Re: [CentOS] https://blog.centos.org/2020/12/future-is-centos-stream/

[Louis Lagendijk]

On Wed, 2020-12-09 at 15:13 +, Phil Perry wrote:
> 
> If 
> you are able to retain kernel ABI compatibility between RHEL8 and
> Stream 
> kernels, then we (and other OEMs) will be able to continue to
> support 
> Stream users, otherwise Stream users will have to look to
> alternative 
> solutions.
> 
> Phil
> 
Maybe offering 2 kernels in stream may solve your problem? A "latest
point release" and a "rolling version"? I realize that this may cause
issues with packages that really need the new kernel features

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] UID/GID CentOS 6 to CentOS 7

[Louis Lagendijk]

On Thu, 2020-10-22 at 15:13 +0200, Thomas Plant wrote:
> Am 22.10.2020 um 14:11 schrieb Thomas Plant:
> > Hi,
> > 
> > we are upgrading some servers from C6 to C7 with a lot of user 
> > accounts on them (UID>=500).
> > CentOS 7 has MIN_UID/MIN_GID 1000, Centos 6 has 500 in login.defs.
> > 
> > Can I change in /etc/login.defs MIN_UID/MIN_GID to 500 for C7? So
> > I 
> > could just grep the users out from passwd/shadow/group files and 
> > append them to the Centos7 passwd/shadow/group files.
> > Can this do any damage to CentOS7 later on? Thinking about
> > updates
> > 
> > Thanks,
> > Thomas
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> 
> Thanks, for the hints.
> 
> Think I will go the lazy way and adapt login.defs. ;-)
> 
> Greetings,
> Thomas
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 
You better don't do that: 
when I looked at one of my C8 boxes there were many services that
require a system account (but not a global fixed one) were allocated
from the top of the 500-999 range. Bite the bullet and  change user
accounts. to start from 1000.  Especially when using NFS this may
otherwise come back and bite you


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Simple scan in CentOS 7

[Louis Lagendijk]

On Mon, 2020-06-15 at 16:28 -0400, H wrote:
> I just installed C7 on a new computer and despite Simple Scan being
> installed as part of C7, I have not been able to get it to recognize
> my Canon scanner connected to a USB port. I did have it running on
> another computer with C7 so there should not be any inherent issues.
> 
> On a lark I installed gscan2pdf and sane-backends-drivers-scanners
> and sane-find-scanner found it:
> 
> found USB scanner (vendor=0x04a9 [Canon], product=0x1908 [CanoScan])
> at libusb:001:010
So this is a CanoScan 9000. According to 
http://sane-project.org/sane-mfgs.html#Z-CANON it is supported since
sane-1.0.27. Centos 78 apparently has Sane 1.0.24. So you must have
downloaded a later version of Sane somewhere or compiled it yourself
(not too difficult)

BR, Louis

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Help needed for installing MT7601U Linux driver

[Louis Lagendijk]

On Tue, 2020-06-02 at 13:44 +0530, Harsh chopra wrote:
> Hi everyone,
> 
> My PC don't have an integrated WLAN card, so I bought an USB WIFI
> device
> which use the MediaTek MT7601U chip(image 'dongle.jpg').
> ---
> ---
> My PC specification-
> OS = CentOS 7.8.2003.
> Processor = AMD Ryzen 5 1600.
> Mother-Board = GA-Gigabyte A320M-S2H
> ---
> 
> 

You don't need to compile the module yourself. 
Elrepo has kmod-mt7601u-4.14.108-1.el7_6.elrepo.x86_64.rpm
As root:
yum install elrepo-release
yum install kmod-mt7601u


/BR, Louis


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 : SELinux trouble with Fail2ban

[Louis Lagendijk]

On Thu, 2020-02-27 at 02:49 -0800, Mark Milhollan wrote:
> On Wed, 26 Feb 2020, Nicolas Kovacs wrote:
> 
> > Some time ago I had SELinux problems with Fail2ban.
> > Unfortunately when I install [...] from EPEL, I still get the same
> > error.
> 
> EPEL packages are often crap quality (as packages), merely blind
> imports 
> of the upstream package without any adjustments needed for the 
> RHEL/CentOS environment (sometimes not even for Fedora), which is
> often 
> somewhat different than the Fedora environment which go unnoticed or 
> unrepaired, for years.
This sounds a bit harsh. But I had my problems with fail2ban too.
> 
> > 
> 
> This sometimes needs multiple iterations to catch all the types of 
> access attempted, e.g., initially it might be that read is denied,
> but 
> later the process would want other permissions like write but which
> were 
> never logged because of the initial read failure.
> 
> > Any suggestions ?
> 
> Try repeating.  That either means multiple binary modules, or a text 
> module that you add each new audit2allow "fix", increment the
> version 
> number, rebuild the policy and module then re-insert -- lather,
> rinse, 
> ...

A better way is to put selinux in permissive mode and then generate the
policy from the alerts. This will disable the blocking so you can get
all issues in one go

/Louis


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] midco stealling searches, was browsers slowing Centos 7 installation to a crawl

[Louis Lagendijk]

On Tue, 2019-12-03 at 16:33 -0600, Michael Hennebry wrote:
> For whatever reason,
> the problem I was trying to solve seems to have gone away.
> I can type in firefox's search box without midco stealing searches.
> Something changed resolv.conf behind my back.
> search midcoip.net
> is there again.
> I hadn't rebooted or changed firefox's preferences.
> I'm guessing it was when I turned the connection off and on.
> To be sure my joy was not tempory, I rebooted.
> midco still not stealing searches.
> 
> I wish I knew what the problem had been and what fixed it.
> 
The search parameter in resolv.conf is not related in any way to the
searches in the browser. It just defines the domain to be added to
hostnames that you want to resolve. So if you do a name lookup for foo,
the resolver would add  midcoip.net so you get the ip-address for
foo.midcoip.net if foo on its own could not be resolved.

It midcoip wanted to steal your browser searches, it would have to
hijack google.com, but that would not work as the browser would not
connect as the https certificate wold be invalid.
So you need to look at the browser settings to see what is happening
there. DNS is most likely not involved. 
/Louis


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] can't login as subsequent FreeIPA users

[Louis Lagendijk]

On Mon, 2019-11-18 at 13:05 -0600, Carson Chittom wrote:
> When I set up a machine with CentOS 8, I used the "Enterprise Login"
> in
> the initial setup wizard to authenticate against my FreeIPA server.
> This worked fine, and I have no issues logging in with that initial
> user.
> 
> However, I am unable to use GDM or the console to login as any
> *other*
> valid user from FreeIPA. From GDM I get something like "Sorry, that
> didn't work" and "Permission denied" on the console.  I've verified
> that
> the credentials are correct, and that I am able to manually get a
> ticket
> via kinit for one of those other users from this machine.  With
> CentOS 7, I didn't have to do any additional configuration in this
> regard after the initial wizard.
> 
> Not sure whether this is a CentOS configuration issue or a FreeIPA
> one,
> but I figured I'd start here.  I'm also not terribly familiar with
> FreeIPA, so I could be missing something obvious; but this worked
> without issue when the machine in question ran CentOS 7.
> 
> Can somebody point me in the right direction?

This could be home directory related. Are the home directories local or
remote (NFS?). Are the home directories for the users accessible?

Can the users login over ssh?

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] printer only prints one page, if anything

[Louis Lagendijk]

On Wed, 2019-11-06 at 17:16 -0600, Michael Hennebry wrote:
> On Wed, 6 Nov 2019, Fred Smith wrote:
> 
> > It looks as if you downloaded the two RPMs from Brother then
> > attempted
> > to follow their complicated instructions for installing them. Much
> > simpler is to do this:
> > 
> > linux-brprinter-installer-2.1.1-1 is the brother printer driver
> > installer I used on my HL-L2360D.
> 
> I had tried that also, but tried it again.
> before my last try, I power-cycled the printer.
> This time it worked.
> For some reason CUPS now shows two queue names:
> HL-L2360D-series   Brother HL-L2360D series   localhost.localdomain
> HL-L2360D  HLL2360D
> both Brother HL-L2360D for CUPS.
> 
> 'Tain't as big a deal as having none,
> but why does CUPS have two queue names for the printer?
I dont't have any Brother printer to test ths but was the printer USB
connected when you ran the setup? If so, one may be the network
connection  (the first entry) and the second one the same printer over
USB?


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 8 and Lynx

[Louis Lagendijk]

On Tue, 2019-10-01 at 09:36 -0500, Valeri Galtsev wrote:
> 
> On 2019-10-01 08:17, david wrote:
> > Folks
> > 
> > I find the Lynx browser does not appear in any of the repositories
> > used 
> > during default installation of Centos 8 (x86_64).  Is this program
> > no 
> > longer supported?  I didn't see a reference to it in the
> > notsupported list.
> 
> Did you try to
> 
> yum search lynx
> 
> on installed system? If it is in one of the configured repositories,
> you 
> will find it...
> 
> (I have not yet installed CentOS 8 on any of our machines, so I can
> only 
> mention what I would do).
> 
> Thanks.
> Valeri
> 
> > David
> > 
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
Lynx is avaialble in the powerTools repo. You will probably have to
enable that first
/Louis

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Increase Disk Space with LVM

[Louis Lagendijk]

On Tue, 2018-07-31 at 13:31 +0200, Felix Kölzow wrote:
> Dear CentOS-Community,
> 
> we have a server with four hard drives that are configured as raid10 
> (/dev/sda).
> 
> Now, /home and /root are almost full. Therefore, we decided to buy
> four
> 
> additional hard drives that should configured also as raid 10
> (/dev/sdb).
> 
> 
> I want to use LVM to extend disk space for root and home.
> 
> My (successful) test procedure in a virtual environment looks like
> this:
> 
> 
>  1. devide /dev/sdb into /dev/sdb1 for root and /dev/sdb2 for home
> using
> parted

How many volume groups do you have: I  would assume only one? If so,
just create a single partition and add that to the VG. lvm will take
care of the rest...
What does the vgs command report?

Are you using a RAID controller? If not you need to create the raid
array first (and the disk names may be some mdxxx instead)

>  2. Convert disk to physical volume: pvcreate /dev/sdb1
>  3. add physical volume to volume group (called centos): vgextend
> centos
> /dev/sdb1
>  4. Allocate physical volume to a logical volume:lvextend -l
> +100$FREE
> /dev/centos/root
Just a nitpick: This just allocates space from the VG (that got more
space by adding the new disks), but if there is space in the PV on the
old disk that might get allocated instead.
Anyhow this looks ok, but I recommend to add the -r option, that will
resize the file system in the same step

>  5. resize2fs /dev/centos/root or xfs_grows /dev/centos/root
> depending
> on file system used
See above, if you use the -r option on the lvextend this step is not
needed

>  6. repeat steps 2-6 for /home and sdb2
> 
See above: this is only required when you have more than one VG.


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba HOWTO wiki bug: chcon samba_share_t

[Louis Lagendijk]

On Fri, 2018-05-04 at 14:55 -0700, Akemi Yagi wrote:
> On Fri, May 4, 2018 at 2:26 PM, Warren Young 
> wrote:
> > On May 4, 2018, at 3:03 PM, Akemi Yagi  wrote:
> > > 
> > > On Fri, May 4, 2018 at 12:03 PM, Warren Young  > > > wrote:
> > > > 
> > > >$ sudo chcon -R -t samba_share_t /path/to/share
> > > 
> > > Updated the page as suggested. Thanks.
> > 
> > Thanks!
> > 
> > I now see another instance of this in section 3.  Instead of
> > copying the text verbatim, it should probably be:
> > 
> > chcon -R -t samba_share_t /mnt/data
> > 
> > …in order to match the text above it.
> 
> Warren,
> 
> I was just informed that the chcon command your suggested was
> originally there, but it was replaced with the 2 line version
> sometime
> ago. The reason given was "Replace chcon by semanage/restorecon pair
> to survive filesystem relabel".

The comment is correct: chcon will not survive a relabel. You need to
update the database first (semanage fcontext) and then let a relabel
apply the new context.

Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] firewalld

[Louis Lagendijk]

On Tue, 2017-12-19 at 15:05 -0800, Emmett Culley wrote:
> I have two VMs, both with firewalld installed.  One on machine It
> this in the IN_public chain:
> 
> Chain IN_public (2 references)
>  pkts bytes target prot opt
> in out source   destination 
>81  3423 IN_public_log  all  
> --  *  *   0.0.0.0/00.0.0.0/0   
>81  3423 IN_public_deny  all  
> --  *  *   0.0.0.0/00.0.0.0/0   
>81  3423 IN_public_allow  all  
> --  *  *   0.0.0.0/00.0.0.0/0   
>79  3335 REJECT all  
> --  *  *   0.0.0.0/00.0.0.0/0reject-
> with icmp-host-prohibited
> 
> On the other I see:
> 
> Chain IN_public (2 references)
>  pkts bytes target prot opt
> in out source   destination 
>   101  4232 IN_public_log  all  
> --  *  *   0.0.0.0/00.0.0.0/0   
>   101  4232 IN_public_deny  all  
> --  *  *   0.0.0.0/00.0.0.0/0   
>   101  4232 IN_public_allow  all  
> --  *  *   0.0.0.0/00.0.0.0/0   
> 184 ACCEPT icmp
> --  *  *   0.0.0.0/00.0.0.0/0   
> 
> As might be expected, pinging the first VM fails.  That is the ping
> is rejected with:
> 
> [emmett@ws1 ~]$ ping 96.92.106.4
> PING 96.92.106.4 (96.92.106.4) 56(84) bytes of data.
> From 96.92.106.4 icmp_seq=1 Destination Host Prohibited
> From 96.92.106.4 icmp_seq=2 Destination Host Prohibited
> 
> And pinging the second works as expected.
> 
> I've searche the firewalld configuration files in /usr/lib/firewalld
> and /etc/firewalld and can find no reference to any icmp rule.  The
> two machines were cloned originally from the same VM.  Why are they
> different?
> 
> How can I remove the reject-with icmp rule using firewalld.  I can
> remove it using "iptables -D [IN_public | FWDO_public | FWDI_public ]
> 4" and I can then ping that machine.  But of course the rule is
> returned whenever firewalld is restarted.
> 
> Emmett
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 
What is the output off:
firewall-cmd --list-all
on the VMs?

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] home on nfs

[Louis Lagendijk]

On Fri, 2017-10-27 at 16:21 +0200, hw wrote:
> Hi,
> 
> I have the home directory of a user on an nfs server and mount it on
> a
> client.  When the user logs in, they end up in the root directory
> rather
> than in their actual home directory and need to cd into it.
> 
> The user can read and write to their home directory, so it kinda
> works
> fine --- but only kinda.  When the user starts emacs, some of the
> settings in ~/.emacs are not applied, but the saved desktop is being
> loaded.
> 
> Both machines are running Centos 7.4.  What could be wrong with the
> nfs
> mount?
> 
> 
Are you using kerberos with NFS4 with security set to krb5?
Your description sounds as if the user cannot really get to the
mount
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C7, systemd, say what?!

[Louis Lagendijk]

On Wed, 2017-06-07 at 12:47 -0400, m.r...@5-cent.us wrote:
> Kenneth Porter wrote:
> > On 6/7/2017 8:31 AM, m.r...@5-cent.us wrote:
> > > Not sure what you mean when you say "jacked up filesystem".
> > > Here's
> > > fstab:
> > 
> > In systemd fstab takes care of only rudimentary mounting. Most
> > mounting
> > is done through *.mount unit files. Type "mount" and you'll see a
> > bunch
> > of other mounts that were implemented that way. Add your custom
> > mounts
> > by creating suitable files in /etc/systemd/system/*mount. (There's
> > also
> > *.automount for creating demand-based mounts.)
> > 
> 
> You. Have. To. Be. Joking. WHY? Why doesn't systemd *look* at fstab
> and
> create what it needs on the fly? Why does it only "rudimentary
> mount"?
Calm down Mark. You are overreacting.
Systemd does generate mount units in the fly. Check the documentation:
man systemd.mount tells you more. I would not call fstab rudimentary. 
/Louis

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Network Manager / CentOS 7 / local unbound

[Louis Lagendijk]

On Tue, 2017-04-11 at 01:40 -0700, Alice Wonder wrote:
> Hello list -
> 
> http://unix.stackexchange.com/questions/90035/how-to-set-dns-resolver
> -in-fedora-using-network-manager
> 
> That says it works for CentOS 5 and I *suspect* the methods there (3 
> listed) would work, but what is the best way with NetworkManager to
> set 
> it up to use the localhost for DNS ?
> 
> I'm paranoid about DNS spoofing and really prefer to have a local 
> instance of DNSSEC enforcing unbound running on my CentOS 7 virtual 
> machines (e.g. linode)
> 
> Currently I just use a cron job that runs once a minute to over-
> write 
> was it is /etc/resolv.conf so they don't use the DHCP assigned 
> nameservers, but that does leave a short window every time the
> network 
> is restarted.
> 
> I'd like to know the proper way to set up Network Manager to just
> create
> 
> nameserver 127.0.0.1
> nameserver ::1
> 
> in /etc/resolv.conf
> 
> Via google, it seems every distro approaches it differently and most 
> instructions I have seen involve a GUI.
> 
> I did not see how to do it in the CentOS documentation but it might
> be 
> there and I just did not figure out how to search it for what I
> wanted.
> 
> Those stackexchange methods look like they might work but they
> reference 
> CentOS 5 and I know some NetworkManager stuff changed even just
> between 
> 7.2 and 7.3 as I experienced incorrect IPv6 address after update as
> a 
> result of those changes.
> 
> Is there an "official" way to tell NetworkManager what I want in 
> /etc/resolv.conf ? Or better yet, a way to just tell it to leave
> that 
> file alone?
Use nmtui to manually configure the the interface AND nameservers. That
 puts the correct info in the ifcfg files. Nmtui is a curses UI. Just
don't foret to specify the interface ip-address with the right netmask
(e.g. 1.2.3.4/24, default seems to e a /32, I have been bitten by that
a numer of times)


/Louis
> 
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Chrony vd NTP

[Louis Lagendijk]

On Sun, 2017-02-05 at 12:30 -0500, Robert Moskowitz wrote:
> 
> On 02/05/2017 11:58 AM, J Martin Rushton wrote:
> > On 05/02/17 16:15, Richard wrote:
> > > > Date: Sunday, February 05, 2017 10:26:05 -0500
> > > > From: Robert Moskowitz 
> > > > 
> > > > I have read:
> > > > http://thegeekdiary.com/centos-rhel-7-chrony-vs-ntp-differences
> > > > -bet
> > > > ween-ntpd-and-chronyd/
> > > > 
> > > > My server is up all the time and will serve time to internal
> > > > systems (via DHCP options).
> > > > 
> > > > Caveat is that my server is an armv7 (Cubieboard2) which does
> > > > not
> > > > have an RTC (no battery).  So whenever the system boots, the
> > > > time
> > > > is ZERO (Dec 31, 1969 or some such).
> > > > 
> > > > Chrony fixes this really fast; shortly after boot the time is
> > > > good.
> > > > Chrony CAN be configed as an internal time server.  But chrony
> > > > does
> > > > not seem to step the clock for any adjustments needed.  It is
> > > > more
> > > > important that this systems time be right all the time than to
> > > > avoid clock steps.
> > > > 
> > > > This brings me back to NTP, which normally takes hours to bring
> > > > the
> > > > time from ZERO to current, but keeps the time correct.
> > > > 
> > > > So:
> > > > 
> > > > Can Chrony check the time, say once a day?
> > > > 
> > > > Or can NTP make a BIG time jump all at once (on system
> > > > restart)?
> > > 
> > > Where I have somewhat similar issues, I have historically used a
> > > crontab "@reboot" entry to call ntpdate which gets the clock set
> > > correctly. From there ntp keeps it in sync.
> > > 
> > > This can now be accomplished with ntpd, and ntpdate is threatened
> > > with depreciation/retirement. See the top of the ntpdate man page
> > > for
> > > more details.
> > > 
> > 
> > The NTP configuration option you may be after is "tinker panic 0"
> > which
> > allows NTP to make big jumps as often as required.  See
> > ntp_misc(5).
> > There is a related discussion with making VMs take big jumps at
> > https://www.centos.org/forums/viewtopic.php?f=16=61186=258254#p
> > 258254
> 
> Thanks.  I will look at this.  All I was seeing was to use burst and 
> iburst, but they would not make the really big jump needed after
> boot.
> 
> 
With NTP you could use the ntpdate.service as well as/ before 
ntpd.service. the  former is supposed to set the clock once BEFORE ntpd
is started. 
See: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_L
inux/6/html/Deployment_Guide/s1-Configure_ntpdate_Servers.html
Ntpdate seems to work on RHEL/Centos 7 as well...

/Louis

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Help with httpd userdir recovery

[Louis Lagendijk]

On Wed, 2016-12-28 at 08:20 -0500, Robert Moskowitz wrote:
> 
> On 12/28/2016 07:35 AM, Louis Lagendijk wrote:
> > Robert,
> > On Wed, 2016-12-28 at 01:43 +0100, John Fawcett wrote:
> > > On 12/28/2016 01:12 AM, Robert Moskowitz wrote:
> > > > 
> > > > On 12/27/2016 07:06 PM, John Fawcett wrote:
> > > > > On 12/28/2016 12:34 AM, Robert Moskowitz wrote:
> > > > > > On 12/27/2016 05:44 PM, John Fawcett wrote:
> > > > > > > That error should be caused by having MultiViews options
> > > > > > > but
> > > > > > > incorrect
> > > > > > > permissions (711 instead of 755) on the directory.
> > > > > > 
> > > > > > I just did chmod -R 755 /home/rgm/public_html and no change
> > > > > > in
> > > > > > behavior.
> > > > > > 
> > > > > > Even tried chmod -R 755 /home/rgm
> > > > > 
> > > > > Are you actually using MultiViews? If you don't need that
> > > > > option,
> > > > > maybe
> > > > > the easiest thing is to take it out and see if the error
> > > > > message
> > > > > changes.
> > > > 
> > > > I am using the default conf file for userdir.
> > > > 
> > > > /etc/httpd/conf.d/userdir.conf
> > > > 
> > > > So I deleted Multiviews and now the error is:
> > > > 
> > > > [Tue Dec 27 19:09:31.013176 2016] [autoindex:error] [pid 2138]
> > > > (13)Permission denied: [client 192.168.160.12:55762] AH01275:
> > > > Can't
> > > > open directory for index: /home/rgm/public_html/family/
> > > > 
> > > > 
> > > > 
> > > 
> > > I know this is not going to help, but that error means that
> > > apache
> > > does
> > > not have access to read the directory
> > > /home/rgm/public_html/family/.
> > > That doesn't really fit with the rest of the evidence, that you
> > > have
> > > chmod 755 everything from /home/rgm/public_html downwards and
> > > that
> > > apache can read specific files from /home/rgm/public_html.
> > > John
> > 
> > but is apache allowed access to /home/rgm ?
> > Try su - apache -s /bin/bash to run a shell as apache and see how
> > far
> > you get starting from cd /home and if that works cd /home/rgm and
> > so
> > on... That will check normal user permissions, but not selinux
> 
> Command apache not known!
> 
> All I installed, directly, for the web server was 'yum install
> httpd'.
> 
> 
In a single command from root:
su - apache -s /bin/bash
The "su -" is part of the command
/Louis
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> 

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Help with httpd userdir recovery

[Louis Lagendijk]

Robert,
On Wed, 2016-12-28 at 01:43 +0100, John Fawcett wrote:
> On 12/28/2016 01:12 AM, Robert Moskowitz wrote:
> > 
> > 
> > On 12/27/2016 07:06 PM, John Fawcett wrote:
> > > On 12/28/2016 12:34 AM, Robert Moskowitz wrote:
> > > > 
> > > > On 12/27/2016 05:44 PM, John Fawcett wrote:
> > > > > That error should be caused by having MultiViews options but
> > > > > incorrect
> > > > > permissions (711 instead of 755) on the directory.
> > > > 
> > > > I just did chmod -R 755 /home/rgm/public_html and no change in
> > > > behavior.
> > > > 
> > > > Even tried chmod -R 755 /home/rgm
> > > 
> > > Are you actually using MultiViews? If you don't need that option,
> > > maybe
> > > the easiest thing is to take it out and see if the error message
> > > changes.
> > 
> > I am using the default conf file for userdir.
> > 
> > /etc/httpd/conf.d/userdir.conf
> > 
> > So I deleted Multiviews and now the error is:
> > 
> > [Tue Dec 27 19:09:31.013176 2016] [autoindex:error] [pid 2138]
> > (13)Permission denied: [client 192.168.160.12:55762] AH01275: Can't
> > open directory for index: /home/rgm/public_html/family/
> > 
> > 
> > 
> 
> I know this is not going to help, but that error means that apache
> does
> not have access to read the directory /home/rgm/public_html/family/.
> That doesn't really fit with the rest of the evidence, that you have
> chmod 755 everything from /home/rgm/public_html downwards and that
> apache can read specific files from /home/rgm/public_html.
> John
but is apache allowed access to /home/rgm ?
Try su - apache -s /bin/bash to run a shell as apache and see how far
you get starting from cd /home and if that works cd /home/rgm and so
on... That will check normal user permissions, but not selinux
/Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 7 and Kably lake: black screen

[Louis Lagendijk]

On Wed, 2016-11-16 at 16:57 +0100, Louis Lagendijk wrote:
> On Mon, 2016-11-14 at 06:48 -0600, Johnny Hughes wrote:
> > 
> > On 11/12/2016 02:39 PM, Louis Lagendijk wrote:
> > > 
> > > 
> > > On Sat, 2016-11-12 at 15:34 -0500, Fred Smith wrote:
> > > > 
> > > > 
> > > > On Sat, Nov 12, 2016 at 09:15:22PM +0100, Louis Lagendijk
> > > > wrote:
> > > > > 
> > > > > 
> > > > > 
> > > > > I got a new laptop as my old one died: an HP Probook 470 G4. 
> > > > > I installed Centos 7 1511.
> > > > > The laptop has a Kaby Lake i5 CPU and an 
> > > > > 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev
> > > > > a2). 
> > > > > Fedora recognizes it as a GM108M/930MX. This may give some
> > > > > hints,
> > > > > but
> > > > > it is not that the standard kernel does not support it, this
> > > > > output
> > > > > comes from the 4.8.7 mainline kernel which should support
> > > > > this
> > > > > configuration? GM108 support was added in kernel 4.7, Kaby
> > > > > lake
> > > > > support
> > > > > was added in 4.5...
> > > > > 
> > > > > When I boot nothing shows up after the UEFI Grub menu: the
> > > > > system
> > > > > runs
> > > > > but nothing is shown on the display, except for a non-
> > > > > blinking
> > > > > cursor
> > > > > in the upper left of the screen. I tried a number of things:
> > > > > - Installed the latest ml-kernel from Elrepo (4.8.7-1)
> > > > > - I also tried the following on the kernel commandline:
> > > > >   nomodeset i915.nomodeset=0 nouveau.modeset=0
> > > > > Nothing changes the fact that there is no display.
> > > > > 
> > > > > I had to install Centos 7 using vnc as even a text install
> > > > > did
> > > > > not
> > > > > work
> > > > > 
> > > > > Does anybody have some idea what the cause could be and what
> > > > > to
> > > > > try
> > > > > next?
> > > > 
> > > > Did you try CTRL-ALT-F2 or -F3 ? perhaps X has just died (or
> > > > not
> > > > been
> > > > properly started), but that would get you a text-mode consosle
> > > > from
> > > > which to work and experiment.
> > > > 
> > > > if that works, you could try typing "startx" (lose the quotes).
> > > > which
> > > > may provide informative errors. or not. 
> > > > 
> > > > YMMV
> > > > 
> http://mirror.centos.org/altarch/7/experimental/x86_64/>; > > 
> > 
> > > 
> > > Thanks for your response, but...
> > > No, tried it, but that did not work either unfortunately.
> > > 
> > 
> > If you still have the machine available, try using the experimental
> > kernel:
> > 
> > http://mirror.centos.org/altarch/7/experimental/x86_64/
> > 
> > Also, what graphic card does it use?
> 
> 
> Hi Johnny,
> Yes I still have the laptop. Too nice a machine to send back…
> 
> The experimental kernel cannot be installed due to a missing xorg-
> x11-
> drv-vmmouse >= 14.0.0 package. Do you know where can I find that
> package?
> 
> The graphic card may indeed be the problem as the laptop has both a
> HD
> 620 in the processor and a Nvidia device 134e (rev A2). with the
> Fedora
>  25 kernel loaded, glxinfo reports that the i915 driver could not be
> loaded and that Gallium 0.4 on llvmpipe is used.
> 
> The f25 beta kernel does work on Centos after updating xfs-progs and
> linux-firmware from f25 Beta (but crashes at a reboot)
> 
I now have the kernel-ml working. I missed updating the linux-firmware
from elrepo. I still see errors on a pcieport, but things seem to work
fine.

BR, Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 7 and Kably lake: black screen

[Louis Lagendijk]

On Mon, 2016-11-14 at 06:48 -0600, Johnny Hughes wrote:
> On 11/12/2016 02:39 PM, Louis Lagendijk wrote:
> > 
> > On Sat, 2016-11-12 at 15:34 -0500, Fred Smith wrote:
> > > 
> > > On Sat, Nov 12, 2016 at 09:15:22PM +0100, Louis Lagendijk wrote:
> > > > 
> > > > 
> > > > I got a new laptop as my old one died: an HP Probook 470 G4. 
> > > > I installed Centos 7 1511.
> > > > The laptop has a Kaby Lake i5 CPU and an 
> > > > 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev
> > > > a2). 
> > > > Fedora recognizes it as a GM108M/930MX. This may give some
> > > > hints,
> > > > but
> > > > it is not that the standard kernel does not support it, this
> > > > output
> > > > comes from the 4.8.7 mainline kernel which should support this
> > > > configuration? GM108 support was added in kernel 4.7, Kaby lake
> > > > support
> > > > was added in 4.5...
> > > > 
> > > > When I boot nothing shows up after the UEFI Grub menu: the
> > > > system
> > > > runs
> > > > but nothing is shown on the display, except for a non-blinking
> > > > cursor
> > > > in the upper left of the screen. I tried a number of things:
> > > > - Installed the latest ml-kernel from Elrepo (4.8.7-1)
> > > > - I also tried the following on the kernel commandline:
> > > > nomodeset i915.nomodeset=0 nouveau.modeset=0
> > > > Nothing changes the fact that there is no display.
> > > > 
> > > > I had to install Centos 7 using vnc as even a text install did
> > > > not
> > > > work
> > > > 
> > > > Does anybody have some idea what the cause could be and what to
> > > > try
> > > > next?
> > > 
> > > Did you try CTRL-ALT-F2 or -F3 ? perhaps X has just died (or not
> > > been
> > > properly started), but that would get you a text-mode consosle
> > > from
> > > which to work and experiment.
> > > 
> > > if that works, you could try typing "startx" (lose the quotes).
> > > which
> > > may provide informative errors. or not. 
> > > 
> > > YMMV
> > > 
http://mirror.centos.org/altarch/7/experimental/x86_64/> > > 
> > Thanks for your response, but...
> > No, tried it, but that did not work either unfortunately.
> > 
> 
> If you still have the machine available, try using the experimental
> kernel:
> 
> http://mirror.centos.org/altarch/7/experimental/x86_64/
> 
> Also, what graphic card does it use?


Hi Johnny,
Yes I still have the laptop. Too nice a machine to send back…

The experimental kernel cannot be installed due to a missing xorg-x11-
drv-vmmouse >= 14.0.0 package. Do you know where can I find that
package?

The graphic card may indeed be the problem as the laptop has both a HD
620 in the processor and a Nvidia device 134e (rev A2). with the Fedora
 25 kernel loaded, glxinfo reports that the i915 driver could not be
loaded and that Gallium 0.4 on llvmpipe is used.

The f25 beta kernel does work on Centos after updating xfs-progs and
linux-firmware from f25 Beta (but crashes at a reboot)

> 
> Thanks,
> Johnny Hughes
> 
> 
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos.org down??

[Louis Lagendijk]

On Wed, 2016-11-16 at 15:14 +0530, Syam G Krishnan wrote:
> Hi guys,
> 
> Is there any problem with www.centos.org?
> It seems down for me, was trying since last two weeks.
> 
> 
works for me now and has been working earlier this week when I needed
to download some install images. Must be something on your side.
Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 7 and Kably lake: black screen

[Louis Lagendijk]

On Sat, 2016-11-12 at 15:34 -0500, Fred Smith wrote:
> On Sat, Nov 12, 2016 at 09:15:22PM +0100, Louis Lagendijk wrote:
> > 
> > I got a new laptop as my old one died: an HP Probook 470 G4. 
> > I installed Centos 7 1511.
> > The laptop has a Kaby Lake i5 CPU and an 
> > 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev a2). 
> > Fedora recognizes it as a GM108M/930MX. This may give some hints,
> > but
> > it is not that the standard kernel does not support it, this output
> > comes from the 4.8.7 mainline kernel which should support this
> > configuration? GM108 support was added in kernel 4.7, Kaby lake
> > support
> > was added in 4.5...
> > 
> > When I boot nothing shows up after the UEFI Grub menu: the system
> > runs
> > but nothing is shown on the display, except for a non-blinking
> > cursor
> > in the upper left of the screen. I tried a number of things:
> > - Installed the latest ml-kernel from Elrepo (4.8.7-1)
> > - I also tried the following on the kernel commandline:
> > nomodeset i915.nomodeset=0 nouveau.modeset=0
> > Nothing changes the fact that there is no display.
> > 
> > I had to install Centos 7 using vnc as even a text install did not
> > work
> > 
> > Does anybody have some idea what the cause could be and what to try
> > next?
> 
> Did you try CTRL-ALT-F2 or -F3 ? perhaps X has just died (or not been
> properly started), but that would get you a text-mode consosle from
> which to work and experiment.
> 
> if that works, you could try typing "startx" (lose the quotes). which
> may provide informative errors. or not. 
> 
> YMMV
> 
> 
Thanks for your response, but...
No, tried it, but that did not work either unfortunately.
Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 7 and Kably lake: black screen

[Louis Lagendijk]

I got a new laptop as my old one died: an HP Probook 470 G4. 
I installed Centos 7 1511.
The laptop has a Kaby Lake i5 CPU and an 
01:00.0 3D controller: NVIDIA Corporation Device 134e (rev a2). 
Fedora recognizes it as a GM108M/930MX. This may give some hints, but
it is not that the standard kernel does not support it, this output
comes from the 4.8.7 mainline kernel which should support this
configuration? GM108 support was added in kernel 4.7, Kaby lake support
was added in 4.5...

When I boot nothing shows up after the UEFI Grub menu: the system runs
but nothing is shown on the display, except for a non-blinking cursor
in the upper left of the screen. I tried a number of things:
- Installed the latest ml-kernel from Elrepo (4.8.7-1)
- I also tried the following on the kernel commandline:
nomodeset i915.nomodeset=0 nouveau.modeset=0
Nothing changes the fact that there is no display.

I had to install Centos 7 using vnc as even a text install did not work

Does anybody have some idea what the cause could be and what to try
next?

/Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Hardware Support of CentOS 6: Mini-PC

[Louis Lagendijk]

On Tue, 2016-07-12 at 15:04 +0200, Walter H. wrote:
> On Tue, July 12, 2016 12:51, Earl A Ramirez wrote:
> > if I had any knowledge of systemd and other things that are more
> > than
> > > totally different ...
> > > I'm not an expert; is ip(6)tables still part of CentOS 7?
> > > 
> > 
> > It is available but not installed by default, you will have to
> > install it
> > and stop and disable firewalld.
> > 
> and this done by which shell command?
> (as I have nearly no knowledge about systemd)
> 
> in C6 I'd do
> 
> chkconfig iptables on
> chkconfig ip6tables on
> service iptables start
> service ip6tables start
> 
iptables itself is to the bast of my knowledge still part of the
standard install.
You want to:
yum install iptables-services
systemctl disable firewalld
systemctl stop firewalld
systemctl enable iptabpes
systemctl enable ip6tables
systemctl start iptables
systemctl start ip6tables


But unless you need some fancy stuff in the firewall, I would recommend
to simply use firewalld and use the graphical firewall-config to manage
it (or firewall-cmd if you do not have a graphical env.)

Louis



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problems with CentOS 7 and X w/ nvidia

[Louis Lagendijk]

On Mon, 2016-02-29 at 17:12 -0500, m.r...@5-cent.us wrote:
> Ok, here's a bit more on the issues: I see in Xorg.0.log that it
> appears
> to have loaded the NVidia drivers I built from proprietary. But, and
> this
> may, or may not be significant, the user's home directory is, of
> course,
> NFS mounted.
> 
> And his old machine that dies was running CentOS 5.
> 
> Is it possible that some of the gnome settings are breaking things
> with
> CentOS 7's default gnome? If so, what kinds of things should I be
> looking
> for?
> 
> mark
hi Mark
Did you set the sebool: 
use_nfs_home_dirs --> on?

Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Network configuration issue with second public ip on CentOS 6

[Louis Lagendijk]

On Wed, 2015-12-23 at 19:04 +0100, Patrick Bervoets wrote:
> 
> > Op 23 dec. 2015 om 18:31 heeft Valeri Galtsev  > o.edu> het volgende geschreven:
> > 
> > 
> > > 
> > 
> > If I understand IP networking correctly, you only can have
> > "aliases" of
> > the interface appear on the _same_ network segment (I'm tempted to
> > say
> > same class C network) as the main IP of interface, say you have:
> > 
> > DEVICE=eth0
> > IPADDR=x.y.z.w
> > NETMASK=255.255.255.0
> > GATEWAY=x.y.z.254
> > 
> > Then with the restriction I mentioned you can have alias:
> > 
> > DEVICE=eth0:0
> > IPADDR=x.y.z.a
> > NETMASK=255.255.255.255
> > 
> > Note that "x.y.z." part is the same in both IPs.
> > 
> > Somebody may correct me if I'm wrong.
> > 
> > Valeri
> > 
> > > 
> > > 
> I have used an 10. Alias on a 192. Interface so it is possible
> Patrick

I believe you are right. A netmask of 255.255.255.255 however seems
wrong. With that netmask a broadcast for address resolution will not
work... 
Louis
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.2 installer missing virt-what

[Louis Lagendijk]

On Wed, 2015-12-23 at 13:55 -0600, Chris Adams wrote:
> In previous CentOS releases, virt-what was included in the install
> image.  This made it easy for me to spin a custom ISO with my package
> set and a kickstart that would add open-vm-tools or ovirt-guest-agent 
> as
> appropriate (when installing the respective guest environments).
> 
> I updated my ISO to 7.2, and virt-what is nowhere to be found.  I
> assume
> this is copied from RHEL; anybody know any explanation?
> 
> For now, I'm falling back to matching strings in
> /sys/class/dmi/id/product_name.  Is there some better way to
> determine
> what (if any) virtual environment the installer is running under?
> 
Just install package virt-what?

# yum provides */virt-what
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * nux-dextop: li.nux.ro
virt-what-1.13-6.el7.x86_64 : Detect if we are running in a virtual
machine
Repo: base
Matched from:
Filename: /usr/sbin/virt-what



virt-what-1.13-6.el7.x86_64 : Detect if we are running in a virtual
machine
Repo: @cr
Matched from:
Filename: /usr/sbin/virt-what

BR, Louis

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd nfs mount problem [SOLVED]

[Louis Lagendijk]

On Fri, 2015-02-27 at 16:46 -0500, m.r...@5-cent.us wrote:
 m.r...@5-cent.us wrote:
  m.r...@5-cent.us wrote:
  I'm exporting a directory, firewall's open on both machines (one CentOS
  6.6, the other RHEL 6.6), it automounts on the exporting machine, but
  the
  other server, not so much.
 
  ls /mountpoint/directory eventually times out (directory being the NFS
  mount). mount -t nfs server:/location/being/exported /mnt works... but
  an
  immediate ls /mnt gives me stale file handle.
 
  The twist on this: the directory being exported is on an xfs
  filesystem...
  one that's 33TB (it's an external RAID 6 appliance).
 
  Any ideas?
 
  Oh, yes: I did just think to install xfs_progs, and did that, but still no
  joy.
 
 
 Since we got the RAID appliance mounted, we'd started with a project
 directory on it, and that exported just fine. So what seems to work was to
 put the new directory under that, and then export *that*.  That is,
 /path/to/ourproj, which mounts under /ourproj, and we wanted to mount
 something else under /otherproj, (note that ourproj is the large xfs
 filesystem), so instead of /path/to/otherproj, I just exported
 /path/to/ourproj/otherproj, and mounted that on the other system as
 /otherproj.
 
What NFS version are you using? V4? if so, have a look at the nfs4
requirement to export the parent of you exports wih fsid=1

 Does that make sense? Clear as mud? Anyway, it looks like we have our
 workaround.
 
mark wish nfs could handle an option of inode64
I have  no experience with the combination of xfs and nfs, but it seems
to be possible, see: 
http://xfs.org/index.php/XFS_FAQ#Q:_Why_doesn.27t_NFS-exporting_subdirectories_of_inode64-mounted_filesystem_work.3F

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] restarting mysql databases

[Louis Lagendijk]

On Mon, 2014-10-06 at 15:43 -0400, Robert Moskowitz wrote:
 
  failed with:
 
  mysqladmin: connect to server at 'localhost' failed
  error: 'Access denied for user 'root'@'localhost' (using
 password: 
  NO)'
 
Please read the above carefully: using password: NO
Specifying the password requires the -p or --password option. Just
specify -p on the command line and let mysqladmin ask for the
password...




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Canon PIXMA mg5420 or HP Photo Smart 7520

[Louis Lagendijk]

On Tue, 2014-09-09 at 10:46 +0200, Christoph Neuhaus wrote:
 Hi Ken
 
 
  In need of a new printer, having done a bit or research, and considering 
  either the Canon PIXMA mg5420 or the HP Photo Smart 7520.
 
  There are Linux drivers for the Photosmart which are supposed to handle 
  both the printer and the scanner.  But in my research I haven't found (yet) 
  anyone who's gotten the scanner to work with Linux on the Photosmart, let 
  alone the sheet feeder for it.
The Canon MG5420 is supported by Gutenprint, so printing should be ok.
Sane supports the MG5400Series for scanning (at least in GIT but as yet
untested) so scanning should work too or can easily be made to work


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Yum cant find kernel-pae

[Louis Lagendijk]

On Mon, 2014-09-08 at 13:52 -0400, Bob Metelsky wrote:
 Hi I have a dell 770
 bios sees 8g
Is this a PowerVault 770?
Accoding to http://www.dell.com/downloads/emea/products/pvaul/77XN.pdf
 It does support only 3GB of Ram. Can you please post a complete output
of dmidecode. It may very well be a case where the on-board chipset is
limited to 4GB address space minus the PCI addres space that leaves only
3 - 3.5GB ofg Ram space



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Use postfix and spamd on CentOS 6 - looking for a shortest guide

[Louis Lagendijk]

On Thu, 2014-08-14 at 01:19 +0200, Timothy Murphy wrote:
 Les Mikesell wrote:
 
  On Wed, Aug 13, 2014 at 5:55 PM, Timothy Murphy
 
  In my experience email has been working without problems
  for as long as Unix has been running,
  long before system administrator exams were invented.
  
  That was back when it was safe to assume that those one or more
  destination wanted to receive anything that showed up on port 25.   Or
  that you could reasonably accept the unwanted data and subsequently
  send it back to wherever the From: line said it came from.   Which was
  basically never but people used to do it before they knew better.
 
 But it is still reasonably easy to say what you want to do with email,
 even if it is hard to implement.
 My statement was that the TASK of postfix is fairly easy to understand.
 
Yes, but you want to add a turbo to the combustion engine and then the
simple user interface is not enough anymore... 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Miredo server for Centos 6

[Louis Lagendijk]

On Thu, 2014-07-03 at 12:20 -0500, Les Mikesell wrote:
 On Thu, Jul 3, 2014 at 12:07 PM, Robert Moskowitz r...@htt-consult.com 
 wrote:
 
  Have you tried the simple-minded approach of downloading the fedora
  src rpm and doing an 'rpmbuild --rebuild' of it?  Sometimes all it
  take to make that work is installing whatever dependencies are
  missing, sometimes that turns out to be difficult or impossible,
  depending on required versions and conflicts.   You might have a
  better chance of making this work after Centos 7 is out, though.
 
  For various reasons I lean toward installing software over doing my own
  builds.  No one else is going to do the write ups I need for
  management.
 
 Sure, but the rpm package you get from rebuilding an existing fedora
 source rpm is going to be essentially the same thing you'd get if the
 maintainer built it for centos6/EPEL.   That is, all of the things
 that would make it 'your' build have already been done by someone else
 and coded in the spec file.   If it works...

First a note to Robert: miredo-server is a separate rpm package, but it
is built from the same source rpm as the other miredo packages. 

I donloaded the src rpm for Fedora 20. That package depends on having
systemd (so it would most likely work on RHEL7).
If I remove the systemd references (the requires/ build requires and
the .service files) it builds without any more issues. If you can create
your own init files you should be all set.

The changelog says:
Tue Apr 24 2012 Jon Ciesla limburg...@gmail.com - 1.1.7-8 - Migrate to
systemd, BZ 789782.
so if you take a Fedora 1.1.7-7 or earlier src rpm, you could probably
easily take the spec file and use the 1.2.6 tar file to build a working
setup

regards, Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6 mount of ntfs formatted usb stick fails

[Louis Lagendijk]

On Wed, 2014-04-16 at 18:26 +1200, Rob Kampen wrote:
 On 04/15/2014 02:42 PM, Russell Miller wrote:
  On Apr 14, 2014, at 7:23 PM, John R Pierce pie...@hogranch.com wrote:
 
  On 4/14/2014 6:06 PM, Rob Kampen wrote:
  I recently received an 8GB usb stick that fails to mount on my fully
  patched CentOS 6.5 desktop machine.
 
  The stick works just fine on a windoze 7 laptop (my daughter's) with
  no special drivers installed.
  most USB sticks are formatted FAT32
 

 file when applied /dev/sdf/(1) indicted a block device - nothing else 
 helpful.
Try as root: 
dd if=/dev/sdf1 of=somefile count=100
file somefile

regards, Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] USB to Ethernet problem

[Louis Lagendijk]

On Tue, 2014-03-18 at 18:35 +0800, Giri Prasad wrote:
 On 18/03/14 19:49, Giri Prasad wrote:
 
  Now, after assigning a static IPV4 address, this eth1 is pinging to the 
  default gateway 192.168.1.1. But eth1 is not pinging/connecting to the 
  external internet. Can someone please provide some answers.
 
 
 
 Can you ping an IP Address - such as 8.8.8.8?

 
 
 # ping 8.8.8.8
 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
 ^C
 --- 8.8.8.8 ping statistics ---
 18 packets transmitted, 0 received, 100% packet loss, time 17372ms
 
 
Do you have NAT enabled somewhere? It looks as if you do not have it or
you have a routing issue on 192.168.1.1?
You will need it to be able to reach anything outside your own
network What does nslookup google.com say?


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Dug myself into a hole

[Louis Lagendijk]

On Mon, 2014-02-17 at 14:08 +, Styma, Robert E (Robert) wrote:
 I just build a CentOS 6 machine to replace my old machine which
 broke to where I could not fix it.  In attempting to get the applications
 running which had worked on the old machine, I did updates from several
 repos such as rpmforge, atrpms, livna, epel,  etc.
 Some of the attempts ended going down blind alleys.
 
 Now I have a mix of rpm's from various sites that I do not need, but they
 are listed as dependencies of other rpm's.  
 
 The rpmforge rpm's are marked with rf.
 Is there a process to check which of these rpm's are also in the
 base libraries and force them back in?
 
 I really do not want to go back to square 1 and reload the system
 from scratch.
 
 Bob S
Disable the offending repositories and then run 
yum distro-sync

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] odd mcelogd problem

[Louis Lagendijk]

On Tue, 2014-02-11 at 17:29 -0500, m.r...@5-cent.us wrote:
 CentOS 6.4, 2.6.32-358.11.1.el6.x86_64
 (And no, I can't just upgrade - the users have to be sure that the
 computational results will be correct)
 
 It's throwing ECC errors. Trying to start mcelogd, first it said nothing.
 Restart told me Please load edac_mce_amd module. I did a modprobe
 edac_mce_amd, and lsmod tells me it's in. But now
 service mcelogd restart
 Stopping mcelog
 Starting mcelog daemon [FAILED]
 AMD Processor family 16: Please load edac_mce_amd module.
[FAILED]
 
 And in messages,  mcelog: CPU is unsupported#012: Success
 Success?
 
 Anyone have any ideas what I'm missing; why I've loaded what it says it
 needs, and it still thinks it needs it?
 
Did you check /var/log/messages for errors reported by the module when
you modprobe'd it?
Kind regards,
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] died again

[Louis Lagendijk]

On Sat, 2013-12-07 at 00:58 -0500, Darr247 wrote:
 On 07 December 2013 @02:57 zulu, Michael Hennebry wrote:
 
 
 The CPU heat sink is under the fan pointing down towards the motherboard.
 You lift those 2 levers to release it, and there's likely another lever 
 under it all locking the CPU into the socket.
The picture is not very clear, but it looks as if the heatsink on the
processor has collected a lot of dust, probably blocking the air flow.
Do not yet remove the heat sink ( I am always weary of doing so) but try
to remove the dust first if there is a lot of it. 
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update interruption recovery

[Louis Lagendijk]

On Wed, 2013-12-04 at 20:32 -0800, Hugh E Cruickshank wrote:
 From: Hugh E Cruickshank Sent: December 4, 2013 15:09
  From: Frank Cox Sent: December 4, 2013 15:04
   On Wed, 4 Dec 2013 14:55:03 -0800 Hugh E Cruickshank wrote:
Tried that but it failed. 
   
   Describe failed.
  
  That happened yesterday and I can not recall specifically what it
  said. I am currently in the process of backing up the hard drive
  before proceeding any further. I will see if I can get the error a
  little later today.
 
 Well I am unable to locate the error message as it does not appear to
 be logged. In the interim I have done a lot more research and I now
 suspect that I have two separate problems:
 
 1. Since the yum update did not complete then it never had a chance
to update the rpm database,
 
 2. We probably have one or more packages that have been install but
the predecessor has not be removed.
 
 I have done the following:
 
 a. Rebuilt the rpm database:
 
 rm -f /var/lib/rpm/__db*
 rpm --rebuilddb
 
 b. I then retried the yum update this aborted report conflicts in
systemtap packages.
 
 c. I listed the installed systemtap packages:
 
rpm -qa | grep systemtap | sort
 
This revealed that there were two systemtap-devel packages
installed and I removed the newer one.
 
 d. I then retried yum update and this appeared to work fine until it
got to:
 
Cleanup  : 1:xorg-x11-drv-nouveau-1.0.1-3.el6.x86_64  286/513
 
 At this point the system appears to be hung. I can not proceed any
 further this evening as I am working on this from home and I do not
 have physical access to the server to reboot it. In the morning I
 will reboot the server and try again but this time I am going to do
 a yum clean all to the rpm database rebuild.
 
 Any thoughts or comments would be appreciated.
 
Try package-cleanup --problems and see what it returns
package-cleanup --cleandupes  may helps with removal of duplicates

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] died again

[Louis Lagendijk]

On Tue, 2013-12-03 at 15:16 -0600, Michael Hennebry wrote:
 On Wed, 27 Nov 2013, m.r...@5-cent.us wrote:
 
  Michael Hennebry wrote:
  On Wed, 27 Nov 2013, m.r...@5-cent.us wrote:
 
  One thing I've never done, or thought of until now, was whether the
  thermal grease between the CPU and the heat sink had dried out. If it's
  running hot, that's a possibility, so you might clean that off and put
  on some new (a buck or so at any computer parts store). Doesn't need
  much -
  the force of tightening the heat sink will spread it much farther than
  you expect it to, and you don't want it coming out the sides.
 
  the force of tightening the heat sink frightens me silly,
  but I suppose that would be better than a dead CPU fan.
  My recollection is that that does not come off.
 
  Not to worry. It will probably be a lever that you push down and it
  catches. I doubt it's like in some servers, where you screw it on... and
  even in that case, you screw it till you feel it stop turning.
 
In any case: check the fans first. There may also be a lot of dirt on
the heat sink. These are much more likely culprits than the thermal
paste. 

 If thermal grease is the problem,
 how do I find out and how do I clean off the old stuff?
 I've read that just adding more is not a good idea.
 If I add to much thermal paste, what do I do about it?
 
If everything else fails you can try to replace the old thermal paste. I
It seems unlikely that this is the cause of your problems. I have seen
quite a number of issues with fans and dirty heat sinks. None that I can
remember of bad thermal paste. I may have seen one case where there was
none at all (assembly mistake).  
Remember that the paste is only to be used to fill up the really small
unevenness between heat sink and heat spreader on the processor. Unless
you are overclocking I would not expect much difference from a new
thermal paste

As mark already pointed out a little alcohol is very helpful to remove
old paste. Use a lint free cloth to remove it. 
Then just put a little new paste on in the middle of the processor and
use a credit card to spread it out as thin as possible. The credit card
is flexible enough to follow the surface accurately. And don't let the
paste spread out from the sides of the heat spreader. 

Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] died again

[Louis Lagendijk]

On Tue, 2013-11-26 at 11:34 -0600, Michael Hennebry wrote:
 On Tue, 26 Nov 2013, m.r...@5-cent.us wrote:
 
  Michael Hennebry wrote:
  Ouch.
  $200+ before installation,
  and I'd still have a computer some Linuxes don't like.
 
  Expensive board. Is this at home? I got a Gigabyte board and Core I-3
 
 Yes.  It's the only computer I've owned with
 either a hard drive or more than 8K of memory.
 
 I've used others.
 
  combo at MicroCenter for under $200, I think. Installation? Hey, we're
  sysadmins, we build our own systems! g
 
 What's this we?
 I've opened the case three times and done four things:
 I've installed a new hard drive.  The old one is still working.
 I've zapped the original video card, AGP.
 I've blown dust.
 I've had someone else install new RAM.
 
 When I get up the nerve to open it again,
 I'll blow dust and look for misplaced intestines.
 
 In the mean time, I'll boot back to CentOS and see how long it lasts.
 
You may want to check the bios for some settings. I recently fixed some
issues with my server system here at home (gen 1 i7 920) by turning ACPI
2.0 off. I first replaced the power supply but that did improve the
situation from disk errors once every day or 2 to once every 5 days.
Make sure you have the latest bios as well. 



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Dovecot SLOW with sssd in centos 6

[Louis Lagendijk]

On Mon, 2013-07-01 at 12:34 +0200, FABIO FERRARI wrote:
 Hello,
 
 I have a big performance problem with a mail server using dovecot and
 authenticating users via ldap.
 The architecture of the machine is a local ldap and mysql server, they are
 used by dovecot for authenticating the mail users.
 
 If i use pam_sss the mail server has about 1/8 - 1/10 the performances it
 has if i use the pam_ldap.
What exactly does this mean? Is this dovecot performance or something
else?

 Even doing a 'time ls -l' on the mail tree (there are about 3000 ldap
 users in that directory) it is very very slow, the first time I try to do
 it after a reboot, it takes about 6 minutes with sssd, and about 8 seconds
 with ldap.
 
Did you specify enumerate = True in sssd.conf? This may cause delays
when you have many users in the directory...

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Need a Centos 6 USB hard drive recovery procedure

[Louis Lagendijk]

On Sat, 2013-06-01 at 19:52 +, Rock wrote:
 On Sat, 01 Jun 2013 16:40:46 +, Rock wrote:
 
  Now comes the biggie, backing up the entire 150MB disk:
  Q: Maybe I should have used the conv=noerror option
  as suggested in the dd wikipedia entry?
  $ sudo dd if=/dev/sdc1 of=/mnt/image.dd bs=1M
 
 The dd finished backing up after about 3 hours.
 
 $ sudo dd if=/dev/sdc1 of=/mnt/image.dd bs=1M
 == 152625+1 records in
 == 152625+1 records out
 == 160039240704 bytes (160 GB) copied, 9750.86 s, 16.4 MB/s
 
 Although I can't see to change the permissions of the result:
 $ ls -l
 == -rwxrwxrwx. 1 root root 160039240704 Jun  1 12:13 image.dd
 $ sudo chmod uog=r /mnt/image.dd
 $ ls -l
 == -rwxrwxrwx. 1 root root 160039240704 Jun  1 12:13 image.dd
 $ sudo chmod 555 ./image.dd
 $ ls -l
 == -rwxrwxrwx. 1 root root 160039240704 Jun  1 12:13 image.dd
 
 At this point, some people said to try to recover using 
 the backup; while others said I should work off the original disk.
 
 I think I'll try the testdisk recover procedure first.
 
testdik can work on a disk image, so I recommend using that. Don't risk
chaging the original disk (although testdisk is not supposed to touch it
IIRC)
/Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Need a Centos 6 USB hard drive recovery procedure

[Louis Lagendijk]

On Sat, 2013-06-01 at 04:18 +, Rock wrote:
 On Sat, 11 May 2013 22:28:53 +0200, Louis Lagendijk wrote:
 
  here is a quick list of what to do:
 Thanks. I needed this step-by-step procedure; and I'll report back.
 I bought a new 2TB disk, named My Passport.
 I will test the procedure with a spare 500GB disk, named Signature Mini.
 
  1) connect your spare disk (USB) (not the bad disk!) and as root
  check what device id it got (tail /var/log/messages) look for detected
  partitions there or do 
  fdisk -l /dev/sdx where the sdx is what you found from /var/log/messages
 
 0. $ sudo tail -f /var/log/messages
 1. I plugged in the 2TB new disk.
 == May 31 20:52:37 ntfs-3g[4213]: Mounted /dev/sdb1 (Read-Write, label My 
 Passport, NTFS 3.1)
 2. $ sudo fdisk -l /dev/sdb
 == Disk /dev/sdb: 2000.4 GB, 2000365289472 bytes
 == /dev/sdb1 1 243198 1953480704 7 HPFS/NTFS
 
  2) As root Mount the disk:
  mount /devsdxy /mnt 
  (where y is the partion number you want to mount)
 
 3. $ sudo mount /dev/sdb1 /mnt
 == Mount is denied because the NTFS volume is already exclusively opened.
 == The volume may be already mounted, or another software may use it which
 == could be identified for example by the help of the 'fuser' command.
 
  if mounted goto 3
  This may fail if it is ntfs
  2B) If it fails format the disk as ext4:

  mkfs /dev/sdxy
  and then mount it as under 2
 
 Should I now format the 2TB disk using this command?
  $ sudo mkfs /dev/sdb1

You could try without reformatting it: just check where it is mounted:
mount |grep sdb1 
this will show where the disk got mounted.


 And then mount it as:
  $ sudo mount /dev/sdb1 /mnt
 
  3) I assume here that your bad disk is already connected (as sdz check
  first what the real name is)
 
 At this point, I connect the 500GB test disk and this shows up
 in the tail of /var/log/messages:
 May 31 21:02:39 ntfs-3g[4787]: Mounted /dev/sdc1 (Read-Write, label 
 SignatureMini, NTFS 3.1)

Check whee it got mounted 
mount |grep sdc1
and umount it to be sure

  dd if=/dev/sdz of=/mnt/image.dd bs=1M
  This will copy the contents of your bad disk to image.dd
 
this now becomes:
dd if=/dev/sdc1 of=path to the mount point for the new disk/image.dd

 Is this the correct command given the test information above:
   $ sudo dd if=/dev/sdc of=/mnt/image.dd bs=1M
  
  4) just to be sure, make the image read-only
  chmod uog=r /mnt/image.dd
 
 I presume I do this after the previous dd command finishes.
   $ sudo chmod uog=r /mnt/image.dd
  
Correct

  5) install testdisk from the epel repo
  yum install testdisk
 
   $ sudo yum --enablerepo epel install testdisk -y
   == Installed: testdisk.x86_64 0:6.12-2.el6 
   
  
   == Dependency Installed: libewf.x86_64 0:20100226-1.el6 
   Note: This apparently installs /usr/bin/photorec  
 
  6) now run photorec from a directory where you have sufficient space,
  ifg your usb disk is big enough do it there (hint create a sub-directory
  mdkdir /mnt/recover
  cd /mnet/recover
 
   You probably mean mkdir, so is this what I run:
   $ sudo mkdir /mnt/recover
   $ cd /mnt/recover
 
Indeed, I am a lousy typer and even more lousy at proofreading

  but any dorectory would do
  photorec /mnt/image.dd
 
   $ sudo photorec /mnt/image.dd
 
 Q: Is this the recommended procedure as written after your comments?

Yes, doing it this way makes sure you do not destroy the content of the
old disk as you are working from a copy

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Where did yum install monodevelop?

[Louis Lagendijk]

On Mon, 2013-05-20 at 12:56 -0700, John R Pierce wrote:
 On 5/20/2013 12:28 PM, Frank Cox wrote:
  It's entirely possible that I'm missing something, but how does that tell me
  what pre- and post-install steps the rpm does, or what patches are applied 
  to
  the binaries?  All I get is a list of files and directories.  I don't think
  it's possible to extract a spec file from a binary rpm.  Or is it?
 
 Ah, i thought the OP was asking where the files were installed.
 
 
 

As such it is not possible to retrieve the complete spec. The actions
can be viewed however with the -- script option to rpm, eg:
rpm -q --scripts binutils

I do not see how one can see what patches are installed.

The problem the OP has comes from the fact that the rpm is not signed,
so it must be installed with the --nogpgcheck option to yum. Without the
option IIRC yum complains about the missing signature and does not
install the package.






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Where did yum install monodevelop?

[Louis Lagendijk]

On Mon, 2013-05-20 at 16:15 -0500, John R. Dennison wrote:
 On Mon, May 20, 2013 at 10:59:35PM +0200, Louis Lagendijk wrote:
  The problem the OP has comes from the fact that the rpm is not signed,
  so it must be installed with the --nogpgcheck option to yum. Without the
  option IIRC yum complains about the missing signature and does not
  install the package.
 
 You could have let it go at the first line:  The problem is indeed that
 the rpms are not signed.  --nogpgcheck is not a viable option on a
 server you care about unless you are 100% sure (ie. audited everything
 yourself and/or built the rpm yourself) that things are germane.
 
Indeed, installing an RPM from an unknown source, even if it is signed
(with a key from the same source) is taking a big risk. I assumed that
the OP understood that. 



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Need a Centos 6 USB hard drive recovery procedure

[Louis Lagendijk]

On Sat, 2013-05-11 at 19:18 +, Rock wrote:
 On Sat, 11 May 2013 15:35:31 +, Rock wrote:
 
  Currently I'm at day 3, and almost done recovering the 
  files; but the results (sadly, due to my error in the 
  Recuva settings) are flatter than the plains of Kansas!
 
 Just for the record, Recuva finished at 66 hours:
  http://www5.picturepush.com/photo/a/12907423/img/12907423.jpeg
 
 It's odd that I'm having trouble finding a good tutorial
 for Linux recovery of the master table of contents, since 
 it must be happening to others day in and day out.
 
 Fundamentally, the procedure is to dd the disk and then 
 work off the backup but I don't want to make a mistake so 
 that's why an exact procedure is so critical to find.
 
 It's expensive being a pioneer; yet I shouldn't have to be
 a pioneer for this task, since it happens every day.
 
 Will read everything written and try to find a tutorial.
 
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

ok, here is a quick list of what to do:

1) connect your spare disk (USB) (not the bad disk!) and as root
check what device id it got (tail /var/log/messages) look for detected
partitions there or do 
fdisk -l /dev/sdx where the sdx is what you found from /var/log/messages

2) As root Mount the disk:
mount /devsdxy /mnt 
(where y is the partion number you want to mount)
if mounted goto 3
This may fail if it is ntfs

2B) If it fails format the disk as ext4:
mkfs /dev/sdxy
and then mount it as under 2

3) I assume here that your bad disk is already connected (as sdz check
first what the real name is)

dd if=/dev/sdz of=/mnt/image.dd bs=1M

This will copy the contents of your bad disk to image.dd

4) just to be sure, make the image read-only
chmod uog=r /mnt/image.dd

5) install testdisk from the epel repo
yum install testdisk

6) now run photorec from a directory where you have sufficient space,
ifg your usb disk is big enough do it there (hint create a sub-directory
mdkdir /mnt/recover
cd /mnet/recover

but any dorectory would do
photorec /mnt/image.dd

The copy to an image is not really required, but better safe then sorry
I have written this from 
Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] What is the recommended method to obtain Pan 0.136+ (with SSL) for Centos 6?

[Louis Lagendijk]

On Wed, 2013-05-08 at 23:42 +0100, Nux! wrote:
 On 08.05.2013 21:26, Rock wrote:
  Q: What is the recommended method to obtain Pan 0.136+ (with SSL) for 
  Centos 6?
 
 Your best bet is run the Windows installer in wine. Natively is very 
 difficult to run because it requires stuff that's too new to be found in 
 EL6. :)
 That or find an alternative to Pan.
 
 -- 
Right, it requires glib2(-devel) = 2.26.0 and gmime(-devel) = 2.5.5 
You're in for a lot of work as at least the dependency on glib 2.26 is
real

Louis 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] floppy drives

[Louis Lagendijk]

On Sun, 2013-04-07 at 15:45 -0400, mark wrote:
 Yes, really. I've got hundreds of the damn things here at home, and I 
 want to go through them and get rid of them all.
 
 But... to do that I want to read them. I have both a 5.25 and a 3.5 
 drive, both are plugged in, but in the BIOS, all I see is the 3.5. 
 Fine, I figure I'll take care of those.
 
 Nope. I see /dev/fd0 once I've booted up, but neither konqueror nor 
 mount nor fdisk works - the latter telling me that /dev/fd0 is not a 
 valid block device. After some googling, I tried modprobe floppy, which 
 installed it, but still no joy.
 
 Anyone have a clue?
 
   mark
Mark, you said that both floppy drives are connected. Could it be that
both are wired to fd0? One drive could be malfunctioning Try with
only one drive connected at a time at the end of the cable and see if
that helps...
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] floppy drives

[Louis Lagendijk]

On Mon, 2013-04-08 at 12:21 -0400, m.r...@5-cent.us wrote:

 That I don't know, and was trying to think of a way to test it. As I noted
 in another post, the 5.25 light seems to stay on, and I *think* that was
 the one I had disconnected before. I also think I mentioned that after
 bringing it down, connecting, and rebooting, I looked at the BIOS, and it
 told me it *only* saw the 3.5 drive.
 snip
That is why I thought of the cable/drive issue. Please keep in mind that
the bios versions I recall did not detect a drive unless it was told
that there was one (you had to even specify the type/ format of the
drive)
  Any chance that 
 It *looks* like udev knows about it, since it created /dev/fd0 and the
 related devices.
 
From what I recall, the OS gets the information on what is there from
the bios. Look around in the bios and check if you can specify the
format of the floppy drives somewhere...
And the comment about checking if the cable has been put on upside down
(on either side). Please note tat the twist in the cable sits between
drive a and b. Still 4 possibilities to try.

Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] (Al)pine on CentOS 6

[Louis Lagendijk]

On Tue, 2013-03-26 at 06:14 -0400, Max Pyziur wrote:
 Greetings,
 
 The alpine mail rpm indicates that it comes packaged with configuration 
 files (/etc/pine*conf*). However, they aren't there.  Possible?

yes, they are ghost files, not really included in the package

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Setting up bind - location for includes

[Louis Lagendijk]

On Fri, 2013-02-15 at 11:44 -0500, Robert Moskowitz wrote:
 I am setting up bind this time around (just rebuilt my test machine via 
 Kickstart) without chroot.
 
 I have a fair number of includes for named.conf; I have two views and 
 other odds and ends.  My thoughts are to make a directory; /etc/named.d 
 to put all these includes into instead of 'dirtying' up /etc.  This way 
 the only files I replace/add to /etc are named.conf and rndc.key (I 
 would like to work the latter around to also be in named.d, but this 
 impacts rndc itself).
 
There is an /etc/named directory included in the bind package, I assume
that it is meant for this purpose...
I just changed my config to use that (with the chroot package) as it get
bind mount from the standard startup script
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is there a way to _remove_ dependencies from an RPM built from source?

[Louis Lagendijk]

On Sun, 2012-02-26 at 21:05 +0100, Michael Lampe wrote:
 Ljubomir Ljubojevic wrote:
 
  I totally lost you.
 
 No problem. Play the game of chess like your namesake did so well. :)
 
  Please provide specifics, what package, is it in rpm
  or not, details please, so we do not chase out own tails.
 
 Gimme a trick: How to unregister an implicit but formally unavailable 
 runtime dependency in a spec file?
 
 It's there at build time and therfore automatically used. Package builds 
 fine. But it can only be installed by force, because the implicit 
 dependency is explicitly recorded in the RPM. I want to get rid of that, 
 because fixing Intel's stuff is not an option.

Would it be be possible to create a dummy rom that requires the
intel-rpm but does provide the dependency?



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Eeek, my centos6 box won't boot after broken update, need help w/ yum

[Louis Lagendijk]

On Wed, 2012-02-08 at 15:22 +0100, wwp wrote:
 Hello Ljubomir,
 
 
 On Wed, 08 Feb 2012 12:06:44 +0100 Ljubomir Ljubojevic off...@plnet.rs 
 wrote:
 
  On 02/08/2012 11:32 AM, wwp wrote:
   Hello there,
  
  
   I think I've shutdown my box right in the middle of a yum update.. The
   latest kernel installed won't simple boot, and the old one can, but
   only in init 3 mode (tty).
  
From a console, I wanted to complete the yum update and it suggested me
   to do a `yum-complete-transaction`.
  
   yum-complete-transaction tells me that 447 elements are left to run in 1
   transaction, runs and show lots of Removingpackagename  - ud from
   the transaction then processes lots of stuff, and ends with listing
   lots of duplicate packages (mostly Xorg stuff) and.. and that's all.
   Same stuff if I start that command again.
  
   A `yum cleanup` doesn't change it.
  
   Any hint how I could get of that deadly loop?
  
  
  yum history list will give you of last yum transaction (highest 
  number). Use that number in:
  
  yum history undo number, yum history redo number or yum history 
  rollback number
  
  Read man yum for differences between commands if necessary.
 
 Hm. Since I use CentOS (was using Fedora before) I discover some yum
 advanced features, thanks for teaching me, Ljubomir :-).

You may want to try the package-cleanup command. 
package-cleanup --problems could be the first thing to try

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [SOLVED] blue screen instead of login screen

[Louis Lagendijk]

On Fri, 2012-01-13 at 14:34 -0800, Bart Schaefer wrote:
 On Thu, Jan 12, 2012 at 9:16 PM, Frank Cox thea...@melvilletheatre.com 
 wrote:
  On Thu, 12 Jan 2012 12:56:40 -0600
 
  THE REMAINING MINOR ISSUE
  For some reason, the upper left two-thirds of the desktop background is 
  darker
  than the rest of the desktop background.  It's easier to show than to 
  explain
  how it looks, so anyone interested can view it here:
 
  http://www.melvilletheatre.com/1920x1024screenshot.png
 
 Looks to me as if a 1024x768 rendering of the background image is
 being layered on top of a rendering of the same image that has been
 scaled up to 1920x1024.  Have you checked whether you can actually
 place icons on the lower and right parts of the screen?  I'm
 speculating that the desktop manager is still operating at 1024x768
 even though the X screen is larger.

I quite recently had something that looked quite similar on my iMac g5
when I had a cable plugged in to the VGA port. he system apparently
overlaid the VGA screen over the screen on the built in LCD. Does the OP
have a second monitor attached to he system?


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] 6.2 release: a thank you

[Louis Lagendijk]

Gents
I would like to express my appreciation for the unbelievably quick
release of Centos 6.2. Thanks a million! You managed to release 6.2 some
10 days after 6.1. Johnny, you are not that ugly after all :-). 

Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6.2 progress.

[Louis Lagendijk]

On Mon, 2011-12-12 at 11:25 -0500, Lamar Owen wrote:
 For those who don't follow the QA RSS, see:
 http://qaweb.dev.centos.org/qa/node/120
 to get the latest info on the status of 6.2.  Looks good so far!
 _
I am really impressed! That IS quick. 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] When will 6.2 be released.

[Louis Lagendijk]

On Fri, 2011-12-09 at 19:01 -0600, Johnny Hughes wrote:
 Let's go ahead and get this flame thread started now to save time.
 
 The CentOS team sucks ... it took  days to do 6.1 ... it is going to
 take twice as long to get 6.2
 
 My mom said CentOS blows.
 
 kbsingh is ugly.
 
 hughesjr is old and fat.
 
 OK ... that should do.

come on Johnny, there are still plenty of people that appreciate the
work you guys do and are happy to see 6.1 released. Please give us first
a chance to say thank you so much!

I understand that it is frustrating to release CentOS 6.1 right after
RedHat release 6.2 so you can't even allow yourself to relax a bit (and
knowing you guys you HAVE to keep up, not because of the complainer, but
because of your pride in what you are doing and its results).

Thanks for the work on 6.1!

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Upstream 6.2

[Louis Lagendijk]

On Tue, 2011-12-06 at 13:12 -0600, Johnny Hughes wrote:
 On 12/06/2011 09:08 AM, Lamar Owen wrote:
  As much as I hate to be the bearer of news, I saw over 400 updates this 
  morning on my upstream 6.1 box checking the upstream website, yeah, 
  EL6.2 is out, at least for updates.  I didn't see ISO's in my subscribed 
  channel yet, though.
  
  I figured someone would notice soon enough.
  
  So before anyone goes into flame mode, think about the difficulties that 
  have faced the CentOS developers in the past, and please refrain from 
  asking the age-old question 'are we there yet?'  (I have five children, 
  between the ages of 17 and 4; that saying is just a smack old by now for 
  me.)
 
 CentOS-6.1 will be released in the next couple days (all the Trees and
 ISOs are spun and we are getting the mirrors ready to distribute) ... we
 are working on 6.2 right now in conjunction with doing the 6.1 distro
 release.
I am still not able to install ipa-server due to 2 missing packages:
pki-ca and pki-silent. Will they be in the 6.1 release, please, pretty
please?

Thanks to the Centos team for their hard work. Very much apprecited!!!

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Upstream 6.2

[Louis Lagendijk]

On Tue, 2011-12-06 at 19:51 +, Karanbir Singh wrote:
 On 12/06/2011 07:24 PM, Louis Lagendijk wrote:
  I am still not able to install ipa-server due to 2 missing packages:
  pki-ca and pki-silent. Will they be in the 6.1 release, please, pretty
  please?
  
 
 these will be there in the next day or so, the 6.1 media load is going
 to create a bit of turbulance ( not nearly as much as a regular release
 does though )
 
 - KB
Thanks Karanbir!

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] ipa-server

[Louis Lagendijk]

hi
I am a happy user of CentOS since Centos 4. I very much appreciate the
effort you guys are putting into Centos 6.

I am planning to play around with the ipa-server in Centos 6.1. Now I
noticed that ipa-server is in the cr-repository. In order to install
however the pki-ca and pki-silent packages are missing. The fact that
ipa-server is built suggests that these packages have been built. If so,
tit may be an oversight that these packages have not yet been pushed to
the repo. In that case it would be nice if they could be pushed.

If they are not yet ready, I will happily wait for them...(I understand
the complexity of the work involved!!!)

Thanks for the great distro!
Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] VLAN support?

[Louis Lagendijk]

On Thu, 2011-09-29 at 14:15 -0500, Les Mikesell wrote:
 On Wed, Aug 3, 2011 at 11:12 PM, James A. Peltier jpelt...@sfu.ca wrote:
 
  | Are there any new tools in CentOS 6 to configure VLAN interfaces
  | (where
  | the switch passes multiple tagged VLANs over one physical link to the
  | host) or is it best to edit /etc/sysconfig/network-scripts/eth?.vlan#
  | files manually?
  |
 
 
  So far none that I've found.  I use VLANs quite extensively so I'm stuck 
  rolling it with kickstart/puppet or manually when testing.
 
 Where is the best place to find documentation on how to set them up
 manually?   When I use the same ifcfg-eth#.vlan# configs as in 5.x,
 ifup gives me an error about 'Device not managed by NetworkManager' .
 
Don't use NetworkManager, chkconfig NetworkManager off; chkconfig
network on
will do the trick. I don't know that Networkmanagr can handle tagged
vlan interfaces


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] problem in cr: nfs-utils-lib-1.1.5-3.el6.x86_64

[Louis Lagendijk]

On Tue, 2011-09-27 at 09:49 -0700, Paul Heinlein wrote:
 I ran yum update on a CentOS 6.0 machine against the CR repository 
 and noticed that the nfs-utils-lib update broke my rcp.idmap settings:
 
 rpc.idmapd: libnfsidmap: processing 'Method' list
 rpc.idmapd: libnfsidmap: Unable to get init function: 
 /usr/lib64/libnfsidmap/umich_ldap.so: undefined symbol: 
 libnfsidmap_plugin_init
 rpc.idmapd: libnfsidmap: requested translation method, 'umich_ldap', is not 
 available
 rpc.idmapd: Unable to create name to user id mappings.
 
 The /usr/lib64/libnfsidmap/umich_ldap.so library included with the 
 1.1.5-3.el6 update is noticably smaller than the one included in the 
 standard 6.0 package, v. 1.1.5-1.el6.
 
 The rpm checks out correctly via gpg and an rpm2cpio-cpio pipe. 
 Running ldd against the updated library shows the expected links.
 
 But the library appears to not work. Anyone else seen this?
 
not this, but in my case rpcsvcgssd can no longer understand the krb5
from my Fedora WS. Sources are unfortunately no available yet, or I
would have a look to see what is wrong. 
 Sep 27 12:38:22 nest rpc.svcgssd[9212]: ERROR: failed serializing krb5
context for kernel
Sep 27 12:38:22 nest rpc.svcgssd[9212]: WARNING: handle_nullreq:
serialize_context_for_kernel failed
Sep 27 12:38:22 nest rpc.svcgssd[9212]: ERROR: GSS-API: error in
gss_export_lucid_sec_context(): GSS_S_NO_CONTEXT (No context has been
established) - (0x7f6e)

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables

[Louis Lagendijk]

On Wed, 2011-08-31 at 19:00 +0100, Always Learning wrote:
 On Wed, 2011-08-31 at 13:55 -0400, Lamar Owen wrote:
 
  On Wednesday, August 31, 2011 01:33:31 PM Always Learning wrote:
   Rather than being a willing or passive victim to 100% of the attacks, I
   aim to reduce the penetrability of most of them.
 
Still useless: it is not the attacks that you know about and that show
themselves as errors in your logs (and filter from the log, that is the
only gain), but those where you have a real security hole that you have
to worry about. And those will be exploited from one of the many other
bots in the hackers botnet. 
An empty log may give you a nice feeling of security, but it is false...
A lot of work, but very little if any gain.
Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] nfsv4 and kerberos - fails to mount

[Louis Lagendijk]

On Mon, 2011-07-25 at 12:58 -0400, Rob Kampen wrote:
 Rob Kampen wrote:
   On 07/19/2011 04:43 PM, Olaf Mueller wrote:
  Rob Kampen wrote:
 
  Hello,
 
  nfs4 with kerberos works fine here on CentOS 5.6.
 
  change exports to
  [...]gss/krb([...]
  [...]gss/krb([...]
  My /etc/exports says '... gss/krb5(...'.
  Got this already
  And 'SECURE_NFS=yes' is set in /etc/sysconfig/nfs.
  This too is set
  All needed services are running?
  - rpcsvcgssd (server)
  - rpcidmapd (server)
  - rpcgssd (client)
  Yes all running
  A very good instruction, in my opinion, to get it running is
  http://sadiquepp.blogspot.com/2009/02/how-to-configure-nfsv4-with-kerberos-in.html.
   
 
  This was one of the ones I used - will start from the beginning again.
  Thanks for comments
 
  regards
  Olaf
 I have put the nfs4 with Kerberos on hold as it seems there may be a 
 problem with the basic kerberos install.
Probably an issue with your keytab. the link above cotains some hints:

1) you need to add an nfs (not host!) principal and 
2) use ktadd -e des-cbc-crc:normal
Add only the des-cbc-crc:normal key, not one of the others as (at least
in the past, I have not checked later kernels like the one in centos 6)
to see if this is still applies. In order to allow the des key to work
you need the following in /etc/krb5.conf (in the libdefaults section):
allow_weak_crypto = true
With these settings nfs mounting works for me, but see my comments below
first, before you try to mount a nfs file system

 /usr/kerberos/sbin/kprop: Decrypt integrity check failed while getting 
 initial ticket
With the keytab you showed, first try a kinit for a user. does that
succeed? What does a klist show after this?
This way you can check the ticket generation. Only when that succeeds
try the nfs mount

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] mounting a CentOS 5.5-based NFS partitions from a Mac OS X machine

[Louis Lagendijk]

On Tue, 2011-07-05 at 22:13 -0400, Tom H wrote:
 On Tue, Jul 5, 2011 at 1:11 PM, Rob Kampen rkam...@kampensonline.com wrote:
  Boris Epstein wrote:
 
  Is the OS X firewall blocking nfs?
 
  How are you mounting the export? If you're not trying it from within
  Terminal, does it work from within it?
 
  The OS X firewall dos not appear to be a factor. Actually it works
  just fine when I turn off the firewall on the CentOS end.
 
  Could it be that even when I am trying to mount over the TCP the NFS
  client on the Mac OS X side still tried to connect to some UDP port? I
  am asking that because everyone else mounts just fine with the
  firewall up on the server end.
 
  As I recall OS X only does NFS via TCP - other clients can use UDP - make
  sure your CentOS firewall has the TCP ports open.
 
 OS X does use TCP but I've just run tcpdump on an F15 VM while
 mounting and unmounting an NFS share from my Mac. Both the mount and
 umount result in four UDP packets, two to the portmapper and two to
 random ports.
 
 I don't have time to experiment further right now but perhaps opening
 up 111 UDP will allow your Macs to mount the NFS shares.

NFSv3 uses the nfs port (TCP or UDP), portmapper (UDP) and some random
UDP ports for quota, lockd, mount, and statd. These random ports can be
fixed by setting them in /etc/sysconfig/nfs. They are normally commented
out, but uncommenting them (and setting them to different values if so
required) will fix them so you can firewall them.

Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SOLVED (was Re: Unable to mount Centos 5.6 Server via nfs4 - Operation Not Permitted - MADNESS!

[Louis Lagendijk]

On Fri, 2011-06-03 at 23:49 -0400, RILINDO FOSTER wrote:
 Okay, it took a few minutes, but I figure it out.  Seems that Scientific 
 Linux eems to regress a bit in this area. 
 
 With Centos, you need to bind like so:
 
 /home/share   /exports/share  nonebind0 0
 /home/vhosts  /exports/vhosts nonebind0 0
 
 And then specify the options (including fsid0):
 
 in /etc/exports
 
 /exports  *(rw,fsid=0,insecure,no_subtree_check,sync,no_root_squash)
 /exports/vhosts   
 *(rw,fsid=0,insecure,no_subtree_check,sync,no_root_squash)
 /exports/share
 *(rw,fsid=0,insecure,no_subtree_check,sync,no_root_squash)
 [root@centos home]# 
This is not right AFAIK, fsid should be specified ONLY on the export
root. Search for fsid in man expports
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Unable to mount Centos 5.6 Server via nfs4 - Operation Not Permitted - MADNESS!

[Louis Lagendijk]

On Thu, 2011-06-02 at 14:01 -0400, RILINDO FOSTER wrote:
 It is actually commented out in SL6.
 
 
 On Jun 2, 2011, at 11:56 AM, Tom H wrote:
 
  On Mon, May 30, 2011 at 10:53 PM, RILINDO FOSTER rili...@me.com wrote:
  On May 30, 2011, at 10:29 PM, Tom H wrote:
  
  Are the values of Domain in /etc/idmapd.conf the same on the
  client and the server?
  
  FYI: For nfsv4, there's no need to have any ports other than 111 and 2049.
  
  (Are you using fsid=0 as an option?)
  
Can you please show your /etc/exports? I remember that in Fedora some
changes were made which probably included in RHEL6 as well that made
fsid superfluous. Here is mine in case it helps you:
/export  gss/krb5(fsid=0,sync,insecure,no_subtree_check,no_root_squash)
/export/home1
gss/krb5(rw,nohide,sync,insecure,no_subtree_check,no_root_squash)
/export/home2
gss/krb5(rw,nohide,sync,insecure,no_subtree_check,no_root_squash)

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)

[Louis Lagendijk]

On Mon, 2011-05-16 at 19:40 +0100, Janne TH. Nyman wrote:
 Who cares? I find it amazing that these guys still keep on building and
 providing considering how their users treat them.
 
 Team CentOS, keep your heads up. For me, you are still the best thing
 that happened since sliced bread.
 
 Come on, community, where is your love?
 
 My 2 pence,
 
 Janne Janski AKA JNixus Nyman
 Founder of Newman IT Solutions Ltd
 
+1


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)

[Louis Lagendijk]

On Thu, 2011-05-12 at 09:49 -0400, Rob Kampen wrote:

  It does not seem to matter what we try to do,  what we get is petty
  comments about how nothing changes.  Nothing could be further from the
  truth.
 
Johnny, don't let this type of comment upset you as:

 Please note there is a largely silent majority that appreciates very 
 much what the team does, is doing to improve and listening to suggestions
 Keep up the great work - Thanks

+1
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 5.5 and Canon PIXMA 7600 multifunction printer/scanner/fax

[Louis Lagendijk]

On Mon, 2011-03-21 at 16:25 -0400, Boris Epstein wrote:
 Hello listmates,
 
 xsane on Ubuntu 10 finds that Canon PIXMA via the web and seems to be
 able to make use of it without a glitch. However, Centos machines
 sitting on the same net fail to find it. Does anybody know why?
Ubuntu probably has a newer version of Sane that includes the bjnp
network support. If i remember correctly my bjnp support was added in
sane 1.0.19 (may have been 1.0.20). If you really need it, just rebuild
a recent Fedora sane. Printing should work if you use the cups-bjnp
package from EPEL if you can find a working printer driver. If needed, I
can provide you a rebuilt sane-backends(-libs) (ok, done, see
www.fazant.net/sane). I quickly hacked the Fedora spec file (removed the
dep on i4l-devel and changed the version-ed dependency on udev to an
unversioned one).It works on my MP980, the replacement for the MP970
which I used to develop the network support for Canon scanners.
I am not sure that the hack for udev is correct, but you don't need udev
for the Canon network support. Don't complain if you have problems with
USB or other scanners though ;-) 

Louis

 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Dual or quad fast ethernet NICs (that work with CentOS)

[Louis Lagendijk]

On Fri, 2010-12-31 at 16:32 -0600, Jeff Hefner wrote:
 I can vouch for the Sun Quad Fast Ethernet (PCI) cards. Quite a while
 back a few co-workers and I had split a small lot of them from eBay
 the broke down to roughly 8 or 9 bucks with shipping. Everyone had
 good luck with whatever they ended up being used for (mostly
 firewalls).
 
 jeff
 
Hm, I used one in the past, but had problems with Centos 5 C86_64:
https://bugzilla.kernel.org/show_bug.cgi?id=10790 which is still not
solved I believe (but see the BZ for a possible patch).
I don't use it anymore as I need less ethernot ports as I now have a
VLAN capable swith

Louis

 On Fri, Dec 31, 2010 at 4:00 PM, Lamar Owen lo...@pari.edu wrote:
  On Tuesday, December 28, 2010 07:13:22 am robert mena wrote:
  I am looking for dual or quad fast ethernet NICs that work with CentOS.
   There is no need for high performance so regular fast/pci is ok.
 
  I have in a firewall box here a quad fastethernet board; lspci shows:
  01:09.0 PCI bridge: Digital Equipment Corporation DECchip 21152 (rev 03)
  02:04.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 
  (rev 41)
  02:05.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 
  (rev 41)
  02:06.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 
  (rev 41)
  02:07.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 
  (rev 41)
 
  This uses the 'tulip' driver, very common, and good performance.
 
  I have another one, but this one uses the 21140 instead of the 21142.  
  Still the tulip driver. Part number on it is 'COM-0040-50' or 
  123400-21-998, googling gives me that it's a Sun partit's 32-bit PCI.
 
  The older Sun Quad Fast Ethernet (PCI) should also work fine; uses sunhme 
  driver, IIRC, which is in the vanilla C5 kernel (I just checked the latest 
  updated kernel; should be in all of them).  The ones I found on eBay 
  (starting at the high price of $9.99 free shipping) are 64-bit, but should 
  work fine in a 32-bit slot, just slower.
 
  Also, I have in hand a couple of dual-port boards made by Intel; Pro/100+ 
  Dual, part 711269-004; has two 82558B controllers and an Intel-sourced 
  21152 bridge (32-bit PCI).  I have one of these in a CentOS 3 box, and it 
  works fine.
  ___
  CentOS mailing list
  CentOS@centos.org
  http://lists.centos.org/mailman/listinfo/centos
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Addressing outgoing connections to a specific interface

[Louis Lagendijk]

On Sat, 2010-11-06 at 17:19 -0400, Bob McConnell wrote:

 
 So what you need is a way to insert a router between your software and 
 one of your devices with the duplicated address. That router would then 
 translate the addresses in one of those subnets into a unique address 
 that won't conflict with the other. Personally, I would probably use a 
 VM with FreeBSD and/or m0n0wall.
 
 But I still wonder if you are unique in finding this address collision, 
 or do others also have the same problem? If it is widespread, then it 
 should be solved by the people managing those devices.
See http://shorewall.net/netmap.html
Shorewall firewall alows one to remap addresses.
regards, Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Windows 2003 AD, Winbind, Kerberos and NFSv4

[Louis Lagendijk]

On Fri, 2010-07-02 at 11:27 -0700, James A. Peltier wrote:
 Hi All,

 To support NFSv4 with Kerberos security, we also need to generate service 
 principal for NFS:
 
 [r...@aconite ~]# net -U administrator ads keytab add nfs
 
 which then looks like this
 
 [r...@aconite ~]# klist -k
 Keytab name: FILE:/etc/krb5.keytab
 KVNO Principal
  
 --
 3 host/aconite.my.ad.n...@my.ad.name
 3 host/aconite.my.ad.n...@my.ad.name
 3 host/aconite.my.ad.n...@my.ad.name
 3 host/acon...@my.ad.name
 3 host/acon...@my.ad.name
 3 host/acon...@my.ad.name
 3 aconi...@my.ad.name
 3 aconi...@my.ad.name
 3 aconi...@my.ad.name
 3 nfs/aconite.my.ad.n...@my.ad.name
 3 nfs/aconite.my.ad.n...@my.ad.name
 3 nfs/aconite.my.ad.n...@my.ad.name
 3 nfs/acon...@my.ad.name
 3 nfs/acon...@my.ad.name
 3 nfs/acon...@my.ad.name
 
did you create the keytab on the CLIENT also?

 
 Test on the client
 
 [r...@celastrina ~]# showmount -e aconite
 Export list for aconite:
 /exports *
 [r...@celastrina ~]# mount -t nfs4 aconite:/ /mnt
 [r...@celastrina ~]# mount |grep -i nfs4
 aconite:/ on /mnt type nfs4 (rw,addr=199.60.1.84)
 [r...@celastrina ~]#
 
 So as you can see everything is now working *without* Kerberos.  However, 
 if I change the /etc/exports file on aconite to
 
 [r...@aconite ~]# cat /etc/exports
 /exportsgss/krb5(rw,fsid=0)
 [r...@aconite ~]# exportfs
 /exportsgss/krb5
 
 
 and then try to mount with the -o sec=krb5 on the client
 
is rpc.gssd running on the client?
rpc.svc.gssd on the server?

 [r...@celastrina ~]# mount -t nfs4 -o sec=krb5 aconite:/ /mnt
 mount.nfs4: Permission denied
 
 and the entry in /var/log/messages on celastrina is
 
 Jul  2 11:21:57 celastrina rpc.gssd[3302]: Using keytab file 
 '/etc/krb5.keytab'
 Jul  2 11:21:57 celastrina rpc.gssd[3302]: WARNING: Failed to obtain 
 machine credentials for connection to server aconite.my.ad.name
 
 nothing appears in the logs on aconite.
 
so you most likely do not have a keytab on the client.

Using kerberos is not simple

Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4

[Louis Lagendijk]

On Tue, 2010-05-25 at 17:24 -0500, Les Mikesell wrote:
 On 5/25/2010 5:09 PM, Whit Blauvelt wrote:
  On Tue, May 25, 2010 at 06:05:34PM -0400, Whit Blauvelt wrote:
 
  where smb is RH's version and /etc/init.d/smb is Cent's. I can't quite
  imagine that a difference between overwriting or appending path.txt is at
  the root of what I'm seeing though.
 
  Correction: that wasn't a virgin version of Cent's. More in a moment.
 
 Try changing:
 daemon smbd $SMBDOPTIONS
 to
   strace -f smbd $SMBDOPTIONS
 and run it in the way that fails.  If there's not enough left on the 
 screen to see why it died, try
   strace -f smbd $SMBOPTION 2/tmp/smblog
 and look at the file reading backwards to find a fatal error.
 
 I'm still very curious about why it would work when run with 'sh'.
 
Maybe try an ls -alZ fopr both sh and bash. There may be a suble
difference there. If selinux gets in the way for one but not the other
there may be something fishy with the selinux settings of the shell (or
the /etc/init.d/samba file)
Louis 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4

[Louis Lagendijk]

On Fri, 2010-05-21 at 13:00 -0400, Whit Blauvelt wrote:
 On Fri, May 21, 2010 at 11:54:26AM -0400, Ross Walker wrote:
 
  # sh -x script start
 
 The problem with debugging it like that is that when started with sh,
 there's no bug.
how about adding a set -x as the first line after the #!/bin/whatever
line to get a debug on screen?
I don't buy the hardware error as the fault is 100% reproducible. 



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4

[Louis Lagendijk]

On Fri, 2010-05-21 at 15:01 -0400, Whit Blauvelt wrote:
 On Fri, May 21, 2010 at 02:36:30PM -0400, Whit Blauvelt wrote:
 
  Here's the path seen within the init.d/smb script (from an inserted echo 
  $PATH  file):
  
  /sbin:/usr/sbin:/bin:/usr/bin
 
 And if I set that path in a console session, smbd still works when called
 directly:
 
 # export PATH=/sbin:/usr/sbin:/bin:/usr/bin
 
 # ps aux | grep smb
 root  6449  0.0  0.0  61148   732 pts/1S+   14:58   0:00 grep smb
 
 # smbd -D
 _
Strange. 
A few more things to try:
Add a 
ulimit -a 
just before the daemon smbd line
and try again with the set -x line in place.

What is the output of
ls -alZ /bin/*sh 

Clean /var/log/samba/
and restart it. Any information in there?

I deleted some of your older mail, so I kind of lost the history
Was there a way you could force smbd to fail from a direct call from the
command line? If so, could you try to start it with a -F instead of -D.
Does it start then? If not, replace the -D in the SMBDOPTIONS
in /etc/sysconfig/samba with the -F and see what happens.You may also
want to add a -S there, so you do not rely on the logfile (-S logs to
stdout). Also increase loglevel in the smb.conf file to some higher
value than 1 (or again add a -d x in SMBDOPTIONS
the /etc/sysconfig/samba file
Please note that with the -F the script will not continue, so keep
another terminal open, just in case

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] College student printer for CentOS 5.4 x86_64?

[Louis Lagendijk]

On Sat, 2009-12-19 at 18:42 -0800, MHR wrote:

 
 Yeah, those are the good ones.  I have a Canon i560 inkjet that my son
 likes, and it uses the BCI-3 black and BCI-6 color cartridges.  Those
 are terrific - you can use generic ink in them for refills and they
 just work and work and work (except not with Linux, as John says).
 
See http://www.openprinting.org/show_printer.cgi?recnum=Canon-i560
Gutenprint should support your printer

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] College student printer for CentOS 5.4 x86_64?

[Louis Lagendijk]

On Fri, 2009-12-18 at 20:20 -0500, David McGuffey wrote:
 Oldest son came back from college and wants a printer for his Dell
 laptop.  I built it with CentOS 5.3 x86_64 several months ago and will
 upgrade it to 5.4
 
 The Cannon printer he now has (bought with the laptop and Vista through
 the university book store), doesn't seem to have linux drivers. 

what model printer is this? Did you check http://www.linuxprinting.org?
You may also want to take a look at turboprint www.turboprint.info , it
is commercial, but offer good quality drivers for a lot of printers. It
will still be cheaper than to buy a new printer

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPv6 range provisioning question

[Louis Lagendijk]

On Thu, 2009-06-11 at 10:49 -0500, Vadtec wrote:
 
  A few months back, I tried to use the network scripts to provision an 
  IPv6 range
  like can be done with IPv4. I was using CentOS 5.2 at the time and was 
  informed
  that 5.2 was broken in this regard. I have upgraded to CentOS 5.3 now and 
  I am
  trying to get IPv6 to provision an entire range of IPs, but I am still 
  getting
  the old behavior and no IPs are being provisioned.
 
I am really confused on what you want to do here. When you talk about a
RANGE what do you mean? Allocate more than one IPv6 address to a single
interface? 
If so, have a look at the IPV6ADDR_SECONDARIES clause in the link you
included. I am not sure that you can use alias interfaces for IPv6. Put
that in the ifcfg-ethx file, not in the config for the aliases
(ifcfgx:y)

  When I run service network restart, it doesn't even provision the default 
  IPv6
  GW on eth0:1, nor does eth0:1 even show up.
I don't think you can use alias interfaces for IPv6. It at least did not
work on my other (Fedora) box
IPV6ADDR_SECONDARIES on the device DOES work on Centos 5.3

  
  However, this is not provisioning an entire range as follows:
  
  eth0  Link encap:Ethernet  HWaddr 00:16:3E:70:FC:96
inet addr:***.***.***.***  Bcast:***.***.***.***  
  Mask:255.255.255.0
inet6 addr: 2001:470:103:1a::2/64 Scope:Global
inet6 addr: fe80::216:3eff:fe70:fc96/64 Scope:Link
UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
RX packets:70 errors:0 dropped:0 overruns:0 frame:0
TX packets:29 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:6738 (6.5 KiB)  TX bytes:2050 (2.0 KiB)
  
You have a single address provsioned indeed 2001:470:103:1a::2/64
with a network part of 64 bits.

  I also have a large number of unreachable routes shown on the local 
  loopback
  when I do ip -6 route show:
  unreachable ::/96 dev lo  metric 1024  error -101 mtu 16436 advmss 16376
  hoplimit 4294967295
  unreachable :::0.0.0.0/96 dev lo  metric 1024  error -101 mtu 16436 
  advmss
  16376 hoplimit 4294967295
  unreachable 2002:a00::/24 dev lo  metric 1024  error -101 mtu 16436 advmss 
  16376
  hoplimit 4294967295
  unreachable 2002:7f00::/24 dev lo  metric 1024  error -101 mtu 16436 advmss
  16376 hoplimit 4294967295
  unreachable 2002:a9fe::/32 dev lo  metric 1024  error -101 mtu 16436 advmss
  16376 hoplimit 4294967295
  unreachable 2002:ac10::/28 dev lo  metric 1024  error -101 mtu 16436 advmss
  16376 hoplimit 4294967295
  unreachable 2002:c0a8::/32 dev lo  metric 1024  error -101 mtu 16436 advmss
  16376 hoplimit 4294967295
  unreachable 2002:e000::/19 dev lo  metric 1024  error -101 mtu 16436 advmss
  16376 hoplimit 4294967295
  unreachable 3ffe:::/32 dev lo  metric 1024  error -101 mtu 16436 advmss
  16376 hoplimit 4294967295
  
Nothing to worry abouot. I have that too:

[r...@nest network-scripts]# ip -r ro sh
192.168.178.0/24 dev eth0.178  proto kernel  scope link  src
192.168.178.2 
192.168.160.0/24 dev eth0.160  proto kernel  scope link  src
192.168.160.1 
192.168.1.0/24 dev eth0.1  proto kernel  scope link  src 192.168.1.1 
192.168.159.0/24 dev eth0.159  proto kernel  scope link  src
192.168.159.1 
192.168.158.0/24 dev eth0.158  proto kernel  scope link  src
192.168.158.1 
192.168.122.0/24 dev virbr0  proto kernel  scope link  src
192.168.122.1 
169.254.0.0/16 dev eth0.178  scope link 
default via fritz.pheasant dev eth0.178 
[r...@nest network-scripts]# ip -6 ro sh
::/96 via :: dev sit0  metric 256  mtu 1480 advmss 1420 hoplimit
4294967295
unreachable ::/96 dev lo  metric 1024  error -101 mtu 16436 advmss 16376
hoplimit 4294967295
unreachable :::0.0.0.0/96 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
2001:888:10:18e::/64 via :: dev sit1  proto kernel  metric 256  mtu 1480
advmss 1420 hoplimit 4294967295
2001:888:118e:18e1::/64 dev eth0.158  proto kernel  metric 256  mtu 1500
advmss 1440 hoplimit 4294967295
2001:888:118e:18e2::/64 dev eth0.159  proto kernel  metric 256  mtu 1500
advmss 1440 hoplimit 4294967295
2001:888:118e:18e3::/64 dev eth0.160  proto kernel  metric 256  mtu 1500
advmss 1440 hoplimit 4294967295
2001:888:118e:18e4::/64 dev eth0.178  proto kernel  metric 256  mtu 1500
advmss 1440 hoplimit 4294967295
unreachable 2002:a00::/24 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
unreachable 2002:7f00::/24 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
unreachable 2002:a9fe::/32 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
unreachable 2002:ac10::/28 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
unreachable 2002:c0a8::/32 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
unreachable 2002:e000::/19 dev lo  metric 1024  error -101 mtu 16436
advmss 16376 hoplimit 4294967295
unreachable 

Re: [CentOS] IPv6 range provisioning question

[Louis Lagendijk]

On Thu, 2009-06-11 at 14:46 -0500, Vadtec wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 Ok, firstly, I have dropped using the alias notation and am now working solely
 on eth0.
 
 Secondly, yes, I am talking about provisioning more than *one* IP at a time as
 being a range.
 
 As for IPV6ADDR_SECONDARIES, when I use the following config:
 /etc/sysconfig/network-scripts/ifcfg-eth0:
 DEVICE=eth0
 IPADDR=***.***.***.***
 NETMASK=255.255.255.0
 BROADCAST=***.***.***.***
 ONBOOT=yes
 
 IPV6INIT=yes
 IPV6ADDR=2001:0470:0103:001A::2/64
 IPV6ADDR_SECONDARIES=2001:0470:0103:001A::3-2001:0470:0103:001A::
 IPV6_AUTOCONF=no
 IPV6_ROUTER=no
 IPV6FORWARDING=no
 PEERDNS=no
 VLAN=no
 
 I get the following error:
 
 Shutting down interface eth0:  [  OK  ]
 Shutting down loopback interface:  [  OK  ]
 Bringing up loopback interface:  [  OK  ]
 Bringing up interface eth0:  ERROR: [ipv6_test_ipv6_addr_valid] Given IPv6
 address '2001:0470:0103:001A::3-' is not valid
 WARN : [ipv6_add_route] 'No route to host' adding route '::/0' via gateway
 '2001:0470:0103:001A::1' through device 'eth0'
the file /usr/share/doc/initscripts-8.45.25/sysconfig.txt does NOT
mention the - for ranges either, so I guess you are out of luck. 
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPv6 range provisioning question

[Louis Lagendijk]

On Wed, 2009-06-10 at 13:08 -0500, Vadtec wrote:
 -BEGIN PGP SIGNED MESSAGE-
 Hash: SHA1
 
 A few months back, I tried to use the network scripts to provision an IPv6 
 range
 like can be done with IPv4. I was using CentOS 5.2 at the time and was 
 informed
 that 5.2 was broken in this regard. I have upgraded to CentOS 5.3 now and I am
 trying to get IPv6 to provision an entire range of IPs, but I am still getting
 the old behavior and no IPs are being provisioned.
 
 I have been following the docs provided by the link in the
 /etc/sysconfig/network-scripts/ifup-ipv6 at
 http://www.deepspace6.net/projects/initscripts-ipv6.html#id2801589 and using 
 the
 following configs:
 
 /etc/sysconfig/network
 NETWORKING=yes
 GATEWAY=***.***.***.***
 GATEWAYDEV=eth0
 HOSTNAME=vadtec
 
 NETWORKING_IPV6=yes
 IPV6FORWARDING=no
 IPV6_AUTOCONF=no
 IPV6_AUTOTUNNEL=no
 IPV6_DEFAULTDEV=eth0:1
 IPV6_DEFAULTGW=2001:0470:0103:001A::1
 
 /etc/sysconfig/network-scripts/ifcfg-eth0-1
Why do you need an alias device here? Put the ipv6 config on the eth0
device,and add the configuration to the ifcfg-eth0 file

 DEVICE=eth0:1
 IPV6INIT=yes
 IPV6ADDR=2001:0470:0103:001A:0001::::/96
You are allocating a /96 with all 0 in the last 32 bits. So you are not
allocating an address. Why a /96? Using a /64 is pretty much the
standard for ipv6. 

 IPV6_AUTOCONF=no
 IPV6_ROUTER=no
 IPV6FORWARDING=no
 ONBOOT=no
 
 When I run service network restart, it doesn't even provision the default IPv6
 GW on eth0:1, nor does eth0:1 even show up.
I must admit I never tried an v6 address on an alias, so I have no clue
whether it works or not. But you can have both v4 and v6 addresses next
to each other on the eth0 device
 
 If I run tail /var/log/boot.log, boot.log is empty. If I run tail
 /var/log/messages, I see varying amounts of:
 
 Jun 10 11:42:14 localhost kernel: [208192.884652] eth0: duplicate address 
 detected!
 
Probably due to the all 0 in the part AFTER the /96
 I see no other errors or messages saying anything is wrong or otherwise.
Autoconfiguration is the way to go if you want to make it easy. On my
server I set the addresses manually like
DEVICE=eth0.159
ONBOOT=yes
BOOTPROTO=none
NETMASK=255.255.255.0
HWADDR=00:1a:92:d6:99:91
IPADDR=192.168.159.1
#GATEWAY=192.168.178.1
TYPE=Ethernet
USERCTL=no
IPV6INIT=yes
IPV6FORWARDING=yes
# v6 address changed to protect the innocent
IPV6ADDR=2001:888:118e:18a2::1/64
PEERDNS=no
VLAN=yes
Please not that I am using vlans, hence the .159 on the eth0. Normally
you do not need that and you leave the VLAN=yes off.
Please note the ::1 at the end of the address.
I use radvd on that machine (so here I need to set fixed v6 addresses),
but the clients do not neede that:

DEVICE=eth0
BOOTPROTO=none
DNS1=192.168.159.1
IPADDR=192.168.159.3
NETMASK=255.255.255.0
HWADDR=00:11:d8:be:98:fa
ONBOOT=yes
SEARCH=pheasant
USERCTL=no
PEERDNS=no
IPV6INIT=yes
NM_CONTROLLED=yes
GATEWAY=192.168.159.1
TYPE=Ethernet

Here the address is set depending on the (/64) prefix received from the
radvd server.

kind regards, Louis










___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Cannot get LD_LIBRARY_PATH to work under NX (freenx)

[Louis Lagendijk]

On Mon, 2009-06-08 at 21:04 +0200, Andrzej Szymanski wrote:

 Thanks for a fast resolution.
 
 However, moving this to .bashrc is a workaround. If I log in graphically 
 to the console the LD_LIBRARY_PATH from .bash_profile is set correctly. 
 It is unset only on NX session (and the other settings from 
 .bash_profile are set properly, so this file is definitely parsed during 
 nx session startup).
As suggested before some terminals do not run as login-shell.
Gnome-terminal has an option (under edit- profile preferences - title
and command that allows you to change this behaviour: Run command as
login shell. You may want to check your terminal program for a similar
setting
Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] fetchmail SSL protoco; issue

[Louis Lagendijk]

I am using fetchmail to collect mail from some secondary mail accounts,
among which is hotmail.
So far I have used hotwayd to fetch the mail from hotmail using
httpmail. Hotmail now supports pop3 access, so I decided to change
fetchnail to fetch the mail directly over pop3.

This works, but whatever I try, I get an error message when I run
fetchmail:

Invalid SSL protocol 'SSLv23' specified, using default (SSLv23).
Invalid SSL protocol '' specified, using default (SSLv23).

The relevant part of my .fetchmailrc is included below (userids and
password changed for privacy reasons :-)

poll pop3.live.com port 995 proto pop3
user xx...@hotmail.com password yy no keep ssl sslproto ssl23
fetchall to myuserid

The error message remains almost the same when I remove the sslproto
option, only the second line is printed

My mail is correctly fetched however. 
For gmail I use the same setup, but do not get any errors there.
Anybody got this working WITHOUT error messages? What am I doing wrong?

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Intermittent NFS problems with NetApp server

[Louis Lagendijk]

On Wed, 2009-03-11 at 17:23 -0400, Alfred von Campe wrote:

 
# sysctl net.ipv4.tcp_mem
net.ipv4.tcp_mem = 98304131072  196608
# sysctl net.ipv4.tcp_rmem
net.ipv4.tcp_rmem = 409687380   4194304
# sysctl net.ipv4.tcp_wmem
net.ipv4.tcp_wmem = 409616384   4194304
 
 So these seem fine to me (i.e., the max is greater than 32768).  Is  
 there an NFS (as opposed to TCP) setting I should be tweaking?  Any  
 ideas why the NetApp is issuing those warnings?  Any other  
 suggestions on how to debug this problem?
 
man nfs
man mount.nfs
cat /proc/mounts

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPv6 under Centos?

[Louis Lagendijk]

On Tue, 2009-03-10 at 10:25 -0400, Robert Moskowitz wrote:
 Timothy Murphy wrote:
  I wonder if anyone is running IPv6 under Centos-5.2?

 
 YES!!! On some systems it is strictly IPv6. IPv4 only on lo loopback.
 
Running IPv4 + IPv6 hereBut see below...
  Particularly with shorewall?

 
 NO!!!
yes, but see below.
 
  I see that shorewall6 is specifically designed for updating shorewall
  to IPv6, as described in http://www.shorewall.net/IPv6Support.html.
 
  Unfortunately, this explicity requires kernel 2.6.25 or later,
  and iptables 1.4.0 or later,
  both of which are later than any versions I've seen on a Centos repository.

 
 Tom was rather explicit about why we will NOT see Shorewall6 with Centos 
 and the 2.6.18 kernel:
 
 2.6.18 doesn't support stateful IPv6 firewalling at all!
 
 
 I think that says it. You want stateful IPv6 firewalling, then you will 
 get a newer kernel which means most likely Centos 6.0...
  I'm wondering how safe it would be to install Fedora versions
  of the required kernel and iptables?

 
 I seem to recall kernel discussions here on this list and why this is a 
 VERY bad idea.
 
It is definitively NOT recommended.If it breaks you get to keep all the
pieces That being said, I really wanted to have some ipv6 firewall
on my Centos box. At first I thought of running a Fedora VM in Xen. I
ran into some issues with my Sun quad fast ethernet card. So in the end
I compiled an RPM from the stock kernel and  compiled some RPMs myself
from Fedora RPMs:
iptables
iptables-ipv6
lmsensors
I am not sure that this is the complete list of kernel dependent rpms
that are needed. It can be done when you compile your own stuff, but is
definitely NOT recommended. If you want to go this route you will need a
pretty good background on compiling your own RPMs etc.

Running Fedora kernels is still more tricky: there are way too many
dependencies. Don't even try

  Or is there any alternative to shorewall that is IPv6 compatible?
  I don't really want to run iptables directly, unless forced to do so,
  as I have found shorewall very reliable and simple to configure.

 
 What I am working on is a FC9 system with shorewall6, then doing a 
 ip6tables -L and copying those rules that do not require stateful 
 firewalling...
 
If you do not use a kernel that has statefull ipv6 firealling I would
recommend 6wall. This is a pretty old shorewall-shell derived package
that does ipv6 fire walling. The syntax should be familiar to old
shorewall users. It does however not offer macros or actions. 
And you will have to write rules for incoming and outgoing traffic
separately. Something like:
ACCEPT  all all tcp domain
ACCEPT  all all tcp -   domain


It is still probably easier to use 6wall than porting just the
shorewall6 generated ip6tables rules. 

I am personally considering  going back to running the firewall in a
Fedora VM now that I have a managed vlan capable swith. Simply being
able to update using yum is so much easier and more reliable. 

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Memory vs. Display Card

[Louis Lagendijk]

On Sun, 2009-03-08 at 19:27 -0700, John R Pierce wrote:
 Rick wrote:
  In article 20090308031754.ga11...@bludgeon.org,
  Ray Van Dolson  centos@centos.org wrote:
 

  That sounds pretty strange.  Have you confirmed that removing the new
  memory allows you to run in runlevel 5 again?
  
 
  Yes, that's how I'm running right now.

 
 now, try taking out the OLD memory and putting in just the NEW memory.  
 see how it runs that way.   if this works, try with the new 4GB as the 0 
 bank, and the old 2GB as the 1 bank.
 
 also, in the BIOS, check the memory timings, I'd leave them all on 
 'automatic' or 'default' or whatever the limited choices are in the 
 Intel BIOS, trying to squeeze an extra clock out of CAS or whatever 
 doesn't really help much under the best of conditions and it can 
 destabilize a system under suboptimal conditions.  
 
When you use 4 banks of memory, some boards require slower settings.
Tweaking the voltage may help there I guess, but I would opt for the
slower settings. I recall that my BIOS chose a slower memory setting
when I added 4G to my small server at home that already had 2G That
system has been rock stable (except for my Sun quad ethernet that had
problems with the Xen kernel due to MMIO issues. I solved that by
ditching the Sun card and using a vlan capable switch with vlan trunking
so that I no longer need so may ethernet interfaces)

Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mail delivery failing with 450

[Louis Lagendijk]

hi James
there is a MX recond for mail.obrien-pifer.com, not for
obrien-pifer.com:
bash-3.2$ dig obrien-pifer.com any

;  DiG 9.5.1-P1-RedHat-9.5.1-1.P1.fc10  obrien-pifer.com any
;; global options:  printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 10894
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;obrien-pifer.com.  IN  ANY

;; ANSWER SECTION:
obrien-pifer.com.   36647   IN  A   70.62.90.185
obrien-pifer.com.   36647   IN  NS  porky.obrien-pifer.com.
obrien-pifer.com.   36647   IN  NS  sammy.obrien-pifer.com.
obrien-pifer.com.   36647   IN  NS  ns1.obrien-pifer.com.
obrien-pifer.com.   36647   IN  NS  ns2.obrien-pifer.com.

;; AUTHORITY SECTION:
obrien-pifer.com.   36647   IN  NS  ns2.obrien-pifer.com.
obrien-pifer.com.   36647   IN  NS  porky.obrien-pifer.com.
obrien-pifer.com.   36647   IN  NS  sammy.obrien-pifer.com.
obrien-pifer.com.   36647   IN  NS  ns1.obrien-pifer.com.

;; ADDITIONAL SECTION:
ns1.obrien-pifer.com.   36647   IN  A   70.62.90.185
ns2.obrien-pifer.com.   36647   IN  A   70.62.90.185
porky.obrien-pifer.com. 36647   IN  A   70.62.90.185
sammy.obrien-pifer.com. 36647   IN  A   70.62.90.185

;; Query time: 3 msec
;; SERVER: 192.168.159.1#53(192.168.159.1)
;; WHEN: Sat Mar  7 13:53:39 2009
;; MSG SIZE  rcvd: 246

bash-3.2$ dig mail.obrien-pifer.com any

;  DiG 9.5.1-P1-RedHat-9.5.1-1.P1.fc10  mail.obrien-pifer.com
any
;; global options:  printcmd
;; Got answer:
;; -HEADER- opcode: QUERY, status: NOERROR, id: 31815
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4

;; QUESTION SECTION:
;mail.obrien-pifer.com. IN  ANY

;; ANSWER SECTION:
mail.obrien-pifer.com.  38400   IN  MX  1 70.62.90.185.obrien-pifer.com.

;; AUTHORITY SECTION:
obrien-pifer.com.   36592   IN  NS  ns1.obrien-pifer.com.
obrien-pifer.com.   36592   IN  NS  ns2.obrien-pifer.com.
obrien-pifer.com.   36592   IN  NS  porky.obrien-pifer.com.
obrien-pifer.com.   36592   IN  NS  sammy.obrien-pifer.com.

;; ADDITIONAL SECTION:
ns1.obrien-pifer.com.   36592   IN  A   70.62.90.185
ns2.obrien-pifer.com.   36592   IN  A   70.62.90.185
porky.obrien-pifer.com. 36592   IN  A   70.62.90.185
sammy.obrien-pifer.com. 36592   IN  A   70.62.90.185

;; Query time: 140 msec
;; SERVER: 192.168.159.1#53(192.168.159.1)
;; WHEN: Sat Mar  7 13:54:34 2009
;; MSG SIZE  rcvd: 208

bash-3.2$ 

Br, Louis

On Sat, 2009-03-07 at 08:18 -0500, James Pifer wrote:
 I'm not sure why this started, but apparently I'm having a DNS problem.
 Yesterday mail started bouncing with this error:
 450 Unable to find obrien-pifer.com
 
 I think the messages eventually get delivered, but not sure. I guess
 I'll see if this one makes the list. 
 
 I checked my domain using http://www.checkdns.net/ and it gives me a
 couple warnings. One is that there's no MX record, but there is. 
 
 I use a smarthost for sending mail. 
 
 My DNS records are: http://www.obrien-pifer.com/mydns.txt
 
 Anyone see any problems in my DNS records?
 
 Thanks,
 James
 
 
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Miredo 1.1.5

[Louis Lagendijk]

On Wed, 2008-12-10 at 13:33 -0500, Robert Moskowitz wrote:
 I found a src.rpm for 1.1.5-1 for fc8 (not rh8!).  I was able to rebuild 
 it on my Centos build system.
 
 The rpms are identified as 1.1.5-1.i386.rpm, no el5 or other
 identification was placed in the files.  I don't see how to control this 
 when you rebuild from an existing src.rpm.  Interestingly the fc8 
 designation was lost.
 
 I also rebuild it on my fc10 system.  It worked, and the rpms have fc10
 in their names.
 
 Don't know how well they will work.  I will be trying them over the next
 couple weeks.  If anyone wants a copy, let me know
 
If you want the el5 in the name, a file  /etc/rpm/macros.dist with the
following content:

 # dist macros.

%rhel   5
%dist   .el5
%el51

Louis


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Config for NFSv4 an Kerberos on CentOS 5.1

[Louis Lagendijk]

On Thu, 2008-05-29 at 15:34 +0200, Sebastian Marten wrote:
 Hi list,
 Is it possible to set up an NFSv4/Kerberos environment on CentOS 5.1?
 I set up Kerberos and NFS but get several erros
 
 Warning: rpc.gssd appears not to be running.
 mount.nfs4: Permission denied
Yes, NFS4 works with Kerberos on Centos5.
But the kernel only supports  es-cbc-crc:normal, so when you add the key
for NFS to the keytab, use: 
ktadd -e des-cbc-crc:normal -k /tmp/keytab nfs/myclient.mydomain

 
 Is this an CentOS oder an config problem?
 
config



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Remove all 3rd party rpms

[Louis Lagendijk]

On Tue, 2008-04-01 at 07:37 -0700, Michael A. Peters wrote:
 Joseph L. Casale wrote:
  How does one do this?
  
  Also, is it possible an rpm installed by rpm and not yum does not 
  indicate what it provides to yum when yum queries needed dependencies 
  for another package?
  
  Thanks!
  jlc
  
  
 
 While you have gotten an answer that works - I believe there is a 
 cleaner way.
 
 I don't remember the exact command - and it may require the installation 
 of a utilities package - but if you remove the 3rd party repositories 
 from your yum configuration, there is a command that will identify and 
 remove orphaned packages - packages which do not exist in any of the yum 
 repositories yum is configured to use.
 
 Anyone recall what that command is?

yum list extras
Louis

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] NFSv4 on CentOS 4.5

[Louis Lagendijk]

On Wed, 2007-08-15 at 19:38 -0700, Anoop Rajendra wrote:
 Hi. I'm having trouble accessing a shared directory over NFSv4 on a
 CentOS 4.5 machine.
 
 My export file reads
 
 /test   10.0.0.0/255.0.0.0(ro,async,insecure,nohide,no_subtree_check)

 
 I've also tried to include the fsid=0 argument in my /etc/exports
 file. That gives me a whole different error
fsid MUST be included on the main mount point like this:
/export
gss/krb5(fsid=0,sync,no_root_squash,insecure,no_subtree_check,anonuid=65534,anongid=65534)
/export/home1
gss/krb5(rw,nohide,sync,insecure,no_subtree_check,anonuid=65534,anongid=65534)
/export/home2
gss/krb5(rw,nohide,sync,insecure,no_subtree_check,anonuid=65534,anongid=65534)
#
# legacy mounts
# /export/home1
192.168.159.1/24(rw,sync,no_root_squash,insecure,no_subtree_check)
# /export/home2
192.168.159.1/24(rw,sync,no_root_squash,insecure,no_subtree_check)

(sorry, evolution forces extra linebreaks, after the pathnames),
so /eports is the base path, home1 and home2 the exported filesystems. I
use kerberos so I do not have the hostnames there, but the gss/krb5


 
 [EMAIL PROTECTED] ~]# mount -v -t nfs4  pebble-anoop:/test/ /mnt/
 mount: pinging: prog 13 vers 4 prot tcp port 2049
 mount: special device pebble-anoop:/test/ does not exist
 
Here is your real problem: nfs mount points are relative to the base
export point, i.e. /export in my case. If you only have /test exported,
you have to mount peobble-anop:/ not ../test!
In my case I mount server:/home1 and server:/home2


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos