[CentOS] corrupted /etc/mtab
Hello everyone, It seems like we have a corrupted /etc/mtab file and I just wanted to check that my plan of action is correct. df -k returns: df: cannot read table of mounted file systems: No such file or directory ls -la mtab: ?- ? ?? ?? mtab messages full of errors: EXT3-fs error (device cciss/c0d2p1): ext3_lookup: unlinked inode 847444 in dir #846977 I would like to fsck / partition, but, obviously, can't do it on a live system. The plan is to touch /forcefsck and to force fsck during reboot. Please let me know if you see a problem with my plan or have any other suggestions. Thank you, Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] libz.so.1 = not found
Hello, We have an older AFS server, which was running Centos 5.5. It hasn't been updated in a while because of the plans to move it to another server, but it never happened. Thus, we've decided to upgrade it to 5.7… I did yum clean all and yum update. Everything ran smoothly and no issues. After the reboot, zlib.so.1 can no longer be found. /usr/lib64/zlib.so.1 is a symbolic link to /lib64/zlib.so.1, but the file does not exist. Because of this, ssh/yum/rpm do not work… I've been googling, but can't find a solid answer. This is a production server and I need to have it up and running as soon as possible… Any ideas? Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libz.so.1 = not found
Sorry, i meant to say /usr/lib64/libz.so.1 is missing… Thank you for all your help, Asya On Jan 31, 2012, at 7:29 AM, Dvorkin, Asya wrote: Hello, We have an older AFS server, which was running Centos 5.5. It hasn't been updated in a while because of the plans to move it to another server, but it never happened. Thus, we've decided to upgrade it to 5.7… I did yum clean all and yum update. Everything ran smoothly and no issues. After the reboot, zlib.so.1 can no longer be found. /usr/lib64/zlib.so.1 is a symbolic link to /lib64/zlib.so.1, but the file does not exist. Because of this, ssh/yum/rpm do not work… I've been googling, but can't find a solid answer. This is a production server and I need to have it up and running as soon as possible… Any ideas? Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libz.so.1 = not found
On Jan 31, 2012, at 7:45 AM, Dennis Jacobfeuerborn wrote: This is what things look like on one of my systems: [root@centos57 ~]# cat /etc/redhat-release CentOS release 5.7 (Final) [root@centos57 ~]# ls -l /usr/lib64/libz.so* lrwxrwxrwx 1 root root 21 Jan 31 02:47 /usr/lib64/libz.so.1 - ../../lib64/libz.so.1 lrwxrwxrwx 1 root root 25 Jan 31 02:47 /usr/lib64/libz.so.1.2.3 - ../../lib64/libz.so.1.2.3 [root@centos57 ~]# ls -l /lib64/libz.so* lrwxrwxrwx 1 root root13 Jan 31 02:47 /lib64/libz.so.1 - libz.so.1.2.3 -rwxr-xr-x 1 root root 83280 May 11 2011 /lib64/libz.so.1.2.3 If the symlink is missing you could try to manually recreate it. Regards, Dennis The problem is that the file itself is missing as well, so no way for me to recreate the link. Actually, libz.1.so.1.2.3 doesn't exist either. I could try copying the file from another CentOS server, but wanted to hear everyone's opinion on that… Thank you, Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libz.so.1 = not found
The problem is that the file itself is missing as well, so no way for me to recreate the link. Actually, libz.1.so.1.2.3 doesn't exist either. I could try copying the file from another CentOS server, but wanted to hear everyone's opinion on that… I'd say try that and as soon as you get yum/rpm working do a yum reinstall zlib to get the files properly in place again. Thank you! I've copied the file using USB drive and now the server is up and running. I also did yum reinstall zlib. Now when I do yum update, it says: No Packages marked for Update If that's the case, how come /etc/redhat-release still shows CentOS release 5.5 (Final) ? Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] libz.so.1 = not found
Thank you! I've copied the file using USB drive and now the server is up and running. I also did yum reinstall zlib. Now when I do yum update, it says: No Packages marked for Update If that's the case, how come /etc/redhat-release still shows CentOS release 5.5 (Final) ? Asya I figured it out. Whoever was in charge of this server before me, added the following lines to CentOS-Base.repo exclude=kernel kernel-devel kernel-PAE-* Thank you all for your help! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Hyper V integration question
Hello everyone, I have Hyper V integration working properly, but needed to do an update to 2.6.18-274.12.1.el5-x86_64. Since then, it no longer works. As discovered previously, one needs to rebuild Hyper V Integration tools due to the kernel panic. http://www.sudonym.com/398/kernel-panic-after-yum-update-centos-with-hyper-v-linux-integration-components Done. But I'm getting an error message: Your system DOES NOT support the timesource driver when running make. adjtimex is installed - adjtimex-1.20-2.1. Any ideas? I've successfully followed the same steps in the past, but right now they are just not working. Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hyper V integration question
Sorry, this is CentOS 5.7 On Dec 27, 2011, at 11:53 AM, Dvorkin, Asya wrote: Hello everyone, I have Hyper V integration working properly, but needed to do an update to 2.6.18-274.12.1.el5-x86_64. Since then, it no longer works. As discovered previously, one needs to rebuild Hyper V Integration tools due to the kernel panic. http://www.sudonym.com/398/kernel-panic-after-yum-update-centos-with-hyper-v-linux-integration-components Done. But I'm getting an error message: Your system DOES NOT support the timesource driver when running make. adjtimex is installed - adjtimex-1.20-2.1. Any ideas? I've successfully followed the same steps in the past, but right now they are just not working. Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hyper V integration question
On Dec 27, 2011, at 11:54 AM, Dvorkin, Asya wrote: Sorry, this is CentOS 5.7 On Dec 27, 2011, at 11:53 AM, Dvorkin, Asya wrote: Hello everyone, I have Hyper V integration working properly, but needed to do an update to 2.6.18-274.12.1.el5-x86_64. Since then, it no longer works. As discovered previously, one needs to rebuild Hyper V Integration tools due to the kernel panic. http://www.sudonym.com/398/kernel-panic-after-yum-update-centos-with-hyper-v-linux-integration-components Done. But I'm getting an error message: Your system DOES NOT support the timesource driver when running make. adjtimex is installed - adjtimex-1.20-2.1. Any ideas? I've successfully followed the same steps in the past, but right now they are just not working. Thank you! Asya So the problem got fixed by totally ignoring make failures and running make install immediately after. No issues and everything is working properly… On my other system it all worked as expected (same OS, same kernel, same RPMs). Thank you and Happy new year! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Compiling PHP and MySQL
On Jun 14, 2011, at 9:40 AM, John Doe wrote: From: Dvorkin, Asya dvork...@umdnj.edu Is there a way to find out what are the usual configure options that are used to compile binaries that are available through yum? php -i | grep configure or check from the srpm... Thank you, John. This is very useful to know. Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Compiling PHP and MySQL
Hi everyone, I need to install an older version of PHP - 5.2.16, which is not currently available through an official CentOS repo (as far as I can tell). In order to fulfill our developer's requirements, I've decided to just compile PHP and MySql from the source. Is there a way to find out what are the usual configure options that are used to compile binaries that are available through yum? Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Compiling PHP and MySQL
On Jun 13, 2011, at 1:09 PM, Eero Volotinen wrote: 2011/6/13 Dvorkin, Asya dvork...@umdnj.edumailto:dvork...@umdnj.edu: Hi everyone, I need to install an older version of PHP - 5.2.16, which is not currently available through an official CentOS repo (as far as I can tell). In order to fulfill our developer's requirements, I've decided to just compile PHP and MySql from the source. Is there a way to find out what are the usual configure options that are used to compile binaries that are available through yum? iuscommunity* repo also provides latest php and mysql-server versions. http://iuscommunity.org/ Thank you. I've been to this website, but it has php52-5.2.17-1.ius.el5.x86_64http://dl.iuscommunity.org/pub/ius/stable/Redhat/5/x86_64/php52-5.2.17-1.ius.el5.x86_64.rpm I need 5.2.16 Thank you, Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Compiling PHP and MySQL
On Jun 13, 2011, at 1:26 PM, Eero Volotinen wrote: 2011/6/13 Dvorkin, Asya dvork...@umdnj.edumailto:dvork...@umdnj.edu: On Jun 13, 2011, at 1:09 PM, Eero Volotinen wrote: 2011/6/13 Dvorkin, Asya dvork...@umdnj.edumailto:dvork...@umdnj.edu: Hi everyone, I need to install an older version of PHP - 5.2.16, which is not currently available through an official CentOS repo (as far as I can tell). In order to fulfill our developer's requirements, I've decided to just compile PHP and MySql from the source. Is there a way to find out what are the usual configure options that are used to compile binaries that are available through yum? iuscommunity* repo also provides latest php and mysql-server versions. http://iuscommunity.org/ Thank you. I've been to this website, but it has php52-5.2.17-1.ius.el5.x86_64 I need 5.2.16 why? Usually .17 works same way as 16. only minor bug/security fixes.. This is from CentOS website: * IUS Community Repo - (See http://iuscommunity.org/ - http://lists.centos.org/pipermail/centos-docs/2009-November/003730.html ) 'IUS is a new third party repo for RHEL that provides the latest upstream versions of PHP, Python, MySQL. It is sponsored by internal work at Rackspace (but officially unsupported).' See their Wiki Client Usage Guidehttp://wiki.iuscommunity.org/Doc/ClientUsageGuideto install the ius-release package to configure the repo. Caution is suggested in using this repo as it will replace core packages. See also their FAQhttp://iuscommunity.org/faq/ which frankly discusses pros and cons. I am not sure if I want to use it in a production environment Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Compiling PHP and MySQL
On Jun 13, 2011, at 2:32 PM, John R. Dennison wrote: On Mon, Jun 13, 2011 at 01:47:31PM -0400, Dvorkin, Asya wrote: I am not sure if I want to use it in a production environment Please trim unnecessary material from your responses. Thank you. IUS is the community repo for RackSpace; this is the same repo and repo components that they use for their own customers in their hosting configurations. This repo is in use by _many_ people, not only RackSpace customers but by the general EL public, including myself. At this stage of the game I would not consider using any other source for PHP kit, including the mess that is known as php53 that CentOS ships as an optional package (note: problems originate upstream and not with the CentOS project proper). As far as that in c5-testing... that php-5.2 release should, quite frankly, be yanked as it's ridiculously out of date and full of known security issues. PHP 5.2.16 also has _known_ security issues; you are doing a disservice to your client if you do not point this fact out to them and kindly tell them that 5.2.17 is mandatory. Contrary to popular belief clients are not always right. John, Thank you very much for an excellent response. I called our developer and he agreed to go with 5.2.17. I will be using IUS repo to install it.. Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Changing from RHEL to CentOS
On Jun 7, 2011, at 9:49 AM, Lamar Owen wrote: On Tuesday, June 07, 2011 09:43:24 AM Nicolas Ross wrote: I switch a RHEL machine in EL6 to scientific linux a while ago, and I suppose it's the exact same thing for Centos. [snip process] You do realize that you didn't replace the RHEL binaries, right? To completely switch you need to replace all the binaries with the equivalent ones from either SL6 or C6 (when it's released). Not just the logos; there are other changes (kernel signing, for instance). That's what 'yum distro-sync full' would do (once you've patched it in). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos http://wiki.centos.org/HowTos/MigrationGuide ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update - missing dependencies
It looks like you are using OpenAFS packages built for a specific kernel - in this case the 5.5 kernel-2.6.18-194.26.1.el5. My guess would be that in updating to 5.6, yum has automatically removed that older kernel. You need to get kmod-openafs packages that match the version of your currently running kernel. Where did you get these packages as they are not a part of CentOS? Thank you, Ned. Here is what I ended up doing.. Thanks to Hyper V i could easily rollback to 5.5. Downloaded kernel-2.6.18-194.26.1.el5.i686.rpm, manually installed it and after that yum update worked without any issues. Thank you for pointing me into the right direction. Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] yum update - missing dependencies
Hi everyone, I just upgraded to 5.6 and keep on getting the following error message: [root@rwjafs1 ~]# yum update Loaded plugins: fastestmirror, priorities Loading mirror speeds from cached hostfile * base: centos.mirror.nac.net * extras: mirror.batblue.com * updates: mirror.atlanticmetro.net Setting up Update Process Resolving Dependencies -- Running transaction check --- Package kmod-openafs.i686 0:1.4.12-1.1.2.6.18_194.26.1.el5 set to be installed -- Processing Dependency: kernel-i686 = 2.6.18-194.26.1.el5 for package: kmod-openafs -- Finished Dependency Resolution kmod-openafs-1.4.12-1.1.2.6.18_194.26.1.el5.i686 from openafs has depsolving problems -- Missing Dependency: kernel-i686 = 2.6.18-194.26.1.el5 is needed by package kmod-openafs-1.4.12-1.1.2.6.18_194.26.1.el5.i686 (openafs) Error: Missing Dependency: kernel-i686 = 2.6.18-194.26.1.el5 is needed by package kmod-openafs-1.4.12-1.1.2.6.18_194.26.1.el5.i686 (openafs) You could try using --skip-broken to work around the problem You could try running: package-cleanup --problems package-cleanup --dupes rpm -Va --nofiles --nodigest [root@rwjafs1 ~]# package-cleanup --problems Setting up yum Reading local RPM database Processing all local requires No problems found [root@rwjafs1 ~]# uname -r 2.6.18-238.5.1.el5 [root@rwjafs1 ~]# more /etc/redhat-release CentOS release 5.6 (Final) A bit of history Last time yum update was done on that box, due to Hyper V issues, kernel crashed. I now know how to fix it, but back then we just went to a previous kernel version (modified grub.conf), which I believe now causes my current problems. This box's main responsibility has to do with afs, so installing afs related package is kind of important.. Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how is binary compatibility determined?
Thanks Keith, good question, that should have been on my list of Questions to ask about CentOS building process, and thanks to Akemi for a quick answer :) Given that its answered in a FAQ one could argue that it was not a good question. You know, there is a famous saying.. If you have nothing nice to say, don't say anything at all. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /etc/hosts not resolving hostnames
Try flushing DNS cache: /etc/init.d/nscd restart On Apr 8, 2011, at 3:31 PM, Johan Martinez wrote: This is working fine on another CentOS system. This particular install where host command is failing is trimmed down install using kickstart file. It is working on a system where install is default 'Server non-GUI', option given during interactive CD install. I guess this has to do with some missing package. Any clues?? jM. On Fri, Apr 8, 2011 at 2:01 PM, John R Pierce pie...@hogranch.commailto:pie...@hogranch.com wrote: On 04/08/11 11:24 AM, Johan Martinez wrote: I have modified /etc/hosts file with IP address and hostname entries. However, host command is returning 'Host vhost1.example.comhttp://vhost1.example.com/ http://vhost1.example.comhttp://vhost1.example.com/ not found: 3(NXDOMAIN)'. Also, apache is returning error on start as '[error] (EAI 2)Name or service not known: Could not resolve host name vhost1.example.comhttp://vhost1.example.com/ http://vhost1.example.comhttp://vhost1.example.com/ -- ignoring!' . The ssh worked fine and resolved the hostname correctly (ssh from same system to itself - just for test). Am I missing something here? I thought /etc/hosts will be referred for all lookups. Any help?? the 'hosts' command (as well as dig, and nslookup) go directly to DNS, they do not look at /etc/hosts or nsswitch.conf for that matter. Apache may well go to DNS also, since your local /etc/hosts file is not recognized by any systems outside the localhost, and apache IS a server. ___ CentOS mailing list CentOS@centos.orgmailto:CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.orgmailto:CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Replace NIS by Active Directory
Hi, Check out Likewise open. I think this is what you are looking for. http://www.likewise.com/products/likewise_open/ Likewise Open is the open source foundation for Likewise Enterprise that joins Linux, UNIX, and Mac OS systems to Microsoft Active Directory to securely authenticate non-Windows users with AD credentials. Asya On Mar 18, 2011, at 8:31 AM, MOKRANI Rachid wrote: Hi, I'm looking a wiki or share experience for replace NIS authentication by an existing Active directory Server (W2003). The problem is on the management of id and gid. How to move 1000 actual NIS users to AD ? How to keep the same id and gid for this 1000 users ? What's happen with nfs linux server and acess with gid and/id ? Use the same user/password for linux and Windows clients authentification? We test a solution who work very well. It's Centrify comercial software http://www.centrify.com/directcontrol/overview.asp . But we are looking a freeware solution. (kerberos ? openldap ? pam ? ...) Does someone has already successfully replace NIS by Ad authentification with freeware solution ? Regards. __ Notre adresse de messagerie évolue pour plus de simplicité vers : prenom@ifpen.frmailto:prenom@ifpen.fr. La racine @ifpenergiesnouvelles.fr reste néanmoins active. Our e-mail address is changing to firstname.surn...@ifpen.frmailto:firstname.surn...@ifpen.fr. Nevertheless, messages sent to the domain @ifpenergiesnouvelles.fr will still be delivered. Ce message (et toutes ses pièces jointes éventuelles) est confidentiel et établi à l'intention exclusive de ses destinataires. Toute utilisation de ce message non conforme à sa destination, toute diffusion ou toute publication, totale ou partielle, est interdite, sauf autorisation expresse. IFP Energies nouvelles décline toute responsabilité au titre de ce message. This message and any attachments (the message) are confidential and intended solely for the addressees. Any unauthorised use or dissemination is prohibited. IFP Energies nouvelles should not be liable for this message. Visitez notre site Web / Visit our web site : www.ifpenergiesnouvelles.frhttp://www.ifpenergiesnouvelles.fr / www.ifpenergiesnouvelles.comhttp://www.ifpenergiesnouvelles.com __ ___ CentOS mailing list CentOS@centos.orgmailto:CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache/Active Directory authentication
Thank you! I'm working on it right now and will give my progress report soon :) Asya On Mar 14, 2011, at 6:11 AM, John Hodrien wrote: On Fri, 11 Mar 2011, Dvorkin, Asya wrote: [root@myserver conf]# klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal -- 2 host/myserver.server@core.host.edu 2 host/rmyserver.server@core.host.edu 2 host/myserver.server@core.host.edu 2 host/myser...@core.host.edu 2 host/myser...@core.host.edu 2 host/myser...@core.host.edu 2 MYSERVER$@CORE.HOST.EDU 2 MYSERVER$@CORE.HOST.EDU 2 MYSERVER$@CORE.HOST.EDU 2 http/myserver.server@core.host.edu 2 http/myserver.server@core.host.edu 2 http/myserver.server.com@CORE.HOSTEDU 2 http/myser...@core.host.edu 2 http/myser...@core.host.edu 2 http/myser...@core.host.edu So how did you get the point of having this keytab? My problem is that I am getting an error message in apache logs: gss_acquire_cred() failed: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name) I looked in AD configuration and see that my server does not have appropriate ServicePrincipalName for HTTP (only host). Then something's wrong there. net ads status This *must* agree with your keytab. If it doesn't, let's start again. net ads keytab flush net ads keytab create net ads keytab ADD HTTP net ads status klist -k Make sure you get to a stage where what AD has and what you have agree. Once you've got to that stage, use ktutil to read the system keytab (/etc/krb5.keytab), and delete out the entries you don't want, leaving just the HTTP ones. Write that out to /etc/httpd/conf/krb5.keytab. Check it's correct: klist -k /etc/httpd/conf/httpd.keytab Make sure you've told apache where to find it: Krb5KeyTab /etc/httpd/conf/httpd.keytab The example that comes with the RPM in /etc/httpd/conf.d/auth_kerb.conf is a good starting point. my keytab file: -rw--- 1 apache apache 957 Mar 11 14:31 /etc/httpd/conf/krb5.keytab I have NO right access to AD server and cannot do much about creating proper keytab file. Anything else I can do? Am I missing something? Have a go with that, and see where you get to. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache/Active Directory authentication
Okay... so at this point I am stuck. I got this far: Using modules: LoadModule auth_basic_module modules/mod_auth_basic.so LoadModule auth_kerb_module modules/mod_auth_kerb.so root@myserver conf]# net ads testjoin Join is OK I successfully joined domain. [root@myserver conf]# klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal -- 2 host/myserver.server@core.host.edu 2 host/rmyserver.server@core.host.edu 2 host/myserver.server@core.host.edu 2 host/myser...@core.host.edu 2 host/myser...@core.host.edu 2 host/myser...@core.host.edu 2 MYSERVER$@CORE.HOST.EDU 2 MYSERVER$@CORE.HOST.EDU 2 MYSERVER$@CORE.HOST.EDU 2 http/myserver.server@core.host.edu 2 http/myserver.server@core.host.edu 2 http/myserver.server.com@CORE.HOSTEDU 2 http/myser...@core.host.edu 2 http/myser...@core.host.edu 2 http/myser...@core.host.edu My problem is that I am getting an error message in apache logs: gss_acquire_cred() failed: Unspecified GSS failure. Minor code may provide more information (No principal in keytab matches desired name) I looked in AD configuration and see that my server does not have appropriate ServicePrincipalName for HTTP (only host). my keytab file: -rw--- 1 apache apache 957 Mar 11 14:31 /etc/httpd/conf/krb5.keytab I have NO right access to AD server and cannot do much about creating proper keytab file. Anything else I can do? Am I missing something? Thank you! Asya On Mar 10, 2011, at 12:24 PM, John Hodrien wrote: On Thu, 10 Mar 2011, Dvorkin, Asya wrote: John, Thank you for all your pointers! You are right.. I was able to create a keytab file. Still having some issues with getting apache to work the way I wan to, but will continue troubleshooting it. No problem, and I'll be interested to hear about any other problems you have. I don't get the feeling many people use kerberised Apache. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache/Active Directory authentication
John, Thank you for all your pointers! You are right.. I was able to create a keytab file. Still having some issues with getting apache to work the way I wan to, but will continue troubleshooting it. Thank you! Asya On Mar 9, 2011, at 10:09 AM, John Hodrien wrote: On Wed, 9 Mar 2011, John Hodrien wrote: On Wed, 9 Mar 2011, Dvorkin, Asya wrote: Thank you, John. I forgot to add that we cannot generate keytab from AD server for various reasons that I have no control over. And are you really sure this is the case? If you can join to a domain, you can get a keytab (you don't need AD admin rights to do this). If you were just using Samba to do the join, something like: use kerberos keytab = yes in your smb.conf and a: net ads keytab create net ads keytab add http on the joined machine would get you a keytab suitable for web auth. klist -k would then show you what you'd got. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Apache/Active Directory authentication
Hi everyone, I'm trying to figure out the best way to accomplish below project and would appreciate your input. I need to setup a web page on CentOS with Active Directory authentication. So far I've accomplished the following: - Setup httpd.conf to successfully authenticate against AD by passing my username/passwd. Directory /var/www/html/secure Allow from All AuthType Basic AuthName Ldap test area AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPURL ldap://server:389/OU=OU=name,OU=area,DC=core,DC=test,DC=edu?sAMAccountName?sub?(objectClass=*) AuthLDAPBindDN username@core AuthLDAPBindPassword password require valid-user /Directory - In addition, I used LikeWise software and was able to successfully join AD. I was wondering if there is a way to do http authentication without passing my username/password considering server is already binded to AD, thus authenticated. Would I be able to utilize PAM authentication for this purpose? # httpd -v Server version: Apache/2.2.3 Server built: Aug 30 2010 12:28:40 # more /etc/redhat-release CentOS release 5.5 (Final) Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apache/Active Directory authentication
Thank you, John. I forgot to add that we cannot generate keytab from AD server for various reasons that I have no control over. Would mod_auth_kerb still work? My google searches all point to keytab file being there... Thank you, Asya On Mar 9, 2011, at 9:35 AM, John Hodrien wrote: On Wed, 9 Mar 2011, Dvorkin, Asya wrote: I was wondering if there is a way to do http authentication without passing my username/password considering server is already binded to AD, thus authenticated. Would I be able to utilize PAM authentication for this purpose? mod_auth_kerb can use kerberos tickets to handle the authentication, thus avoiding the need to pass a username and password to the web server. jh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Hyper-V template configuration
Hi everyone, I've installed CentOS 5 on Hyper-V and finally got everything working. I would like to setup a template, but google is failing me. Everything I read does not seem very promising when it comes to templates support with MS Hyper-V. I was wondering if maybe someone here has successfully configured CentOS templates? I realize that VmWare is a lot better, but it's not a matter of choice at this point. Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Setting up persistent LUNs
Thank you, Alexander! I am not sure why it said /b/sde1 because I copy/pasted it... Thank you again, Asya On Feb 1, 2011, at 5:39 PM, Alexander Dalloz wrote: Am 01.02.2011 18:38, schrieb Dvorkin, Asya: Hello everyone, I am trying to setup persistent LUNs and having problems. I've been following instructions I found on the web and they refer to editing /etc/scsi_id.config file and adding options=-g line there. After doing so, I should be able to run scsi_id -g -s /dev/sd* and get proper results. I've modified file /etc/scsi_id.config appropriately: [root@psrwjmsafs1 etc]# grep options /etc/scsi_id.config vendor=ATA,options=-p 0x80 options=-g but whenever I run scsi_id -g -s /b/sde1 - i get nothing. [root@psrwjmsafs1 etc]# df -k |grep sde /dev/sde11754602560 93383616 1572090328 6% /test How come? Am i missing something? Thank you! Asya The proper scsi_id query would be scsi_id -g -s /block/sde Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Setting up persistent LUNs
Hello everyone, I am trying to setup persistent LUNs and having problems. I've been following instructions I found on the web and they refer to editing /etc/scsi_id.config file and adding options=-g line there. After doing so, I should be able to run scsi_id -g -s /dev/sd* and get proper results. I've modified file /etc/scsi_id.config appropriately: [root@psrwjmsafs1 etc]# grep options /etc/scsi_id.config vendor=ATA,options=-p 0x80 options=-g but whenever I run scsi_id -g -s /b/sde1 - i get nothing. [root@psrwjmsafs1 etc]# df -k |grep sde /dev/sde11754602560 93383616 1572090328 6% /test How come? Am i missing something? Thank you! Asya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos