Re: [CentOS] Disabling stock firewall and SELinux for ISPConfig
On Thu, May 10, 2012 at 9:35 PM, Ljubomir Ljubojevic off...@plnet.rs wrote: Just a little warning, it might be that it has problems with DNS files. I am still on CentOS 5.8 with Virtualmin/Webmin on servers, so had no real-world experience on C6. There was the tread in last 2 days abot it. Thanks. I'll keep that in mind, I hate Bind! (oh, I should be more kind, maybe unwind, or I may find, that sanity has dined, on my own behind!) -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Disabling stock firewall and SELinux for ISPConfig
I have been reading a tutorial on configuring and securing a CentOS 6.2 machine: http://www.howtoforge.com/perfect-server-centos-6.2-x86_64-with-apache2-ispconfig-3-p3 This tutorial bases the configuration on an application called ISPConfig. I am not sure that I like the idea of disabling the stock firewall and SELinux as the tutorial suggests, even with all the troubles that SELinux has given me in the past. What do those wiser than myself think about this? For some background, I will be setting up a rather bland server for serving a few websites. Thy will all be served via Apache, coded in PHP. I am concerned about correctly configuring a safe firewall for the system. So any advice particular to that would be much appreciated. Thank you! Dotan Cohen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disabling stock firewall and SELinux for ISPConfig
On Thu, May 10, 2012 at 6:30 PM, Ljubomir Ljubojevic off...@plnet.rs wrote: In distant past I though of SELinux as burden. Now, I use it on every system I install. Take a look at Virtualmin (GPL). I prefer it instead of ISPConfig, and it has regular repository you can install and update from. Thanks, Ljubomir. I will take a look at Virtualmin. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Maintainer for Krita on CentOS
The Krita [1] mailing list is now discussing making a standalone .tgz package of the latest Krita for CentOS 5.x. After this tarball is created is there anyone interested in making and maintaining a CentOS 5.x RPM package from it? [1] http://krita.org/ -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Maintainer for Krita on CentOS
On Tue, May 1, 2012 at 17:14, Johnny Hughes joh...@centos.org wrote: I would be happy to maintain a CentOS-5 RPM and put it in the CentOS Extras repository. Thank you Johnny! I will inform the Krita list now. Do you give your permission that I may pass your email address on to the person building the tarball? The requirements include: qt 4.6.0 or newer == CentOS-5 has qt4 version 4.2.1-1.el5_7.1 ... are you sure it will work? The guy building the tarball will be including Qt 4.6 in the tarball and linking against that. He is building it now. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Maintainer for Krita on CentOS
On Tue, May 1, 2012 at 19:14, Karanbir Singh mail-li...@karan.org wrote: On 05/01/2012 05:07 PM, Dotan Cohen wrote: The guy building the tarball will be including Qt 4.6 in the tarball and linking against that. He is building it now. erm... that is going to mean that everytime there is an update for either QT or anything that it links into or anything that is in a lib associated down that chain - the entire stack needs to be rebuilt. Are you sure this is a good idea ? I'm not sure, but the guy who is maintaining it seems to think so. I advised him to build for CentOS 6, not 5, but 5 is much more widely distributed and there are other reasons for staying with CentOS 5, such as AutoDesk support. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Maintainer for Krita on CentOS
On Tue, May 1, 2012 at 19:53, m.r...@5-cent.us wrote: I hate having to worry about multiple libraries. And in updates of the std. packages, it can break your specialized one. I would have to recommend to your krista list to build against the library we have now. A question: what new functionality does the newer library provide, noting that it's a subrelease, *not* the next release, and so should only have bug and security fixes? I am not sure what the newer Qt provides, but I know that many KDE technologies rely on the latest-greatest Qt at the time of the KDE release. Your knowledge and participation in the thread would be most valuable, especially in this early stage: http://comments.gmane.org/gmane.comp.kde.devel.krita/5503 Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Maintainer for Krita on CentOS
On Tue, May 1, 2012 at 20:17, m.r...@5-cent.us wrote: a) You do understand what I'm saying about subreleases vs. release? That there shouldn't be anything that new (as opposed to, say, python 10-12 years ago, where each subrelease broke everything)? I would strongly urge you to pass that question to the krista list. Yes, I understand. He is building against Qt 4.8 or thereabout, whereas CentOS 5.8 ships with Qt 3.x. I see these Qt 4.7 packages, but it is not clear to me that using them is what you are suggesting: http://joseph.freivald.com/linux/2011/09/23/qt-4-7-4-and-qt-creator-2-3-0-for-centosrhel-5/ b) I'd love to do some programming again, but a day job and a life outside work (see (c)), I don't have time, and c) I most certainly will *NOT* be on the list next week, as I'm getting remarried Sat Congratulations! I hope that your new marriage turns out better than the first one. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Preparing to convince to shift to non-propriety documents formats
On Wed, Feb 8, 2012 at 12:52, Boaz Rymland boaz.ryml...@gmail.com wrote: Hi Dotan, thanks for taking care of this. Attached is one such document. No problem at all in making it public. It was pretty much so in the first place. Here are the two bugs: Severe MS Office incompatibilities https://bugs.freedesktop.org/show_bug.cgi?id=45769 https://issues.apache.org/ooo/show_bug.cgi?id=118889 -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Machine becoming irresponsive
There is a CentOS 5.2 machine that is sometimes found to be offline. It runs a few websites but nothing very high traffic. I happened to notice a few days ago that before it went down, one of the sites written in PHP was throwing errors that it could not connect to the MySQL backend. Two hours later, the whole server was down and wasn't even responding to SSH. It's not my box, but I may have opportunity to look at it. After going through dmesg and messages, if I don't find anything obvious, what should I start looking for? What are the likely, common culprits and how to identify them? Is there a page of the fine manual that addresses issues like this? Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On Mon, Jan 23, 2012 at 16:23, Phil Schaffner philip.r.schaff...@nasa.gov wrote: I'd have a look at why an apparently Internet-facing server is 5 point releases, plus a lot of subsequent errata, behind the current 5.7 release level; and what resultant vulnerabilities might have been exploited. Thanks. There are a lot of very specific software on that server that precludes it from being updated. I believe that 5.2 still is seeing security updates, no? In any case, a complete reinstall with either 5.2 or a latter version is pretty much out of the question for now, though I will try to see what needs to be done in that direction. In the meantime, where should I concentrate my efforts? Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
Thanks, all. I suppose that you all are right, considering that 5.2 is no longer supported. I was under the impression that this is an older but up-to-date install. This server sits in a datacenter hundreds or thousands of kilometers from anyone related to it, so I will back it all up via rsync. Do I risk my home Debian or Fedora boxes by downloading the server's files to them? Of course I won't deliberately execute any files that I download, and I won't be root, but I'd like to know if I need to take any extra precautions. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On Mon, Jan 23, 2012 at 18:57, m.r...@5-cent.us wrote: a) You should NOT, under any circumstances, be backing it up to your home systems. You should be backing it up to a work server - there are very serious legal implications involved here. Thanks, but there are no customer data or other sensitive data on the server. I wouldn't dream of compromising customer data! b) Since it's in a datacenter, presumably being hosted, you need to contact the datacenter provider and inform them that you believe it may be infected, and work with them to investigate - they may have an intrusion response team far more qualified than you to investigate whether there's been an intrusion. On the other hand, you've also got to worry about your company's proprietary data, and what they should see, and what they should not. That is a good idea. There do exist professionals for this type of work, and that is the place to find them. Thanks. As I said, a *lot* of legal issues - don't put yourself into a position that could get you, personally, out of a job, sued, or even, as an extreme, jailed. Thank you for the concern. I will be cautious and not reckless! My own security is not worth that server! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] redhat vs centos
On Tue, Nov 1, 2011 at 18:47, David Hrbáč david-li...@hrbac.cz wrote: Well, there are no other RHEL clones except SL/Centos. We have quite large infrastructure and we want it homogeneous as possible. Because we run a few boxes with IBM, Ora stuff we need certified OSes, certified is only RHEL or SuSE. So we are using RHEL and Centos. We have been running happily and smoothly for a few years with this concept. Because of the lastest issues with CentOS we are really considering moving back to Debian. There is the Oracle unbreakable Linux (or whatever they call it), which is a RHEL clone. The recent RH packaging changes are aimed squarely at that distro from what I understand. The problem is that the changes affect *all* clones the same way, including CentOS. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] redhat vs centos
On Tue, Nov 1, 2011 at 20:27, Bob Hoffman b...@bobhoffman.com wrote: Centos is fun, but I am kinda interested in more modern packages that ubu seems to offer. Worried about having to relearn a full system though. Ubuntu server a bit different, but not terribly so. Apache is called apache and not httpd, and there is no chkconfig. For webservers that is not a terrible thing to relearn. I'm sure that other uses will find other small, but not insignificant differences. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sort logfiles on common lines?
On Sun, Sep 25, 2011 at 22:43, John R Pierce pie...@hogranch.com wrote: uniq can count occurances. will require two sorts. one to get all similar errors adjacent, the other to sort by count order. instead of using field selects, lets just clip the timestamps off up front... cut -c 17- | sort | uniq -c | sort -rn (17- means from char 17 on... I may have miscounted) Thank you John! That is perfect! I'm going through the uniq manpage now. Have a great night! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sort logfiles on common lines?
On Sun, Sep 25, 2011 at 23:34, John R. Dennison j...@gerdesas.com wrote: Actually you are 2 full point releases behind; current is 5.7. I would strongly suggest you update. Thanks. I will mention that to the sysadmin. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Sort logfiles on common lines?
I have a huge mysql.log file full of errors. I'd like to sort it by the most common line, and work from there. I did go through the manpage for sort, and googled a bit, but I found nothing relevant. Here is an example of the output: [root@ log]# tail mysqld.log 110925 11:05:35 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_summary_ad_hourly.MYI'; try to repair it 110925 11:05:35 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_summary_ad_hourly.MYI'; try to repair it 110925 12:05:28 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_intermediate_ad.MYI'; try to repair it 110925 12:05:28 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_intermediate_ad.MYI'; try to repair it 110925 12:05:28 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_intermediate_ad.MYI'; try to repair it 110925 12:05:28 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_summary_ad_hourly.MYI'; try to repair it 110925 13:09:43 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_intermediate_ad.MYI'; try to repair it 110925 13:09:43 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_intermediate_ad.MYI'; try to repair it 110925 13:09:43 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_intermediate_ad.MYI'; try to repair it 110925 13:09:43 [ERROR] /usr/libexec/mysqld: Incorrect key file for table './ox_data_summary_ad_hourly.MYI'; try to repair it [root@ log]# wc -l mysqld.log 20686 mysqld.log [root@ log]# cat mysqld.log | grep ERROR | wc -l 20332 [root@ log]# Is there a way to get the most common (unique) lines of the file? By the way, I'm not sure if this is RHEL or CentOS, or which version: [root@ log]# uname -a Linux example.com 2.6.18-194.32.1.el5xen #1 SMP Wed Jan 5 18:44:24 EST 2011 x86_64 x86_64 x86_64 GNU/Linux [root@ log]# uname -o GNU/Linux [root@ log]# I assume that it is one of these, as Yum is installed. How would I find out? Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sort logfiles on common lines?
On Sun, Sep 25, 2011 at 22:06, John R Pierce pie...@hogranch.com wrote: Is there a way to get the most common (unique) lines of the file? sort -k 3 | uniq -f 2 which will sort starting at field 3, and then print lines that are unique, skipping the first 2 fields, where fields by default are blank separated. Thanks, John. This looks to me that it will sort alphabetically, not by commonness. For instance: ERROR b ERROR a ERROR b Since ERROR b was reported more often than ERROR a, I would prefer that the output be: ERROR b ERROR a I'm sorry for not making that so clear! Is there a good word for most common or used most often that would be concise in this context? Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sort logfiles on common lines?
On Sun, Sep 25, 2011 at 22:10, Frank Cox thea...@sasktel.net wrote: Is there a way to get the most common (unique) lines of the file? If you want what I think you want, a combination of cut and sort will do it. Neither seem to have the most common line ability built in. I might have to resort to either Perl, or just attacking the logfile errors at random! cat /etc/redhat-release Thanks! I is more up to date than I thought! [root@gastricsleeve html]# cat /etc/redhat-release CentOS release 5.5 (Final) -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No MySQL password in ps aux!
On Wed, Sep 14, 2011 at 01:27, John Beranek j...@redux.org.uk wrote: You can even do this in something like Perl, here you just modify '$0'. I did not realize that the cli arguments are mutable. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No MySQL password in ps aux!
On Mon, Sep 12, 2011 at 23:25, Craig White craig.wh...@ttiltd.com wrote: create a proper .my.cnf file - problem solved There are other users who have root access (yes, I know, bad idea but it's not my box) who I don't want playing around in the mysql cli (I'm being a bully here, I know, but they are PHP guys). They can access MySQL via PHP and when something breaks it is in an environment that they are professionally expected to be proficient in. Not to be a jerk, but in any group of high-level-language programmers there is the one who will experiment on a production webserver instead of installing Linux on his machine at home. I started off as that guy! Yes, I know that the PHP guys can get the password by looking in the mysqlConnection.inc file that they typically include() so that sensitive information is not in the root path. Total security is not my goal, but rather reasonable obstacles to friendly, non-malicious entities. In other words, I want a pony. I want a single command to log in from my own machine right to the mysql cli, but I don't want anyone else to have simple access to that cli. Actually, I pretty much do have that pony. I just wondered how ti worked. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vim access
On Tue, Sep 13, 2011 at 14:59, Ashish Shaligram ashish8li...@gmail.com wrote: Hello, I have install a cent os 6 x64, and i cant use vim command. Can you help me to how to access file more easily or more reliably. What do you get with which vim? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No MySQL password in ps aux!
On Tue, Sep 13, 2011 at 18:42, Craig White craig.wh...@ttiltd.com wrote: I'm sorry, I was trying to make a point about the methodologies employed to better enhance security **especially** when you have other users on the same system... the point is that you should never use any command line function that includes the password for many reasons including ps visibility (and note that even if ps output suppresses the passed parameters, there still might be evidence in /proc), bash_history (or other shell histories), or just simply keylogging (which can be done by anyone with a shell on the system, su or not). The idea is that you open a connection first, establish a method of encrypted communications and then are prompted for the password or in the case of mysql, the ~/.my.cnf will send the password at the appropriate time. As for other users... I don't understand the logic of forcing them to use a PHP program vs. a CLI. MySQL fully supports the notion of users/permissions/grants, etc. and their access should be controlled using the integrated ACL system of MySQL, not some artificial notion of security based on CLI vs. WebApp. If they have DB Admin privileges using a GUI, there's nothing that they can't do in the GUI that they could do in a CLI except that the CLI is likely more effective and efficient and reinforces good habits/practices. Craig From a technical point of view you are 100% right. The goal is not to thwart malicious intent, but rather to discourage the use of the mysql cli as an experimentation platform. If any particular dev is motivated enough to find and use the cli than all the better for him, if he wants it that bad then he is probably already familiar with it. It is exactly the effective and efficient bit that I am worried about! (no WHERE clause on DELETE, for one example). -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No MySQL password in ps aux!
On Mon, Sep 12, 2011 at 03:30, Craig White craigwh...@azapple.com wrote: not exactly sure what point you are trying to make about being compromised - not all that relevant but you can still just use -p option without the password and get prompted for the password which actually solves your question. The password is 32 random characters covering all of ASCII. I don't want to go look for it several times a day. Also, since MySQL is client/server you could probably use the mysql client on your local machine and connect to the server and use encryption but that isn't what you asked. On the server MySQL only listens to localhost. Also, presuming you are using bash on the originating machine, you would have it in bash_history, just on a different machine. The point I was trying to make is that it is generally a poor idea to put a password into a shell command whether mysql or whatever. No, this is why I mentioned the alias. Only the alias shows in my local history, not the password. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No MySQL password in ps aux!
On Mon, Sep 12, 2011 at 05:37, Devin Reade g...@gno.org wrote: Getting back to the original question, it is a feature of mysql (not of CentOS per se), but there's nothing that stops other (C) programs from doing something similar. Shortly after startup, a programmer can set things up so that command line arguments (or in this case one of them) is hidden from anyone from viewing the process table. However, even using this mechanism there is a window where, if someone looks at the process table at the right time, they will see the password in cleartext. So, despite the mysql programmers trying to minimize the chance of leaking the password it is still a risk and so the advice others have given about -p (without the password) and .my.cnf is still the best option. Thanks. I did not realize that this window of opportunity exists. Considering the circumstances, I think that it is a fair tradeoff. Thank you for the information! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] No MySQL password in ps aux!
I just noticed that some CentOS 4 or 5 machine that I don't admin but have root access to hides MySQL passwords from ps: Console 1: $ mysql -u root -pSECRET mysql Console2: # ps aux root 32165 0.0 0.1 109408 2204 pts/1Ss+ 11:19 0:00 mysql -u root -px xx That is really nice, is it a MySQL feature or a CentOS feature? I have some other servers that I _do_ admin and I'd like to enable this. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No MySQL password in ps aux!
On Sun, Sep 11, 2011 at 19:35, Craig White craigwh...@azapple.com wrote: you'd still have it in bash_history though so it's really a poor idea to ever pass a significant password directly on the command line execution - whether visible or not visible to ps. Much better is to be prompted for the password instead... mysql mysql -u root -p and it will prompt another option is to have ~/.my.cnf which already has your password Craig Actually, it's not in Bash history because I log in from a remote server like this: $ ssh -t dotan@1.2.3.4 mysql -u root -pSECRET That, in turn, is actually aliased to something else. Therefore the login info does appear in my _local_ alias file, but if that is compromised then there is no reason to assume that ~/.ssh/ isn't also compromised, and vice versa. Additionally, one could add a space before a command to prevent it from being written to the history, I do this when encrypting files with openssl. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Cannot start SSH at boot
On a particular CentOS 6 install, I must start SSH manually: # /etc/init.d/sshd start I have tried to configure it to start automatically: # chkconfig --level 3 sshd on However, it still must be manually started. I am not getting any errors. What might be preventing it from starting? Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cannot start SSH at boot
On Thu, Sep 1, 2011 at 17:21, Stefan Held o...@unixkiste.org wrote: Maybe a specific ip in /etc/ssh/sshd_config ? And the Network is not up? Have a look at /var/log/messages. Any hint there? Turns out that this install boots to runlevel 5. I didn't install it, so I don't know why. But now that I've identified that, giving the proper command [1] fixed the issue. Thanks. [1] chkconfig --level 5 sshd on -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cannot start SSH at boot
On Thu, Sep 1, 2011 at 17:35, John Doe jd...@yahoo.com wrote: Maybe try: chkconfig --del sshd chkconfig --add sshd Do you see the symlinks? # ll /etc/rc?.d/*sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc0.d/K25sshd - ../init.d/sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc1.d/K25sshd - ../init.d/sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc2.d/S55sshd - ../init.d/sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc3.d/S55sshd - ../init.d/sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc4.d/S55sshd - ../init.d/sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc5.d/S55sshd - ../init.d/sshd lrwxrwxrwx. 1 root root 14 Sep 1 15:06 /etc/rc6.d/K25sshd - ../init.d/sshd Thanks. I didn't look to see if the symlinks were created, I should have done that. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cannot start SSH at boot
On Thu, Sep 1, 2011 at 17:55, Mike Burger mbur...@bubbanfriends.org wrote: Or, to simplify things and enable it for all applicable multi-user runlevels, just run: chkconfig sshd on I usually don't like leaving daemons running when they don't need to be. However, in this instance it would have helped! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cannot start SSH at boot
On Thu, Sep 1, 2011 at 17:57, Alain Péan alain.p...@lpp.polytechnique.fr wrote: I verified on CentOS 4 and 5, and SL6 servers, and they are all running on runlevel 5. I think it is the default runlevel for graphics interface (Gnome, KDE...). Alain How silly of me! This server is in the guy's house, and obviously if SSH is not running then he's logging in locally... I should have suspected a graphical login. That's my lesson learned for today! Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Change bash colours like in VIM
On Thu, Aug 18, 2011 at 12:34, Marc Deop i Argemí damnsh...@gmail.com wrote: On 17/08/2011 23:51, Dotan Cohen wrote: In VIM one can easily change colours with :set backgorund=dark. This doesn't actually change the background, but rather uses a colour scheme that is designed for a dark background. Is there any quick command like this for bash? I don't want to edit the whole config file if there is a quick way to get a better colour scheme. Thanks. No, there is not such option in bash. There are some terminal applications that allow to change the colourscheme though (like konsole) Thanks. Most of the time when I'm in a terminal it is through an emulator such as Konsole. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Change bash colours like in VIM
On Thu, Aug 18, 2011 at 13:26, Keith Roberts ke...@karsites.net wrote: In a konsole terminal window look under Settings-Schema for some preset colour schemes. Also take a look under Settings-Configure Konsole-Schema for more advanced options :) Thanks. Keith. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Change bash colours like in VIM
In VIM one can easily change colours with :set backgorund=dark. This doesn't actually change the background, but rather uses a colour scheme that is designed for a dark background. Is there any quick command like this for bash? I don't want to edit the whole config file if there is a quick way to get a better colour scheme. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash rotating tab completion with list
On Tue, Jun 14, 2011 at 17:49, yonatan pingle yonatan.pin...@gmail.com wrote: Hello Dotan, you might want to ask your sysadmin about this, it's a package that can be compiled from source. last time a checked ( a long time back ), they use both redhat 7.3 and solaris as the core system in the univ ( in tel-aviv at least ). Thanks, this is at the Technion but I can ask. you can check the system version type with a simple cat /etc/issue , or cat /etc/*relea* if it's a centos based system, the admin would have to install the package manually , or install the epel repo and use yum the proper way. most of the end users don't even use the terminal, so this is not a common question, and i am sure the root admin will be glad to help you with this. I know. Most people have never even heard of Putty today. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Bash rotating tab completion with list
I just got off a Windows 7 terminal which has rotating tab completion, this means that in the case of completion ambiguity the shell completes one of the possibilities, and subsequent tabs complete to different possibilities. This in contrast to bash's behaviour of simply printing a list of possibilities. Googling I have found that bash can in fact have rotating completion by setting \C-i: menu-complete. However, I would really like the first tab to show the possibilities (default behaviour, albeit on the second tab), and subsequent tabs to rotate. I can't figure this out. Any ideas? Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash rotating tab completion with list
On Mon, Jun 13, 2011 at 17:24, yonatan pingle yonatan.pin...@gmail.com wrote: Hi Dotan, have you already installed this: http://download.fedora.redhat.com/pub/epel/5/x86_64/repoview/bash-completion.html Nice, thanks. I was certain that I'm not the first to want this. Is there any way to configure this without the bash-completion package, for instance for use on the university students' server? (which I'm not even sure is RH based, it's something old and probably home-grown) -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Grep: show me this line and the next N lines?
On Tue, Jun 7, 2011 at 05:26, Kenneth Porter sh...@sewingwitch.com wrote: --On Tuesday, May 31, 2011 1:08 AM +0300 Dotan Cohen dotanco...@gmail.com wrote: Can grep show the matching lines and the next N lines after a match? If I'm just inspecting a file I use less and the / command to search up to the next occurrence of a regular expression. Use the ? command to search backwards. See the man page for less for lots more options. Thanks, Kenneth. I am familiar with the VIM keybindingsin less and man. I need something scriptable though. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Grep: show me this line and the next N lines?
On Tue, May 31, 2011 at 01:26, John R. Dennison j...@gerdesas.com wrote: On Tue, May 31, 2011 at 01:10:40AM +0300, Dotan Cohen wrote: Thanks, all. I did actually look at the grep manpage but after a few screenfuls it became tl;dr and I started just skimming. I suppose that I skimmed too fast! Um It's the first option described. I see now that the server's grep manpage (CentOS) does in fact put it right there at the top. I usually pull up manpages on localhost, not what I'm SSHing into, and on this Debian-Derived distro it is buried halfway down the third page of nine. That is interesting, and I'm sure that there is a lesson to be learned from that! GREP(1) GREP(1) NAME grep, egrep, fgrep, rgrep - print lines matching a pattern SYNOPSIS grep [OPTIONS] PATTERN [FILE...] grep [OPTIONS] [-e PATTERN | -f FILE] [FILE...] DESCRIPTION grep searches the named input FILEs (or standard input if no files are named, or if a single hyphen-minus (-) is given as file name) for lines containing a match to the given PATTERN. By default, grep prints the matching lines. In addition, three variant programs egrep, fgrep and rgrep are available. egrep is the same as grep -E. fgrep is the same as grep -F. rgrep is the same as grep -r. Direct invocation as either egrep or fgrep is deprecated, but is provided to allow historical applications that rely on them to run unmodified. OPTIONS Generic Program Information --help Print a usage message briefly summarizing these command-line options and the bug-reporting address, then exit. -V, --version Print the version number of grep to the standard output stream. This version number should be included in all bug reports (see below). Matcher Selection -E, --extended-regexp Interpret PATTERN as an extended regular expression (ERE, see below). (-E is specified by POSIX.) -F, --fixed-strings Interpret PATTERN as a list of fixed strings, separated by newlines, any of which is to be matched. (-F is specified by POSIX.) -G, --basic-regexp Interpret PATTERN as a basic regular expression (BRE, see below). This is the default. -P, --perl-regexp Interpret PATTERN as a Perl regular expression. This is highly experimental and grep -P may warn of unimplemented features. Matching Control -e PATTERN, --regexp=PATTERN Use PATTERN as the pattern. This can be used to specify multiple search patterns, or to protect a pattern beginning with a hyphen (-). (-e is specified by POSIX.) -f FILE, --file=FILE Obtain patterns from FILE, one per line. The empty file contains zero patterns, and therefore matches nothing. (-f is specified by POSIX.) -i, --ignore-case Ignore case distinctions in both the PATTERN and the input files. (-i is specified by POSIX.) -v, --invert-match Invert the sense of matching, to select non-matching lines. (-v is specified by POSIX.) -w, --word-regexp Select only those lines containing matches that form whole words. The test is that the matching substring must either be at the beginning of the line, or preceded by a non-word constituent character. Similarly, it must be either at the end of the line or followed by a non-word constituent character. Word-constituent characters are letters, digits, and the underscore. -x, --line-regexp Select only those matches that exactly match the whole line. (-x is specified by POSIX.) -y Obsolete synonym for -i. General Output Control -c, --count Suppress normal output; instead print a count of matching lines for each input file. With the -v, --invert-match option (see below), count non-matching lines. (-c is specified by POSIX.) --color[=WHEN], --colour[=WHEN] Surround the matched (non-empty) strings, matching lines, context lines, file names, line numbers, byte offsets, and separators (for fields and groups of context lines) with escape sequences to display them in color on the terminal. The colors are defined by the environment variable GREP_COLORS. The deprecated environment variable GREP_COLOR is still supported, but its setting does not have priority. WHEN is never, always, or auto. -L, --files-without-match Suppress normal output; instead print the name of each input file from which no output would normally have been printed. The scanning will stop on the first match. -l, --files-with-matches Suppress normal output; instead print the name of each input file from which output would normally have been printed. The scanning will stop
[CentOS] Getting the return value of the last command run
All commands return a value, usually 0 if run properly. For instance, try: $ ls echo done $ lsd echo done The echo command is only executed if the ls command exited successfully. If one did not add the echo command with the after a command, how can he determine if the command exited successfully? I have a particularly troubling script that gives does not mention if it exits successfully or not. I could modify it (and probably will some day) but in general I'd like to know the answer to this question as a learning experience. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Getting the return value of the last command run
On Mon, May 30, 2011 at 17:55, Bob Beers bob.be...@gmail.com wrote: You can check the return code. $ ls $ echo $? 0 (usually) indicates success. Thank you Bob, that is exactly what I was looking for! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Getting the return value of the last command run
On Mon, May 30, 2011 at 17:59, Christopher J. Buckley ch...@cjbuckley.net wrote: Have a read up on using return codes in Bash. http://tldp.org/LDP/abs/html/exit-status.html Thanks, Chris, the link was very informative. I should spend more time at the tldp site, I know. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Getting the return value of the last command run
On Mon, May 30, 2011 at 18:05, Ljubomir Ljubojevic off...@plnet.rs wrote: Take notice that you can use $? *only* once. So if you ever need to reuse that status, you must first assign exit code to a variable and then evaluate variable. Actually, that was kink of obvious to me, but good thing that you pointed it out. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Grep: show me this line and the next N lines?
Can grep show the matching lines and the next N lines after a match? For instance, I have a config file wit hthe following text: [Tag h1] foreground=#2e5a03 underline=double indent=0 weight=PANGO_WEIGHT_BOLD scale=2.25 I would ideally grep on [Tag h1] and have grep display the match and the next 5 lines so that I see all the content of the h1 section. Can this be done? Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Grep: show me this line and the next N lines?
Thanks, all. I did actually look at the grep manpage but after a few screenfuls it became tl;dr and I started just skimming. I suppose that I skimmed too fast! Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Getting the return value of the last command run
On Tue, May 31, 2011 at 01:14, fred smith fre...@fcshome.stoneham.ma.us wrote: Yes, all commands return a value UNLESS it was written by one of the idi,... er, misguided programmers who thinks its ok to write (in C): void main (void) { ... exit(); } because, of course, in C main() always returns SOMETHING. I'm sure it's the same in a bash script, even if the script doesn't explicitly provide a return value I imagine the shell returns something anyway, it's just that it's meaningless when that happens. I also learned in C that main should be an int. Now that I'm studying Java, main is always a void and nobody has been able to explain to me why. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Good network printer/scanner for Centos/Linux
On Thu, May 26, 2011 at 19:43, Eero Volotinen eero.voloti...@iki.fi wrote: Hi List, I am looking for good multifunction (fax, scanner, ..) color network laser printer for Linux, any ideas? specs: - Linux, Windows and OSX support on printer and also on scanner. - A4 papersize http://multi.gnt.lt/Pages/brochures/HP/CM2320MFP-ENG.pdf ? thanks, HP 4500 series. I love mine. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)
On Sun, May 15, 2011 at 16:35, Michel Donais don...@telupton.com wrote: A perhaps stupid question from a newby Why 4.9 is out in a so long time frame after 5.0? 5.6 -- CentOS - 4/8/11 SL - (Soon) -- same time frame (1 of 3) 5.5 -- CentOS - 5/14/10 SL - 5/19/10 5.4 -- CentOS - 10/21/9 SL - 11/4/9 5.3 -- CentOS - 3/31/9 SL - 3/19/9 5.2 -- CentOS - 6/24/8 SL - 6/26/8 5.1 -- CentOS - 12/2/7 SL - 1/16/8 5.0 -- CentOS - 4/12/7 SL - 5/4/7 4.9 -- CentOS - 3/2/11 SL - 5/6/11 -- It's a different branch. The 4.x branch had/has continued support even though the 5.x (and now 6.x) branches are released. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I have RHel6. How does that turn into Centos 6?
On Sun, May 1, 2011 at 01:48, Les Mikesell lesmikes...@gmail.com wrote: On 4/30/11 4:31 PM, Kai Schaetzl wrote: Les, I don't understand you, sorry. You talk about something that I didn't ask for. You seem to make something of this thread that it isn't. You asked for something 'centos-y'. And there really is nothing specific to centos other than it's differences from upstream., most of which aren't technical. Might I suggest to investigate Scientific Linux as well? SL is also RHEL-based, but I do believe that some other packages are added. SL has had a 6.0 release, as well as 4.9. I don't know about 5.6, though. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] I have RHel6. How does that turn into Centos 6?
On Fri, Apr 29, 2011 at 21:56, NOYK service.acco...@insightbb.com wrote: Given the difficulty of getting Centos 6 released - maybe this is not the correct group to ask. Just saying. ;) It seems to me that is exactly why he was asking. The OP doesn't really want to create Paul Linux, he wants to know what CentOS does to RHEL to make it CentOS. Superficially, grepping for redhat in the source and compiling doesn't sound like 6 months worth of delays. I thought it was a clever, respectful way of asking the question. That said, I do appreciate how much work goes into a CentOS release. I do know that it is not a simple grep! So the answer to Paul's question intrigues me as well. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Tar so slow! Is there anything faster?
I need to tar up a good 100 GiB of files, but tar is progressing at a rate of about 1 MiB per second. Is there something, anything, faster? Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar so slow! Is there anything faster?
On Thu, Jan 6, 2011 at 15:54, Jerry Franz jfr...@freerun.com wrote: tar is normally screaming fast unless you use bzip2 compression (or gzip compression on an underpowered CPU). Provide details: What are you tarring, how are you invoking tar, what hardware are you running on (hard drive types, cpu type, etc). Thanks, Jerry, I was in fact using bzip2: $ tar -cjf dcl-2010-12-07.tbz dcl-2010-12-07/ I don't really need compressed, just archived (moving Linux files via FAT-formatted external hard drive) so I ditched the j option and it's now screaming along at almost 80 MiB/sec. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar so slow! Is there anything faster?
On Thu, Jan 6, 2011 at 16:06, Adam Tauno Williams awill...@whitemice.org wrote: On Thu, 2011-01-06 at 15:47 +0200, Dotan Cohen wrote: I need to tar up a good 100 GiB of files, but tar is progressing at a rate of about 1 MiB per second. Is there something, anything, faster? Yes, star. http://cdrecord.berlios.de/private/star.html And it is in the CentOS repos. The -fifo option can help allot [and it backs up ACLS xattrs too!]. Thanks, I'll take a look at that. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar so slow! Is there anything faster?
On Thu, Jan 6, 2011 at 16:08, Arun Khan knu...@gmail.com wrote: Thanks, Jerry, I was in fact using bzip2: $ tar -cjf dcl-2010-12-07.tbz dcl-2010-12-07/ bzip2 will slow down the operation. If you don't really need compressed than simply do tar cf tar file dir/file list Yup, that's what I'm doing now! Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to stop automount
On Wed, Nov 17, 2010 at 05:52, Dick Roth raro...@comcast.net wrote: I just put a USB hard drive into service, but find that unless the drive is connected to my PC the machine won't boot and drops to a shell. Below is the line I added to fstab. I thought that the option noauto would prevent the machine from trying to mount the drive /dev/sdb /usbdrive ext3 user,noauto,rw 0 2 What am I doing wrong? Any advice is welcome. What is on the drive? If it's something critica, such as your /home or /etc directory, then of course the system won't make it to runlevel 5 without it. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Thu, Nov 11, 2010 at 00:08, Lamar Owen lo...@pari.edu wrote: Well, this runs afoul of one of the annoyances with IP. That is, IP addresses don't belong to the host; they belong to the interface. Even on a cisco router, to assign the router itself an interface requires a loopback interface be created. I understand what you want to do; I'm just saying that, unless you can assign a user's applications to a VRF (using cisco terminology; typically done by binding the application to a source address in that VRF) and then use multiple VRF's in the kernel, the kernel assumes that both references to 192.168.0.1 refer to the same device (from the point of view of the kernel, unless you have set up multiple routing tables, there is only one layer 3 network here), and it will choose the interface according to other criteria in the routing tables. I remember seeing your ifconfig output... yes, you had: wlan0: 192.168.0.26/255.255.255.0 eth0: 192.168.0.101/255.255.255.0 However, you didn't provide routing table outputat least, I don't remember seeing netstat -r or ip route output. So I'm assuming that you haven't set up multiple routing tables. This means, from the kernel's point of view, that wlan0 and eth0 are not only in the same layer 3 network, but also on the same subnet/layer 2 segment (thanks to the /24 netmask; the kernel is going to send the packets out one of the interfaces based on the kernel's rules for local subnets). No two hosts can have the same IP address on the same layer 2 segment; as far as the kernel is concerned, eth0 and wlan0 are on the same layer 2 segment. ( http://linux-ip.net/html/basic-reading.html#basic-local-network ) Now, if you want to do it with routing tables, you can. The difficult part is getting the web browser to select the right source IP address (according to which interface you want to use), and then you have to write the routing rules based on source address. It's easier with in-kernel NAT (allowing traffic on the default source IP address to access the desired device solely based on the destination's IP address; and, again, I'm talking entirely from the point of view of the kernel on host C here), but it is doable with plicy routing and multiple tables. A relevant guide is found at: http://linux-ip.net/html/index.html It has lots of details. Two things have to happen: 1.) You have to set the source IP address to bind per application or per user or based on ENV variable; 2.) You have to have two routing tables, with routing based on the bound source address being on one interface or the other (since the destination address is not unique, and since the destination address is the primary route selector, you have to configure a secondary route selector; source IP address is supported through policy routing) Again, all talk of routing here is from the kernel's point of view on host C (in your diagram). But, even then this may or may not work, since both networks are locally attached; you might just have to experiment with it. I did some googling on the subject, but nothing I was able to find in a reasonably short time fit your exact circumstances. I'll have to admit to some curiosity in how to do this myself; I might lab it up one day and see, when I have more time to spend on it. Thank you Lamar, I have spent some time googling and learning the concepts that you mention. I'm not much closer to a solution to this issue, but I have a much better understanding of IP networks. The routing tables and netmask concepts were big holes my my knowledge, and I'm the better for having invested in this query now that I've cleared some things up. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 23:19, Bob McConnell rmcco...@lightlink.com wrote: To amplify this just a little bit, by the rules of IP routing, every machine must: A) Have a unique address. B) Be attached to the proper subnet for that address as defined by the local netmask. Once those are true, there exists a unique route between any two machines connected to the network, or the Internet. Both those conditions are met in this use case, however the machine in question is on two networks: |--Network1--|--Network2--| ACB A: router on the wireless network B: router on the wired network C: CentOS laptop Each router has a unique address on it's own network, as per spec. The laptop is connected to two networks, on two different interfaces. The networks were never designed to be connected, and in fact there is no connection between them. Correct me if I'm wrong, but NAT is what C would do to let a computer on Network1 access a resource on Network2. C would be the gateway, rerouting packets between the two networks and correcting for address used on both sides. However, I am not trying to create a gateway! In this case, C itself (as a workstation) needs to access resources on both networks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On Sat, Nov 6, 2010 at 19:35, Frank Cox thea...@sasktel.net wrote: For a few programs that don't seem to be (readily) available for Centos I just take some steps to create/compile my own rpm. Sometimes all it takes is a simple rpmbuild --rebuild command on a Fedora rpm, sometimes it takes a bit more than that. Thanks, I did not know that this was possible! You can find my Centos rpms here: http://www.melvilletheatre.com/articles/el5/index.html -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Addressing outgoing connections to a specific interface
On a CentOS 5.5 laptop (Dell Inspiron, dual boot with a Debian-based distro) I have a cable plugged into eth0 which is on a LAN with no internet connection. Additionally, I connect wirelessly on wlan0 to the internet. Both connections have router on the 192.168.0.1 address. Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? Some googling led me to the keyword loopback but I am at a loss as how to configure it, or if this is even the right idea. If there is a specific page that I should be reading in the fine manual then please do RTFM me, as I myself failed to find the proper page. Thanks in advance. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] obtaining non-packaged software
On Sat, Nov 6, 2010 at 13:31, Piscium grok...@gmail.com wrote: I have been using Fedora on my home desktop for close to an year, and I am happy with it, nevertheless I am considering switching to a slower-moving distro. CentOS + EPEL put together have less packages than Fedora. Moreover RPM Fusion has fewer packages for EL than for Fedora. I am wondering how can I install on my PC applications for which packages do not exist from one of the above-mentioned repos. I can go upstream, get sources and build them. It is a good solution, I do that even with Fedora, however this can mean a lot of work when a package depends on 10 others. So I wonder what do other CentOS users do in a similar situation? Is it possible to get a Fedora binary package and install it? What about getting a Fedora source package, building and installing it? Is there any other possibility? Are there any specific applications that you need but are not available in the CentOS repos, or just in general? My experience is that I had to build Anki [1], as no current version was available for either CentOS or Fedora. [1] http://ichi2.net/anki/#linux -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 15:52, Hakan Koseoglu ha...@koseoglu.org wrote: You want to use both network cards at the same time. Yes, it's doable. The easiest method would be bonding. Yes, both cards at the same time. They are on different networks: eth0 is connected to an internet-less LAN, and wlan0 is connected to a router that connects it with the internet. Both networks have devices on 192.168.0.1 and I need to access (via port 80 in a web browser) both those devices at the same time. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
It seems that bonding is aggregating multiple ethernet channels together to form a single channel, not quite what I am looking for. To be more specific: I am connected to the internet via wlan0. When I type 192.168.0.1 into my web browser, I get the web control panel of the Linksys router that manages that wireless network. However, at the moment I need to access the web control panel of the D-Link router that manages my eth0 LAN, also on 192.168.0.1 but on the eth0 interface. How can this be done? Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 16:29, Markus Falb markus.f...@fasel.at wrote: Set a temporary additional route #$ ip ro add 192.168.0.1/32 dev eth0 You can get rid of it again with #$ ip ro del 192.168.0.1 Thanks, that is what I need to know! I should be able to google it from here. However, maybe you really should get rid of such doubled adresses or networks. Neither side is willing to bugde, it's my own doing really and it's in a learning environment, not a business environment, so I learn what I can from it! CentOS seems to be very flexible and configurable, doubly so regarding anything to do with a network, and this is a great way to learn about both the OS and networks in general. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 19:10, John R Pierce pie...@hogranch.com wrote: that temporary route will break his internet access, since 192.168.0.1 is ALSO his internet gateway on the W-LAN side. there's no way around this. if you can readdress one or the other LAN, then this would just work all the time. This is on the Internet-connected interface: wlan0 Link encap:Ethernet HWaddr 00:18:de:98:c7:34 inet addr:192.168.0.26 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::218:deff:fe98:c734/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:114879 errors:0 dropped:0 overruns:0 frame:0 TX packets:78945 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:104017653 (104.0 MB) TX bytes:11292782 (11.2 MB) And this is on the LAN-connected interface: eth0 Link encap:Ethernet HWaddr 00:15:c5:c8:13:d1 inet addr:192.168.0.101 Bcast:192.168.0.255 Mask:255.255.255.0 inet6 addr: fe80::215:c5ff:fec8:13d1/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:1921474 errors:0 dropped:0 overruns:0 frame:0 TX packets:8322288 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:146445850 (146.4 MB) TX bytes:3479224403 (3.4 GB) Interrupt:17 I'm not booted into CentOS at the moment (I just rebooted to Ubuntu because my Thunderbird mail is there) but I can reboot if there is any other info that might be relevant. I'm really surprised that it is this difficult (I don't yet believe impossible!) and just assumed that I'm doing things wrong. As the saying goes, if in Linux it is getting difficult, then you are probably doing it wrong! Surely I am not the first person who is connected to two separate LANs and needs to access addresses on both of them. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 19:35, Hakan Koseoglu ha...@koseoglu.org wrote: OK, I got it wrong earlier. Not possible without breaking your WLan network. It's much easier to move the D-Link router to 192.168.0.2 or something else, in most cases it doesn't matter where the router sits. Better, move one of them to an other private network subnet (192.168.1.0/24 maybe?) Thanks, Hakan. I control neither router! The wireless admin doesn't even understand that her wifi is unsecured (but she says that if I can connect via her connection somehow and don't cause trouble, she doesn't mind) and the wired network has too many other-people things already connecting to the 192.168.0.1 address that it would not be feasible to change. I'll google it some more, this is more of a learning experience for me than a critical issue. I seem to be a bit too convinced that somehow this is possible, and so long as I'm learning I will continue to try. I'll post back if I have any success. Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 20:05, KevinO ke...@kevino.org wrote: No. You're just one of the first to want to do it with both sub-nets set up with THE SAME NETWORK ADDRESS. Move one. Both are adjustable. I see! Is there no way to do specify which interface (eth0 / wlan0) to use for the rest of a terminal session, without affecting other running processes? The problem pretty much reduces to this. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 20:14, KevinO ke...@kevino.org wrote: It boils down to the routing table, which is based on IP address, and this table is system wide. I see, thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, Nov 6, 2010 at 20:51, Lamar Owen lo...@pari.edu wrote: On Nov 6, 2010, at 9:04 AM, Dotan Cohen wrote: Both connections have router on the 192.168.0.1 address. Although I need to stay connected to the wireless router, can I still access the address 192.168.0.1 on the wired interface? What you want is a NAT to take, say, 192.168.1.0/24 and translate it to the eth0 192.168.0.0/24 network, where the translation occurs at the egress of eth0 (that is, the 192.168.1.0/24 route is set to go out eth0, and the egress (and by extension the ingress) traffic gets translated. How you would do this in iptables I'm not sure; I've done it with Cisco hardware, as this is a common issue when joining two RFC 1918 networks together that have overlapping address space. But at the end you would access 192.168.1.1 and it would get translated to 192.168.0.1 at the eth0 point and wouldn't interfere with the wlan0 version of the 192.168.0.1 address. I'm not exactly 100% sure it can be done without an external NAT box, but a small external router that can do NAT would make it much easier. That is not what I am trying to do, I will try to rephrase: I have a laptop connected to two network interfaces: eth0 and wlan0. Each interface connects to a different LAN. Both LANs have machines on the 192.168.0.1 address that I must access via port 80 in a web browser. I don't need to access each one at the same time, but I do need to leave both interfaces up for other software running on this machine. CentOS 5.5, Dell Inspiron laptop. I suppose that I need either: 1) An address system such as eth0:192.168.0.1 and wlan0:192.168.0.1 (syntax invented to illustrate idea, it doesn't really work!) -or- 2) A way to do something like this as a user without affecting other users: $ export INTERFACE=eth0 $ lynx 192.168.0.1 $ export INTERFACE=wlan0 $ lynx 192.168.0.1 -or- 3) A pony. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] No last command in VIM?
Although I made sure that vim-enhanced.i386 is installed, pressing : then upArrow does not show me the last command that I've typed. Might I still be using vim-minimal erroneously? How to fix that? I don't see any mention of this in google or the past few months of fine archives. Thanks. [g...@mercury ~]$ uname -a Linux mercury 2.6.18-194.3.1.el5PAE #1 SMP Thu May 13 13:48:44 EDT 2010 i686 i686 i386 GNU/Linux [g...@mercury ~]$ yum info vim-enhanced.i386 Repo : installed -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No last command in VIM?
On Thu, Oct 21, 2010 at 18:36, Scott Robbins scot...@nyc.rr.com wrote: Is there possibly a /bin/vi which takes precedence over /usr/bin/vim? (Or is the command vim-enhanced?) That's it! Using the command vim instead of vi to open the file gives me history. Can anyone else confirm this? I actually confirmed it on another server, but both were installed from the same sever-farm default image. I'll file a bug if needed and someone confirms. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No last command in VIM?
On Thu, Oct 21, 2010 at 19:52, Alfred von Campe alf...@von-campe.com wrote: It's not a bug: /bin/vi is supplied by the vim-minimal package and /usr/bin/vim is supplied by vim-ehnabced. Just alias vi to vim and you should be all set. Rather than alias it, I'll just get used to typing vim on CentOS installs. I don't like customising remote servers because I like uniformity and I'm often enough at a different server. I thought it was a bug because other distros do it differently: they come with the alias. Alas, different is not a bug! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
Got it! I had to set these three last values: postconf -e 'mydomain = sharingcenter.eu' postconf -e 'myhostname - mail.sharingcenter.eu' postconf -e 'myhostname = mail.sharingcenter.eu' postconf -e 'mynetworks = 178.63.65.136' postconf -e 'mydestination = $myhostname, localhost.$mydomain, localhost, sharingcenter.eu, mail.sharingcenter.eu' I thank you guys for your patience and help. I just spent a good few hours googling today and working my way around blogs, documentation, howto articles, forum posts, mailing list archives, and the like. I wouldn't have even known what to google for without the patient and helpful assistance I've received here. When it is said that CentOS is a Community ENTerprise Operating System be there no mistake! Cold beer for anyone visiting Israel soon! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix wont stay started
On Mon, Oct 18, 2010 at 01:33, Scott Robbins scot...@nyc.rr.com wrote: On Mon, Oct 18, 2010 at 12:30:11AM +0200, Dotan Cohen wrote: On Sun, Oct 17, 2010 at 23:57, Robert Heller hel...@deepsoft.com wrote: Quoting from Highlander: There can be only one. I have to read that! I'm in the middle of Dune now... This was actually best known as a movie--I reckon most of you are too young. Hrrm, there was a TV show afterwards, too. I had heard of the movie, but I prefer books to movies/TV and just assumed that there would be a book. Is 33 too young for that? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix wont stay started
On Mon, Oct 18, 2010 at 05:45, Les Mikesell lesmikes...@gmail.com wrote: You can use specific 'Listen' directives for apache instead of the usual *:80. The java app will probably have an equivalent config or command line option. Thanks, Les, that is what I needed to know. The JAva app is all custom code, so we will need to add the Listen equivalent ourselves. I just assumed that there would be some way to do it at the OS level. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 01:46, Ryan Wagoner rswago...@gmail.com wrote: You will want to check your DNS and try to telnet to the server. If your server is behind NAT or you run split-dns it would be advisable to try it from another connection. dig mx yourdomain.com telnet smtp.yourdomain.com 25 Of course if your mx record points to something other than smtp.yourdomain.com you will want to use that instead. Thanks, Ryan. The MX record looks fine, but telnet won't connect: ✈dcl:~$ dig mx sharingcenter.eu ; DiG 9.7.1-P2 mx sharingcenter.eu ;; global options: +cmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 22263 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;sharingcenter.eu. IN MX ;; ANSWER SECTION: sharingcenter.eu. 86400 IN MX 10 mail.sharingcenter.eu. ;; AUTHORITY SECTION: sharingcenter.eu. 86400 IN NS ns2.sharingcenter.eu. sharingcenter.eu. 86400 IN NS ns1.sharingcenter.eu. ;; ADDITIONAL SECTION: mail.sharingcenter.eu. 86400 IN A 178.63.65.136 ;; Query time: 88 msec ;; SERVER: 212.150.49.10#53(212.150.49.10) ;; WHEN: Mon Oct 18 21:52:25 2010 ;; MSG SIZE rcvd: 107 ✈dcl:~$ telnet sharingcenter.eu 25 Trying 178.63.65.188... ^C ✈dcl:~$ telnet mail.sharingcenter.eu 25 Trying 178.63.65.136... telnet: Unable to connect to remote host: No route to host ✈dcl:~$ On the server, it looks like everything is running as it should: [r...@mercury ~]# service postfix status master (pid 31800) is running... [r...@mercury ~]# service dovecot status dovecot (pid 29751) is running... [r...@mercury ~]# netstat -anp --tcp --udp | grep LISTEN | grep 25 tcp0 0 127.0.0.1:250.0.0.0:* LISTEN 31800/master [r...@mercury ~]# What could I be missing? The logs are clean. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 22:06, Alexander Dalloz ad+li...@uni-x.org wrote: The daemon is bound to localhost only. Yes, that would be a problem! What could I be missing? The logs are clean. postconf -e 'inet_interfaces = all' service postfix restart Thanks! However, even after the change and confirming that postfix is listening properly: [r...@mercury ~]# postconf -e 'inet_interfaces = all' [r...@mercury ~]# service postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [r...@mercury ~]# netstat -anp --tcp --udp | grep LISTEN | grep 25 tcp0 0 0.0.0.0:25 0.0.0.0:* LISTEN 7816/master [r...@mercury ~]# I still cannot cannot connect with telnet: ✈dcl:~$ telnet sharingcenter.eu 25 Trying 178.63.65.188... Trying 178.63.65.136... telnet: Unable to connect to remote host: Connection timed out ✈dcl:~$ telnet mail.sharingcenter.eu 25 Trying 178.63.65.136... telnet: Unable to connect to remote host: No route to host ✈dcl:~$ ping sharingcenter.eu PING sharingcenter.eu (178.63.65.188) 56(84) bytes of data. 64 bytes from static.188.65.63.178.clients.your-server.de (178.63.65.188): icmp_req=1 ttl=50 time=85.0 ms 64 bytes from static.188.65.63.178.clients.your-server.de (178.63.65.188): icmp_req=2 ttl=50 time=189 ms 64 bytes from static.188.65.63.178.clients.your-server.de (178.63.65.188): icmp_req=3 ttl=50 time=92.0 ms ^C --- sharingcenter.eu ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 85.069/122.275/189.675/47.745 ms ✈dcl:~$ Why might that be? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
No, I should have mentioned that the firewall is open: [r...@mercury public_html]# iptables -L -n -v Chain INPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination [r...@mercury public_html]# -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 22:34, Steve Clark scl...@netwolves.com wrote: Hmm... I am not having any problem connecting from the U.S. ping 178.63.65.136 PING 178.63.65.136 (178.63.65.136) 56(84) bytes of data. 64 bytes from 178.63.65.136: icmp_seq=1 ttl=49 time=140 ms 64 bytes from 178.63.65.136: icmp_seq=2 ttl=49 time=142 ms 64 bytes from 178.63.65.136: icmp_seq=3 ttl=49 time=138 ms telnet 178.63.65.136 25 Trying 178.63.65.136... Connected to 178.63.65.136. Escape character is '^]'. ^] telnet close Connection closed. Exactly the problem! It pings fine (so I know that connections can be established over the physical wires) and on the IP address telnet answers. However, telnet to port 25 (smtp) with the domain name fails. Why could that be? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 22:47, m.r...@5-cent.us wrote: Bingo! DNS. No, even on the IP address telnet won't answer on port 25: ✈dcl:~$ telnet 178.63.65.188 25 Trying 178.63.65.188... telnet: Unable to connect to remote host: Connection timed out ✈dcl:~$ -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
I see now, since the last postfix restart the log is filling up with these: Oct 18 22:59:42 mercury postfix/smtpd[11318]: fatal: open database /etc/aliases.db: No such file or directory Oct 18 22:59:43 mercury postfix/master[7816]: warning: process /usr/libexec/postfix/smtpd pid 11318 exit status 1 Oct 18 22:59:43 mercury postfix/master[7816]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling The problem will probably reveal itself here, but I will need to do a bit of googling to decipher it all. I admit that much of the configuration was done with tutorials that I googled, with limited understanding. That's how we learn! [r...@mercury ~]# postconf -n alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases command_directory = /usr/sbin config_directory = /etc/postfix daemon_directory = /usr/libexec/postfix debug_peer_level = 2 home_mailbox = Maildir/ html_directory = no inet_interfaces = all mail_owner = postfix mailbox_command = mailq_path = /usr/bin/mailq.postfix manpage_directory = /usr/share/man mydestination = $myhostname, localhost.$mydomain, localhost newaliases_path = /usr/bin/newaliases.postfix queue_directory = /var/spool/postfix readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES sample_directory = /usr/share/doc/postfix-2.3.3/samples sendmail_path = /usr/sbin/sendmail.postfix setgid_group = postdrop smtp_tls_note_starttls_offer = yes smtp_use_tls = yes smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_auth_only = no smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s smtpd_use_tls = yes tls_random_source = dev:/dev/urandom unknown_local_recipient_reject_code = 550 [r...@mercury ~]# To what must I change /etc/aliases.db? Which fine manual should I be reading? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 22:55, Todd Denniston todd.dennis...@tsb.cranrdte.navy.mil wrote: are you coming to it from a 178.63.65.* or from a private IP (even if through a NAT)? No, I'm pinging and telnetting in from another country! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 22:59, Alexander Dalloz ad+li...@uni-x.org wrote: By any chance, did you bring down loopback or destroyed the localhost mapping in /etc/hosts? Or you have something broken in your main.cf. Post the output of postconf -n. No, loopback works and there's nothing unusual about /etc/hosts. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 23:15, Scott Robbins scot...@nyc.rr.com wrote: Well, see if you have an /etc/aliases, which you should, even if it's a defaut. Then just run newaliases which will create an /etc/aliases.db The issues may be elsewhere, but get rid of that one. Well, I tried: [r...@mercury ~]# ls -l /etc/aliases -rw-r--r-- 1 root root 1512 Apr 25 2005 /etc/aliases [r...@mercury ~]# newaliases [r...@mercury ~]# service postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [r...@mercury ~]# service postfix status master (pid 12412) is running... [r...@mercury ~]# tail /var/log/maillog Oct 18 23:15:59 mercury postfix/master[7816]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Oct 18 23:16:18 mercury dovecot: imap-login: Login: user=sami37, method=PLAIN, rip=:::127.0.0.1, lip=:::127.0.0.1, secured Oct 18 23:16:18 mercury dovecot: IMAP(sami37): Disconnected: Logged out Oct 18 23:16:59 mercury postfix/smtpd[12298]: fatal: open database /etc/aliases.db: No such file or directory Oct 18 23:17:00 mercury postfix/master[7816]: warning: process /usr/libexec/postfix/smtpd pid 12298 exit status 1 Oct 18 23:17:00 mercury postfix/master[7816]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Oct 18 23:17:49 mercury postfix/postfix-script: stopping the Postfix mail system Oct 18 23:17:49 mercury postfix/master[7816]: terminating on signal 15 Oct 18 23:17:49 mercury postfix/postfix-script: starting the Postfix mail system Oct 18 23:17:49 mercury postfix/master[12412]: daemon started -- version 2.3.3, configuration /etc/postfix [r...@mercury ~]# But it still won't connect: ✈dcl:~$ telnet mail.sharingcenter.eu 25 Trying 178.63.65.136... telnet: Unable to connect to remote host: Connection timed out ✈dcl:~$ telnet sharingcenter.eu 25 Trying 178.63.65.188... Trying 178.63.65.136... telnet: Unable to connect to remote host: Connection timed out ✈dcl:~$ -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
Seeing how postfix could not access /etc/aliases I tried loosening the permissions, but still no luck: [r...@mercury ~]# chmod +rx /etc/aliases [r...@mercury ~]# newaliases [r...@mercury ~]# ls -l /etc/aliases -rwxr-xr-x 1 root root 1512 Apr 25 2005 /etc/aliases [r...@mercury ~]# service postfix status master (pid 12412) is running... [r...@mercury ~]# service postfix restart Shutting down postfix: [ OK ] Starting postfix: [ OK ] [r...@mercury ~]# tail /var/log/maillog Oct 18 23:29:02 mercury postfix/master[12412]: warning: process /usr/libexec/postfix/smtpd pid 12987 exit status 1 Oct 18 23:29:02 mercury postfix/master[12412]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling Oct 18 23:29:17 mercury postfix/postalias[13000]: fatal: usage: postalias [-Nfinoprsvw] [-c config_dir] [-d key] [-q key] [map_type:]file... Oct 18 23:29:52 mercury postfix/postfix-script: stopping the Postfix mail system Oct 18 23:29:52 mercury postfix/master[12412]: terminating on signal 15 Oct 18 23:29:52 mercury postfix/postfix-script: starting the Postfix mail system Oct 18 23:29:52 mercury postfix/master[13090]: daemon started -- version 2.3.3, configuration /etc/postfix Oct 18 23:30:00 mercury postfix/smtpd[13106]: fatal: open database /etc/aliases.db: No such file or directory Oct 18 23:30:01 mercury postfix/master[13090]: warning: process /usr/libexec/postfix/smtpd pid 13106 exit status 1 Oct 18 23:30:01 mercury postfix/master[13090]: warning: /usr/libexec/postfix/smtpd: bad command startup -- throttling [r...@mercury ~]# date Mon Oct 18 23:30:08 CEST 2010 [r...@mercury ~]# -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 23:31, Alexander Dalloz ad+li...@uni-x.org wrote: Sendmail is still the default on CentOS. So to switch to Postfix you will have to use the mechanism to relink - using alternatives. What prints out: alternatives --display mta You found it! [r...@mercury ~]# alternatives --display mta mta - status is manual. link currently points to /usr/sbin/sendmail.exim /usr/sbin/sendmail.exim - priority 10 slave mta-pam: /etc/pam.d/exim slave mta-mailq: /usr/bin/mailq.exim slave mta-newaliases: /usr/bin/newaliases.exim slave mta-rmail: /usr/bin/rmail.exim slave mta-rsmtp: /usr/bin/rsmtp.exim slave mta-runq: /usr/bin/runq.exim slave mta-sendmail: /usr/lib/sendmail.exim slave mta-mailqman: /usr/share/man/man8/exim.8.gz slave mta-newaliasesman: (null) slave mta-aliasesman: (null) slave mta-sendmailman: (null) /usr/sbin/sendmail.postfix - priority 30 slave mta-pam: /etc/pam.d/smtp.postfix slave mta-mailq: /usr/bin/mailq.postfix slave mta-newaliases: /usr/bin/newaliases.postfix slave mta-rmail: /usr/bin/rmail.postfix slave mta-rsmtp: (null) slave mta-runq: (null) slave mta-sendmail: /usr/lib/sendmail.postfix slave mta-mailqman: /usr/share/man/man1/mailq.postfix.1.gz slave mta-newaliasesman: /usr/share/man/man1/newaliases.postfix.1.gz slave mta-aliasesman: /usr/share/man/man5/aliases.postfix.5.gz slave mta-sendmailman: /usr/share/man/man1/sendmail.postfix.1.gz Current `best' version is /usr/sbin/sendmail.postfix. If that tells you that Sendmail is still the primary MTA, then run: alternatives --config mta and select Postfix. Then rerun newaliases or postalias /etc/aliases. Done! I then restarted postfix and there seem to be no new errors in the logs. However, I still cannot telnet into port 25: ✈dcl:~$ telnet sharingcenter.eu 25 Trying 178.63.65.188... Trying 178.63.65.136... telnet: Unable to connect to remote host: No route to host ✈dcl:~$ telnet mail.sharingcenter.eu 25 Trying 178.63.65.136... telnet: Unable to connect to remote host: Connection timed out ✈dcl:~$ -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving mail
On Mon, Oct 18, 2010 at 23:46, John R Pierce pie...@hogranch.com wrote: no kidding. look at that log, it didn't start. (last 3 lines notwithstanding, every else there looks like 'error' to me) Yes, those error were before I removed sendmail from the default config. Even though it seems to be answering on post 25 now, mail sent to an account there from Gmail are not being received. No errors in the logs. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Postfix wont stay started
What should I start troubleshooting when postfix will not stay running: [r...@mercury ssl]# service postfix start Starting postfix: [ OK ] [r...@mercury ssl]# service postfix status master is stopped [r...@mercury ssl]# Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix wont stay started
On Sun, Oct 17, 2010 at 23:17, Eero Volotinen eero.voloti...@iki.fi wrote: check out logs.. Thanks, Eero, I know that should be the first step always! It turns out that: Oct 17 23:12:47 mercury postfix/postfix-script: starting the Postfix mail system Oct 17 23:12:47 mercury postfix/master[30770]: fatal: bind 127.0.0.1 port 25: Address already in use Which led me to: [r...@mercury log]# netstat -anp --tcp --udp | grep LISTEN | grep 25 tcp0 0 127.0.0.1:250.0.0.0:* LISTEN 2870/exim Stopping exim let me start postfix. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix wont stay started
On Sun, Oct 17, 2010 at 23:57, Robert Heller hel...@deepsoft.com wrote: Quoting from Highlander: There can be only one. I have to read that! I'm in the middle of Dune now... For any given service (SMTP in this case), there can be only one listener. One cannot run two MTAs at the same time (unless one is using a non-standard port for one). Actually, this server has four IP addresses: one each on eth0, eth0:0, eth0:1, and eth0:2. Would it be possible to run an arbitrary service (it's actually a Java-based game server) on port 80 on one IP address, and Apache on port 80 on another IP address? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Not receiving mail
I have installed Postfix, Dovecot, and Squirrelmail on a CentOS 5.5 machine. In Squirrelmail a user can send mail, but he is not receiving replies. There is nothing relevant in the maillog other than the user's (successful) login attempts. I am at loss, I have been following tutorials such as the Perfect Server [1] series and other Google results, but I cannot get this thing to receive mail. What should I be checking? Thanks! [1] http://www.howtoforge.com/perfect-server-centos-5.5-x86_64-ispconfig-2 -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] One server not showing SSH port, the other is.
I have two CentOS servers running SSH on two different non-standard ports. So far as I can tell, they have identical /etc/ssh/sshd_config files with the exception of the different port (both are 22xx). However, when running nmap on them, one betrays the port that SSH is running on, and the other does not. I have shut down iptables on both machines and the behaviour remains this way. What could be the cause? Specifically, how can I hide the port that SSH is running on? I'm sorry that I cannot provide the IP addresses, the owner of the servers doesn't want that! I also know how silly it is to do stealth ports but I'm not the one making the decision! Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
On Mon, Sep 27, 2010 at 13:27, Brent L. Bates blba...@vigyan.com wrote: Just noticed something. Have your serial number reflect the date you last updated the file. That way you will know when you last changed it. For example, today is September 27, 2010, if you were making your first update today, make the serial number 2010092701. I add on 2 digits at the end in case I need to make more than one change in one day. Changing it 10 times in one day isn't likely, but just in case that isn't enough, I know *I* will not be making more than 100 changes in one day. Serial numbers ALWAYS have to increase with each change. That is the way other name servers know they need to update their information. If the serial number is bigger than what they have stored, then they know they need to download the new information. If you plan on updating the DNS information more than 100 times a day, you will need to give yourself some extra digits. I hope this is of some help. I think that the fine manual mentioned something about if one hundreds edits were done in a single day, then it is time to go home and get some sleep! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
On Sat, Sep 25, 2010 at 18:15, Les Mikesell lesmikes...@gmail.com wrote: For completeness: there is the BIND 9 Administrator Reference Manual, known as the ARM, usually supplied under /usr/share/doc/. And what many consider to be the standard reference, Liu and Albitz's DNS and BIND published by O'Reilly. I believe it's up to the 5th edition now; an earlier edition used to be provided online. If you're serious about learning DNS you ought to consider this book. Learning bind is sort of like learning sendmail though. They both do a million things you'll never need (and if you do you should probably change your design...). The trick - especially when you start with the full references - is to figure out the simple part you need to understand and ignore the rest. And when using distribution-packaged versions, most of what you need is already there. Most certainly. I think that my major problem is that I tried to learn BIND instead of learning how to get it to do the specific thing that I needed it to do. It's like learning the entire Japanese language just to be sure to know how read the bathroom signs on a two-hour stopover in Tokyo. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Configuring BIND to answer to two domain names (four IP addresses)
On a CentOS 5 server, I am having a hard time configuring BIND to answer to 4 IP addresses for 2 domain names. Currently, I have four IP addresses, for sake of discussion they are: 1.1.1.1 1.1.1.2 1.1.1.3 1.1.1.4 Additionally, I have two domain names. For sake of discussion: exampleA.com exampleB.com My goal is to have 1.1.1.1 1.1.1.2 as the nameservers for exampleA.com, and 1.1.1.3 1.1.1.4 as the nameservers for exampleB.com. Apache is running on this machine, and should of course serve pages for the sites. I think that I've got the apache configuration down, but the BIND configuration is eluding me. I've read the following fine manual, but I am still stuck: http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-bind.html Additionally, I have googled for how to configure bind for multiple domain names and the like, but I see no mention of the IP addresses configuration. Can I simply configure any IP address that the server answers to as the nameservers? What am I missing? Thank you in advance! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
Have a read for the listen on directive for BIND which tells BIND what interfaces/IP Addresses to bind to. Thanks, I am aware that Apache can be told to listen only to specific addresses. Can BIND be told to listen on all addresses? Your post implies that this is the default (which makes sense, as so does Apache), maybe I am chasing a non-issue? In other words, I should configure BIND to answer to exampleA.com and to exampleB.com with no regard to IP addresses. then in the control panel for each domain name configure the nameservers to my liking (with addresses that the server answers to, naturally)? That's it? Alternatively, you could just configure BIND identically on both machines and ensure that they are setup in a master/slave configuration so that each name server could answer requests for both domains and publish both name server records in each domain. There is only one machine. All four addresses point to it. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
On Fri, Sep 24, 2010 at 19:26, Eric Viseur eric.vis...@gmail.com wrote: Maybe a Round-Robin configuration ? Thank you Eric, but I may have been unclear. There is only one physical server, but it answers to four IP addresses. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
On Fri, Sep 24, 2010 at 19:38, Les Mikesell lesmikes...@gmail.com wrote: You are making it much more complicated than necessary. That is what I suspected! I know that when Linux gets difficult, it is because I'm doing it wrong! I'd configure apache to use named virtual hosts and listen on all addresses (but you might want to tie https to specific addresses so you can tie connections to the right certificates), Exactly how it is configured. and bind to listen on all addresses and answer for all your domains. So, then, the association of a FQDN with any particular IP address is only done in the domain name's control panel where the nameservers are set? -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
On Fri, Sep 24, 2010 at 19:49, James A. Peltier jpelt...@sfu.ca wrote: BIND has listen on directives as well, but if this is a single box configuration it's not necessarily required as it will listen on all interfaces. Yes, I actually do want it to listen on all addresses (only one NIC), I don't know why I thought that it had to be explicitly configured. As far as configuring the domains, well that's pretty simple. In your DNS records for each domain you would define NS records such as this $TTL 1d @ IN SOA ns1.exampleA.com. hostmaster.exampleA.com. ( 2010092401 ; PUT SEQUENCE NUMBER HERE (/MM/DAY/CHANGE #) 3600 ; Refresh every hour 600 ; Retry - every ten minutes 604800 ; Expire - after one week 1h ) ; Minimum 1H IN NS ns1.exampleA.com. IN NS ns2.exampleA.com. ;; Hosts Section ns1 IN A 1.1.1.1 ns2 IN A 1.1.1.2 www IN A 1.1.1.3 Keep in mind that you don't need A records for the NS records if you are pointing to a different name server so your exampleB your records might look like this $TTL 1d @ IN SOA ns1.exampleB.com. hostmaster.exampleB.com. ( 2010092401 ; PUT SEQUENCE NUMBER HERE (/MM/DAY/CHANGE #) 3600 ; Refresh every hour 600 ; Retry - every ten minutes 604800 ; Expire - after one week 1h ) ; Minimum 1H IN NS ns1.exampleA.com. IN NS ns2.exampleA.com. ;; Hosts Section www 1.1.1.4 Notice that the NS records point to ns1 and ns2.exampleA.com. That is quite the point: I need the nameservers for exampleA.com and exampleB.com to be different! Notice the A records for www.example{A,B} which should match your Apache instances if you are doing IP based hosting. If you are doing name based hosting you *could* DNS round robin the requests. If the nameservers are for specific addresses, and Apache serves based on FQDN as opposed to based on address, then I think that Apache can answer on all addresses. Master and Secondary DNS configurations are defined in your named.conf file. This doesn't matter in your necessarily for your configuration, but thought I would point it out. On the master zone examplea.com { type master; file zone.examplea.com; allow-transfer { ns2.examplea.com } }; On the secondary zone examplea.com { type slave; masters { ns1.examplea.com }; file zone.example.com; }; Thanks. I will do another for exampleB.com as well, to keep them separate. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos