problems you are seeing are not affecting me on the RHEL box I am currently using with the nss access method I sent the other day, and I don't have an AA card, so it is a little hard to figure out what broke. I suspect that for us to figure out what exactly happened (which I would like to know) we would have downgrade some components back to their 6.7 state on your box and see which component had the bad change. And then figure out what those changes were. I've done it before to help RH get CAC with ssh going again in 6.x series (6.[34] IIRC, broke something). Remember the software stack is IIRC: firefox nss coolkey pcscd ccid I think your use of openssh -s libcoolkeypk11.so makes it look like: ssh coolkey pcscd ccid and for your sccr script probably looks a bit like: sccr ?nss??openssl? coolkey pcscd ccid I would likely** yum downgrade ccid pcscd coolkey and then see if the lock still happened between sccr and firefox, then kick nss (or do douwngrade in the other order). After it is working, I would upgrade each of those components until it broke again... and depending on how pedantic I was being I might downgrade just the component that I think broke it and upgrade the rest. **downgrade is a little trickier using CentOS when crossing point releases... you may need to build your own 'updates' repo, containing all the 6.7 updates and the 6.8 stuff. Good hunting. BTW: if you drop us/me the whole ssh invocation using -s, I might give that a go here and see if it works here on RHEL compared to my normal nss invocation. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6.7->6.8, ssh-add issue, followup, more info
> -Original Message- > From: m.r...@5-cent.us [mailto:m.r...@5-cent.us] > Sent: Friday, July 22, 2016 4:15 PM > To: CentOS mailing list > Subject: Re: [CentOS] CentOS 6.7->6.8, ssh-add issue, followup, more info > > m.r...@5-cent.us wrote: > > Folks, > > > >I am perplexed. I updated my workstation at work Wed before I left, > > from 6.7 to 6.8. Then, yesterday, I went to use ssh-add -s > > libcoolkeypk11.so, which I've done many times before to add the certs > > from my PIV card... and 100% of the time if fails, letting me > > SSH_AGENT_FAILURE, cannot add card. > > > >Now, using a script called sccr, which uses my public and private key > > to generate a one-time password (we use the to sudo to root), works > > with no problem. I used my card to go into the data center this > > morning, which also reads my card, and had no problem. I've tried eval > > $(ssh-agent) to start a new instance. Nothing works. > > > >Also, pklogin-finder finds the cards, asks for my PIN< and it works. > > > >Clues for the poor? > > > I just tried ssh -I libcoolkeypk11.so and in messages, it > reports "ssh-pkcs11-helper: errror:no slots" before failing to let me log > on. > > mark > Assuming 1) that /etc/pki/nssdb/ has been populated with all the appropriate and current gov certificate authorities (CA). certutil -L -d /etc/pki/nssdb/ #list the CAs 2) that you are using the RH/CentOS stock openssh*rpm files. 3) that you have not also gotten a newer card in the same time period, which happens to use a CA that is not in /etc/pki/nssdb/ Have you tried a third different set of ssh commands to use the cac: ln -s /etc/pki/nssdb/* ~/.ssh/ #make the certificate authorities available to ssh* ssh-add -D #clear out any existing sigs ssh-add -n #use nss to access the cac Also on some boxes coolkey gets disassociated from nss, and I have found the simple yum reinstall coolkey fixes it, may need to logout/reboot as it affects a bunch O'stuff (and been a while since I had the problem). Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, iscsi,
Thu Jul 7 17:31:05 UTC 2016, m.roth at 5-cent.us wrote: > I've got docs for the JetStor, which > include setting up the target - I'm still trying to figure the identifier > name. Although the identifier name format is shown in [1], it is better explained in [2] & [3]. [1] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/ch-iscsi.html [2] http://www.intel.com/content/www/us/en/ethernet-products/converged-network-adapters/iscsi-quick-connect-red-hat-linux-guide.html [3] https://en.wikipedia.org/wiki/ISCSI#Addressing Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6, iscsi,
Thu Jul 7 14:47:23 UTC 2016, m.roth at 5-cent.us wrote: > Hi, folks, > >I installed the iscsi packages, and I *thought* that the first thing to > do was configure /etc/tgt/target.conf. Am I wrong? Did I have to > configure iSNS on the RAID appliance? One thing to make sure you have straight is Target vs. Initiator [2], for me it originally felt like the names were backwards. I would expect the physical RAID machine to be the Target. Was that your expectation too, as it is a little unclear from the para above? > >All that I find on the web, incl. upstream docs, is to install it, then > start the service. It might have helped if you had pointed at which upstream docs... some are better than others on the same subject. When I did a test of it, I found starting with the Target creation doc [1] and following with the Initiator doc[3] (each on different RH/CentOS boxes) helped me to figure it out. BTW while in [1] they use /dev/vdb it works as well with real /dev/sd* or Logical Volumes, I don't recall _trying_ with PVs. [1] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/ch-iscsi.html [2] https://en.wikipedia.org/wiki/ISCSI#Initiator [3] https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/iscsi-api.html Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Minimum RAM requirement for CentOS 6.x graphic installer?
On Thu, 2 Jun 2016 06:36:51 +0200 Nicolas Kovacs wrote: > The title says it all. What's the minimum RAM requirement for the CentOS > 6.x graphic installer? In our public libraries we have some old hardware > running CentOS 5, and I wonder if some of these machines can be upgraded > to CentOS 6. Unfortunately RHEL 5.x' nifty text mode installer got > seriously crippled with version 6.x. I think that if you feed the install a kickstart file, it will install in accordance with what you told it, but that does mean you have to spend some time figuring out what to put in your kickstart first. This would also give you some consistency between systems. Or you could let the 6.x "text installer" install it's minimal system, and then comeback and yum install everything else afterwards. fewer choices to make, but you get to live with RH's ideas of sane partition sizes. Another option for installing on smaller machines is to use the live disk[1] and a few tweaks[2] to do the install. However it will mean some hand holding on each machine to make it work, but I have done it and been reasonably happy with the resulting system. Note on a really small system (512MB or smaller), the use of zram (with the normal centos kernel, and swappiness~99), or zswap (with the elrepo kernel-ml) will make the system operate a lot better. It is too bad the live disks to not enable zram while booting when they don't find a linux swap part. [1] Have not seen the 6.8 live disk announce yet, https://lists.centos.org/pipermail/centos-announce/2015-August/021304.html [2] "HOWTO install CentOS 6 on low memory computer or virtual machine (even 192MB RAM)" https://lists.centos.org/pipermail/centos/2011-July/115367.html Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CenOS 6.8 and libGL failures
Curiously my intel 845-G has had gl applications (freecad and wine based windows games) STARTED working correctly with this update. I see in a latter email that you have a) found a path issue for users vs root, and b) you are using nvidia. This reminded me of an issue I was having with some GL code I use (jogamp based) and nvidia drivers a little over a month ago, this might be something else you want to be aware of. Nvidia is in the process of making a Vendor-Neutral GL[0], which I think is probably a good thing, but they have found that "several applications relied on behaviors or attributes of the NVIDIA OpenGL driver that fall outside of the Linux OpenGL ABI"[1]. Once I figured out it was kmod-nvidia related, this[2] post helped me figure out the mapping to the other links. for now I have had to stick our nvidia machines at 352.79 until either we get our app working with the GLVND API, or elrepo packages a non-GLVND config[1]. [0] https://github.com/NVIDIA/libglvnd [1] https://devtalk.nvidia.com/default/topic/915640/unix-graphics-announcements-and-news/multiple-glx-client-libraries-in-the-nvidia-linux-driver-installer-package/ [2] https://www.centos.org/forums/viewtopic.php?f=14=57047 Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. From: isdtor [isd...@gmail.com] Sent: Tuesday, May 31, 2016 7:09 AM To: CentOS mailing list Subject: [CentOS] CenOS 6.8 and libGL failures Ever since I upgraded to CentOS 6.8, some software has stopped working alogether. This is related to OpenGL/mesa and can be demonstrated with glxgears: $ glxgears libGL error: No matching fbConfigs or visuals found libGL error: failed to load driver: swrast X Error of failed request: BadValue (integer parameter out of range for operation) Major opcode of failed request: 154 (GLX) Minor opcode of failed request: 3 (X_GLXCreateContext) Value in failed request: 0x0 Serial number of failed request: 33 Current serial number in output stream: 35 $ This appears to be a common problem, but I found no solutions that apply here since I believe everything is installed and set up correctly. It all worked with CentOS 6.x, x<8. https://www.centos.org/forums/viewtopic.php?t=56273 https://ask.fedoraproject.org/en/question/38116/issues-with-libgl-on-fedora-20-unable-to-load-driver-swrast/ ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] delete directories with find and exclude other directories
From: Valeri Galtsev Sent: Wednesday, February 03, 2016 12:58 PM On Wed, February 3, 2016 11:37 am, Tim Dunphy wrote: > Hi all, > > I'm attempting to delete some directories and I want to be able to exclude > a directory called 'logs' from being deleted. > > This is my basic find operation (without the exclusion) > > # find . -type d |tail -10 > ./d20160124-1120-df8mfb/deployments > ./d20160124-1120-df8mfb/releases > ./d20160131-16993-vazqg5 > ./d20160131-16993-vazqg5/metadata > ./d20160131-16993-vazqg5/deployments > ./d20160131-16993-vazqg5/releases > ./logs > ./d20160203-27735-1tqbjh6 > ./d20160125-1120-1yccr9p > ./d20160131-16993-1yf9lnc crude thing I would do is: find . -type d | grep -v logs , but that will also exclude other names containing "logs" it is like: Semilogs2 logs4me #just skip the local logs dir find . -type d -not -wholename ./logs #skip dirs that start with /logs any where in the search find . -type d -not -wholename \*/logs\* #skip dirs that have log anywhere in their name, like Valeri's find . -type d -not -wholename \*logs\* and to actually get rid of the found _empty_dirs_ that are not logs... find . -type d -not -wholename \*logs\* -exec rmdir {} \; note 1: as written would have to be ran multiple times to empty deeper directory trees. note 2: just because a logs dir is not shown/passed by the above command, does not mean that there was not one deep within a tree, so recursive removals might do more than you want. See recent UEFI thread. :) note 3: rmdir can be replaced with your favorite destruction command, choose wisely. note 4: I recommend when using an rm command, use a specific directory _name_ to find instead of '.', so there is _less_ chance of using it where you don't want to. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7, 327 kernel still crashing
> -Original Message- > From: Wes James [mailto:compte...@me.com] > Sent: Wednesday, January 27, 2016 7:04 PM > To: CentOS mailing list > Subject: Re: [CentOS] CentOS 7, 327 kernel still crashing > > > > On Jan 27, 2016, at 1:47 PM, m.r...@5-cent.us wrote: > > > > I've just added the following to the CentOS bugtracker for CentOS-7 > > 0009860. I admit to not being sure if it's the same issue, or a separate > > one, but this and other Dell servers - I *think* they're all R420's, but I > > could be wrong, just all do the same thing on boot. > > * > > I've just updated a CentOS 7 server to the latest kernel, > > vmlinuz-3.10.0-327.4.5.el7.x86_64, and the server fails to boot. It has > > failed on every 327 kernel. > > > > Server: Dell R420, 2 Xeons, 124G RAM. > > > > I have the same issue on a 2011 iMac. Usually a it takes one or two rounds > of kernels more and it starts working, but I have to stay on > 3.10.0-229.20.1 right now. All the 327’s crash on boot. > > -wes The `rpm -q --changelog ` of the 327 kernel looks like they only made three 'important' changes, and I think gives pointers to kernel.org changes you could use find the offending patches. Have you folks considered grabbing the srpm, backing out the each of the (three) changes between the pre 327 and 327 and building it yourself to figure out which thing broke your systems? Do either of you have any of the equipment listed in the 327 change? If so, that equipment patch is the patch I would focus on. Of course this will have you stepping off the CentOS reservation (thus use caution), but seeing as you are hanging back at 229, you are already on the fence. :) When you can point to the problem http://thread.gmane.org/gmane.linux.network.drbd/9973/focus=9996 sometimes folks will get it fixed quickly http://thread.gmane.org/gmane.linux.network.drbd/9973/focus=9996 I grant you, it was much easier back then, because the fedora and RH folks would have the patches as ... patches ... in the rpm that you could take out with a comment, but it can still be done with a more research. Even more fun might be to see if the elrepo kernel-lt or kernel-ml would work. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Intel Xorg driver for Intel HD graphics
I have an older intel card (845G) that works _correctly_ only with the newer kernels (3.17+) with everything else being CentOS 6 stock. The elrepo kernel-ml made this much easier to support. http://elrepo.org/tiki/kernel-ml http://elrepo.org/tiki/kernel-lt I don't know if you need all the other new packages you built and installed, but at least you will not have to be compiling the kernel for yourself if you use the elrepo packages. Note: although I am using the el6 packages, they have el7 packages. http://elrepo.org/linux/kernel/el7/x86_64/RPMS/ Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. > -Original Message- > From: Jerry Geis [mailto:ge...@pagestation.com] > Sent: Sunday, January 24, 2016 10:20 PM > To: CentOS mailing list > Subject: Re: [CentOS] Intel Xorg driver for Intel HD graphics > > > i915.preliminary_hw_support=1 > > Adding this to the boot - does not make it work on straight 7.2 > > I saw information about this - but it is mentioned on the page I > included that this was no longer needed with the files listed in the > link. > > > The kernel 4.4 installs and runs fine on the NUC5C. Its the > xorg-server package that is is my issue. Everything else ran fine. > > > The problem I'm trying to solve is getting the NUC 5C to run X on 7.2. > > I "realize" that is all newer hardware - but if its possible it's beneficial. > > > I just need to figure out how to compile the X server it was giving an error. > > > Thanks, > > > Jerry ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7, ATI card, 30" monitor
> -Original Message- > From: m.r...@5-cent.us [mailto:m.r...@5-cent.us] > Sent: Thursday, November 05, 2015 10:23 AM > To: CentOS mailing list > Subject: Re: [CentOS] Centos 7, ATI card, 30" monitor > That's why I said that at some point I was going to hand-craft an > xorg.conf. Do you know if there's a way to dump the current settings to a > file? I know I can do it with NVidia, but this is just KDE's settings. Last I knew, you could 1) go into multi user mode (no x running) systemctl isolate multi-user #graphical is probably the default 2) Ask Xorg what it would do by default run 'Xorg --config > mynewxorg.conf.file' #this is IIRC without looking at man or Xorg --help #but I think you'll get the idea here. :) 3) go back to graphical systemctl isolate graphical hope this helps Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7, ATI card, 30" monitor
> -Original Message- > From: m.r...@5-cent.us [mailto:m.r...@5-cent.us] > Sent: Tuesday, November 03, 2015 11:58 AM > To: CentOS mailing list > Subject: Re: [CentOS] Centos 7, ATI card, 30" monitor > > John R Pierce wrote: > > On 11/3/2015 8:11 AM, John R Pierce wrote: > >> On 11/3/2015 7:33 AM, m.r...@5-cent.us wrote: > >>> Well, I got my user back to being able to use his system, but I've > >>> still got one issue: it's running on the VESA driver - there is > >>> *no* Catalyst build for this monitor, for CentOS 7. From a lot of > >>> googling, nothing's been done since the summer of '14 (lspci > >>> reports it as a FirePro V3900). > >>> > >>> Any thoughts, or pointers, as to if/how I can get X - he's running KDE > >>> - to see the full width of the monitor, not just about 4" less, or is > >>> that not possible with the VESA driver? > Btw, I spoke to Dell > - this box is theirs, but of course the people supporting workstations > *still* don't have a clue about Linux, unlike the server people, and they > couldn't find a recent driver, either. > > I *really* dislike ATI/AMD video. At least with NVidia, the proprietary > driver builder *always* works, once you've got the right one, whatever > folks bitch and moan about it. > > mark > Have you considered using the elrepo packaged version, or at least reading their pages to see which chips are still supported by the proprietary driver? For me their (elrepo) packages seem the sanest way to manage an EL system with either nvidia or ati/amd proprietary driver. Also there are some notes on this page relating to a change in X protocol on EL 6 which caused some grief there, perhaps EL 7 has that same change and thus you may be in the list of " older chipsets". At least by reading the pages you might be able to quicker come to the conclusion that the proprietary driver will no longer work for you? http://elrepo.org/tiki/kmod-fglrx http://elrepo.org/tiki/kmod-fglrx-legacy Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos wiki strangeness.
Thanks Mike and Johnny for taking a look. It appears to be something in the way THIS windows and IE are locked down, when I dragged myself off to the lab and used EL it looked good too, I guess I'll just have to use CentOS to view it (which is generally my preference anyway). Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. > -Original Message- > From: Denniston, Todd A CIV NAVSURFWARCENDIV Crane > Sent: Tuesday, October 20, 2015 12:45 PM > To: CentOS mailing list > Subject: centos wiki strangeness. > > In preparing to answer a question about some yum undesired behavior, I wanted > to reference fastest mirror info, but when I went to > https://wiki.centos.org/PackageManagement/Yum/FastestMirror > I find all the text has been squished to the right hand side of the page and > made 1 word wide all the way down. > The https://wiki.centos.org/FrontPage looks similar but perhaps it is a > little better? > > Or is this an issue of looking at it with IE? > > > Even when this disclaimer is not here: > I am not a contracting officer. I do not have authority to make or modify the > terms of any contract. > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can I force yum to only use http.
> -Original Message- > From: Styma, Robert E (Robert) [mailto:robert.st...@alcatel-lucent.com] > Sent: Monday, October 19, 2015 5:12 PM > To: CentOS@centos.org > Subject: [CentOS] Can I force yum to only use http. > > Our outsourced IT department has decided to use white listing on the > firewalls for outbound ftp. I was given a list of sites our lab > had accessed via ftp and eventually tracked them down to Linux machines > running yum. They are all CentOS 5 or 6 with a smattering > of 7. It is impractical to list all the possibilities since they change on a > regular basis. Also any 3rd party repos we need are another > ball of wax. > > Various Google searches and the manual page have not shown me how to avoid > using ftp mirrors. I have considered taking out the > ftp-proxy information so that the ftp cannot get out, but I suspect it will > just hang waiting for a response. > > Does anyone have any suggestions on ways to tell yum not to use ftp as the > download mechanism? On the machines that are using ftp, do the contents of /etc/yum.repos.d/Centos-Base.repo look the same as the machines that are not using FTP? Perhaps include the Centos-Base.repo file from ONE of the offending machines in an email. Baseurl can be used to force where and how to connect, but because are getting ftp instead of http connections I am suspecting someone has probably already forced it the other way, the files may tell. Another possibility is that on those machines once-upon-a-time they found that the ftp host had the fastest _ping_ time, and have used it ever since. You may be able to log into those machines, `cat /var/cache/yum/timedhosts.txt` and see ftp hosts listed. If so try [large hammer warning] `yum clean all; yum update` and see if they try going back to the ftp site or pick a new http one. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] centos wiki strangeness.
In preparing to answer a question about some yum undesired behavior, I wanted to reference fastest mirror info, but when I went to https://wiki.centos.org/PackageManagement/Yum/FastestMirror I find all the text has been squished to the right hand side of the page and made 1 word wide all the way down. The https://wiki.centos.org/FrontPage looks similar but perhaps it is a little better? Or is this an issue of looking at it with IE? Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C6 firefox esr h.264 support on youtube
> -Original Message- > From: John Hodrien [mailto:j.h.hodr...@leeds.ac.uk] > Sent: Friday, September 11, 2015 6:39 AM > To: CentOS mailing list > Subject: Re: [CentOS] C6 firefox esr h.264 support on youtube > > On Fri, 11 Sep 2015, Robert Arkiletian wrote: > > > does anyone running C6 have h.264 check box on www.youtube.com/html5 ? > > > > if yes, can you please post the output of > > My understanding, which may be incorrect, was that the firefox in EL6 wasn't > built with gstreamer support, so adding that library isn't sufficient. > > jh "You always need native OS support to be able to play media files with the HTML5 media player" https://support.mozilla.org/en-US/questions/1068031#answer-743907 I found this because I was looking for a (legal in the US) way to look at h264 streams from local net video encoders on EL6, without having to resort to expensive decoder software which I can't get anytime soon. Initially I thought that I might get Firefox to do it for me with the openh264 plugin, but then I found the above link. I am currently looking at how possible/painful it is to get the gstreamer openh264 plugin [1] built on EL6 (to go with the existing 0.10 gstreamer), such that I can use openh264 [2][3], which if I understand it would allow me to have a legal and working viewer (sans sound, which I don't need anyway). It would be nice (from a functional point of view) if Red Hat could get us an audio codec for h264 licensed in a similar way. If anyone has clues on how to build and add just a portion of gst-plugins-bad into the existing EL OS set of gstreamer plugins, please share (even URL pointers). [1] http://cgit.freedesktop.org/gstreamer/gst-plugins-bad/tree/ext/openh264 [2] https://en.wikipedia.org/wiki/OpenH264 [3] http://www.openh264.org/ Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] NVidia on encrypted Q. RE: Intel Displayport on Centos 7
-Original Message- From: Lamar Owen [mailto:lo...@pari.edu] Sent: Saturday, January 31, 2015 1:53 PM To: CentOS mailing list Subject: Re: [CentOS] Intel Displayport on Centos 7 SNIP the stock ATI drivers. I haven't tried with the fglrx driver; it seems to be a bit of a problem child on C7 at the moment. For that matter, the nVidia proprietary driver is a bit of a problem child if you have any encrypted partitions like I do. SNIP I have not gotten to testing C7 (or RHEL7 for that matter) yet, but I expect to need the NVidia driver (from elrepo) on them and for the drives to be encrypted, SO ... What kinds of issues do the proprietary drivers and encrypted partitions together seem to be causing? Are your problems all related to: https://www.centos.org/forums/viewtopic.php?f=49t=47460 http://elrepo.org/bugs/view.php?id=496 https://www.centos.org/forums/viewtopic.php?f=47t=49304start=10 Or are there other issues? Thanks for the feedback. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Radeon graphics problems with CentOS 6.6
-Original Message- From: Darby Vicker [mailto:darby.vic...@gmail.com] Sent: Tuesday, January 06, 2015 12:24 AM To: centos@centos.org Subject: Re: [CentOS] Radeon graphics problems with CentOS 6.6 On Sat, Jan 3, 2015 at 2:27 PM, Darby Vicker darby.vic...@gmail.com wrote: On Saturday, December 20, 2014, Darby Vicker darby.vic...@gmail.com wrote: I thought about trying centos 7. But in the end that doesn't really help me since I'm trying to keep my current centos 6 installation working. I don't really have the time/energy to reinstall everyting under CentOS 7 right now. I was able to get a 6.6 LiveCD built myself. The liveCD has the same problem - X doesn't work. I can boot the Basic Video option from the LiveCD and I can at least get to the desktop but there are several odd video problems when I do that. But I think that means that there is a genuine problem with Xorg on my hardware. Does anyone know who I should submit this bug to - AMD or Xorg? Any other ideas for workarounds in the mean time? The xorg ati developer doesn't think it's a driver problem. http://lists.x.org/archives/xorg-driver-ati/2014-December/026948.html Any other ideas for tracking this down? After a little more conversation with the ati developer, he thinks its a problem with the kernel. http://lists.x.org/archives/xorg-driver-ati/2015-January/026986.html He is suggesting I get in touch with the people who maintain the CentOS kernel. What is the best way to do this? Submit a bug on https://bugs.centos.org? Two things I think you should consider doing... 1) in your next post (and any bugs you open), include the `uname -a` of the last known to work correctly CentOS/RHEL kernel, and the `uname -a` of the first known to not work correctly CentOS/RHEL kernel and the respective versions of radeon | flrgx drivers. 2) try out elrepo's el6 kernel-lt kernel-ml and see if they work correctly for you. I suggest this, because for me it did workaround an issue with intel chips (I guess I need to see what it will take to get the elrepo folks to make just a back-ported intel driver from 3.17 [first known to work again, 3.16 does not]) . http://lists.centos.org/pipermail/centos/2014-November/147579.html Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dell Dimension 2400 W/Intel 845-G Video
Here is some hope for you. I too have been fighting with an intel 845G, but mine is in an IBM built machine. I just loaded the elrepo kernel-ml on a CentOS 6.6 system with an intel 845-G and now the X comes up correctly, i.e., at boot gdm is available visually for login. YYEEESS!!! With either kernel, if you want any GL performance, you do _not_ want to use nomodeset, i.e., with nomodeset tux racer renders ~1FPS @800x600. Vesa is in the same boat and eats your main cpu to render anything. With the standard _2.6_ kernels with CentOS 6.[56], even though the screen was blank (but with a mouse pointer) you could log in by simply typing the first letter of your username, press enter, enter your password, press enter, then wait for login, and because characters were messed up logout, at which point the restarted gdm and X would be working fine and you could login for a nice session. Found this trick somewhere in the archives of this list IIRC. Note:` telinit 3; telinit 5` OR `killall gdm-binary` do *NOT* help. I don't have an xorg.conf or anything in xorg.conf.d, and I don't have any changes to the kernel line since install, i.e., using CentOS defaults. With the elrepo kernel-ml, it does seem like there is a little more load on the system, but login has become normal and I see ~14FPS in tux racer @800x600 (OK it is not a speed daemon, but at least it is smoothed). After login the screen res defaults to 1920x1080 IIRC. After login I have been using xrandr to change the screen res I want for each task (many web sites don't look right at anything above 1024x768). xrandr -q #to see available sizes and xrandr -s 1024x768 good luck, and if this works for you and/or you find a better way, please let us know. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. -Original Message- From: Mark LaPierre [mailto:marklap...@gmail.com] Sent: Sunday, November 02, 2014 9:35 PM To: Mark LaPierre; Mail List CentOS Users Subject: Re: [CentOS] Dell Dimension 2400 W/Intel 845-G Video On 10/05/14 22:47, Mark LaPierre wrote: Hey Y'all, I've been Googeling and experimenting for two days trying to find a way to deal with the Intel 845-G video chipset in this Dell Dimension 2400. SNIP There's a lot a cruft on the internet about problems with the Intel 845-G chipset but no solutions that work for me. Does anyone know how to get an successful installation on this hardware? First I want to thank all of you who have offered up proposed solutions. I got the netinstall to work. Then used yum update to bring it up to the latest and greatest. I worked with 6.5 but got nowhere there. Then the 6.6 point release was ready so I did the yum update dance in hopes that 6.6 would be more cooperative. Today I've been googling, experimenting, and pretty much failing miserably. The best I've managed to get is to set the boot command to nomodeset, and the xorg.conf Device driver to vesa. I got 640x480 resolution with the image offset to the left and down. Pretty much unusable. No improvement from my previous best effort documented above. I am able to open System/Preferences/Display where I could select a different resolution if I could see and reach the [Apply] button. That really doesn't matter since the only resolution available on the pull down is 640x480. I can't get the intel driver to yield a screen at all. I experimented with many VGA=NNN modes in combination with the vesa driver. No joy there. Not even the GDM screen comes up. The best I've been able to get from the intel driver is a mouse pointer in the middle of an otherwise black screen. When the graphics come up I can check the Xorg.0.log where I can see that the vesa driver says that resolutions including 1280x1024, 104x768, and 800x600 are viable options. I can't get it to use any of them. What think yee? Is there any hope of getting any resolution greater than 640x480 out of this thing? -- _ °v° /(_)\ ^ ^ Mark LaPierre Registered Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync question: building list taking forever
-Original Message- From: John Doe [mailto:jd...@yahoo.com] Sent: Monday, October 20, 2014 5:30 AM To: CentOS mailing list; Tim Dunphy Subject: Re: [CentOS] rsync question: building list taking forever Are you allowed to temporarily run an ssh tunnel (or stunnel) on your jumpbox? So connecting from host1 to jumpbox on port XXX would be tunneled to ssh port on host2... Or with netcat (if you can mkfifo)? mkfifo backpipe nc -l 12345 0backpipe | nc host2 22 1backpipeBut you will have to trick ssh into accepting your jumpbox fingerprint... JD Or perhaps easier (depending on how paranoid sshd configs are) with ProxyCommand in ssh/config, i.e., setup config so one ssh command can get you logged onto the final target and then use rsync across ssh as per normal: http://sshmenu.sourceforge.net/articles/transparent-mulithop.html Then rsync will be running on both ends, where the data (filesystem information) is LOCAL, i.e., fast. I would use, if possible/allowed, key[s] with ssh(-agent) to make the whole connect to multiple hosts thing easier (i.e., fewer passphrase requests). [OP: `they don't allow ssh between the datacenters` ...but... they nfs between them...??? ME: much head scratching.] Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dell Dimension 2400 W/Intel 845-G Video
-Original Message- From: Mark LaPierre [mailto:marklap...@gmail.com] Sent: Wednesday, October 08, 2014 7:52 PM To: Mail List CentOS Users Subject: Re: [CentOS] Dell Dimension 2400 W/Intel 845-G Video On 10/06/14 21:45, Peter wrote: On 10/06/2014 03:47 PM, Mark LaPierre wrote: I've been Googeling and experimenting for two days trying to find a way to deal with the Intel 845-G video chipset in this Dell Dimension 2400. First, it doesn't have a DVD drive so I have to install from a CD. When I try to boot into the Live CD I get a video error something like, Undefined video mode number: 317. It hangs at the splash screen. Lots of solutions for this in google: https://www.google.co.nz/search?q=%22Undefined+video+mode+number%3A+317%22 The driver for that chipset is just the regular intel driver: yum install xorg-x11-drv-intel You never mentioned which version of CentOS you're trying to install. Peter Hey Peter, Thanks for the link. I'm working with CentOS 6.5. I changed the boot command from nomodeset to vga=normal I changed the Xorg.config device from VESA to Intel I rebooted the machine. I now have a desktop at a usable resolution. Thank you there!! But, there's always a but, the text displayed on that screen is not usable. The text on the top bar that should say: Applications Places System says: A PSm The icon that is supposed to say Computer says C m There's a dialogue box in the middle of the screen with various and assorted consonants spread about. I have no idea what it's supposed to say. Any clue as to how I can fix this? I have a similar Intel card on a machine (not near it right now) which has the same kind of text issues. The trick I learned was to log out and log back in. i.e., you have to know which ys em and og O t menu items get you to log out and do that. When GDM comes up the next time it will be good. Be glad your GDM comes up so you can see it for the first login, Mine was a black screen with a pointer. Wish I knew how to tell X to just restart itself after initializing the card. BTW if I recall correctly, telinit 3 sleep 5 telinit 5 ; will return me to broken text so no help there. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] el6 crash-trace-command vendor?
I was running a rpm -qa --qf %{vendor} \t\t%{name}\n |sort|grep -v CentOS looking for packages from other vendors installed on a machine and noticed a curious sight: Fujitsu Limited crash-trace-command It appears I am not the only one who has crash-trace-command from Fujitsu Limited https://www.centos.org/forums/viewtopic.php?f=13t=1081start=0#p6688 That is a good thing right? :) I was curious however to find it in my centos mirror, and apparently signed by the centos crew[2]. Would one of our gentle OS maintainers be kind enough to confirm this is just an extension of the issues in bug 5967[1]? (which I found near the end of my web search) Looking a little deeper it appears that there are a couple of other packages (rome) with odd vendors in the 6.5 tree: for i in centos/6/os/i386/Packages/*rpm; \ do rpm -q --qf %{vendor} \t%{name}\n -p $i; \ done |grep -v CentOS Fujitsu Limited crash-trace-command Red Hat, Inc. python-qpid-qmf Red Hat, Inc. qpid-qmf (none) rome (none) rome-javadoc Red Hat, Inc. ruby-qpid-qmf [1] http://bugs.centos.org/view.php?id=5967 [2] $ rpm -qa gpg-pubkey\* gpg-pubkey-c105b9de-4e0fd3a3 $ for i in centos/6/os/*/Packages/crash-trace-command-*; \ do echo $i;rpm -q --qf %{vendor} \t%{name}\n -p $i;done centos/6/os/i386/Packages/crash-trace-command-1.0-4.el6.i686.rpm Fujitsu Limited crash-trace-command centos/6/os/x86_64/Packages/crash-trace-command-1.0-4.el6.x86_64.rpm Fujitsu Limited crash-trace-command ##Note the lack of ##warning: centos/6/os/i386/Packages/crash-trace-command-1.0-4.el6.i686.rpm: Header V3 RSA/SHA1 signature: NOKEY, key ID c105b9de ## which I did get on a CentOS 5 machine doing the same check. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MySQL - replication - how to restore master?
-Original Message- From: John Horne [mailto:john.ho...@plymouth.ac.uk] Sent: Wednesday, August 13, 2014 7:53 AM To: CentOS list Subject: [CentOS] MySQL - replication - how to restore master? Hello, SNIP However, I am having trouble finding out what to do should we lose the master server. Typically mysqldump backups of the master are done overnight, so a failure during the day would mean that the slave is ahead of the master backup. So this poses two questions: SNIP Note: I have not been running MySQL or HA systems for a very good while now. Salt appropriately. Perhaps the following URL can help: http://dev.mysql.com/doc/refman/5.0/en/replication-solutions-switch.html I believe useful sets of key words for the searching the web would be: mysql master slave promotion and mysqldump slave http://dev.mysql.com/doc/refman/5.0/en/replication-solutions-backups-mysqldump.html Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone using CentOS 6 on PC104 stacks?
-Original Message- From: Lamar Owen [mailto:lo...@pari.edu] Sent: Saturday, July 19, 2014 9:28 AM To: CentOS mailing list Subject: Re: [CentOS] Anyone using CentOS 6 on PC104 stacks? On 07/18/2014 05:34 PM, Denniston, Todd A CIV NAVSURFWARCENDIV Crane wrote: Is anyone using CentOS 6 on PC104 stacks? I have tried a couple of different CPU cards with CentOS 6.5 [no updates]. I can install with the Install DVD to the PATA hard drive just fine, but they each hang up while the installed system is trying to get UDEV going. And by hang up I mean a) leave the machine setting for hours and it never gets udev started, AND b) the keyboard has gone non-responsive (power switch is the only way out). Todd, can you give us more details on the PC104 CPU hardware? Manufacturer and model would be nice, too. My only PC104 CPU's here are 486's, and thus C6 is not going to boot (C6 requires PAE and i686). Sorry for the delay, I had a couple of other interrupts to deal with. As can be seen below, both CPU cards include PAE support. Both were running with just the CPU card (with its built-in peripheral interfaces), hard-drive and power supply. While collecting the information below, I played with kernel options and happened to find that with the RTD cme37786hx I could get it to boot reliably from the hard-drive if I included noapic nomodeset udevtrace (in that order) replacing the quiet rhgb *AND* either use the CentOS 6.3 install kernel or update to the latest CentOS 6.5 kernel. The CentOS 6.5 DVD installed kernel would pause forever just after trying 'edd'. As for the VL-EPMs-21b, even though it worked OK in CentOS 5.9, it would always stop in the UDEV startup of CentOS 6.5 even after updating to the latest 6.5 kernel and using the above kernel options. Interestingly though while working with it, I noticed a little brown cube on the ESD bench where the board had been setting. Who would think that a missing capacitor might stop a new kernel, with a much faster IO engine, from accessing all the hardware in parallel (max power pull) at entry into user space? :) Beginning to think this one is not CentOS's fault. :) Fortunately I am expecting to get a new, not used before I got it, version ... sometime. :) So I guess it is sort of solved for now. Thanks for taking a look. - Drive (320GB) used in both settings WD3200BEVE 500M boot 1GB swap minimal install, and using chroot in rescue, added: sos, pciutils, usbutils, ntpdate, openssh-clients, dmidecode, lynx - CPU card #1 Versa Logic Corp (Ocelot) VL-EPMs-21b http://www.versalogic.com/oce Intel Atom Z520, 1.33 GHz http://ark.intel.com/products/41174/Intel-Atom-Processor-Z520PT-512K-Cache-1_33-GHz-533-MHz-FSB 2GB ram cpu family : 6 flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe nx constant_tsc arch_perfmon pebs bts aperfmperf pni dtes64 monitor ds_cpl vmx est tm2 ssse3 xtpr pdcm movbe lahf_lm dts tpr_shadow vnmi flexpriority CPU card #2 RTD cme37786hx http://www.rtd.com/manuals/archive/archive.htm http://www.rtd.com/manuals/archive/CME37786HX.pdf pdf page 14 has specs. VIA Eden CPU with Twister-T Chipset, 400 MHz to 1 GHz clock speed 500MB ram flags : fpu vme de pse tsc msr pae mce cx8 apic mtrr pge mca cmov pse36 mmx fxsr sse up Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Anyone using CentOS 6 on PC104 stacks?
Is anyone using CentOS 6 on PC104 stacks? I have tried a couple of different CPU cards with CentOS 6.5 [no updates]. I can install with the Install DVD to the PATA hard drive just fine, but they each hang up while the installed system is trying to get UDEV going. And by hang up I mean a) leave the machine setting for hours and it never gets udev started, AND b) the keyboard has gone non-responsive (power switch is the only way out). Note1: each board and drive works fine under CentOS 5.9. Note2: for the purposes of this test all other boards have been removed, it is just the CPU board and an power supply. Granted that does leave the video chip, serial chip, audio chip, usb chip, and memory (which was memtest86 for 50 hours in this config). Has 6 dropped support for ISA somehow? Any ideas on what might be wrong or where to start debugging? I have tried: Setting selinux to permissive (there was a udev issue in 6.0 where this was needed) Removing quiet and RHGB from the boot, so I can see what is going on In /etc/udev/udev.conf set udev_log=debug, but this seems to just information overload, AND It never stops at the same set of messages. Even booted with udevtrace. Syslog has not started, so there is nothing in /var/log/messages Moved /etc/udev/rules.d/* to /etc/udev/rules.distro/ so that rules created at install time, under the install dvd's kernel, are not causing issues. Though I did move one file per boot attempt, newest first. (yes I have reached desperate stage) Thanks for any pointers. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about clustering
-Original Message- From: Digimer [mailto:li...@alteeve.ca] Sent: Monday, June 16, 2014 3:20 PM To: CentOS mailing list Subject: Re: [CentOS] Question about clustering On 16/06/14 02:55 PM, m.r...@5-cent.us wrote: SNIP One can also set the cluster nodes to failover, and when the failed node comes up, to *not* try to take back the services, leaving it in a state for you to fix it. mark, first work on h/a clusters 1997-2001 Failover and recovery are secondary to fencing. The surviving node(s) can't begin recovery until the lost node is in a known state. To make an assumption about the node's state (by, for example, assuming that no access to the node is sufficient to determine it is off) is to risk a split-brain. Even something as relatively minor as a floating IP can potentially cause problems with ARP, for example. Cheers Having operated a file serving cluster for a few years (~2001-2006) without ANY fencing device, I can tell you that it causes split-brain in the admins too, i.e., I AGREE. Earlier, Alessandro Baggi wrote: there is a chance to make fencing without hardware, but only software? To which Digimer, answered: No. SNIP info about fence device independence However, there is an *Almost* software only fence. Unfortunately for me I learned about (or at least understood) the stonith devices late in the above system's life. I expect even meatware stonith[1] could have saved me considerable pain five or six times. Understand that I am not recommending meatware stonith to be a good operational stonith device, see [2] for how much subtle understanding the meat has to have, but it would be much better than NO operational stonith device. [1] http://clusterlabs.org/doc/crm_fencing.html#_meatware [2] http://oss.clusterlabs.org/pipermail/pacemaker/2011-June/010693.html Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 Manuals
-Original Message- From: Mark LaPierre [mailto:marklap...@aol.com] Sent: Tuesday, May 20, 2014 7:55 PM To: Mail List CentOS Users Subject: [CentOS] CentOS 6 Manuals Hey all, I just went looking for some manuals for a friend of mine who is new to Linux. I installed CentOS 6.5 on his machine. The CentOS.org web site has documentation up to CentOS 5. Where can I look to find the manuals for CentOS 6? Just how NEW to Linux is this friend? It might be better to introduce them to some easier guides first instead of the SysAdm level docs that comes for CentOS 6. http://www.tldp.org/guides.html#intro-linux And although written for the purpose of someone looking to pass the Linux+ exam, I found that Roderick W. Smith's ...Linux+ Study Guide... (I think mine was 3rd edition) did a good job of explaining WHY you use certain commands to do things. To me that book provided information in an easy enough to read manner. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ISA connected CF card not found by CentOS 6
I am attempting to install CentOS 6 on a PC104 stack and am experiencing issues with anaconda not being able to find the Compact Flash (CF) card hosted in an IDE-CF board connected via the ISA bus. Did someone finally remove the ISA capability from the kernel? On the same hardware I have been able to install CentOS 5. With the CentOS 6 install DVD, the system boots up and proceeds until it tries to find devices with 'existing CentOS installs', then after a about a minute pops a message indicating it can't find any media to install on, and gives you a choice of trying again or exiting the install. I would try on Alt-F2, to modprobe a driver if only I knew which one to use... the driver set for PATA has changed a lot between 5 6. I also tried booting with the CentOS 6.5 Live CD, to try probing the system a bit farther, but the Live CD seems to fail while either loading the kernelinitrd to memory or when attempting to boot the kernel. when it makes changes operations, the screen res changes and goes black but I see no further CD drive activity and keyboard presses are ignored (even CapsLock NumLock don't change their LEDs). Anyone with clues or solutions on either issue? Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PXE booting UEFI
IIRC the line 49 RRQ /pxelinux/efidefault octet tsize 0 blksize 512 In the output below means look in /var/lib/tftpboot//pxelinux/efidefault Not /var/lib/tftpboot//pxelinux/pxelinux.cfg/efidefault i.e. it is rooted at the root of your tftpboot structure. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. -Original Message- From: Adam Bishop [mailto:adam.bis...@ja.net] Sent: Monday, April 14, 2014 10:57 AM To: centos@centos.org Subject: [CentOS] PXE booting UEFI Good Afternoon, As per the installation guide, section 30.2.2 I’ve created an efidefault file at /var/lib/tftpboot/pxelinux/pxelinux.cfg/efidefault However, this file is never requested by the 64 bit PXE loader (bootx64.efi), as shown by tcpdump: 75 RRQ /pxelinux/42272635-0011-5053-ACF2-82A100E615F2 octet tsize 0 blksize 512 59 RRQ /pxelinux/01-00-50-56-A7-BA-BF octet tsize 0 blksize 512 47 RRQ /pxelinux/C13F3F6E octet tsize 0 blksize 512 46 RRQ /pxelinux/C13F3F6 octet tsize 0 blksize 512 45 RRQ /pxelinux/C13F3F octet tsize 0 blksize 512 44 RRQ /pxelinux/C13F3 octet tsize 0 blksize 512 43 RRQ /pxelinux/C13F octet tsize 0 blksize 512 42 RRQ /pxelinux/C13 octet tsize 0 blksize 512 41 RRQ /pxelinux/C1 octet tsize 0 blksize 512 40 RRQ /pxelinux/C octet tsize 0 blksize 512 49 RRQ /pxelinux/efidefault octet tsize 0 blksize 512 I’ve worked around this by placing a separate efidefault in the root of the pxelinux directory - however this is undesirable as this means I have to maintain separate configs for BIOS and UEFI. Does anyone know why this is not behaving as documented? Regards, Adam Bishop Systems Development Specialist gpg: 0x6609D460 t: +44 (0)1235 822 245 xmpp: ad...@jabber.dev.ja.net Janet, the UK's research and education network. Janet(UK) is a trading name of Jisc Collections and Janet Limited, a not-for-profit company which is registered in England under No. 2881024 and whose Registered Office is at Lumen House, Library Avenue, Harwell Oxford, Didcot, Oxfordshire. OX11 0SG. VAT No. 614944238 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] GLIBC_2.7 not found
-Original Message- From: Hersh Parikh [mailto:hershparik...@yahoo.com] Sent: Friday, March 28, 2014 7:05 AM To: CentOS mailing list Subject: Re: [CentOS] GLIBC_2.7 not found Sure. Will do so. Thanks!! :) On Friday, 28 March 2014 4:18 PM, Tru Huynh t...@centos.org wrote: On Fri, Mar 28, 2014 at 02:33:05AM -0700, Hersh Parikh wrote: Hi Guys, Thanks for your valuable suggestion. I will keep them in mind. I have checked whether there is a way to update to Centos to 5.10 without damaging the cluster suite and I was suggested the best way is to reinstall the entire cluster suite. There are few suggestions around ... Next time, just say that your are using Rocks which is managing your CentOS distribution and not a plain CentOS-5 setup ;) Cheers, Tru if you MUST have the cluster accessible by the internet, or even much of the institution's intranet, definitely consider options for keeping it up to date. Or at least it's accessible nodes. I noticed when I looked at rocks[1] a while back, that there are folks in that community which have been _looking_ at how to safely do some updates: https://wiki.rocksclusters.org/wiki/index.php/Software_Update_%28SUWG%29 Note that it looks like they have not updated the page in a while, so I would use on a test cluster and do a small compute job that is in line with what your institution often does first. And of course see if that group could be reinvigorated. :) Oh, and no I don't run a rocks myself, but had looked into one around the time of the formation of the above group. [1] http://www.rocksclusters.org/wordpress/ Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NFS hard mount
-Original Message- From: Rita [mailto:rmorgan...@gmail.com] Sent: Tuesday, November 12, 2013 7:22 PM To: CentOS mailing list Subject: Re: [CentOS] NFS hard mount Yes, unmount the share and error to the client app. Sounds like you want to have a combination of mounting with the intr flag[1] and use autofs[2] so that the file system is not mounted ALL the time, but not so soft as to loose data all the time. I have seen soft loose data reliably, were in the same environment (and same equipment) hard,intr does not loose data. My experience is that intr is useful in situations where servers go down/have link issues frequently, and autofs with short timeouts (~15s timeout ~60s) makes those issues even less _visible_. It will not get you an automatic unmount of the share and error to the client app in the case of server down, but it will /allow/ you to terminate the client and unmount as needed IIRC. [1] nfs mounting page with thanks to zGreenfelder https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s1-nfs-client-config-options.html [2] autofs page https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s1-nfs-client-config-autofs.html On Tue, Nov 12, 2013 at 6:25 PM, John R Pierce pie...@hogranch.com wrote: On 11/12/2013 3:18 PM, Rita wrote: Is there a tunable to set NFS hard mount time out? For instance, if the server becomes unavailable for extended amount of time, say 1 hour. I would like to timeout after 30 secs. timeout and do what, unmount the share, and error to the client app thats trying to do a read(),write(),open(),stat(),etc ? -- john r pierce 37N 122W somewhere on the middle of the left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- --- Get your facts first, then you can distort them as you please.-- Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How should I reinstall CentOS?
-Original Message- From: Les Mikesell [mailto:lesmikes...@gmail.com] Sent: Tuesday, October 29, 2013 5:25 PM To: CentOS mailing list Subject: Re: [CentOS] How should I reinstall CentOS? On Tue, Oct 29, 2013 at 3:47 PM, Michael Hennebry henne...@web.cs.ndsu.nodak.edu wrote: SNIP I'm not willing to put in another week of effort out of a probably vain hope of discovery. You might try running 'rpm -Va' to see if there are any surprises in the list of differences between the current state and what was installed. -- Les Mikesell lesmikes...@gmail.com Note on the rpm -Va... I had an issue recently where a package (openoffice) would not work correctly and: yum reinstall openoffice\* #did not help rpm -Va #did not find ANY issues (which surprised me when I did figure out what was wrong) however doing a (I did a more restricted, to openoffice files, version of) find /usr/ -not -perm -o+r -exec ls -lhd {} + find /usr/ -type d -not -perm -g+x -exec ls -lhd {} + find /usr/ -type d -not -perm -o+x -exec ls -lhd {} + found files that were not even set to write for ROOT (and in general had NO permission for anyone else)! The idea is basically that almost all files in /usr/ should be READABLE by any user and almost all directories should be READABLE EXECUTABLE by all so that they can list and read the files in them. I don't know if the commands at http://www.cyberciti.biz/tips/reset-rhel-centos-fedora-package-file-perm ission.html would have fixed the issue, because I brute forced the perms to root writeable and then reinstalled the packages again. BTW, I still feel a little confused on what the OP's original problem was and why they are headed in the direction of a 'reinstall the system'. Seems a bit overkill for most problems. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Openssl vulnerability - SSL/ TLS Renegotion Handshakes
No, Nessus should not in general be ignored. _My_ *personal* experience has been that if Nessus is reporting a PACKAGE out of date on CentOS, then it IS out of date [the patch and CESA has been released by the CentOS team]. As has been indicated earlier in the thread you need to update your system for ALL the security issues[1] (which don't break the operation of the system), because you are running CentOS 5.8 [with no updates presumably[2]]. You might be misunderstanding the purpose point releases[3]. Can you tell us *why* you are forcing your machine to be stuck at a particular point release? It is generally bad practice to not install the updates, at least after testing on a test rig that represents your deployed machine. If you were up-to-date then this PCI audit [4] info on the wiki might apply to your situation. Perhaps you should read these http://www.redhat.com/advice/speaks_backport.html https://access.redhat.com/security/updates/backporting/?sc_cid=3093 and skim these https://www.centos.org/modules/newbb/viewtopic.php?topic_id=16723 http://www.centos.org/modules/newbb/viewtopic.php?topic_id=33190forum=1 4 [1] try googling, with a limiter of in the last year, for: CESA +CentOS 5 site:lists.centos.org/pipermail/centos-announce/ These will point to most of the security updates for CentOS 5, which you may not have applied. [2]... to confirm you really are running with no/very few 5.9 updates you could run rpm -qa --last \*release\* which will tell you what release the machine thinks it is at. And then look at rpm -qa --last |less to see what if anything has been updated since a few *days* after the release. [3] http://wiki.centos.org/FAQ/General#head-6e2c3746ec45ac3142917466760321e8 68f43c0e [4] http://wiki.centos.org/FAQ/General#head-3dad8cb98ac535185e58e882a23ca4b0 96cbff2f Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. -Original Message- From: Anumeha Prasad [mailto:anumeha.pra...@gmail.com] Sent: Tuesday, August 06, 2013 7:18 To: CentOS mailing list Subject: Re: [CentOS] Openssl vulnerability - SSL/ TLS Renegotion Handshakes Thank You. Support for RFC 5746 in OpenSSL was introduced upstream in version 0.9.8m mentioned in the Redhat article made me think that I would require this version. Stephen, as per what you explained, I should be fine with openssl-0.9.8e-22.el5. Right? So, can the vulnerability reported by Nessus scanner ignored? On Tue, Aug 6, 2013 at 4:20 PM, Stephen Harris li...@spuddy.org wrote: On Tue, Aug 06, 2013 at 04:01:12PM +0530, Anumeha Prasad wrote: Hi, I'm currently at CentOS 5.8. I'm using openssl version openssl-0.9.8e-22.el5. The following vulnerability was reported by a Nessus security scan: Don't trust Nessus scans As per following link, Redhat has introduced openssl-0.9.8m which fixes this specific issue: https://access.redhat.com/site/articles/20490#Updates_adding_RFC_5746_s upport If you follow that link it points to https://rhn.redhat.com/errata/RHSA-2010-0162.html(openssl-0.9.8e- 12.el5_4.6) as having the fix. Which is superceded by https://rhn.redhat.com/errata/RHSA-2013-0587.html(openssl-0.9.8e- 26.el5_9.1) The version numbers reported by RedHat do not always match the version numbers reported by upstream because RedHat backports fixes into older versions. According to the very pages you linked to, the flaw has been addressed by RedHat in the 0.9.8e-12 and newer packages. -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Understanding RPM trigger scripts?
-Original Message- From: James Pearson [mailto:jame...@moving-picture.com] Sent: Monday, July 08, 2013 11:45 To: CentOS mailing list Subject: [CentOS] Understanding RPM trigger scripts? I'm trying to get my head around RPM trigger scripts - but currently getting very confused ... I have a custom RPM which has in its spec file a '%triggerin' script for the 'kernel' RPM - i.e. a script that I want to run when the kernel RPM is upgraded/installed This works OK - once my custom RPM is installed, if the kernel is subsequently upgraded/installed, my trigger script is run However, the same trigger script is also run when I upgrade my custom RPM - which I don't want - and so far, I can't find a reliable way of making sure it isn't run in this case. The more I search for an answer, the more I get confused :-) I know this is a bit off-topic and obscure, but does anyone know how to make sure such a trigger script is only run when the RPM that triggers it is upgraded/installed - and not when the RPM that contains the trigger script is upgraded? Thanks James Pearson While looking into doing similar things a few years ago I ran across the following PDF. It has several pages on doing triggers, and looked promising to help my understanding, I just got pulled onto a different project before getting to test out the ideas. I think page 25 would be of interest to you. http://www.redhat.com/promo/summit/2010/presentations/summit/opensource- for-it-leaders/thurs/pwaterma-2-rpm/RPM-ifying-System-Configurations.pdf I hope this pointer to info helps. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CESA-2013:0898 CEBA-2013:0902, centos 5.9 repodata not pushed?
-Original Message- From: Johnny Hughes [mailto:joh...@centos.org] Sent: Tuesday, June 11, 2013 12:16 To: centos@centos.org Subject: Re: [CentOS] CESA-2013:0898 CEBA-2013:0902,centos 5.9 repodata not pushed? On 06/11/2013 11:07 AM, Denniston, Todd A CIV NAVSURFWARCENDIV Crane wrote: Johnny ( other CentOS folks), Am I being fooled by some proxies between me and centos (and all the centos mirrors, which what I normally use), or has the repodata for CentOS 5.9 updates not been updated since 03-Jun-2013 12:08? I was under the impression that the repodata on the main centos servers was updated about the same time as any CentOS-announce message going out, unless I also see a message from one of the admins indicating an issue, so I am very confused. Thanks for the feedback. repodata[1] 03-Jun-2013 12:08 CESA-2013:0898 mesaemail[3] Jun 3 22:45:12 UTC 2013, rpm[2] 03-Jun-2013 22:45 CEBA-2013:0902 gfs2-utils email[4] Jun 6 14:55:49 UTC 2013, rpm[2] 06-Jun-2013 14:55 [1] http://mirror.centos.org/centos/5.9/updates/i386/repodata/ [2] http://mirror.centos.org/centos/5.9/updates/i386/RPMS/?C=M;O=D [3] http://lists.centos.org/pipermail/centos-announce/2013- June/019773.html [4] http://lists.centos.org/pipermail/centos-announce/2013- June/019779.html I have just pushed a metadata update to clear out any possible issues as it was easy to do and should make all the mirrors update, etc. Should be on all mirror.centos.org in 30 minutes. Thanks for clearing that up. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CESA-2013:0898 CEBA-2013:0902, centos 5.9 repodata not pushed?
Johnny ( other CentOS folks), Am I being fooled by some proxies between me and centos (and all the centos mirrors, which what I normally use), or has the repodata for CentOS 5.9 updates not been updated since 03-Jun-2013 12:08? I was under the impression that the repodata on the main centos servers was updated about the same time as any CentOS-announce message going out, unless I also see a message from one of the admins indicating an issue, so I am very confused. Thanks for the feedback. repodata[1] 03-Jun-2013 12:08 CESA-2013:0898 mesaemail[3] Jun 3 22:45:12 UTC 2013, rpm[2] 03-Jun-2013 22:45 CEBA-2013:0902 gfs2-utils email[4] Jun 6 14:55:49 UTC 2013, rpm[2] 06-Jun-2013 14:55 [1] http://mirror.centos.org/centos/5.9/updates/i386/repodata/ [2] http://mirror.centos.org/centos/5.9/updates/i386/RPMS/?C=M;O=D [3] http://lists.centos.org/pipermail/centos-announce/2013-June/019773.html [4] http://lists.centos.org/pipermail/centos-announce/2013-June/019779.html Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] TPM and secure boot
-Original Message- From: John R Pierce [mailto:pie...@hogranch.com] Sent: Sunday, May 19, 2013 17:57 To: CentOS mailing list Subject: Re: [CentOS] TPM and secure boot On 5/19/2013 2:41 PM, Reindl Harald wrote: your question was*clearly* secure boot and before UEFI secure boot*nobody* cared about TPM on OS systems so basically, you're saying you can't use a TPM to secure a linux system? hey, saves me a lot of work. I'll tell my boss it can't be done. As seen on LWN http://lwn.net/Articles/549597/ Matthew Garrett has been messing with TPM again http://mjg59.dreamwidth.org/24818.html You can secure a Linux system Quite well using TPM, but it takes work and you need to know the capabilities of your TPM chip... Matthew Garrett indicated that they are not all loaded the same. For the purposes of doing ssl, I am wondering if you need the Endorsement Key (EK), which Matt indicated some chips don't have. I know you *can* get a system all the way through booting from tpm using trusted grub and tpm-luks. Matt indicated that The Linux kernel has support for measuring each binary run or each module loaded and extending PCRs accordingly, so you can go deeper. Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] floppy drives
-Original Message- From: m.r...@5-cent.us [mailto:m.r...@5-cent.us] Sent: Tuesday, April 09, 2013 12:21 To: CentOS mailing list Subject: Re: [CentOS] floppy drives Frank Cox wrote: On Tue, 9 Apr 2013 10:19:33 -0400 m.r...@5-cent.us wrote: Hmmm... didn't see it mounted, but I'll try more tonight. Last night included a) playing with system, and b) finishing up our federal taxes If you're going to use mtools to do your copying, you don't need to mount the disks. mtools is a desperation move, since I haven't actually read anything from anything yet. As I mentioned, I *may* have an old drive head cleaner somewhere - since it's not been used in about a decade, I'm thinking of corrosion or crud. I also can't seem to find the USB 3.5 drive I borrowed - lsusb sees it (at least since the last reboot), but trying to find it to mount it is something I'm still digging at, and I doubt mtools can find it. mark Note: the USB floppy may be showing up as /dev/sd[bcd...n] At least that is what happened when I used one on RHEL/CentOS5 a while back. I suggest unplugging the USB floppy, execute `ls /dev/sd* /dev/fd*`, plug it in and execute `ls /dev/sd* /dev/fd*`, and then note the differences. {there are probably hal/udev/inotify games you could do, but I like old fashioned things.} Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] escd daemon
esc can let you look at your card in ways that are similar to what firefox-edit-prefrences-advanced-encryption can, except it is more limited, not as reliable (for instance right now FF is seeing my card details, but esc is not), and is more annoying (i.e. pops up in your way *every* time the card insertion is detected). My standard thing to do with esc is `yum remove esc`. every time I see it get installed on machines I use, I hope that it has finally got something I want, but in the RHEL 5.X series it has not. Todd - Mr. admin *_why_* did you reinstall that!? Even when this disclaimer is not here: I am not a contracting officer. I do not have authority to make or modify the terms of any contract. -Original Message- From: m.r...@5-cent.us [mailto:m.r...@5-cent.us] Sent: Thu 10/11/2012 09:15 To: CentOS mailing list Subject: Re: [CentOS] escd daemon Helmut Drodofsky wrote: Sorry, I had searched linux esc with the result: Definition: ESCD: Extended System Configuration Data (BIOS, PNP)=-O I have never used smart cards and I will not handle smart cards. I must be missing something - for smart cards, you need pcscd, and probably openct, opensc, ccid mark why would you think I need to know this...? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] chmodding SCP
Turnbough, Bradley E. wrote: I have two machines, and I am trying to copy files from one to the other via SCP. snip From a different machine, I'm trying to scp to that machine, but I'm receiving an access denied. My ssh key is in the authorized users file in the root profile. snip So your setup is while setting at host1 you execute scp root@host3:myfile root@host2: and get access denied? further I expect you are using ssh-agent. if so, I expect it has something to do with scp dropping agent forwarding. search 'scp agent forwarding' I once found a script to work around it, but that is painful. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuration Compliance auditing for many CentOS 5.x boxes
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Tom H Sent: Wednesday, February 01, 2012 14:54 To: CentOS mailing list Subject: [CentOS] Configuration Compliance auditing for many CentOS 5.x boxes Hi CentOS experts,* Short Version* I would like to produce a weekly report in HTML for each CentOS 5.x server we have indicating configuration compliance with some industry benchmark. I am looking for a tool or tools to implement this, I am happy to use 3rd party proprietary stuff if necessary. Current progress is... I see that OPENSCAP and OVAL have tools in CentOS-base or EPEL, such as OpenSCAP-utils ovaldi - oval reference interpreter Which can be used to create reports. However they seem a little unrefined. For SCAP and OVAL content I have found the following. 1. NIST provide SCAP content for RHEL desktop, which is kinda close; 2. http://usgcb.nist.gov/usgcb/rhel_content.html 3. There is a tool called sectool in the fedora repos, but I can't get it to run on CentOS due to a missing python-slip module. Any suggestions on functioning stacks for this problem would be helpful. Sorry about no suggestions, but seeing where you are I have a question back at you: The http://usgcb.nist.gov/usgcb/rhel_content.html seemed to me to be a newer schema than the openscap in RH/CentOS 5, did you find a way to run it on 5? And I sort of assume you have seen http://www.redhat.com/security/data/oval/?C=M;O=D for the RHEL boxes... Thanks for any pointers. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Dotan Cohen Sent: Monday, January 23, 2012 10:14 To: CentOS mailing list Subject: Re: [CentOS] Machine becoming irresponsive On Mon, Jan 23, 2012 at 16:23, Phil Schaffner philip.r.schaff...@nasa.gov wrote: I'd have a look at why an apparently Internet-facing server is 5 point releases, plus a lot of subsequent errata, behind the current 5.7 release level; and what resultant vulnerabilities might have been exploited. Thanks. There are a lot of very specific software on that server that precludes it from being updated. I believe that 5.2 still is seeing security updates, no? No. The minor release 5.2 (exactly) is no longer getting updates, but the major release it is in (5) is up to minor release 5.7. If you are using the CentOS update mechanisms in the standard configured way, then you may already be up to 5.7, but simply do not understand the fact. What is the versioning/release scheme of CentOS and how does it compare to the upstream vendor? https://www.centos.org/modules/smartfaq/faq.php?faqid=34 How do I get updates for CentOS? https://www.centos.org/modules/smartfaq/faq.php?faqid=8 The upstream vendor has some information that may help you understand EL OS minor revisions (or point releases): Red Hat Enterprise Linux Life Cycle https://access.redhat.com/support/policy/updates/errata/?cid=332371 'Red Hat Enterprise Linux Compatibility Policies' https://access.redhat.com/kb/docs/DOC-5155 Too bad I can't find a centos FAQ pointing to these or explaining it at a CentOS level, as I am beginning to think My ancient version of CentOS is still getting updates, right? or I installed X.y of CentOS is it possible to upgrade to X.(y+1) of CentOS without a full reinstall? are becoming FAQ but keep being stated in slightly different ways. In any case, a complete reinstall with either 5.2 or a latter version is pretty much out of the question for now, though I will try to see what needs to be done in that direction. In the meantime, where should I concentrate my efforts? I would suggest investigating the advice of those who are suggesting you look at the possibility of the box already being compromised. (as it is better to _KNOW_ for sure.) Also understanding the actual version of your system may help you. These three commands may help (if the machine is not compromised, and perhaps even if it is): rpm -qa \*release\* rpm -qa --last |head uname -r Studying for the Linux+ exam (or similar) may point you in many directions you have not yet known existed. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EPEL not working ... is it just me?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Alan McKay Sent: Wednesday, January 11, 2012 9:36 To: CentOS mailing list Subject: [CentOS] EPEL not working ... is it just me? This is very strange - has been happening the last few days. I just upgraded this system from 5.3 to 5.7 on Monday and the problem started some time after that (but not immediately because I know I used yum Monday evening after the upgrade) I get the following error from yum, but it goes away if I -- disablerepo=epel The funny thing is that the listed xml file I can easily wget from this system. You mean in the terminal on solexa-db you just issued the yum install in, you can issue as the next command wget http://fedora.mirror.nexicom.net/epel/5/x86_64/repodata/repomd.xml and it gets the xml file? Also having the issue with other 5.7 systems that were upgraded from 5.3 several weeks ago and had been working fine since. SNIP yum and rpm cleans [root@solexa-db varlog]# yum -y install hddtemp Loaded plugins: downloadonly, rhnplugin, security http://fedora.mirror.nexicom.net/epel/5/x86_64/repodata/repomd.xml: [Errno 4] IOError: urlopen error (111, 'Connection refused') Trying other mirror. Error: Cannot retrieve repository metadata (repomd.xml) for repository: epel. Please verify its path and try again It seems a bit strange to me that there is only one mirror tried... As a quick temporary fix/test I would comment mirrorlist and uncomment baseurl in epel.repo and see if the yum command worked. BTW it seems solexa-db may be a RH machine instead of a CentOS machine. see the rhnplugin get loaded? Could that be a difference between the working and non working machines (granted I have not seen any problems with RH machines and epel)? I think it might be good to take this question over to epel-devel (AFAIK the appropriate list) and see if they can help figure out why you are having trouble with THEIR infrastructure. https://www.redhat.com/mailman/listinfo/epel-devel-list ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] USB install annoyances (not OT)
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Tuesday, January 10, 2012 12:48 To: CentOS mailing list Subject: Re: [CentOS] USB install annoyances (not OT) John Doe wrote: From: m.r...@5-cent.us m.r...@5-cent.us I've retried again, and it still fails. I see that it's mounted /dev/sda2, which is where I've got the contents of a DVD, as /mnt/isolinux. Unless you specifically need the DVD contents, maybe try with the ISOs instead... This doesn't vaguely answer my question. I think it does, but not to the detail level you need. Details below. The install.img mounted the partition, by itself, as /mnt/isolinux. That's what *IT* did. I thought I had the partition as a clone of the dvd by mount -o loop and rsync. But I've just rebuilt the USB key partition from the latest 2 DVDs we have locally (I rsync'd Pagckages/. from the second one into the Packages directory I made when I rsync'd the first DVD, so it should look like a one-disk DVD. As soon as that finishes, I'll try another time Unless someone has the explicit answer to what is the image, or directory, the install.img wants to mount to get the repo, please don't reply. From what I recall: you can * boot the USB * layout and format the disks (we assume using anaconda) And when you get towards package selection, anaconda fails indicating ' that it can't find image# 1.' The image# 1 it is looking for is the .iso which could have been burnt to a DVD for doing the install, i.e., not something from the images directory from THAT iso. As RHEL6 anaconda derives from something post the rawhide that I submitted the following bug on, it may help you understand. https://bugzilla.redhat.com/show_bug.cgi?id=435976 summary: anaconda will not trust any mounted file system for the rpm's to install, it only trusts media images and http. I hope this helps you, of course I could always be wrong. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Corrupt mbr and disk directory map
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Thursday, January 05, 2012 15:33 To: CentOS mailing list Subject: Re: [CentOS] Corrupt mbr and disk directory map Billy Davis wrote: On 1/5/2012 11:20 AM, m.r...@5-cent.us wrote: Billy Davis wrote: We are running Centos 5.6. All was fine until yesterday. I attempted to tar a 14KB work file to a USB floppy (/dev/sdb) for transport to another server. Unfortunately, I keyed in 'tar cvf /dev/sda filename' instead of 'tar cvf /dev/sdb filename'. /dev/sda is our main tail o' woe elided SNIP Next, I reinstalled grub. All seems normal now, at least until I shutdown and reboot. I'll wait until the weekend to do that, just in case I still have to do a disk restore for some reason. Best of luck, and let us know how things turn out. If things go south, there *are* tools that will let you scan a raw disk, and you could look for the superblock or the first dup, then calculate where the fs partition should start, but that would be *real* work. The OP might want to look at the archives of this list for the somewhat recent data recovery thread before rebooting. I thought Lamar Owen's 9/23/2011 15:35 post was particularly good, because it mentioned some of the tools and processes. And as Mark said... I hope it works. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] turning off udev for eth0
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Les Mikesell Sent: Tuesday, January 03, 2012 22:24 To: CentOS mailing list Subject: Re: [CentOS] turning off udev for eth0 On Tue, Jan 3, 2012 at 5:13 PM, Peter Larsen plar...@famlarsen.homelinux.com wrote: Is there no way to alter udev's behaviour? Is udev even needed on a server system using virtual hardware? Altering the rules file not a big deal in itself but it adds needless busywork when setting up a new guest. SNIP It's a very common problem. Another way is to have a %post script in KS or after initial startup as a VM, that fixes the file based on what the VM properties are. It happens in real hardware too if you move a disk to a different chassis, clone a drive, restore a backup to similar hardware, etc. Where is the best documentation on what triggers the rules to be rewritten, how the bios location works, etc.? I gave up on tricking UDEV, it was easier to work with the system with my clones. `system-config-network-cmd -e` yields a text file that, you can have either a firstboot script or the booting sysadm, `system-config-network-cmd -i -c -f file.txt` will pull back in and reconfigure the system after ifdown'ing eth0. For good measure I also blanked (and restorecon'd) resolv.conf and hosts prior to pulling in the file. Good luck. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Situation
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Gene Poole Sent: Wednesday, December 14, 2011 13:08 To: centos@centos.org Subject: [CentOS] Network Situation SNIP If I install CentOS 6.0 and sometime later upgrade to CentOS 6.2, will the fact that I'm running software raid-1 on the /boot partition cause me grief? SNIP 6.2 is the kind of release that those in the community and TUV call a 'point release'. Reading the FAQ may help you. 14. What is the versioning/release scheme of CentOS and how does it compare to the upstream vendor? http://wiki.centos.org/FAQ/General#head-6e2c3746ec45ac3142917466760321e8 68f43c0e And I think the backport link to redhat in the following FAQ could be useful for you to understand. 20. Where can I get the latest version of XyZ.rpm for CentOS? I cannot find it anywhere. http://wiki.centos.org/FAQ/General#head-472ce8446ebcfc82ca1800f775ba0e62 9ac835c7 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Group permission problems [RESEND]
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Michael Velez Sent: Tuesday, December 13, 2011 8:14 To: centos@centos.org Subject: Re: [CentOS] Group permission problems [RESEND] This seems to be ok but these: $ groups michael adm $ id uid=500(michael) gid=500(michael) groups=4(adm), 500(michael) Say otherwise. Might sound stupid but... did you make sure to logoff and back in with your user? Regards Ok. I did not know I needed to log back off and on. OK. I'll try that although I can't do it now due to a currently running process. I'm actually accessing the machine through VNC. Could this be part of the issue as well? The session needs to be closed and re-opened before the new groups will take effect? Thanks,Michael With Unix unless you are changing X or the kernel, you can most times just start a new instance of you. :) i.e., `xterm -ls -sb` or (in gnome) start a terminal click Edit - Current Profile click 'Title and Command' make sure Run command as login shell** is checked, and click close. Start a new gnome terminal. **you'll have to look back into the mists of time to see the argument about why neither gdm nor gnome-terminal made this the default. You may or may not want to undo the change later. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How can rpm %{SUMMARY} not be consistent?
-Original Message- From: Denniston, Todd A CIV NAVSURFWARCENDIV Crane Sent: Wednesday, November 16, 2011 16:37 To: CentOS mailing list Subject: RE: [CentOS] How can rpm %{SUMMARY} not be consistent? -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Akemi Yagi Sent: Wednesday, November 16, 2011 11:20 To: CentOS mailing list Subject: Re: [CentOS] How can rpm %{SUMMARY} not be consistent? On Wed, Nov 16, 2011 at 6:56 AM, John Hodrien j.h.hodr...@leeds.ac.uk wrote: On Wed, 16 Nov 2011, Akemi Yagi wrote: What you are seeing is indeed odd. I see 'version 3.1' but not '3.2' anywhere on the Summary line of bash. I would have said you also seeing 'version 3.1.' is one of the very odd things, but then I check the bash rpm in a repo and it has 'version 3.1.' in the 3.2-32.el5 rpm. I think I know some of what is causing what is going on now... After a little testing with a format string of '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {INSTALLTIME:date}\n' I found I got different results based on the LANG environment setting, which led me to try it with the SUMMARY field too. ###start with a normally configured terminal $ cd /to/your/CentOS/mirror/ $ locale |grep LANG LANG=en_US.UTF-8 $ rpm -q \ --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' \ -p 5.7/os/i386/CentOS/bash-3.2-32.el5.i386.rpm CentOS,bash,3.2,3.2-32.el5,i386,The GNU Bourne Again shell (bash) version 3.1. #now change LANG to what I see from cron $ export LANG= $ locale |grep LANG LANG= $ rpm -q \ --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' \ -p 5.7/os/i386/CentOS/bash-3.2-32.el5.i386.rpm CentOS,bash,3.2,3.2-32.el5,i386,The GNU Bourne Again shell (bash) version 3.2 Why does a number in a text string change based on LANG? and for added fun... look at an agg package from epel $ export LANG=en_US.UTF-8 $ rpm -q --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' agg Fedora Project,agg,2.5,2.5-9.el5,i386,Anti-Grain Geometry $ export LANG= $ rpm -q --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' agg Fedora Project,agg,2.5,2.5-9.el5,i386,Anti-Grain Geometry graphical rendering engine Why does the string length change this dramatically based on LANG? Well I guess I at least know what I need to do to the script to have it be consistent. I might even get around to filing a RH bug, because this does not seem to me to be a correct behavior to me. does anyone here see these changes as correct behavior (and why)? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How can rpm %{SUMMARY} not be consistent?
-Original Message- From: Denniston, Todd A CIV NAVSURFWARCENDIV Crane Sent: Tuesday, November 29, 2011 10:54 To: 'CentOS mailing list' Subject: RE: [CentOS] How can rpm %{SUMMARY} not be consistent? and for added fun... look at an agg package from epel $ export LANG=en_US.UTF-8 $ rpm -q --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}- %{RELEASE},%{ARCH},%{SUMMARY}\n' agg Fedora Project,agg,2.5,2.5-9.el5,i386,Anti-Grain Geometry $ export LANG= $ rpm -q --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}- %{RELEASE},%{ARCH},%{SUMMARY}\n' agg Fedora Project,agg,2.5,2.5-9.el5,i386,Anti-Grain Geometry graphical rendering engine Why does the string length change this dramatically based on LANG? ###And even more fun... try compat-db $export LANG= ;rpm -q --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' compat-db CentOS,compat-db,4.2.52,4.2.52-5.1,i386,The Berkeley DB database library for Red Hat Linux 7.x compatibility. $ export LANG=en_US.UTF-8 ;rpm -q --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' compat-db CentOS,compat-db,4.2.52,4.2.52-5.1,i386,The Berkeley DB database library for CentOS 2.1 compatibility. Yep that seems a strange one. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] megaraid/PERC
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Tuesday, November 29, 2011 15:36 To: CentOS mailing list Subject: [CentOS] megaraid/PERC I've got two drives from a now-dead server, they were RAIDed, a mirror, I'd assume. I need to see if there's anything on them I need to transfer to the replacement, so I just shoved them into another Dell server, with a PERC 5 controller - I think that's what the dead one had. I fired up MegaRAID storage manager... but can't see any way to tell it to recreate that RAID. Anyone done this? Recent experience indicates... if the machine had any kind of warranty with Dell, an authorized owner/technician should call Dell before doing ANYTHING more with the drives. use this info at your own risk With the dell system I was working with, I was walked through booting into the raid controller software (bios level prior to OS boot) and having THAT reassemble the array. /use this info at your own risk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How can rpm %{SUMMARY} not be consistent?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Phoenix, Merka Sent: Tuesday, November 15, 2011 18:48 To: CentOS mailing list Subject: Re: [CentOS] How can rpm %{SUMMARY} not be consistent? -Original Message- Denniston, Todd A CIV NAVSURFWARCENDIV Crane wrote: Sent: Tuesday, 15 November, 2011 12:57 To: CentOS@centos.org Subject: [CentOS] How can rpm %{SUMMARY} not be consistent? SNIP rpm -qa \ --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}- %{RELEASE},%{ARCH},%{SUMMARY}\n' \ | sort -t\ -k3 ${OUTFILE} Stuff the resulting ${OUTFILE} in an rcs file. And some days the rcs file will show deltas such as the following (which was pulled from a rather recent set of flipflops): --- mach.csv2011/11/15 10:50:04 +++ mach.csv2011/11/15 09:22:53 -CentOS,bash,3.2,3.2-32.el5,i386,The GNU Bourne Again shell (bash) version 3.1. +CentOS,bash,3.2,3.2-32.el5,i386,The GNU Bourne Again shell (bash) version 3.2 snip Using the double quote () as a delimiter, the third key would be a comma (,) (see below for an example) A,B,C,D,E,... 123456789AB... And since your sort command is sorting only on the fifth key, all the commas are already in order (unless there is a blank line in there somewhere). The order of the re cords within a sorted group may or may not be guaranteed to change. Change your sort order from '-k3' to '-k2 -k4 -k6 -k8 -k10 -k12' to sort by Vendor, Name, Version, Version-Release, Arch, Summary and see if that helps. Although you may be correct on the need to sort the NAME field using -k4 instead of -k3 ***, the question was not about the sort order, but about the *content* of the SUMMARY fields being different between multiple runs against the same database information for the same package, i.e. notice the difference in the summary fields for the same bash package above. *** and this seems to explain a different but MUCH less annoying confusion. Thanks for that bit of help. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How can rpm %{SUMMARY} not be consistent?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Akemi Yagi Sent: Wednesday, November 16, 2011 11:20 To: CentOS mailing list Subject: Re: [CentOS] How can rpm %{SUMMARY} not be consistent? On Wed, Nov 16, 2011 at 6:56 AM, John Hodrien j.h.hodr...@leeds.ac.uk wrote: On Wed, 16 Nov 2011, Akemi Yagi wrote: What you are seeing is indeed odd. I see 'version 3.1' but not '3.2' anywhere on the Summary line of bash. What is your kernel by the way? I would have said you also seeing 'version 3.1.' is one of the very odd things, but then I check the bash rpm in a repo and it has 'version 3.1.' in the 3.2-32.el5 rpm. uname -mr ? Have you cleared yum cache? Not just running a 'yum clean all' but emptying the /var/cache/yum directory ? Why would yum cache have any bearing on what rpm reported? In my attempts to reproduce what you are seeing, I used 'yum info' a It takes days/weeks of collecting the data via cron.daily and (I think) having a few updates/installs happen between some of the runs. On the boxes where I see it more, I often run the data collection script immediately following updates. I almost think there is some kind of rpm housekeeping that gets done on a daily basis that could affect it, but I can't figure out what it would be, because the rpm script in cron.daily only dumps data (similar to what mine dumps) to /var/log/rpmpkgs... it does not issue any rpm clean up commands. as I understand anacron, each of the scripts should finish before anacron starts the next, so there should not be any DB contention, between the rpm script and mine, I would think. At one time (in the mists of history, probably around RHEL 1|2) I thought there was a daily rpm cleanup task, but I can't find it on Cent 5 systems. few times for the packages that were not on my systems. But in your case (pure rpm operations) yum cache will not be relevant. That is my thought too. But I don't know where rpm could be getting the different info. By the way I looked at both CentOS 5 and 6 but did not see any inconsistency. I am on CentOS 5. And the reason why I asked about the kernel version was because it was not clear which version/release of CentOS you are running. Sorry for the noise. I will shut up now. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How can rpm %{SUMMARY} not be consistent?
I have been seeing something for quite some time which has confused me considerably for over a year, perhaps one of you can help me understand. Assumed: rpm queries are against _a_ database. Assumed: database queries against the same database, without changes to the data in the database, will return the same data. Confusion: then why are some of the summaries reported by rpm different? Each day I (cron.daily) run the following command rpm -qa \ --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' \ | sort -t\ -k3 ${OUTFILE} Stuff the resulting ${OUTFILE} in an rcs file. And some days the rcs file will show deltas such as the following (which was pulled from a rather recent set of flipflops): --- mach.csv2011/11/15 10:50:04 +++ mach.csv2011/11/15 09:22:53 -CentOS,bash,3.2,3.2-32.el5,i386,The GNU Bourne Again shell (bash) version 3.1. +CentOS,bash,3.2,3.2-32.el5,i386,The GNU Bourne Again shell (bash) version 3.2 -CentOS,compat-db,4.2.52,4.2.52-5.1,i386,The Berkeley DB database library for CentOS 2.1 compatibility. +CentOS,compat-db,4.2.52,4.2.52-5.1,i386,The Berkeley DB database library for Red Hat Linux 7.x compatibility. -CentOS,firefox,3.6.24,3.6.24-3.el5.centos,i386,Mozilla Firefox Web browser. +CentOS,firefox,3.6.24,3.6.24-3.el5.centos,i386,Mozilla Firefox Web browser -Adobe Systems Inc.,flash-plugin,11.1.102.55,11.1.102.55-release,i386,Adobe Flash Player 7.0 +Adobe Systems Inc.,flash-plugin,11.1.102.55,11.1.102.55-release,i386,Adobe Flash Player 11.1 -CentOS,gdb,7.0.1,7.0.1-37.el5_7.1,i386,A GNU source-level debugger for C, C++, Java and other languages. +CentOS,gdb,7.0.1,7.0.1-37.el5_7.1,i386,A GNU source-level debugger for C, C++, Java and other languages -CentOS,gettext,0.17,0.17-1.el5,i386,GNU libraries and utilities for producing multi-lingual messages. +CentOS,gettext,0.17,0.17-1.el5,i386,GNU libraries and utilities for producing multi-lingual messages -CentOS,htmlview,4.0.0,4.0.0-2.el5,noarch,Tools for launching Preferred Applications +CentOS,htmlview,4.0.0,4.0.0-2.el5,noarch,Launcher of Preferred Web Browser rpm -q --last compat-db htmlview compat-db-4.2.52-5.1 Tue 17 Mar 2009 02:32:59 PM EDT htmlview-4.0.0-2.el5 Tue 17 Mar 2009 02:21:59 PM EDT i.e. these have been there, at this version, since machine install. poking around in /var/lib/rpm/, with strings and grep, the only file I find Adobe Flash Player in is Packages and I only find the Adobe Flash Player 11.1 variant of the string. Yet at the same time rpm -q \ --qf '%{VENDOR},%{NAME},%{VERSION},%{VERSION}-%{RELEASE},%{ARCH},% {SUMMARY}\n' \ flash-plugin displays: Adobe Systems Inc.,flash-plugin,11.1.102.55,11.1.102.55-release,i386,Adobe Flash Player 7.0 /var/tmp/rpm* is nonexistent. Note: rpm does seem to be fairly consistent in its inconsistency, the above applications are a small sampling of a larger *set* (out of ~180 packages that show this) that seems to keep flip flopping from one SUMMARY to the other, *usually* in the day or two post a yum update (not sure if reboots also affect it). The summaries always bounce between the same text, i.e., htmlview has always used either Launcher of Preferred Web Browser or Tools for launching Preferred Applications and bash has always used either The GNU Bourne Again shell (bash) version 3.1. or The GNU Bourne Again shell (bash) version 3.2 (and a 3.1 version has never been installed on the system). RHEL machines show the same flip flops with the same packages and same flopping summary texts. So where is rpm getting the bad information from? Can it be cleaned out? What would be lost by cleaning it out? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of sebasti...@datafaber.net Sent: Friday, September 16, 2011 11:27 To: centos@centos.org Subject: Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7 I've finally managed to update one of my boxes to 5.7. I did it in a very roundabout way, which however confirms that at least in my boxes there's something wrong in the way yum creates the sqlite databases. I've basically followed the guide at http://wiki.centos.org/HowTos/CreateLocalMirror to create my own mirror Which uses rsync instead of http. of the 5.7 'os' and 'updates' directories, created the yum repository with 'createrepo -d' to pre-create the sqlite database and made this mirror accessible to the other boxes via HTTP. I then created a /etc/yum.repos.d/Local.repo file which specifies my private mirror for the [base] and [updates] repositories, commented out everything in the /etc/yum.repos.d/CentOS-Base.repo and ran yum clean all yum update Everything updated flawlessly and the box restarted normally with the newer kernel. Now, this doesn't solve the original yum problem, but at least confirms that the creation of a corrupted sqlite database was indeed the real issue. Many thanks to all the people on the list who have suggestions and advice, particularly to Alain Péan who pointed me in the right direction. For, what to me is, an interesting data point, I would suggest doing the following now that you have a local known good copy: On a machine that was still faulting: for i in /var/cache/yum/base/ \ /PATHTOLOCALREPO/5.7/os/arch/repodata/ \ /var/cache/yum/updates/ \ /PATHTOLOCALREPO/5.7/updates/arch/repodata/ do ls -l $i md5sum $i/* done #you may want to unroll the for, into four terminals, for your own sanity. #you'll have two sqlite files in each /var/cache dirs you can ignore My bet... some isp between you and the internet is transparent proxying*** to reduce their downloading bandwidth, and they keep cache too long, the error will clear just as soon as their cache clears or you force it by wgeting the broken file with the --no-cache flag. [got the tee-shirt] But now that you have a local mirror, the updates should go faster in the future. :) *** I know you keep indicating no proxy is _known_ to you in the path to the mirrors, but it is pretty much the only thing that makes any sense. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UPS issues with PFC PSU
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Wednesday, August 24, 2011 13:43 To: CentOS mailing list Subject: Re: [CentOS] UPS issues with PFC PSU Robert Arkiletian wrote: snip Anyway, have you anything experience with CyberPower UPS's? Small ones, for workstations? Yep, I've got one on mine at home. Been good. Have you found a program to communicate with it for getting it's/line's status, and causing shutdown to occur gracefully? And what program was it? :) That was the issue I had with one a few years ago. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to assign program to run on dedicate CPU ?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of mcclnx mcc Sent: Thursday, July 21, 2011 14:19 To: centos@centos.org Subject: [CentOS] how to assign program to run on dedicate CPU ? We have CENTOS 5.X on DELL servers. I know on Windows environment I can use imagecfg.exe to assign program run on dedicate CPU. Can anyone tell me how to do this on LINUX? I should probably have just answered `man taskset`, but the below got typed too quickly. CONTROLEDPID=`ps aux |grep 'name of process I want to control` PROCESSORTORUNON=3 Taskset -p -c $PROCESSORTORUNON $ PROCESSORTORUNON ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Memory Usage in Top and System Monitor?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Robert Nichols Sent: Thursday, July 21, 2011 14:32 To: centos@centos.org Subject: Re: [CentOS]Memory Usage in Top and System Monitor? On 07/20/2011 07:09 PM, Michael McNulty wrote: I think I found my problem. I did not realize using /dev/shm as a ramdisk will create swap space. Is there a way to prevent the ramdisk from swapping to disk? SNIP If programs and I/O buffers need more than the other memory you have available, what option is there besides swap? what option is there besides swap [to disk]? Compcache, Compressed Caching for Linux? But last I read, it needed a newer kernel than was in 5.x. So no I have not tried it. :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to assign program to run on dedicate CPU ?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Ljubomir Ljubojevic Sent: Thursday, July 21, 2011 15:11 To: CentOS mailing list Subject: Re: [CentOS] how to assign program to run on dedicate CPU ? Denniston, Todd A CIV NAVSURFWARCENDIV Crane wrote: SNIP I should probably have just answered `man taskset`, but the below got typed too quickly. CONTROLEDPID=`ps aux |grep 'name of process I want to control` PROCESSORTORUNON=3 Taskset -p -c $PROCESSORTORUNON $ PROCESSORTORUNON You meant: taskset -p -c $PROCESSORTORUNON $CONTROLEDPID Yep, yet more evidence that it got typed to quickly. :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing from CD
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of david Sent: Monday, July 11, 2011 17:13 To: CentOS mailing list Subject: Re: [CentOS] Installing from CD At 02:10 PM 7/11/2011, you wrote: david wrote: Folks The machine I'm trying to load does not have a DVD reader, but only a CD reader. Are the multiple CD images of CENTOS 6 available somewhere? Earlier versions had them. Thanks David As far as I know, this was not planed, at least not yet. For now, all you can do is to use USB DVD and install from those. Ljubomir I wish I could, but this machine can boot only from a CD, a diskette or a HardDrive. USB is not an option. Boot with boot.iso http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Instal lation_Guide/Making_Minimal_Boot_Media.html But you will have to find some way to get the rest of the install to the machine, such as A local hard, USB http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Instal lation_Guide/s1-begininstall-hd-x86.html NFS http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Instal lation_Guide/s1-begininstall-nfs-x86.html HTTP ... http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Instal lation_Guide/s1-installationmethod-x86.html ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] There ain't a CentOS autotools bug!
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Lars Hecking Sent: Friday, July 08, 2011 18:40 To: centos@centos.org Subject: Re: [CentOS] There ain't a CentOS autotools bug! Ah that Windows. Someone should incorporate dos2unix conversion as an standard step in some of the make/config process. On the contrary - something like this should not happen behind the user's back, considering the platform where configure scripts are built can be different from the target platform. I'd also love to teach vim how sto how those pesky ^M characters. It doesn't, and that's perceived user-friendliness gone too far. Proper vi on Unix does the right thing. I believe I have seen vim do it, but only when some lines were CR-NL and the others were NL, so there is probably a way to convince it to always do it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Year in log files
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Fajar Priyanto Sent: Wednesday, June 22, 2011 22:23 To: CentOS mailing list Subject: Re: [CentOS] Year in log files On Thu, Jun 23, 2011 at 10:18 AM, lists-centos replies-lists-b3z2-cen...@listmail.innovate.net wrote: You should set that log to rotate annually. That should address your issue, in addition to keeping logwatch from picking up year-old entries. Yes it's rotated annually. That's why I can argue based on common sense, by comparing the CESA date and the occurance in the log file. But if there is year, I don't have to argue at all with the auditor. Two suggestions, 1) look for 'yum: Updated:' in the messages log, which should be rotated a bit more often (and the auditor was probably fine with the time stamps there), and if syslog is being directed to a log collector the log collector may have different settings. 2) look at `rpm -qa --last` for at least the currently installed versions, it does include the full year stamp. If needed the auditor could link timestamps from the rpm database to the yum log. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum check-updates script not working correctly
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Daniel De Marco Sent: Thursday, May 26, 2011 8:42 To: CentOS mailing list Subject: Re: [CentOS] yum check-updates script not working correctly Brian, you have a syntax error in the second if. The yum update is being executed every time. Move the fi just before the else to the end. Make that, a probable, two syntax errors in the second if. The single '=' sign does assignment, a double '==' does string compare. Plus I think there is a simpler way to control yum, than adding all these scripts that I don't think came in the base install. Modify /etc/yum/yum-updates.conf, which comes in the yum-updatesd package, and `ckconfig yum-updatesd on` #note you probably only want one or the other of either yum-updatesd or the scripts you have. On some of the systems I run, the run_interval is set ~22000 and do_update is set to no, which achieves near what I think the OP was after. I am not sure if setting emit_via to email or syslog would get the final bit of what the OP was after. Daniel. * brian tu...@talstar.com [05/24/2011 18:53]: if [ -f /var/lock/subsys/yum ]; then if [ ${CHECKONLY} = yes ];then /usr/bin/yum-check fi else /usr/bin/yum -R 10 -e 0 -d 0 -y update yum /usr/bin/yum -R 120 -e 0 -d 0 -y update fi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum check-updates script not working correctly
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Leonard den Ottolander Sent: Thursday, May 26, 2011 12:23 To: CentOS mailing list Subject: Re: [CentOS] yum check-updates script not working correctly Hello Tod, On Thu, 2011-05-26 at 10:53 -0400, Denniston, Todd A CIV NAVSURFWARCENDIV Crane wrote: The single '=' sign does assignment, a double '==' does string compare. No, with the spaces around the '=' and the dollar before the variable name this actually is a test not an assignment. But using double '=' is more clear, agreed. Try Thanks for the info. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] calendar
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Thursday, May 26, 2011 16:43 To: CentOS mailing list Subject: Re: [CentOS] calendar CentOS does what RHEL does, and RHEL 5.x *only* provides thunderbird 2.x. Further, in Linux, they do build seperately for 64 bit vs. 32 bit. I was going to suggest loading the 32bit version like you can do for Firefox, and then when I looked I noticed that only the 64bit version of thunderbird is placed in the x86_64 portion of the repo. I would be tempted to try: a) install the 32bit version of Firefox (to pull in all the 32bit moz libs you'll need) b) grab the 32bit version of thunderbird (from the centos 5.6/updates/i386 repo) and install it c) test and see if it will work for you. d) 1) see if your boss has a problem with you having to remember to update thunderbird from the i386 updates directory. 2) see if you could (gently) convince the centos guys to put it also in one of the centosplus or extras x86_64 portions of the repo. [I doubt that they would put it in the 5.6/os/x86_64 and 5.6/updates/x86_64 directories only because I would have expected to see it there already if TUV was putting it there, and for the os updates directories I expect they want to closely match TUV.] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] calendar
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Thursday, May 26, 2011 17:21 To: CentOS mailing list Subject: Re: [CentOS] calendar snip Would be nice. Trouble is, we've got what, 60? 70? people in the division With that many you obviously have a local mirror that they all update from, right? cd pathtomirror/5/updates/x86_64/RPMS find ../../i386 -name thunderbird\* -exec ln -s {} \; cd .. createrepo -v --update -d -o repodata x86_64 And get your boss happy with _that_ but only if the 32bit version worked. who have Linux workstations, and then rolling it all out, and no one wants to deal with 32-bit apps on 64 bit systems (we won't mention npviewersegvsegvsegv) Lightening and lightening-exchange looked really good Any chance you could get the source of those and recompile for 64? Yeh Yeh, maintenance headache, but can that set of headaches (work [and more at each update of the tool] and IA) be balanced against the alternatives and be a win for the division. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] User accounts management for small office
Salt below appropriately to the fact that I have only looked at using these, I have not yet done the implementation I want to do. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Jeff Boyce Sent: Wednesday, April 27, 2011 14:54 To: centos@centos.org Subject: Re: [CentOS] User accounts management for small office The opinions both for and against OpenLDAP have made me take a little closer look at it, but my conclusion is that it is more cumbersome than what I really want to handle right now for the size of the network. I have looked closer at Samba/Wins/Winbind, etc. In the LDAP arena 398 [2] looks to me like it should ease a) the mysteries of configuring LDAP, and b) integrate with AD. 389 is in EPEL. and it looks like the main source of my current problem is that my Samba network is setup now as a Workgroup and not as a Domain. I didn't understand that difference when I ran across the quote I included above. It looks like if I change to a Domain and configure it properly with Wins/Winbind that I should be able to have the single point password changing option occur from the Windows desktop. I am now re-reading sections of my copy of the Definitive Guide to Samba 3 which should help me (although it was published before Vista and 7, which all my workstations are now). You may also want to look at the samba Franky[1] which could get you enough of samba4 to (from what I understood and want it for) become the full PDC for the windows system, but it is as the name suggests a monster. [1] https://wiki.samba.org/index.php/Franky https://wiki.samba.org/index.php/Main_Page#Franky https://wiki.samba.org/index.php/Combined_build_issues [2] http://directory.fedoraproject.org/ In any case, when you get something working, I would like to see the success story here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cacti rpm for el5.6 with php53
-Original Message- From: On Behalf Of Pasi Kärkkäinen Sent: Tuesday, April 26, 2011 11:13 On Tue, Apr 26, 2011 at 04:34:53PM +0200, Ljubomir Ljubojevic wrote: Pasi Kärkkäinen wrote: Hello, Does someone know if there's a cacti rpm available that works (=installs and doesn't conflict) when php53 rpm is installed, instead of the older php rpm ? cacti rpms from rpmforge/dag have these requirements: php php-mysql php-snmp Hey, Yep, I know I can create my own version of cacti, but I was trying to avoid exactly that :) Thanks for the heads up about rpmforge mailing list, I wasn't aware of it. -- Pasi Not being a PHP developer, I was under the impression that many/most of these packages were interpreted scripts which probably would work fine under php53 vs. the php installed by default. I have been wondering from afar about this thread and the discussions over in the EPEL list, if someone could create a meta rpm that required php53 and provided php (and similar for php-mysql php-snmp) and have the system continue to work. This is of course under the assumptions of: a. the packages are interpreted scripts b. the syntax has only added, and not changed or removed functionality since the stock php. Is this a not_bright idea in the php package world? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOs 5.6 and Time Sync
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Mailing List Sent: Monday, April 25, 2011 13:57 To: CentOS mailing list Subject: Re: [CentOS] CentOs 5.6 and Time Sync On 4/13/2011 7:35 AM, Mailing List wrote: Hi, I have upgraded my Dell C521 to the latest 5.6. I have always used ntp to sync this machine and then the rest of the machines in the network would sync from it. Since the update I cannot keep the right time on the machine. This is with / without ntp. I have attempted various scenario's with no luck. I am now trying the old kernel now AMD Athlon(tm) 64 X2 Dual Core Processor 3800+ 3gb of ram. TIA. Brian. List, I was not able to resolve my issue with the time on this machine. I went ahead and rolled the update back to 5.5 and disabled the update to 5.6. What I would like to know is if CentOS 6 might be ok when it rolls out, or am I just going to have to keep with 5.5 till EOL? Thanks to all with there help. 1) I hope you are only talking about having rolled back to the last working for you kernel from 5.5, not the whole distribution. 2) If I was in your position and had time, my method would be[1] a) get the srpm for the last known working kernel (2.6.18-194.32 ???) b) get the srpm for the first known not working kernel (2.6.18-238 ???) c) expand each of the above srpms into their own rpm build tree i.e., rpmdev-setuptree;rpm -i kern1; mv rpmbuild rpmbuild.kern1; rpmdev-setuptree;rpm -i kern2; mv rpmbuild rpmbuild.kern2 d) start looking at the differences in the patches applied in kern1 vs. those in kern2, i.e., read/diff the kernel.spec files see if there were any new ones that seemed likely to be causing the problem... RTFS if necessary to make better guesses. Rebuild kernel 2 with patches taken out/modified based on my investigations and test them and see if I guessed right. If no luck, think about opening an TUV bug with lots of the info you have sent here, they may be interested even if you don't have a subscription. [1] Been there, done that: http://www.gossamer-threads.com/lists/drbd/users/9616 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOs 5.6 and Time Sync
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Mailing List Sent: Wednesday, April 13, 2011 16:23 To: CentOS mailing list Subject: Re: [CentOS] CentOs 5.6 and Time Sync /etc/ntp; restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict -6 ::1 server 0.centos.pool.ntp.org server 1.centos.pool.ntp.org server 2.centos.pool.ntp.org server 127.127.1.0 # local clock fudge 127.127.1.0 stratum 10 driftfile /var/lib/ntp/drift keys /etc/ntp/keys There is no /etc/ntp/ntpservers /etc/ntp/step-tickers is an empty file. /var/lib/ntp/drift; -65.219 I have no /var/log/ntpd.log /varlog/messages; This is the log using stock updated kernel. Apr 12 03:32:35 Server ntpd[2797]: synchronized to LOCAL(0), stratum 10 Apr 12 03:33:36 Server ntpd[2797]: synchronized to 173.9.142.98, stratum 2 Apr 12 15:51:56 Server ntpd[2797]: time reset +43208.248852 s Wow! That is a big jump. Apr 12 15:51:56 Server ntpd[2797]: kernel time sync enabled 0001 Apr 12 15:56:03 Server ntpd[2797]: synchronized to LOCAL(0), stratum 10 Apr 12 15:56:26 Server ntpd[2797]: synchronized to 169.229.70.183, stratum 3 Apr 12 16:00:22 Server ntpd[2797]: synchronized to 173.9.142.98, stratum 2 Apr 12 16:16:59 Server ntpd[2797]: synchronized to 169.229.70.183, stratum 2 Apr 12 16:16:57 Server ntpd[2797]: time reset -1.830305 s Apr 12 16:20:27 Server ntpd[2797]: synchronized to LOCAL(0), stratum 10 SNIP log of ntpd jumping from server to server (fairly often) including LOCAL host It seems that the connections to the external ntp servers are not good enough to keep you off LOCAL, and once on local you will drift at the rate the system last had, and that drift rate can be quite large when the system is first trying to come into sync. (and often quite a bit larger than the steady state drift rate once synced) Selinux is disabled, and just a note also. This is a stock install of of ntp. I never had to do any fudging with it cause it just worked up until the update. I also have no /var/log/audit/audit.log. tia. Brian We still don't know why the machine is losing time, but it might help to have some more data to compare with IIRC you indicated you had two other servers in your environment that were still keeping time good... I would suggest adding something like: echo server myotherserver /etc/ntp.conf echo restrict myotherserver mask 255.255.255.255 notrap /etc/ntp.conf you may also have to add restrict a line on myotherserver such that your timeloosingserver can get info, i.e. on myotherserver echo restrict timeloosingserver mask 255.255.255.255 nomodify notrap /etc/ntp.conf [please evaluate the above restrict lines to verify they are good enough security for your environment, I am doing them from memory] so that you have a local host which is not bouncing all over the place, with respect to connectivity, to check against. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOs 5.6 and Time Sync
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Peter Brady Sent: Wednesday, April 13, 2011 18:39 To: CentOS mailing list Subject: Re: [CentOS] CentOs 5.6 and Time Sync On 14/04/11 7:42 AM, Mailing List wrote: remote refid st t when poll reach delay offset jitter === === bindcat.fhsu.ed 132.163.4.1012 u 1015 1024 377 49.987 - 15082. 6919.88 216.45.57.38108.71.253.182 u 998 1024 377 83.112 - 15139. 6900.14 javanese.kjsl.c 69.36.224.15 2 u1 1024 377 109.083 - 29233. 7285.83 *LOCAL(0).LOCL. 10 l 13 64 3770.000 0.000 0.001 snip Glad you've got a fix but you should keep an eye on it. If you look at the output for ntpq you have three stratum 2 servers which differ by ~15s from both you and each other. Stratum 2 servers should be a lot closer than 15s given that they are only one link removed from some form of atomic clock. I think you may be comparing a couple of rotting apples to one that is just now ripening. whenoffset 101515082 998 15139 1 29233 i.e., the samples that are 17 seconds apart in the taking are .057S apart in value, and trending longer. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 32-bit compat-gcc on 64-bit CentOS?
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Alan M. Evans Sent: Wednesday, March 30, 2011 12:48 To: CentOS mailing list Subject: Re: [CentOS] 32-bit compat-gcc on 64-bit CentOS? On Tue, 2011-03-29 at 17:43 -0500, Jeff wrote: On Tue, Mar 29, 2011 at 5:35 PM, Alan M. Evans a...@extratech.com wrote: , but have you tried the -m32 flag with gcc. that will tell it to create 32-bit code. You will also need to pass that option to the linker and be sure any dependent libraries have the 32 bit versions installed. I've tried the -m32 flag, along with CC=gcc34 to actually cause it to use the compat compiler instead of the new one. The build process produces a lot of warnings that may or may not have been there before, then bails out with: make: *** No rule to make target `/usr/lib/gcc/i386-redhat- linux/3.4.6/include/stdarg.h', needed by `hostcom.o'. Stop. On the old server, which I have limited access to, that file is owned by the compat-gcc-34 package. And the 64-bit version of this package is installed on the new server, so the directory is x86_64-redhat-linux instead of i386-redhat-linux. Unfortunately, from what I see, the x86_64 yum repos only offer an x86_64 version of compat-gcc-34. compat-gcc-34.x86_64 has /usr/lib/gcc/x86_64-redhat-linux/3.4.6/include/stdarg.h *Perhaps* this (that it does not provide the *gcc/i386-* include tree, or that the i386 version is not also in the x86_64 repo) can be seen as a bug in the x86_64 package, to report upstream??? The error above looks like either by specifying the -m32 flag or by a hard code in either hostcom.c (or one of its included files) the 32bit version of the stdarg.h header is included instead of the available x86_64 version. Seeing as you have source I would first try to compile it as 64bit and if the build works, then test heavily to verify the functionality. The drawback is that we have seen several open source projects*** with issues while they ported their software from 32 to 64. Perhaps there is a URL of Frequently seen 32 to 64 bit porting problems, that you could look at to be aware of the kinds of errors others have seen. Again my first option would be try to go native (x86_64) and see if it works correctly. Another option to keep from reinstalling, granted only slightly easier than reinstalling, is setup a KVM or XEN virtual machine on the server and install enough of the 32 bit CentOS to allow you to compile the source in a 32 bit environment and then install the binary onto the 64 bit system and make sure all the needed 32bit libs are available. You might even be able to fallback to running just that application in the VM while running everything else in the bare metal, granted then you get twice the effort for securing the OS (it IS another machine) and keeping the OS up to date. Third option may be as others suggested, try to use mock to build the 32bit binary using the 64bit system. You would still need to make sure all the needed 32bit libs are available on the 64bit machine. [I have not used mock yet so I am unsure of the ability for it to provide the cross environment needed.] *** ( the closed ones probably had issues too, but well being closed we don't hear about them. :) My opinions, YMMV and all that jazz. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] {OT] Re: Installing IMA (Integrity Measurement Architecture) on CentOS 5.5
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Rajagopal Swaminathan Sent: Thursday, March 24, 2011 14:49 To: CentOS mailing list Subject: [CentOS] {OT] Re: Installing IMA (Integrity Measurement Architecture) on CentOS 5.5 Greetings, Having said that, I have this troubling thought for last decade: What exactly is high availability: is it 24/7 power on time? or is ti when needed. Please not it am not talking about the maybe arrogant on demand attitude of a human. You probably don't want it to be your only reference, but in my opinion Wikipedia has a pretty good first pass definition of high availability [1] means between you and your boss, i.e., ...a prearranged level of operational performance will be met during a contractual measurement period. This under extreme circumstances in India like 4 hours of (Electrical Power Load Shedding) outage every day So have you and your boss prearranged a level of operational performance will be met during a contractual measurement period? Something like: The system will be available to the users in the building 90% of the time when the local power grid is powered up? [1] http://en.wikipedia.org/wiki/High_availability ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] debugging auto mount configuration
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Boris Epstein Sent: Friday, March 11, 2011 8:23 To: CentOS mailing list Subject: [CentOS] debugging auto mount configuration SNIP I have tried running automount --debug and automount --verbose and thus far have not seen any messages that would shed any light on what's going on. So I am a bit lost at the moment. Any advice on how to proceed would be much appreciated. Boris. It looks like you have started down this road, but jmoyer (IIRC one of the guys Red Hat has working on autofs) has a page of things that he wants to see when trying to debug your autofs problems. Perhaps taking a look here might help. http://people.redhat.com/jmoyer/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server locking up everyday around 3:30 AM - (INFO: task wget:13608 blocked for more than 120 seconds) need sleep, help.
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of PJ Sent: Friday, March 11, 2011 12:34 To: centos@centos.org Subject: [CentOS] Server locking up everyday around 3:30 AM - (INFO: task wget:13608 blocked for more than 120 seconds) need sleep, help. SNIP There are no cron jobs that run at 3:30, no backups, the server has a load of 0, nothing is scheduled around that time... SNIP Are you sure the stuff in /etc/cron.daily/ is done by then or not started yet? Could be something like the mlocate or makewhatis chewing up CPU/Mem. IIRC the stuff in /etc/cron.daily/ runs in alphabetic order so, are you (root) getting the logwatch messages, and at what time? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Updating hardware clock from cron
-Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Kenneth Porter Sent: Friday, March 04, 2011 14:15 To: CentOS mailing list Subject: [CentOS] Updating hardware clock from cron Is there a package to do this? Normally the hardware clock is set during shutdown if one is running ntpd. No, hwclock --systohc is only called at start time (in /etc/rc.d/init.d/ntpd), and only if ntpdate got a good time, which is a good thing. But if a long-running server shuts down unexpectedly, this isn't done, and the hardware clock might be off by a lot when it comes back up. Not if you are running ntp and it was able to sync, because ntpd activates a mode in the kernel that sets the hwclock every 11 minutes when ntp declares it got synced. If your hwclock is off by a lot when it comes up I believe it is from one of the following: A) bad cmos battery. B) poor cmos clock C) confusing info in /etc/adjtime due to using both hwclock --adjust [at boot] and ntp (long story, but it is due to both tweaking the clock without coordination between them). D) booting a different OS with different ideas of timezones. E) manual tweaking of time via bios. So setting it periodically from a cron job could be useful. What do others do? Adding a one liner to /etc/cron.daily that invokes /etc/rc.d/init.d/ntpd would do it but it seems heavyweight to restart ntpd. Alas, the script doesn't export just the sync_hwclock function. Recommendation, Understand `hwclock --systohc` should _only_ be called when the admin knows a good system time was *_JUST_* set from a good source, i.e., following a successful call to ntpdate or the admin setting the systime with date. On some systems that do NOT have ntpd service available (not on a network with a time server), I will have them do a sequence of hwclock --hctosys hwclock --adjust hwclock --hctosys in /etc/rc.d/rc.sysinit where it already does the hwclock --hctosys so that once I have set the time from a known source a few times the box will reasonably self correct time on boot, I will even on some of those systems have that sequence in a cronjob that gets run once a week. If this is on a network, I have the box that is doing this serve ntp (via local clock) to the rest of the network, so they drift together. Reminder: `hwclock --systohc` should _only_ be called when the admin knows system time was JUST set from a good source, i.e., NOT from a cron job that is not also making sure the ntpdate worked. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos