Re: [CentOS] https://blog.centos.org/2020/12/future-is-centos-stream/
On Wed, 2020-12-09 at 15:13 +, Phil Perry wrote: > > If > you are able to retain kernel ABI compatibility between RHEL8 and > Stream > kernels, then we (and other OEMs) will be able to continue to > support > Stream users, otherwise Stream users will have to look to > alternative > solutions. > > Phil > Maybe offering 2 kernels in stream may solve your problem? A "latest point release" and a "rolling version"? I realize that this may cause issues with packages that really need the new kernel features ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UID/GID CentOS 6 to CentOS 7
On Thu, 2020-10-22 at 15:13 +0200, Thomas Plant wrote: > Am 22.10.2020 um 14:11 schrieb Thomas Plant: > > Hi, > > > > we are upgrading some servers from C6 to C7 with a lot of user > > accounts on them (UID>=500). > > CentOS 7 has MIN_UID/MIN_GID 1000, Centos 6 has 500 in login.defs. > > > > Can I change in /etc/login.defs MIN_UID/MIN_GID to 500 for C7? So > > I > > could just grep the users out from passwd/shadow/group files and > > append them to the Centos7 passwd/shadow/group files. > > Can this do any damage to CentOS7 later on? Thinking about > > updates > > > > Thanks, > > Thomas > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos > > Thanks, for the hints. > > Think I will go the lazy way and adapt login.defs. ;-) > > Greetings, > Thomas > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > You better don't do that: when I looked at one of my C8 boxes there were many services that require a system account (but not a global fixed one) were allocated from the top of the 500-999 range. Bite the bullet and change user accounts. to start from 1000. Especially when using NFS this may otherwise come back and bite you ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Simple scan in CentOS 7
On Mon, 2020-06-15 at 16:28 -0400, H wrote: > I just installed C7 on a new computer and despite Simple Scan being > installed as part of C7, I have not been able to get it to recognize > my Canon scanner connected to a USB port. I did have it running on > another computer with C7 so there should not be any inherent issues. > > On a lark I installed gscan2pdf and sane-backends-drivers-scanners > and sane-find-scanner found it: > > found USB scanner (vendor=0x04a9 [Canon], product=0x1908 [CanoScan]) > at libusb:001:010 So this is a CanoScan 9000. According to http://sane-project.org/sane-mfgs.html#Z-CANON it is supported since sane-1.0.27. Centos 78 apparently has Sane 1.0.24. So you must have downloaded a later version of Sane somewhere or compiled it yourself (not too difficult) BR, Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help needed for installing MT7601U Linux driver
On Tue, 2020-06-02 at 13:44 +0530, Harsh chopra wrote: > Hi everyone, > > My PC don't have an integrated WLAN card, so I bought an USB WIFI > device > which use the MediaTek MT7601U chip(image 'dongle.jpg'). > --- > --- > My PC specification- > OS = CentOS 7.8.2003. > Processor = AMD Ryzen 5 1600. > Mother-Board = GA-Gigabyte A320M-S2H > --- > > You don't need to compile the module yourself. Elrepo has kmod-mt7601u-4.14.108-1.el7_6.elrepo.x86_64.rpm As root: yum install elrepo-release yum install kmod-mt7601u /BR, Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 : SELinux trouble with Fail2ban
On Thu, 2020-02-27 at 02:49 -0800, Mark Milhollan wrote: > On Wed, 26 Feb 2020, Nicolas Kovacs wrote: > > > Some time ago I had SELinux problems with Fail2ban. > > Unfortunately when I install [...] from EPEL, I still get the same > > error. > > EPEL packages are often crap quality (as packages), merely blind > imports > of the upstream package without any adjustments needed for the > RHEL/CentOS environment (sometimes not even for Fedora), which is > often > somewhat different than the Fedora environment which go unnoticed or > unrepaired, for years. This sounds a bit harsh. But I had my problems with fail2ban too. > > > > > This sometimes needs multiple iterations to catch all the types of > access attempted, e.g., initially it might be that read is denied, > but > later the process would want other permissions like write but which > were > never logged because of the initial read failure. > > > Any suggestions ? > > Try repeating. That either means multiple binary modules, or a text > module that you add each new audit2allow "fix", increment the > version > number, rebuild the policy and module then re-insert -- lather, > rinse, > ... A better way is to put selinux in permissive mode and then generate the policy from the alerts. This will disable the blocking so you can get all issues in one go /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] midco stealling searches, was browsers slowing Centos 7 installation to a crawl
On Tue, 2019-12-03 at 16:33 -0600, Michael Hennebry wrote: > For whatever reason, > the problem I was trying to solve seems to have gone away. > I can type in firefox's search box without midco stealing searches. > Something changed resolv.conf behind my back. > search midcoip.net > is there again. > I hadn't rebooted or changed firefox's preferences. > I'm guessing it was when I turned the connection off and on. > To be sure my joy was not tempory, I rebooted. > midco still not stealing searches. > > I wish I knew what the problem had been and what fixed it. > The search parameter in resolv.conf is not related in any way to the searches in the browser. It just defines the domain to be added to hostnames that you want to resolve. So if you do a name lookup for foo, the resolver would add midcoip.net so you get the ip-address for foo.midcoip.net if foo on its own could not be resolved. It midcoip wanted to steal your browser searches, it would have to hijack google.com, but that would not work as the browser would not connect as the https certificate wold be invalid. So you need to look at the browser settings to see what is happening there. DNS is most likely not involved. /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't login as subsequent FreeIPA users
On Mon, 2019-11-18 at 13:05 -0600, Carson Chittom wrote: > When I set up a machine with CentOS 8, I used the "Enterprise Login" > in > the initial setup wizard to authenticate against my FreeIPA server. > This worked fine, and I have no issues logging in with that initial > user. > > However, I am unable to use GDM or the console to login as any > *other* > valid user from FreeIPA. From GDM I get something like "Sorry, that > didn't work" and "Permission denied" on the console. I've verified > that > the credentials are correct, and that I am able to manually get a > ticket > via kinit for one of those other users from this machine. With > CentOS 7, I didn't have to do any additional configuration in this > regard after the initial wizard. > > Not sure whether this is a CentOS configuration issue or a FreeIPA > one, > but I figured I'd start here. I'm also not terribly familiar with > FreeIPA, so I could be missing something obvious; but this worked > without issue when the machine in question ran CentOS 7. > > Can somebody point me in the right direction? This could be home directory related. Are the home directories local or remote (NFS?). Are the home directories for the users accessible? Can the users login over ssh? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] printer only prints one page, if anything
On Wed, 2019-11-06 at 17:16 -0600, Michael Hennebry wrote: > On Wed, 6 Nov 2019, Fred Smith wrote: > > > It looks as if you downloaded the two RPMs from Brother then > > attempted > > to follow their complicated instructions for installing them. Much > > simpler is to do this: > > > > linux-brprinter-installer-2.1.1-1 is the brother printer driver > > installer I used on my HL-L2360D. > > I had tried that also, but tried it again. > before my last try, I power-cycled the printer. > This time it worked. > For some reason CUPS now shows two queue names: > HL-L2360D-series Brother HL-L2360D series localhost.localdomain > HL-L2360D HLL2360D > both Brother HL-L2360D for CUPS. > > 'Tain't as big a deal as having none, > but why does CUPS have two queue names for the printer? I dont't have any Brother printer to test ths but was the printer USB connected when you ran the setup? If so, one may be the network connection (the first entry) and the second one the same printer over USB? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 8 and Lynx
On Tue, 2019-10-01 at 09:36 -0500, Valeri Galtsev wrote: > > On 2019-10-01 08:17, david wrote: > > Folks > > > > I find the Lynx browser does not appear in any of the repositories > > used > > during default installation of Centos 8 (x86_64). Is this program > > no > > longer supported? I didn't see a reference to it in the > > notsupported list. > > Did you try to > > yum search lynx > > on installed system? If it is in one of the configured repositories, > you > will find it... > > (I have not yet installed CentOS 8 on any of our machines, so I can > only > mention what I would do). > > Thanks. > Valeri > > > David > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos Lynx is avaialble in the powerTools repo. You will probably have to enable that first /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Increase Disk Space with LVM
On Tue, 2018-07-31 at 13:31 +0200, Felix Kölzow wrote: > Dear CentOS-Community, > > we have a server with four hard drives that are configured as raid10 > (/dev/sda). > > Now, /home and /root are almost full. Therefore, we decided to buy > four > > additional hard drives that should configured also as raid 10 > (/dev/sdb). > > > I want to use LVM to extend disk space for root and home. > > My (successful) test procedure in a virtual environment looks like > this: > > > 1. devide /dev/sdb into /dev/sdb1 for root and /dev/sdb2 for home > using > parted How many volume groups do you have: I would assume only one? If so, just create a single partition and add that to the VG. lvm will take care of the rest... What does the vgs command report? Are you using a RAID controller? If not you need to create the raid array first (and the disk names may be some mdxxx instead) > 2. Convert disk to physical volume: pvcreate /dev/sdb1 > 3. add physical volume to volume group (called centos): vgextend > centos > /dev/sdb1 > 4. Allocate physical volume to a logical volume:lvextend -l > +100$FREE > /dev/centos/root Just a nitpick: This just allocates space from the VG (that got more space by adding the new disks), but if there is space in the PV on the old disk that might get allocated instead. Anyhow this looks ok, but I recommend to add the -r option, that will resize the file system in the same step > 5. resize2fs /dev/centos/root or xfs_grows /dev/centos/root > depending > on file system used See above, if you use the -r option on the lvextend this step is not needed > 6. repeat steps 2-6 for /home and sdb2 > See above: this is only required when you have more than one VG. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba HOWTO wiki bug: chcon samba_share_t
On Fri, 2018-05-04 at 14:55 -0700, Akemi Yagi wrote: > On Fri, May 4, 2018 at 2:26 PM, Warren Young> wrote: > > On May 4, 2018, at 3:03 PM, Akemi Yagi wrote: > > > > > > On Fri, May 4, 2018 at 12:03 PM, Warren Young > > > wrote: > > > > > > > >$ sudo chcon -R -t samba_share_t /path/to/share > > > > > > Updated the page as suggested. Thanks. > > > > Thanks! > > > > I now see another instance of this in section 3. Instead of > > copying the text verbatim, it should probably be: > > > > chcon -R -t samba_share_t /mnt/data > > > > …in order to match the text above it. > > Warren, > > I was just informed that the chcon command your suggested was > originally there, but it was replaced with the 2 line version > sometime > ago. The reason given was "Replace chcon by semanage/restorecon pair > to survive filesystem relabel". The comment is correct: chcon will not survive a relabel. You need to update the database first (semanage fcontext) and then let a relabel apply the new context. Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld
On Tue, 2017-12-19 at 15:05 -0800, Emmett Culley wrote: > I have two VMs, both with firewalld installed. One on machine It > this in the IN_public chain: > > Chain IN_public (2 references) > pkts bytes target prot opt > in out source destination >81 3423 IN_public_log all > -- * * 0.0.0.0/00.0.0.0/0 >81 3423 IN_public_deny all > -- * * 0.0.0.0/00.0.0.0/0 >81 3423 IN_public_allow all > -- * * 0.0.0.0/00.0.0.0/0 >79 3335 REJECT all > -- * * 0.0.0.0/00.0.0.0/0reject- > with icmp-host-prohibited > > On the other I see: > > Chain IN_public (2 references) > pkts bytes target prot opt > in out source destination > 101 4232 IN_public_log all > -- * * 0.0.0.0/00.0.0.0/0 > 101 4232 IN_public_deny all > -- * * 0.0.0.0/00.0.0.0/0 > 101 4232 IN_public_allow all > -- * * 0.0.0.0/00.0.0.0/0 > 184 ACCEPT icmp > -- * * 0.0.0.0/00.0.0.0/0 > > As might be expected, pinging the first VM fails. That is the ping > is rejected with: > > [emmett@ws1 ~]$ ping 96.92.106.4 > PING 96.92.106.4 (96.92.106.4) 56(84) bytes of data. > From 96.92.106.4 icmp_seq=1 Destination Host Prohibited > From 96.92.106.4 icmp_seq=2 Destination Host Prohibited > > And pinging the second works as expected. > > I've searche the firewalld configuration files in /usr/lib/firewalld > and /etc/firewalld and can find no reference to any icmp rule. The > two machines were cloned originally from the same VM. Why are they > different? > > How can I remove the reject-with icmp rule using firewalld. I can > remove it using "iptables -D [IN_public | FWDO_public | FWDI_public ] > 4" and I can then ping that machine. But of course the rule is > returned whenever firewalld is restarted. > > Emmett > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > What is the output off: firewall-cmd --list-all on the VMs? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] home on nfs
On Fri, 2017-10-27 at 16:21 +0200, hw wrote: > Hi, > > I have the home directory of a user on an nfs server and mount it on > a > client. When the user logs in, they end up in the root directory > rather > than in their actual home directory and need to cd into it. > > The user can read and write to their home directory, so it kinda > works > fine --- but only kinda. When the user starts emacs, some of the > settings in ~/.emacs are not applied, but the saved desktop is being > loaded. > > Both machines are running Centos 7.4. What could be wrong with the > nfs > mount? > > Are you using kerberos with NFS4 with security set to krb5? Your description sounds as if the user cannot really get to the mount ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C7, systemd, say what?!
On Wed, 2017-06-07 at 12:47 -0400, m.r...@5-cent.us wrote: > Kenneth Porter wrote: > > On 6/7/2017 8:31 AM, m.r...@5-cent.us wrote: > > > Not sure what you mean when you say "jacked up filesystem". > > > Here's > > > fstab: > > > > In systemd fstab takes care of only rudimentary mounting. Most > > mounting > > is done through *.mount unit files. Type "mount" and you'll see a > > bunch > > of other mounts that were implemented that way. Add your custom > > mounts > > by creating suitable files in /etc/systemd/system/*mount. (There's > > also > > *.automount for creating demand-based mounts.) > > > > You. Have. To. Be. Joking. WHY? Why doesn't systemd *look* at fstab > and > create what it needs on the fly? Why does it only "rudimentary > mount"? Calm down Mark. You are overreacting. Systemd does generate mount units in the fly. Check the documentation: man systemd.mount tells you more. I would not call fstab rudimentary. /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network Manager / CentOS 7 / local unbound
On Tue, 2017-04-11 at 01:40 -0700, Alice Wonder wrote: > Hello list - > > http://unix.stackexchange.com/questions/90035/how-to-set-dns-resolver > -in-fedora-using-network-manager > > That says it works for CentOS 5 and I *suspect* the methods there (3 > listed) would work, but what is the best way with NetworkManager to > set > it up to use the localhost for DNS ? > > I'm paranoid about DNS spoofing and really prefer to have a local > instance of DNSSEC enforcing unbound running on my CentOS 7 virtual > machines (e.g. linode) > > Currently I just use a cron job that runs once a minute to over- > write > was it is /etc/resolv.conf so they don't use the DHCP assigned > nameservers, but that does leave a short window every time the > network > is restarted. > > I'd like to know the proper way to set up Network Manager to just > create > > nameserver 127.0.0.1 > nameserver ::1 > > in /etc/resolv.conf > > Via google, it seems every distro approaches it differently and most > instructions I have seen involve a GUI. > > I did not see how to do it in the CentOS documentation but it might > be > there and I just did not figure out how to search it for what I > wanted. > > Those stackexchange methods look like they might work but they > reference > CentOS 5 and I know some NetworkManager stuff changed even just > between > 7.2 and 7.3 as I experienced incorrect IPv6 address after update as > a > result of those changes. > > Is there an "official" way to tell NetworkManager what I want in > /etc/resolv.conf ? Or better yet, a way to just tell it to leave > that > file alone? Use nmtui to manually configure the the interface AND nameservers. That puts the correct info in the ifcfg files. Nmtui is a curses UI. Just don't foret to specify the interface ip-address with the right netmask (e.g. 1.2.3.4/24, default seems to e a /32, I have been bitten by that a numer of times) /Louis > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Chrony vd NTP
On Sun, 2017-02-05 at 12:30 -0500, Robert Moskowitz wrote: > > On 02/05/2017 11:58 AM, J Martin Rushton wrote: > > On 05/02/17 16:15, Richard wrote: > > > > Date: Sunday, February 05, 2017 10:26:05 -0500 > > > > From: Robert Moskowitz> > > > > > > > I have read: > > > > http://thegeekdiary.com/centos-rhel-7-chrony-vs-ntp-differences > > > > -bet > > > > ween-ntpd-and-chronyd/ > > > > > > > > My server is up all the time and will serve time to internal > > > > systems (via DHCP options). > > > > > > > > Caveat is that my server is an armv7 (Cubieboard2) which does > > > > not > > > > have an RTC (no battery). So whenever the system boots, the > > > > time > > > > is ZERO (Dec 31, 1969 or some such). > > > > > > > > Chrony fixes this really fast; shortly after boot the time is > > > > good. > > > > Chrony CAN be configed as an internal time server. But chrony > > > > does > > > > not seem to step the clock for any adjustments needed. It is > > > > more > > > > important that this systems time be right all the time than to > > > > avoid clock steps. > > > > > > > > This brings me back to NTP, which normally takes hours to bring > > > > the > > > > time from ZERO to current, but keeps the time correct. > > > > > > > > So: > > > > > > > > Can Chrony check the time, say once a day? > > > > > > > > Or can NTP make a BIG time jump all at once (on system > > > > restart)? > > > > > > Where I have somewhat similar issues, I have historically used a > > > crontab "@reboot" entry to call ntpdate which gets the clock set > > > correctly. From there ntp keeps it in sync. > > > > > > This can now be accomplished with ntpd, and ntpdate is threatened > > > with depreciation/retirement. See the top of the ntpdate man page > > > for > > > more details. > > > > > > > The NTP configuration option you may be after is "tinker panic 0" > > which > > allows NTP to make big jumps as often as required. See > > ntp_misc(5). > > There is a related discussion with making VMs take big jumps at > > https://www.centos.org/forums/viewtopic.php?f=16=61186=258254#p > > 258254 > > Thanks. I will look at this. All I was seeing was to use burst and > iburst, but they would not make the really big jump needed after > boot. > > With NTP you could use the ntpdate.service as well as/ before ntpd.service. the former is supposed to set the clock once BEFORE ntpd is started. See: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_L inux/6/html/Deployment_Guide/s1-Configure_ntpdate_Servers.html Ntpdate seems to work on RHEL/Centos 7 as well... /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help with httpd userdir recovery
On Wed, 2016-12-28 at 08:20 -0500, Robert Moskowitz wrote: > > On 12/28/2016 07:35 AM, Louis Lagendijk wrote: > > Robert, > > On Wed, 2016-12-28 at 01:43 +0100, John Fawcett wrote: > > > On 12/28/2016 01:12 AM, Robert Moskowitz wrote: > > > > > > > > On 12/27/2016 07:06 PM, John Fawcett wrote: > > > > > On 12/28/2016 12:34 AM, Robert Moskowitz wrote: > > > > > > On 12/27/2016 05:44 PM, John Fawcett wrote: > > > > > > > That error should be caused by having MultiViews options > > > > > > > but > > > > > > > incorrect > > > > > > > permissions (711 instead of 755) on the directory. > > > > > > > > > > > > I just did chmod -R 755 /home/rgm/public_html and no change > > > > > > in > > > > > > behavior. > > > > > > > > > > > > Even tried chmod -R 755 /home/rgm > > > > > > > > > > Are you actually using MultiViews? If you don't need that > > > > > option, > > > > > maybe > > > > > the easiest thing is to take it out and see if the error > > > > > message > > > > > changes. > > > > > > > > I am using the default conf file for userdir. > > > > > > > > /etc/httpd/conf.d/userdir.conf > > > > > > > > So I deleted Multiviews and now the error is: > > > > > > > > [Tue Dec 27 19:09:31.013176 2016] [autoindex:error] [pid 2138] > > > > (13)Permission denied: [client 192.168.160.12:55762] AH01275: > > > > Can't > > > > open directory for index: /home/rgm/public_html/family/ > > > > > > > > > > > > > > > > > > I know this is not going to help, but that error means that > > > apache > > > does > > > not have access to read the directory > > > /home/rgm/public_html/family/. > > > That doesn't really fit with the rest of the evidence, that you > > > have > > > chmod 755 everything from /home/rgm/public_html downwards and > > > that > > > apache can read specific files from /home/rgm/public_html. > > > John > > > > but is apache allowed access to /home/rgm ? > > Try su - apache -s /bin/bash to run a shell as apache and see how > > far > > you get starting from cd /home and if that works cd /home/rgm and > > so > > on... That will check normal user permissions, but not selinux > > Command apache not known! > > All I installed, directly, for the web server was 'yum install > httpd'. > > In a single command from root: su - apache -s /bin/bash The "su -" is part of the command /Louis > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help with httpd userdir recovery
Robert, On Wed, 2016-12-28 at 01:43 +0100, John Fawcett wrote: > On 12/28/2016 01:12 AM, Robert Moskowitz wrote: > > > > > > On 12/27/2016 07:06 PM, John Fawcett wrote: > > > On 12/28/2016 12:34 AM, Robert Moskowitz wrote: > > > > > > > > On 12/27/2016 05:44 PM, John Fawcett wrote: > > > > > That error should be caused by having MultiViews options but > > > > > incorrect > > > > > permissions (711 instead of 755) on the directory. > > > > > > > > I just did chmod -R 755 /home/rgm/public_html and no change in > > > > behavior. > > > > > > > > Even tried chmod -R 755 /home/rgm > > > > > > Are you actually using MultiViews? If you don't need that option, > > > maybe > > > the easiest thing is to take it out and see if the error message > > > changes. > > > > I am using the default conf file for userdir. > > > > /etc/httpd/conf.d/userdir.conf > > > > So I deleted Multiviews and now the error is: > > > > [Tue Dec 27 19:09:31.013176 2016] [autoindex:error] [pid 2138] > > (13)Permission denied: [client 192.168.160.12:55762] AH01275: Can't > > open directory for index: /home/rgm/public_html/family/ > > > > > > > > I know this is not going to help, but that error means that apache > does > not have access to read the directory /home/rgm/public_html/family/. > That doesn't really fit with the rest of the evidence, that you have > chmod 755 everything from /home/rgm/public_html downwards and that > apache can read specific files from /home/rgm/public_html. > John but is apache allowed access to /home/rgm ? Try su - apache -s /bin/bash to run a shell as apache and see how far you get starting from cd /home and if that works cd /home/rgm and so on... That will check normal user permissions, but not selinux /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 and Kably lake: black screen
On Wed, 2016-11-16 at 16:57 +0100, Louis Lagendijk wrote: > On Mon, 2016-11-14 at 06:48 -0600, Johnny Hughes wrote: > > > > On 11/12/2016 02:39 PM, Louis Lagendijk wrote: > > > > > > > > > On Sat, 2016-11-12 at 15:34 -0500, Fred Smith wrote: > > > > > > > > > > > > On Sat, Nov 12, 2016 at 09:15:22PM +0100, Louis Lagendijk > > > > wrote: > > > > > > > > > > > > > > > > > > > > I got a new laptop as my old one died: an HP Probook 470 G4. > > > > > I installed Centos 7 1511. > > > > > The laptop has a Kaby Lake i5 CPU and an > > > > > 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev > > > > > a2). > > > > > Fedora recognizes it as a GM108M/930MX. This may give some > > > > > hints, > > > > > but > > > > > it is not that the standard kernel does not support it, this > > > > > output > > > > > comes from the 4.8.7 mainline kernel which should support > > > > > this > > > > > configuration? GM108 support was added in kernel 4.7, Kaby > > > > > lake > > > > > support > > > > > was added in 4.5... > > > > > > > > > > When I boot nothing shows up after the UEFI Grub menu: the > > > > > system > > > > > runs > > > > > but nothing is shown on the display, except for a non- > > > > > blinking > > > > > cursor > > > > > in the upper left of the screen. I tried a number of things: > > > > > - Installed the latest ml-kernel from Elrepo (4.8.7-1) > > > > > - I also tried the following on the kernel commandline: > > > > > nomodeset i915.nomodeset=0 nouveau.modeset=0 > > > > > Nothing changes the fact that there is no display. > > > > > > > > > > I had to install Centos 7 using vnc as even a text install > > > > > did > > > > > not > > > > > work > > > > > > > > > > Does anybody have some idea what the cause could be and what > > > > > to > > > > > try > > > > > next? > > > > > > > > Did you try CTRL-ALT-F2 or -F3 ? perhaps X has just died (or > > > > not > > > > been > > > > properly started), but that would get you a text-mode consosle > > > > from > > > > which to work and experiment. > > > > > > > > if that works, you could try typing "startx" (lose the quotes). > > > > which > > > > may provide informative errors. or not. > > > > > > > > YMMV > > > > > http://mirror.centos.org/altarch/7/experimental/x86_64/>; > > > > > > > > > > Thanks for your response, but... > > > No, tried it, but that did not work either unfortunately. > > > > > > > If you still have the machine available, try using the experimental > > kernel: > > > > http://mirror.centos.org/altarch/7/experimental/x86_64/ > > > > Also, what graphic card does it use? > > > Hi Johnny, > Yes I still have the laptop. Too nice a machine to send back… > > The experimental kernel cannot be installed due to a missing xorg- > x11- > drv-vmmouse >= 14.0.0 package. Do you know where can I find that > package? > > The graphic card may indeed be the problem as the laptop has both a > HD > 620 in the processor and a Nvidia device 134e (rev A2). with the > Fedora > 25 kernel loaded, glxinfo reports that the i915 driver could not be > loaded and that Gallium 0.4 on llvmpipe is used. > > The f25 beta kernel does work on Centos after updating xfs-progs and > linux-firmware from f25 Beta (but crashes at a reboot) > I now have the kernel-ml working. I missed updating the linux-firmware from elrepo. I still see errors on a pcieport, but things seem to work fine. BR, Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 and Kably lake: black screen
On Mon, 2016-11-14 at 06:48 -0600, Johnny Hughes wrote: > On 11/12/2016 02:39 PM, Louis Lagendijk wrote: > > > > On Sat, 2016-11-12 at 15:34 -0500, Fred Smith wrote: > > > > > > On Sat, Nov 12, 2016 at 09:15:22PM +0100, Louis Lagendijk wrote: > > > > > > > > > > > > I got a new laptop as my old one died: an HP Probook 470 G4. > > > > I installed Centos 7 1511. > > > > The laptop has a Kaby Lake i5 CPU and an > > > > 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev > > > > a2). > > > > Fedora recognizes it as a GM108M/930MX. This may give some > > > > hints, > > > > but > > > > it is not that the standard kernel does not support it, this > > > > output > > > > comes from the 4.8.7 mainline kernel which should support this > > > > configuration? GM108 support was added in kernel 4.7, Kaby lake > > > > support > > > > was added in 4.5... > > > > > > > > When I boot nothing shows up after the UEFI Grub menu: the > > > > system > > > > runs > > > > but nothing is shown on the display, except for a non-blinking > > > > cursor > > > > in the upper left of the screen. I tried a number of things: > > > > - Installed the latest ml-kernel from Elrepo (4.8.7-1) > > > > - I also tried the following on the kernel commandline: > > > > nomodeset i915.nomodeset=0 nouveau.modeset=0 > > > > Nothing changes the fact that there is no display. > > > > > > > > I had to install Centos 7 using vnc as even a text install did > > > > not > > > > work > > > > > > > > Does anybody have some idea what the cause could be and what to > > > > try > > > > next? > > > > > > Did you try CTRL-ALT-F2 or -F3 ? perhaps X has just died (or not > > > been > > > properly started), but that would get you a text-mode consosle > > > from > > > which to work and experiment. > > > > > > if that works, you could try typing "startx" (lose the quotes). > > > which > > > may provide informative errors. or not. > > > > > > YMMV > > > http://mirror.centos.org/altarch/7/experimental/x86_64/> > > > > Thanks for your response, but... > > No, tried it, but that did not work either unfortunately. > > > > If you still have the machine available, try using the experimental > kernel: > > http://mirror.centos.org/altarch/7/experimental/x86_64/ > > Also, what graphic card does it use? Hi Johnny, Yes I still have the laptop. Too nice a machine to send back… The experimental kernel cannot be installed due to a missing xorg-x11- drv-vmmouse >= 14.0.0 package. Do you know where can I find that package? The graphic card may indeed be the problem as the laptop has both a HD 620 in the processor and a Nvidia device 134e (rev A2). with the Fedora 25 kernel loaded, glxinfo reports that the i915 driver could not be loaded and that Gallium 0.4 on llvmpipe is used. The f25 beta kernel does work on Centos after updating xfs-progs and linux-firmware from f25 Beta (but crashes at a reboot) > > Thanks, > Johnny Hughes > > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos.org down??
On Wed, 2016-11-16 at 15:14 +0530, Syam G Krishnan wrote: > Hi guys, > > Is there any problem with www.centos.org? > It seems down for me, was trying since last two weeks. > > works for me now and has been working earlier this week when I needed to download some install images. Must be something on your side. Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 and Kably lake: black screen
On Sat, 2016-11-12 at 15:34 -0500, Fred Smith wrote: > On Sat, Nov 12, 2016 at 09:15:22PM +0100, Louis Lagendijk wrote: > > > > I got a new laptop as my old one died: an HP Probook 470 G4. > > I installed Centos 7 1511. > > The laptop has a Kaby Lake i5 CPU and an > > 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev a2). > > Fedora recognizes it as a GM108M/930MX. This may give some hints, > > but > > it is not that the standard kernel does not support it, this output > > comes from the 4.8.7 mainline kernel which should support this > > configuration? GM108 support was added in kernel 4.7, Kaby lake > > support > > was added in 4.5... > > > > When I boot nothing shows up after the UEFI Grub menu: the system > > runs > > but nothing is shown on the display, except for a non-blinking > > cursor > > in the upper left of the screen. I tried a number of things: > > - Installed the latest ml-kernel from Elrepo (4.8.7-1) > > - I also tried the following on the kernel commandline: > > nomodeset i915.nomodeset=0 nouveau.modeset=0 > > Nothing changes the fact that there is no display. > > > > I had to install Centos 7 using vnc as even a text install did not > > work > > > > Does anybody have some idea what the cause could be and what to try > > next? > > Did you try CTRL-ALT-F2 or -F3 ? perhaps X has just died (or not been > properly started), but that would get you a text-mode consosle from > which to work and experiment. > > if that works, you could try typing "startx" (lose the quotes). which > may provide informative errors. or not. > > YMMV > > Thanks for your response, but... No, tried it, but that did not work either unfortunately. Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos 7 and Kably lake: black screen
I got a new laptop as my old one died: an HP Probook 470 G4. I installed Centos 7 1511. The laptop has a Kaby Lake i5 CPU and an 01:00.0 3D controller: NVIDIA Corporation Device 134e (rev a2). Fedora recognizes it as a GM108M/930MX. This may give some hints, but it is not that the standard kernel does not support it, this output comes from the 4.8.7 mainline kernel which should support this configuration? GM108 support was added in kernel 4.7, Kaby lake support was added in 4.5... When I boot nothing shows up after the UEFI Grub menu: the system runs but nothing is shown on the display, except for a non-blinking cursor in the upper left of the screen. I tried a number of things: - Installed the latest ml-kernel from Elrepo (4.8.7-1) - I also tried the following on the kernel commandline: nomodeset i915.nomodeset=0 nouveau.modeset=0 Nothing changes the fact that there is no display. I had to install Centos 7 using vnc as even a text install did not work Does anybody have some idea what the cause could be and what to try next? /Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hardware Support of CentOS 6: Mini-PC
On Tue, 2016-07-12 at 15:04 +0200, Walter H. wrote: > On Tue, July 12, 2016 12:51, Earl A Ramirez wrote: > > if I had any knowledge of systemd and other things that are more > > than > > > totally different ... > > > I'm not an expert; is ip(6)tables still part of CentOS 7? > > > > > > > It is available but not installed by default, you will have to > > install it > > and stop and disable firewalld. > > > and this done by which shell command? > (as I have nearly no knowledge about systemd) > > in C6 I'd do > > chkconfig iptables on > chkconfig ip6tables on > service iptables start > service ip6tables start > iptables itself is to the bast of my knowledge still part of the standard install. You want to: yum install iptables-services systemctl disable firewalld systemctl stop firewalld systemctl enable iptabpes systemctl enable ip6tables systemctl start iptables systemctl start ip6tables But unless you need some fancy stuff in the firewall, I would recommend to simply use firewalld and use the graphical firewall-config to manage it (or firewall-cmd if you do not have a graphical env.) Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems with CentOS 7 and X w/ nvidia
On Mon, 2016-02-29 at 17:12 -0500, m.r...@5-cent.us wrote: > Ok, here's a bit more on the issues: I see in Xorg.0.log that it > appears > to have loaded the NVidia drivers I built from proprietary. But, and > this > may, or may not be significant, the user's home directory is, of > course, > NFS mounted. > > And his old machine that dies was running CentOS 5. > > Is it possible that some of the gnome settings are breaking things > with > CentOS 7's default gnome? If so, what kinds of things should I be > looking > for? > > mark hi Mark Did you set the sebool: use_nfs_home_dirs --> on? Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network configuration issue with second public ip on CentOS 6
On Wed, 2015-12-23 at 19:04 +0100, Patrick Bervoets wrote: > > > Op 23 dec. 2015 om 18:31 heeft Valeri Galtsev> o.edu> het volgende geschreven: > > > > > > > > > > > If I understand IP networking correctly, you only can have > > "aliases" of > > the interface appear on the _same_ network segment (I'm tempted to > > say > > same class C network) as the main IP of interface, say you have: > > > > DEVICE=eth0 > > IPADDR=x.y.z.w > > NETMASK=255.255.255.0 > > GATEWAY=x.y.z.254 > > > > Then with the restriction I mentioned you can have alias: > > > > DEVICE=eth0:0 > > IPADDR=x.y.z.a > > NETMASK=255.255.255.255 > > > > Note that "x.y.z." part is the same in both IPs. > > > > Somebody may correct me if I'm wrong. > > > > Valeri > > > > > > > > > I have used an 10. Alias on a 192. Interface so it is possible > Patrick I believe you are right. A netmask of 255.255.255.255 however seems wrong. With that netmask a broadcast for address resolution will not work... Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7.2 installer missing virt-what
On Wed, 2015-12-23 at 13:55 -0600, Chris Adams wrote: > In previous CentOS releases, virt-what was included in the install > image. This made it easy for me to spin a custom ISO with my package > set and a kickstart that would add open-vm-tools or ovirt-guest-agent > as > appropriate (when installing the respective guest environments). > > I updated my ISO to 7.2, and virt-what is nowhere to be found. I > assume > this is copied from RHEL; anybody know any explanation? > > For now, I'm falling back to matching strings in > /sys/class/dmi/id/product_name. Is there some better way to > determine > what (if any) virtual environment the installer is running under? > Just install package virt-what? # yum provides */virt-what Loaded plugins: fastestmirror Loading mirror speeds from cached hostfile * nux-dextop: li.nux.ro virt-what-1.13-6.el7.x86_64 : Detect if we are running in a virtual machine Repo: base Matched from: Filename: /usr/sbin/virt-what virt-what-1.13-6.el7.x86_64 : Detect if we are running in a virtual machine Repo: @cr Matched from: Filename: /usr/sbin/virt-what BR, Louis ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd nfs mount problem [SOLVED]
On Fri, 2015-02-27 at 16:46 -0500, m.r...@5-cent.us wrote: m.r...@5-cent.us wrote: m.r...@5-cent.us wrote: I'm exporting a directory, firewall's open on both machines (one CentOS 6.6, the other RHEL 6.6), it automounts on the exporting machine, but the other server, not so much. ls /mountpoint/directory eventually times out (directory being the NFS mount). mount -t nfs server:/location/being/exported /mnt works... but an immediate ls /mnt gives me stale file handle. The twist on this: the directory being exported is on an xfs filesystem... one that's 33TB (it's an external RAID 6 appliance). Any ideas? Oh, yes: I did just think to install xfs_progs, and did that, but still no joy. Since we got the RAID appliance mounted, we'd started with a project directory on it, and that exported just fine. So what seems to work was to put the new directory under that, and then export *that*. That is, /path/to/ourproj, which mounts under /ourproj, and we wanted to mount something else under /otherproj, (note that ourproj is the large xfs filesystem), so instead of /path/to/otherproj, I just exported /path/to/ourproj/otherproj, and mounted that on the other system as /otherproj. What NFS version are you using? V4? if so, have a look at the nfs4 requirement to export the parent of you exports wih fsid=1 Does that make sense? Clear as mud? Anyway, it looks like we have our workaround. mark wish nfs could handle an option of inode64 I have no experience with the combination of xfs and nfs, but it seems to be possible, see: http://xfs.org/index.php/XFS_FAQ#Q:_Why_doesn.27t_NFS-exporting_subdirectories_of_inode64-mounted_filesystem_work.3F Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] restarting mysql databases
On Mon, 2014-10-06 at 15:43 -0400, Robert Moskowitz wrote: failed with: mysqladmin: connect to server at 'localhost' failed error: 'Access denied for user 'root'@'localhost' (using password: NO)' Please read the above carefully: using password: NO Specifying the password requires the -p or --password option. Just specify -p on the command line and let mysqladmin ask for the password... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Canon PIXMA mg5420 or HP Photo Smart 7520
On Tue, 2014-09-09 at 10:46 +0200, Christoph Neuhaus wrote: Hi Ken In need of a new printer, having done a bit or research, and considering either the Canon PIXMA mg5420 or the HP Photo Smart 7520. There are Linux drivers for the Photosmart which are supposed to handle both the printer and the scanner. But in my research I haven't found (yet) anyone who's gotten the scanner to work with Linux on the Photosmart, let alone the sheet feeder for it. The Canon MG5420 is supported by Gutenprint, so printing should be ok. Sane supports the MG5400Series for scanning (at least in GIT but as yet untested) so scanning should work too or can easily be made to work ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum cant find kernel-pae
On Mon, 2014-09-08 at 13:52 -0400, Bob Metelsky wrote: Hi I have a dell 770 bios sees 8g Is this a PowerVault 770? Accoding to http://www.dell.com/downloads/emea/products/pvaul/77XN.pdf It does support only 3GB of Ram. Can you please post a complete output of dmidecode. It may very well be a case where the on-board chipset is limited to 4GB address space minus the PCI addres space that leaves only 3 - 3.5GB ofg Ram space ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Use postfix and spamd on CentOS 6 - looking for a shortest guide
On Thu, 2014-08-14 at 01:19 +0200, Timothy Murphy wrote: Les Mikesell wrote: On Wed, Aug 13, 2014 at 5:55 PM, Timothy Murphy In my experience email has been working without problems for as long as Unix has been running, long before system administrator exams were invented. That was back when it was safe to assume that those one or more destination wanted to receive anything that showed up on port 25. Or that you could reasonably accept the unwanted data and subsequently send it back to wherever the From: line said it came from. Which was basically never but people used to do it before they knew better. But it is still reasonably easy to say what you want to do with email, even if it is hard to implement. My statement was that the TASK of postfix is fairly easy to understand. Yes, but you want to add a turbo to the combustion engine and then the simple user interface is not enough anymore... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Miredo server for Centos 6
On Thu, 2014-07-03 at 12:20 -0500, Les Mikesell wrote: On Thu, Jul 3, 2014 at 12:07 PM, Robert Moskowitz r...@htt-consult.com wrote: Have you tried the simple-minded approach of downloading the fedora src rpm and doing an 'rpmbuild --rebuild' of it? Sometimes all it take to make that work is installing whatever dependencies are missing, sometimes that turns out to be difficult or impossible, depending on required versions and conflicts. You might have a better chance of making this work after Centos 7 is out, though. For various reasons I lean toward installing software over doing my own builds. No one else is going to do the write ups I need for management. Sure, but the rpm package you get from rebuilding an existing fedora source rpm is going to be essentially the same thing you'd get if the maintainer built it for centos6/EPEL. That is, all of the things that would make it 'your' build have already been done by someone else and coded in the spec file. If it works... First a note to Robert: miredo-server is a separate rpm package, but it is built from the same source rpm as the other miredo packages. I donloaded the src rpm for Fedora 20. That package depends on having systemd (so it would most likely work on RHEL7). If I remove the systemd references (the requires/ build requires and the .service files) it builds without any more issues. If you can create your own init files you should be all set. The changelog says: Tue Apr 24 2012 Jon Ciesla limburg...@gmail.com - 1.1.7-8 - Migrate to systemd, BZ 789782. so if you take a Fedora 1.1.7-7 or earlier src rpm, you could probably easily take the spec file and use the 1.2.6 tar file to build a working setup regards, Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 mount of ntfs formatted usb stick fails
On Wed, 2014-04-16 at 18:26 +1200, Rob Kampen wrote: On 04/15/2014 02:42 PM, Russell Miller wrote: On Apr 14, 2014, at 7:23 PM, John R Pierce pie...@hogranch.com wrote: On 4/14/2014 6:06 PM, Rob Kampen wrote: I recently received an 8GB usb stick that fails to mount on my fully patched CentOS 6.5 desktop machine. The stick works just fine on a windoze 7 laptop (my daughter's) with no special drivers installed. most USB sticks are formatted FAT32 file when applied /dev/sdf/(1) indicted a block device - nothing else helpful. Try as root: dd if=/dev/sdf1 of=somefile count=100 file somefile regards, Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] USB to Ethernet problem
On Tue, 2014-03-18 at 18:35 +0800, Giri Prasad wrote: On 18/03/14 19:49, Giri Prasad wrote: Now, after assigning a static IPV4 address, this eth1 is pinging to the default gateway 192.168.1.1. But eth1 is not pinging/connecting to the external internet. Can someone please provide some answers. Can you ping an IP Address - such as 8.8.8.8? # ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data. ^C --- 8.8.8.8 ping statistics --- 18 packets transmitted, 0 received, 100% packet loss, time 17372ms Do you have NAT enabled somewhere? It looks as if you do not have it or you have a routing issue on 192.168.1.1? You will need it to be able to reach anything outside your own network What does nslookup google.com say? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dug myself into a hole
On Mon, 2014-02-17 at 14:08 +, Styma, Robert E (Robert) wrote: I just build a CentOS 6 machine to replace my old machine which broke to where I could not fix it. In attempting to get the applications running which had worked on the old machine, I did updates from several repos such as rpmforge, atrpms, livna, epel, etc. Some of the attempts ended going down blind alleys. Now I have a mix of rpm's from various sites that I do not need, but they are listed as dependencies of other rpm's. The rpmforge rpm's are marked with rf. Is there a process to check which of these rpm's are also in the base libraries and force them back in? I really do not want to go back to square 1 and reload the system from scratch. Bob S Disable the offending repositories and then run yum distro-sync Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] odd mcelogd problem
On Tue, 2014-02-11 at 17:29 -0500, m.r...@5-cent.us wrote: CentOS 6.4, 2.6.32-358.11.1.el6.x86_64 (And no, I can't just upgrade - the users have to be sure that the computational results will be correct) It's throwing ECC errors. Trying to start mcelogd, first it said nothing. Restart told me Please load edac_mce_amd module. I did a modprobe edac_mce_amd, and lsmod tells me it's in. But now service mcelogd restart Stopping mcelog Starting mcelog daemon [FAILED] AMD Processor family 16: Please load edac_mce_amd module. [FAILED] And in messages, mcelog: CPU is unsupported#012: Success Success? Anyone have any ideas what I'm missing; why I've loaded what it says it needs, and it still thinks it needs it? Did you check /var/log/messages for errors reported by the module when you modprobe'd it? Kind regards, Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] died again
On Sat, 2013-12-07 at 00:58 -0500, Darr247 wrote: On 07 December 2013 @02:57 zulu, Michael Hennebry wrote: The CPU heat sink is under the fan pointing down towards the motherboard. You lift those 2 levers to release it, and there's likely another lever under it all locking the CPU into the socket. The picture is not very clear, but it looks as if the heatsink on the processor has collected a lot of dust, probably blocking the air flow. Do not yet remove the heat sink ( I am always weary of doing so) but try to remove the dust first if there is a lot of it. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update interruption recovery
On Wed, 2013-12-04 at 20:32 -0800, Hugh E Cruickshank wrote: From: Hugh E Cruickshank Sent: December 4, 2013 15:09 From: Frank Cox Sent: December 4, 2013 15:04 On Wed, 4 Dec 2013 14:55:03 -0800 Hugh E Cruickshank wrote: Tried that but it failed. Describe failed. That happened yesterday and I can not recall specifically what it said. I am currently in the process of backing up the hard drive before proceeding any further. I will see if I can get the error a little later today. Well I am unable to locate the error message as it does not appear to be logged. In the interim I have done a lot more research and I now suspect that I have two separate problems: 1. Since the yum update did not complete then it never had a chance to update the rpm database, 2. We probably have one or more packages that have been install but the predecessor has not be removed. I have done the following: a. Rebuilt the rpm database: rm -f /var/lib/rpm/__db* rpm --rebuilddb b. I then retried the yum update this aborted report conflicts in systemtap packages. c. I listed the installed systemtap packages: rpm -qa | grep systemtap | sort This revealed that there were two systemtap-devel packages installed and I removed the newer one. d. I then retried yum update and this appeared to work fine until it got to: Cleanup : 1:xorg-x11-drv-nouveau-1.0.1-3.el6.x86_64 286/513 At this point the system appears to be hung. I can not proceed any further this evening as I am working on this from home and I do not have physical access to the server to reboot it. In the morning I will reboot the server and try again but this time I am going to do a yum clean all to the rpm database rebuild. Any thoughts or comments would be appreciated. Try package-cleanup --problems and see what it returns package-cleanup --cleandupes may helps with removal of duplicates Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] died again
On Tue, 2013-12-03 at 15:16 -0600, Michael Hennebry wrote: On Wed, 27 Nov 2013, m.r...@5-cent.us wrote: Michael Hennebry wrote: On Wed, 27 Nov 2013, m.r...@5-cent.us wrote: One thing I've never done, or thought of until now, was whether the thermal grease between the CPU and the heat sink had dried out. If it's running hot, that's a possibility, so you might clean that off and put on some new (a buck or so at any computer parts store). Doesn't need much - the force of tightening the heat sink will spread it much farther than you expect it to, and you don't want it coming out the sides. the force of tightening the heat sink frightens me silly, but I suppose that would be better than a dead CPU fan. My recollection is that that does not come off. Not to worry. It will probably be a lever that you push down and it catches. I doubt it's like in some servers, where you screw it on... and even in that case, you screw it till you feel it stop turning. In any case: check the fans first. There may also be a lot of dirt on the heat sink. These are much more likely culprits than the thermal paste. If thermal grease is the problem, how do I find out and how do I clean off the old stuff? I've read that just adding more is not a good idea. If I add to much thermal paste, what do I do about it? If everything else fails you can try to replace the old thermal paste. I It seems unlikely that this is the cause of your problems. I have seen quite a number of issues with fans and dirty heat sinks. None that I can remember of bad thermal paste. I may have seen one case where there was none at all (assembly mistake). Remember that the paste is only to be used to fill up the really small unevenness between heat sink and heat spreader on the processor. Unless you are overclocking I would not expect much difference from a new thermal paste As mark already pointed out a little alcohol is very helpful to remove old paste. Use a lint free cloth to remove it. Then just put a little new paste on in the middle of the processor and use a credit card to spread it out as thin as possible. The credit card is flexible enough to follow the surface accurately. And don't let the paste spread out from the sides of the heat spreader. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] died again
On Tue, 2013-11-26 at 11:34 -0600, Michael Hennebry wrote: On Tue, 26 Nov 2013, m.r...@5-cent.us wrote: Michael Hennebry wrote: Ouch. $200+ before installation, and I'd still have a computer some Linuxes don't like. Expensive board. Is this at home? I got a Gigabyte board and Core I-3 Yes. It's the only computer I've owned with either a hard drive or more than 8K of memory. I've used others. combo at MicroCenter for under $200, I think. Installation? Hey, we're sysadmins, we build our own systems! g What's this we? I've opened the case three times and done four things: I've installed a new hard drive. The old one is still working. I've zapped the original video card, AGP. I've blown dust. I've had someone else install new RAM. When I get up the nerve to open it again, I'll blow dust and look for misplaced intestines. In the mean time, I'll boot back to CentOS and see how long it lasts. You may want to check the bios for some settings. I recently fixed some issues with my server system here at home (gen 1 i7 920) by turning ACPI 2.0 off. I first replaced the power supply but that did improve the situation from disk errors once every day or 2 to once every 5 days. Make sure you have the latest bios as well. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dovecot SLOW with sssd in centos 6
On Mon, 2013-07-01 at 12:34 +0200, FABIO FERRARI wrote: Hello, I have a big performance problem with a mail server using dovecot and authenticating users via ldap. The architecture of the machine is a local ldap and mysql server, they are used by dovecot for authenticating the mail users. If i use pam_sss the mail server has about 1/8 - 1/10 the performances it has if i use the pam_ldap. What exactly does this mean? Is this dovecot performance or something else? Even doing a 'time ls -l' on the mail tree (there are about 3000 ldap users in that directory) it is very very slow, the first time I try to do it after a reboot, it takes about 6 minutes with sssd, and about 8 seconds with ldap. Did you specify enumerate = True in sssd.conf? This may cause delays when you have many users in the directory... Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Need a Centos 6 USB hard drive recovery procedure
On Sat, 2013-06-01 at 19:52 +, Rock wrote: On Sat, 01 Jun 2013 16:40:46 +, Rock wrote: Now comes the biggie, backing up the entire 150MB disk: Q: Maybe I should have used the conv=noerror option as suggested in the dd wikipedia entry? $ sudo dd if=/dev/sdc1 of=/mnt/image.dd bs=1M The dd finished backing up after about 3 hours. $ sudo dd if=/dev/sdc1 of=/mnt/image.dd bs=1M == 152625+1 records in == 152625+1 records out == 160039240704 bytes (160 GB) copied, 9750.86 s, 16.4 MB/s Although I can't see to change the permissions of the result: $ ls -l == -rwxrwxrwx. 1 root root 160039240704 Jun 1 12:13 image.dd $ sudo chmod uog=r /mnt/image.dd $ ls -l == -rwxrwxrwx. 1 root root 160039240704 Jun 1 12:13 image.dd $ sudo chmod 555 ./image.dd $ ls -l == -rwxrwxrwx. 1 root root 160039240704 Jun 1 12:13 image.dd At this point, some people said to try to recover using the backup; while others said I should work off the original disk. I think I'll try the testdisk recover procedure first. testdik can work on a disk image, so I recommend using that. Don't risk chaging the original disk (although testdisk is not supposed to touch it IIRC) /Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Need a Centos 6 USB hard drive recovery procedure
On Sat, 2013-06-01 at 04:18 +, Rock wrote: On Sat, 11 May 2013 22:28:53 +0200, Louis Lagendijk wrote: here is a quick list of what to do: Thanks. I needed this step-by-step procedure; and I'll report back. I bought a new 2TB disk, named My Passport. I will test the procedure with a spare 500GB disk, named Signature Mini. 1) connect your spare disk (USB) (not the bad disk!) and as root check what device id it got (tail /var/log/messages) look for detected partitions there or do fdisk -l /dev/sdx where the sdx is what you found from /var/log/messages 0. $ sudo tail -f /var/log/messages 1. I plugged in the 2TB new disk. == May 31 20:52:37 ntfs-3g[4213]: Mounted /dev/sdb1 (Read-Write, label My Passport, NTFS 3.1) 2. $ sudo fdisk -l /dev/sdb == Disk /dev/sdb: 2000.4 GB, 2000365289472 bytes == /dev/sdb1 1 243198 1953480704 7 HPFS/NTFS 2) As root Mount the disk: mount /devsdxy /mnt (where y is the partion number you want to mount) 3. $ sudo mount /dev/sdb1 /mnt == Mount is denied because the NTFS volume is already exclusively opened. == The volume may be already mounted, or another software may use it which == could be identified for example by the help of the 'fuser' command. if mounted goto 3 This may fail if it is ntfs 2B) If it fails format the disk as ext4: mkfs /dev/sdxy and then mount it as under 2 Should I now format the 2TB disk using this command? $ sudo mkfs /dev/sdb1 You could try without reformatting it: just check where it is mounted: mount |grep sdb1 this will show where the disk got mounted. And then mount it as: $ sudo mount /dev/sdb1 /mnt 3) I assume here that your bad disk is already connected (as sdz check first what the real name is) At this point, I connect the 500GB test disk and this shows up in the tail of /var/log/messages: May 31 21:02:39 ntfs-3g[4787]: Mounted /dev/sdc1 (Read-Write, label SignatureMini, NTFS 3.1) Check whee it got mounted mount |grep sdc1 and umount it to be sure dd if=/dev/sdz of=/mnt/image.dd bs=1M This will copy the contents of your bad disk to image.dd this now becomes: dd if=/dev/sdc1 of=path to the mount point for the new disk/image.dd Is this the correct command given the test information above: $ sudo dd if=/dev/sdc of=/mnt/image.dd bs=1M 4) just to be sure, make the image read-only chmod uog=r /mnt/image.dd I presume I do this after the previous dd command finishes. $ sudo chmod uog=r /mnt/image.dd Correct 5) install testdisk from the epel repo yum install testdisk $ sudo yum --enablerepo epel install testdisk -y == Installed: testdisk.x86_64 0:6.12-2.el6 == Dependency Installed: libewf.x86_64 0:20100226-1.el6 Note: This apparently installs /usr/bin/photorec 6) now run photorec from a directory where you have sufficient space, ifg your usb disk is big enough do it there (hint create a sub-directory mdkdir /mnt/recover cd /mnet/recover You probably mean mkdir, so is this what I run: $ sudo mkdir /mnt/recover $ cd /mnt/recover Indeed, I am a lousy typer and even more lousy at proofreading but any dorectory would do photorec /mnt/image.dd $ sudo photorec /mnt/image.dd Q: Is this the recommended procedure as written after your comments? Yes, doing it this way makes sure you do not destroy the content of the old disk as you are working from a copy Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Where did yum install monodevelop?
On Mon, 2013-05-20 at 12:56 -0700, John R Pierce wrote: On 5/20/2013 12:28 PM, Frank Cox wrote: It's entirely possible that I'm missing something, but how does that tell me what pre- and post-install steps the rpm does, or what patches are applied to the binaries? All I get is a list of files and directories. I don't think it's possible to extract a spec file from a binary rpm. Or is it? Ah, i thought the OP was asking where the files were installed. As such it is not possible to retrieve the complete spec. The actions can be viewed however with the -- script option to rpm, eg: rpm -q --scripts binutils I do not see how one can see what patches are installed. The problem the OP has comes from the fact that the rpm is not signed, so it must be installed with the --nogpgcheck option to yum. Without the option IIRC yum complains about the missing signature and does not install the package. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Where did yum install monodevelop?
On Mon, 2013-05-20 at 16:15 -0500, John R. Dennison wrote: On Mon, May 20, 2013 at 10:59:35PM +0200, Louis Lagendijk wrote: The problem the OP has comes from the fact that the rpm is not signed, so it must be installed with the --nogpgcheck option to yum. Without the option IIRC yum complains about the missing signature and does not install the package. You could have let it go at the first line: The problem is indeed that the rpms are not signed. --nogpgcheck is not a viable option on a server you care about unless you are 100% sure (ie. audited everything yourself and/or built the rpm yourself) that things are germane. Indeed, installing an RPM from an unknown source, even if it is signed (with a key from the same source) is taking a big risk. I assumed that the OP understood that. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Need a Centos 6 USB hard drive recovery procedure
On Sat, 2013-05-11 at 19:18 +, Rock wrote: On Sat, 11 May 2013 15:35:31 +, Rock wrote: Currently I'm at day 3, and almost done recovering the files; but the results (sadly, due to my error in the Recuva settings) are flatter than the plains of Kansas! Just for the record, Recuva finished at 66 hours: http://www5.picturepush.com/photo/a/12907423/img/12907423.jpeg It's odd that I'm having trouble finding a good tutorial for Linux recovery of the master table of contents, since it must be happening to others day in and day out. Fundamentally, the procedure is to dd the disk and then work off the backup but I don't want to make a mistake so that's why an exact procedure is so critical to find. It's expensive being a pioneer; yet I shouldn't have to be a pioneer for this task, since it happens every day. Will read everything written and try to find a tutorial. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ok, here is a quick list of what to do: 1) connect your spare disk (USB) (not the bad disk!) and as root check what device id it got (tail /var/log/messages) look for detected partitions there or do fdisk -l /dev/sdx where the sdx is what you found from /var/log/messages 2) As root Mount the disk: mount /devsdxy /mnt (where y is the partion number you want to mount) if mounted goto 3 This may fail if it is ntfs 2B) If it fails format the disk as ext4: mkfs /dev/sdxy and then mount it as under 2 3) I assume here that your bad disk is already connected (as sdz check first what the real name is) dd if=/dev/sdz of=/mnt/image.dd bs=1M This will copy the contents of your bad disk to image.dd 4) just to be sure, make the image read-only chmod uog=r /mnt/image.dd 5) install testdisk from the epel repo yum install testdisk 6) now run photorec from a directory where you have sufficient space, ifg your usb disk is big enough do it there (hint create a sub-directory mdkdir /mnt/recover cd /mnet/recover but any dorectory would do photorec /mnt/image.dd The copy to an image is not really required, but better safe then sorry I have written this from Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What is the recommended method to obtain Pan 0.136+ (with SSL) for Centos 6?
On Wed, 2013-05-08 at 23:42 +0100, Nux! wrote: On 08.05.2013 21:26, Rock wrote: Q: What is the recommended method to obtain Pan 0.136+ (with SSL) for Centos 6? Your best bet is run the Windows installer in wine. Natively is very difficult to run because it requires stuff that's too new to be found in EL6. :) That or find an alternative to Pan. -- Right, it requires glib2(-devel) = 2.26.0 and gmime(-devel) = 2.5.5 You're in for a lot of work as at least the dependency on glib 2.26 is real Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] floppy drives
On Sun, 2013-04-07 at 15:45 -0400, mark wrote: Yes, really. I've got hundreds of the damn things here at home, and I want to go through them and get rid of them all. But... to do that I want to read them. I have both a 5.25 and a 3.5 drive, both are plugged in, but in the BIOS, all I see is the 3.5. Fine, I figure I'll take care of those. Nope. I see /dev/fd0 once I've booted up, but neither konqueror nor mount nor fdisk works - the latter telling me that /dev/fd0 is not a valid block device. After some googling, I tried modprobe floppy, which installed it, but still no joy. Anyone have a clue? mark Mark, you said that both floppy drives are connected. Could it be that both are wired to fd0? One drive could be malfunctioning Try with only one drive connected at a time at the end of the cable and see if that helps... Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] floppy drives
On Mon, 2013-04-08 at 12:21 -0400, m.r...@5-cent.us wrote: That I don't know, and was trying to think of a way to test it. As I noted in another post, the 5.25 light seems to stay on, and I *think* that was the one I had disconnected before. I also think I mentioned that after bringing it down, connecting, and rebooting, I looked at the BIOS, and it told me it *only* saw the 3.5 drive. snip That is why I thought of the cable/drive issue. Please keep in mind that the bios versions I recall did not detect a drive unless it was told that there was one (you had to even specify the type/ format of the drive) Any chance that It *looks* like udev knows about it, since it created /dev/fd0 and the related devices. From what I recall, the OS gets the information on what is there from the bios. Look around in the bios and check if you can specify the format of the floppy drives somewhere... And the comment about checking if the cable has been put on upside down (on either side). Please note tat the twist in the cable sits between drive a and b. Still 4 possibilities to try. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] (Al)pine on CentOS 6
On Tue, 2013-03-26 at 06:14 -0400, Max Pyziur wrote: Greetings, The alpine mail rpm indicates that it comes packaged with configuration files (/etc/pine*conf*). However, they aren't there. Possible? yes, they are ghost files, not really included in the package Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Setting up bind - location for includes
On Fri, 2013-02-15 at 11:44 -0500, Robert Moskowitz wrote: I am setting up bind this time around (just rebuilt my test machine via Kickstart) without chroot. I have a fair number of includes for named.conf; I have two views and other odds and ends. My thoughts are to make a directory; /etc/named.d to put all these includes into instead of 'dirtying' up /etc. This way the only files I replace/add to /etc are named.conf and rndc.key (I would like to work the latter around to also be in named.d, but this impacts rndc itself). There is an /etc/named directory included in the bind package, I assume that it is meant for this purpose... I just changed my config to use that (with the chroot package) as it get bind mount from the standard startup script Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is there a way to _remove_ dependencies from an RPM built from source?
On Sun, 2012-02-26 at 21:05 +0100, Michael Lampe wrote: Ljubomir Ljubojevic wrote: I totally lost you. No problem. Play the game of chess like your namesake did so well. :) Please provide specifics, what package, is it in rpm or not, details please, so we do not chase out own tails. Gimme a trick: How to unregister an implicit but formally unavailable runtime dependency in a spec file? It's there at build time and therfore automatically used. Package builds fine. But it can only be installed by force, because the implicit dependency is explicitly recorded in the RPM. I want to get rid of that, because fixing Intel's stuff is not an option. Would it be be possible to create a dummy rom that requires the intel-rpm but does provide the dependency? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Eeek, my centos6 box won't boot after broken update, need help w/ yum
On Wed, 2012-02-08 at 15:22 +0100, wwp wrote: Hello Ljubomir, On Wed, 08 Feb 2012 12:06:44 +0100 Ljubomir Ljubojevic off...@plnet.rs wrote: On 02/08/2012 11:32 AM, wwp wrote: Hello there, I think I've shutdown my box right in the middle of a yum update.. The latest kernel installed won't simple boot, and the old one can, but only in init 3 mode (tty). From a console, I wanted to complete the yum update and it suggested me to do a `yum-complete-transaction`. yum-complete-transaction tells me that 447 elements are left to run in 1 transaction, runs and show lots of Removingpackagename - ud from the transaction then processes lots of stuff, and ends with listing lots of duplicate packages (mostly Xorg stuff) and.. and that's all. Same stuff if I start that command again. A `yum cleanup` doesn't change it. Any hint how I could get of that deadly loop? yum history list will give you of last yum transaction (highest number). Use that number in: yum history undo number, yum history redo number or yum history rollback number Read man yum for differences between commands if necessary. Hm. Since I use CentOS (was using Fedora before) I discover some yum advanced features, thanks for teaching me, Ljubomir :-). You may want to try the package-cleanup command. package-cleanup --problems could be the first thing to try Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [SOLVED] blue screen instead of login screen
On Fri, 2012-01-13 at 14:34 -0800, Bart Schaefer wrote: On Thu, Jan 12, 2012 at 9:16 PM, Frank Cox thea...@melvilletheatre.com wrote: On Thu, 12 Jan 2012 12:56:40 -0600 THE REMAINING MINOR ISSUE For some reason, the upper left two-thirds of the desktop background is darker than the rest of the desktop background. It's easier to show than to explain how it looks, so anyone interested can view it here: http://www.melvilletheatre.com/1920x1024screenshot.png Looks to me as if a 1024x768 rendering of the background image is being layered on top of a rendering of the same image that has been scaled up to 1920x1024. Have you checked whether you can actually place icons on the lower and right parts of the screen? I'm speculating that the desktop manager is still operating at 1024x768 even though the X screen is larger. I quite recently had something that looked quite similar on my iMac g5 when I had a cable plugged in to the VGA port. he system apparently overlaid the VGA screen over the screen on the built in LCD. Does the OP have a second monitor attached to he system? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] 6.2 release: a thank you
Gents I would like to express my appreciation for the unbelievably quick release of Centos 6.2. Thanks a million! You managed to release 6.2 some 10 days after 6.1. Johnny, you are not that ugly after all :-). Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6.2 progress.
On Mon, 2011-12-12 at 11:25 -0500, Lamar Owen wrote: For those who don't follow the QA RSS, see: http://qaweb.dev.centos.org/qa/node/120 to get the latest info on the status of 6.2. Looks good so far! _ I am really impressed! That IS quick. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] When will 6.2 be released.
On Fri, 2011-12-09 at 19:01 -0600, Johnny Hughes wrote: Let's go ahead and get this flame thread started now to save time. The CentOS team sucks ... it took days to do 6.1 ... it is going to take twice as long to get 6.2 My mom said CentOS blows. kbsingh is ugly. hughesjr is old and fat. OK ... that should do. come on Johnny, there are still plenty of people that appreciate the work you guys do and are happy to see 6.1 released. Please give us first a chance to say thank you so much! I understand that it is frustrating to release CentOS 6.1 right after RedHat release 6.2 so you can't even allow yourself to relax a bit (and knowing you guys you HAVE to keep up, not because of the complainer, but because of your pride in what you are doing and its results). Thanks for the work on 6.1! Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Upstream 6.2
On Tue, 2011-12-06 at 13:12 -0600, Johnny Hughes wrote: On 12/06/2011 09:08 AM, Lamar Owen wrote: As much as I hate to be the bearer of news, I saw over 400 updates this morning on my upstream 6.1 box checking the upstream website, yeah, EL6.2 is out, at least for updates. I didn't see ISO's in my subscribed channel yet, though. I figured someone would notice soon enough. So before anyone goes into flame mode, think about the difficulties that have faced the CentOS developers in the past, and please refrain from asking the age-old question 'are we there yet?' (I have five children, between the ages of 17 and 4; that saying is just a smack old by now for me.) CentOS-6.1 will be released in the next couple days (all the Trees and ISOs are spun and we are getting the mirrors ready to distribute) ... we are working on 6.2 right now in conjunction with doing the 6.1 distro release. I am still not able to install ipa-server due to 2 missing packages: pki-ca and pki-silent. Will they be in the 6.1 release, please, pretty please? Thanks to the Centos team for their hard work. Very much apprecited!!! Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Upstream 6.2
On Tue, 2011-12-06 at 19:51 +, Karanbir Singh wrote: On 12/06/2011 07:24 PM, Louis Lagendijk wrote: I am still not able to install ipa-server due to 2 missing packages: pki-ca and pki-silent. Will they be in the 6.1 release, please, pretty please? these will be there in the next day or so, the 6.1 media load is going to create a bit of turbulance ( not nearly as much as a regular release does though ) - KB Thanks Karanbir! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ipa-server
hi I am a happy user of CentOS since Centos 4. I very much appreciate the effort you guys are putting into Centos 6. I am planning to play around with the ipa-server in Centos 6.1. Now I noticed that ipa-server is in the cr-repository. In order to install however the pki-ca and pki-silent packages are missing. The fact that ipa-server is built suggests that these packages have been built. If so, tit may be an oversight that these packages have not yet been pushed to the repo. In that case it would be nice if they could be pushed. If they are not yet ready, I will happily wait for them...(I understand the complexity of the work involved!!!) Thanks for the great distro! Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VLAN support?
On Thu, 2011-09-29 at 14:15 -0500, Les Mikesell wrote: On Wed, Aug 3, 2011 at 11:12 PM, James A. Peltier jpelt...@sfu.ca wrote: | Are there any new tools in CentOS 6 to configure VLAN interfaces | (where | the switch passes multiple tagged VLANs over one physical link to the | host) or is it best to edit /etc/sysconfig/network-scripts/eth?.vlan# | files manually? | So far none that I've found. I use VLANs quite extensively so I'm stuck rolling it with kickstart/puppet or manually when testing. Where is the best place to find documentation on how to set them up manually? When I use the same ifcfg-eth#.vlan# configs as in 5.x, ifup gives me an error about 'Device not managed by NetworkManager' . Don't use NetworkManager, chkconfig NetworkManager off; chkconfig network on will do the trick. I don't know that Networkmanagr can handle tagged vlan interfaces ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] problem in cr: nfs-utils-lib-1.1.5-3.el6.x86_64
On Tue, 2011-09-27 at 09:49 -0700, Paul Heinlein wrote: I ran yum update on a CentOS 6.0 machine against the CR repository and noticed that the nfs-utils-lib update broke my rcp.idmap settings: rpc.idmapd: libnfsidmap: processing 'Method' list rpc.idmapd: libnfsidmap: Unable to get init function: /usr/lib64/libnfsidmap/umich_ldap.so: undefined symbol: libnfsidmap_plugin_init rpc.idmapd: libnfsidmap: requested translation method, 'umich_ldap', is not available rpc.idmapd: Unable to create name to user id mappings. The /usr/lib64/libnfsidmap/umich_ldap.so library included with the 1.1.5-3.el6 update is noticably smaller than the one included in the standard 6.0 package, v. 1.1.5-1.el6. The rpm checks out correctly via gpg and an rpm2cpio-cpio pipe. Running ldd against the updated library shows the expected links. But the library appears to not work. Anyone else seen this? not this, but in my case rpcsvcgssd can no longer understand the krb5 from my Fedora WS. Sources are unfortunately no available yet, or I would have a look to see what is wrong. Sep 27 12:38:22 nest rpc.svcgssd[9212]: ERROR: failed serializing krb5 context for kernel Sep 27 12:38:22 nest rpc.svcgssd[9212]: WARNING: handle_nullreq: serialize_context_for_kernel failed Sep 27 12:38:22 nest rpc.svcgssd[9212]: ERROR: GSS-API: error in gss_export_lucid_sec_context(): GSS_S_NO_CONTEXT (No context has been established) - (0x7f6e) Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos VPS Kernel 2.6.35.4 'string-less' IP tables
On Wed, 2011-08-31 at 19:00 +0100, Always Learning wrote: On Wed, 2011-08-31 at 13:55 -0400, Lamar Owen wrote: On Wednesday, August 31, 2011 01:33:31 PM Always Learning wrote: Rather than being a willing or passive victim to 100% of the attacks, I aim to reduce the penetrability of most of them. Still useless: it is not the attacks that you know about and that show themselves as errors in your logs (and filter from the log, that is the only gain), but those where you have a real security hole that you have to worry about. And those will be exploited from one of the many other bots in the hackers botnet. An empty log may give you a nice feeling of security, but it is false... A lot of work, but very little if any gain. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nfsv4 and kerberos - fails to mount
On Mon, 2011-07-25 at 12:58 -0400, Rob Kampen wrote: Rob Kampen wrote: On 07/19/2011 04:43 PM, Olaf Mueller wrote: Rob Kampen wrote: Hello, nfs4 with kerberos works fine here on CentOS 5.6. change exports to [...]gss/krb([...] [...]gss/krb([...] My /etc/exports says '... gss/krb5(...'. Got this already And 'SECURE_NFS=yes' is set in /etc/sysconfig/nfs. This too is set All needed services are running? - rpcsvcgssd (server) - rpcidmapd (server) - rpcgssd (client) Yes all running A very good instruction, in my opinion, to get it running is http://sadiquepp.blogspot.com/2009/02/how-to-configure-nfsv4-with-kerberos-in.html. This was one of the ones I used - will start from the beginning again. Thanks for comments regards Olaf I have put the nfs4 with Kerberos on hold as it seems there may be a problem with the basic kerberos install. Probably an issue with your keytab. the link above cotains some hints: 1) you need to add an nfs (not host!) principal and 2) use ktadd -e des-cbc-crc:normal Add only the des-cbc-crc:normal key, not one of the others as (at least in the past, I have not checked later kernels like the one in centos 6) to see if this is still applies. In order to allow the des key to work you need the following in /etc/krb5.conf (in the libdefaults section): allow_weak_crypto = true With these settings nfs mounting works for me, but see my comments below first, before you try to mount a nfs file system /usr/kerberos/sbin/kprop: Decrypt integrity check failed while getting initial ticket With the keytab you showed, first try a kinit for a user. does that succeed? What does a klist show after this? This way you can check the ticket generation. Only when that succeeds try the nfs mount Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mounting a CentOS 5.5-based NFS partitions from a Mac OS X machine
On Tue, 2011-07-05 at 22:13 -0400, Tom H wrote: On Tue, Jul 5, 2011 at 1:11 PM, Rob Kampen rkam...@kampensonline.com wrote: Boris Epstein wrote: Is the OS X firewall blocking nfs? How are you mounting the export? If you're not trying it from within Terminal, does it work from within it? The OS X firewall dos not appear to be a factor. Actually it works just fine when I turn off the firewall on the CentOS end. Could it be that even when I am trying to mount over the TCP the NFS client on the Mac OS X side still tried to connect to some UDP port? I am asking that because everyone else mounts just fine with the firewall up on the server end. As I recall OS X only does NFS via TCP - other clients can use UDP - make sure your CentOS firewall has the TCP ports open. OS X does use TCP but I've just run tcpdump on an F15 VM while mounting and unmounting an NFS share from my Mac. Both the mount and umount result in four UDP packets, two to the portmapper and two to random ports. I don't have time to experiment further right now but perhaps opening up 111 UDP will allow your Macs to mount the NFS shares. NFSv3 uses the nfs port (TCP or UDP), portmapper (UDP) and some random UDP ports for quota, lockd, mount, and statd. These random ports can be fixed by setting them in /etc/sysconfig/nfs. They are normally commented out, but uncommenting them (and setting them to different values if so required) will fix them so you can firewall them. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SOLVED (was Re: Unable to mount Centos 5.6 Server via nfs4 - Operation Not Permitted - MADNESS!
On Fri, 2011-06-03 at 23:49 -0400, RILINDO FOSTER wrote: Okay, it took a few minutes, but I figure it out. Seems that Scientific Linux eems to regress a bit in this area. With Centos, you need to bind like so: /home/share /exports/share nonebind0 0 /home/vhosts /exports/vhosts nonebind0 0 And then specify the options (including fsid0): in /etc/exports /exports *(rw,fsid=0,insecure,no_subtree_check,sync,no_root_squash) /exports/vhosts *(rw,fsid=0,insecure,no_subtree_check,sync,no_root_squash) /exports/share *(rw,fsid=0,insecure,no_subtree_check,sync,no_root_squash) [root@centos home]# This is not right AFAIK, fsid should be specified ONLY on the export root. Search for fsid in man expports Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Unable to mount Centos 5.6 Server via nfs4 - Operation Not Permitted - MADNESS!
On Thu, 2011-06-02 at 14:01 -0400, RILINDO FOSTER wrote: It is actually commented out in SL6. On Jun 2, 2011, at 11:56 AM, Tom H wrote: On Mon, May 30, 2011 at 10:53 PM, RILINDO FOSTER rili...@me.com wrote: On May 30, 2011, at 10:29 PM, Tom H wrote: Are the values of Domain in /etc/idmapd.conf the same on the client and the server? FYI: For nfsv4, there's no need to have any ports other than 111 and 2049. (Are you using fsid=0 as an option?) Can you please show your /etc/exports? I remember that in Fedora some changes were made which probably included in RHEL6 as well that made fsid superfluous. Here is mine in case it helps you: /export gss/krb5(fsid=0,sync,insecure,no_subtree_check,no_root_squash) /export/home1 gss/krb5(rw,nohide,sync,insecure,no_subtree_check,no_root_squash) /export/home2 gss/krb5(rw,nohide,sync,insecure,no_subtree_check,no_root_squash) Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)
On Mon, 2011-05-16 at 19:40 +0100, Janne TH. Nyman wrote: Who cares? I find it amazing that these guys still keep on building and providing considering how their users treat them. Team CentOS, keep your heads up. For me, you are still the best thing that happened since sliced bread. Come on, community, where is your love? My 2 pence, Janne Janski AKA JNixus Nyman Founder of Newman IT Solutions Ltd +1 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL 6 rollout strategies? (Scientific Linux)
On Thu, 2011-05-12 at 09:49 -0400, Rob Kampen wrote: It does not seem to matter what we try to do, what we get is petty comments about how nothing changes. Nothing could be further from the truth. Johnny, don't let this type of comment upset you as: Please note there is a largely silent majority that appreciates very much what the team does, is doing to improve and listening to suggestions Keep up the great work - Thanks +1 Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.5 and Canon PIXMA 7600 multifunction printer/scanner/fax
On Mon, 2011-03-21 at 16:25 -0400, Boris Epstein wrote: Hello listmates, xsane on Ubuntu 10 finds that Canon PIXMA via the web and seems to be able to make use of it without a glitch. However, Centos machines sitting on the same net fail to find it. Does anybody know why? Ubuntu probably has a newer version of Sane that includes the bjnp network support. If i remember correctly my bjnp support was added in sane 1.0.19 (may have been 1.0.20). If you really need it, just rebuild a recent Fedora sane. Printing should work if you use the cups-bjnp package from EPEL if you can find a working printer driver. If needed, I can provide you a rebuilt sane-backends(-libs) (ok, done, see www.fazant.net/sane). I quickly hacked the Fedora spec file (removed the dep on i4l-devel and changed the version-ed dependency on udev to an unversioned one).It works on my MP980, the replacement for the MP970 which I used to develop the network support for Canon scanners. I am not sure that the hack for udev is correct, but you don't need udev for the Canon network support. Don't complain if you have problems with USB or other scanners though ;-) Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dual or quad fast ethernet NICs (that work with CentOS)
On Fri, 2010-12-31 at 16:32 -0600, Jeff Hefner wrote: I can vouch for the Sun Quad Fast Ethernet (PCI) cards. Quite a while back a few co-workers and I had split a small lot of them from eBay the broke down to roughly 8 or 9 bucks with shipping. Everyone had good luck with whatever they ended up being used for (mostly firewalls). jeff Hm, I used one in the past, but had problems with Centos 5 C86_64: https://bugzilla.kernel.org/show_bug.cgi?id=10790 which is still not solved I believe (but see the BZ for a possible patch). I don't use it anymore as I need less ethernot ports as I now have a VLAN capable swith Louis On Fri, Dec 31, 2010 at 4:00 PM, Lamar Owen lo...@pari.edu wrote: On Tuesday, December 28, 2010 07:13:22 am robert mena wrote: I am looking for dual or quad fast ethernet NICs that work with CentOS. There is no need for high performance so regular fast/pci is ok. I have in a firewall box here a quad fastethernet board; lspci shows: 01:09.0 PCI bridge: Digital Equipment Corporation DECchip 21152 (rev 03) 02:04.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 (rev 41) 02:05.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 (rev 41) 02:06.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 (rev 41) 02:07.0 Ethernet controller: Digital Equipment Corporation DECchip 21142/43 (rev 41) This uses the 'tulip' driver, very common, and good performance. I have another one, but this one uses the 21140 instead of the 21142. Still the tulip driver. Part number on it is 'COM-0040-50' or 123400-21-998, googling gives me that it's a Sun partit's 32-bit PCI. The older Sun Quad Fast Ethernet (PCI) should also work fine; uses sunhme driver, IIRC, which is in the vanilla C5 kernel (I just checked the latest updated kernel; should be in all of them). The ones I found on eBay (starting at the high price of $9.99 free shipping) are 64-bit, but should work fine in a 32-bit slot, just slower. Also, I have in hand a couple of dual-port boards made by Intel; Pro/100+ Dual, part 711269-004; has two 82558B controllers and an Intel-sourced 21152 bridge (32-bit PCI). I have one of these in a CentOS 3 box, and it works fine. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Addressing outgoing connections to a specific interface
On Sat, 2010-11-06 at 17:19 -0400, Bob McConnell wrote: So what you need is a way to insert a router between your software and one of your devices with the duplicated address. That router would then translate the addresses in one of those subnets into a unique address that won't conflict with the other. Personally, I would probably use a VM with FreeBSD and/or m0n0wall. But I still wonder if you are unique in finding this address collision, or do others also have the same problem? If it is widespread, then it should be solved by the people managing those devices. See http://shorewall.net/netmap.html Shorewall firewall alows one to remap addresses. regards, Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Windows 2003 AD, Winbind, Kerberos and NFSv4
On Fri, 2010-07-02 at 11:27 -0700, James A. Peltier wrote: Hi All, To support NFSv4 with Kerberos security, we also need to generate service principal for NFS: [r...@aconite ~]# net -U administrator ads keytab add nfs which then looks like this [r...@aconite ~]# klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal -- 3 host/aconite.my.ad.n...@my.ad.name 3 host/aconite.my.ad.n...@my.ad.name 3 host/aconite.my.ad.n...@my.ad.name 3 host/acon...@my.ad.name 3 host/acon...@my.ad.name 3 host/acon...@my.ad.name 3 aconi...@my.ad.name 3 aconi...@my.ad.name 3 aconi...@my.ad.name 3 nfs/aconite.my.ad.n...@my.ad.name 3 nfs/aconite.my.ad.n...@my.ad.name 3 nfs/aconite.my.ad.n...@my.ad.name 3 nfs/acon...@my.ad.name 3 nfs/acon...@my.ad.name 3 nfs/acon...@my.ad.name did you create the keytab on the CLIENT also? Test on the client [r...@celastrina ~]# showmount -e aconite Export list for aconite: /exports * [r...@celastrina ~]# mount -t nfs4 aconite:/ /mnt [r...@celastrina ~]# mount |grep -i nfs4 aconite:/ on /mnt type nfs4 (rw,addr=199.60.1.84) [r...@celastrina ~]# So as you can see everything is now working *without* Kerberos. However, if I change the /etc/exports file on aconite to [r...@aconite ~]# cat /etc/exports /exportsgss/krb5(rw,fsid=0) [r...@aconite ~]# exportfs /exportsgss/krb5 and then try to mount with the -o sec=krb5 on the client is rpc.gssd running on the client? rpc.svc.gssd on the server? [r...@celastrina ~]# mount -t nfs4 -o sec=krb5 aconite:/ /mnt mount.nfs4: Permission denied and the entry in /var/log/messages on celastrina is Jul 2 11:21:57 celastrina rpc.gssd[3302]: Using keytab file '/etc/krb5.keytab' Jul 2 11:21:57 celastrina rpc.gssd[3302]: WARNING: Failed to obtain machine credentials for connection to server aconite.my.ad.name nothing appears in the logs on aconite. so you most likely do not have a keytab on the client. Using kerberos is not simple Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4
On Tue, 2010-05-25 at 17:24 -0500, Les Mikesell wrote: On 5/25/2010 5:09 PM, Whit Blauvelt wrote: On Tue, May 25, 2010 at 06:05:34PM -0400, Whit Blauvelt wrote: where smb is RH's version and /etc/init.d/smb is Cent's. I can't quite imagine that a difference between overwriting or appending path.txt is at the root of what I'm seeing though. Correction: that wasn't a virgin version of Cent's. More in a moment. Try changing: daemon smbd $SMBDOPTIONS to strace -f smbd $SMBDOPTIONS and run it in the way that fails. If there's not enough left on the screen to see why it died, try strace -f smbd $SMBOPTION 2/tmp/smblog and look at the file reading backwards to find a fatal error. I'm still very curious about why it would work when run with 'sh'. Maybe try an ls -alZ fopr both sh and bash. There may be a suble difference there. If selinux gets in the way for one but not the other there may be something fishy with the selinux settings of the shell (or the /etc/init.d/samba file) Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4
On Fri, 2010-05-21 at 13:00 -0400, Whit Blauvelt wrote: On Fri, May 21, 2010 at 11:54:26AM -0400, Ross Walker wrote: # sh -x script start The problem with debugging it like that is that when started with sh, there's no bug. how about adding a set -x as the first line after the #!/bin/whatever line to get a debug on screen? I don't buy the hardware error as the fault is 100% reproducible. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Odd failure of smbd to start from init.d - CentOS 5.4
On Fri, 2010-05-21 at 15:01 -0400, Whit Blauvelt wrote: On Fri, May 21, 2010 at 02:36:30PM -0400, Whit Blauvelt wrote: Here's the path seen within the init.d/smb script (from an inserted echo $PATH file): /sbin:/usr/sbin:/bin:/usr/bin And if I set that path in a console session, smbd still works when called directly: # export PATH=/sbin:/usr/sbin:/bin:/usr/bin # ps aux | grep smb root 6449 0.0 0.0 61148 732 pts/1S+ 14:58 0:00 grep smb # smbd -D _ Strange. A few more things to try: Add a ulimit -a just before the daemon smbd line and try again with the set -x line in place. What is the output of ls -alZ /bin/*sh Clean /var/log/samba/ and restart it. Any information in there? I deleted some of your older mail, so I kind of lost the history Was there a way you could force smbd to fail from a direct call from the command line? If so, could you try to start it with a -F instead of -D. Does it start then? If not, replace the -D in the SMBDOPTIONS in /etc/sysconfig/samba with the -F and see what happens.You may also want to add a -S there, so you do not rely on the logfile (-S logs to stdout). Also increase loglevel in the smb.conf file to some higher value than 1 (or again add a -d x in SMBDOPTIONS the /etc/sysconfig/samba file Please note that with the -F the script will not continue, so keep another terminal open, just in case ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] College student printer for CentOS 5.4 x86_64?
On Sat, 2009-12-19 at 18:42 -0800, MHR wrote: Yeah, those are the good ones. I have a Canon i560 inkjet that my son likes, and it uses the BCI-3 black and BCI-6 color cartridges. Those are terrific - you can use generic ink in them for refills and they just work and work and work (except not with Linux, as John says). See http://www.openprinting.org/show_printer.cgi?recnum=Canon-i560 Gutenprint should support your printer Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] College student printer for CentOS 5.4 x86_64?
On Fri, 2009-12-18 at 20:20 -0500, David McGuffey wrote: Oldest son came back from college and wants a printer for his Dell laptop. I built it with CentOS 5.3 x86_64 several months ago and will upgrade it to 5.4 The Cannon printer he now has (bought with the laptop and Vista through the university book store), doesn't seem to have linux drivers. what model printer is this? Did you check http://www.linuxprinting.org? You may also want to take a look at turboprint www.turboprint.info , it is commercial, but offer good quality drivers for a lot of printers. It will still be cheaper than to buy a new printer Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPv6 range provisioning question
On Thu, 2009-06-11 at 10:49 -0500, Vadtec wrote: A few months back, I tried to use the network scripts to provision an IPv6 range like can be done with IPv4. I was using CentOS 5.2 at the time and was informed that 5.2 was broken in this regard. I have upgraded to CentOS 5.3 now and I am trying to get IPv6 to provision an entire range of IPs, but I am still getting the old behavior and no IPs are being provisioned. I am really confused on what you want to do here. When you talk about a RANGE what do you mean? Allocate more than one IPv6 address to a single interface? If so, have a look at the IPV6ADDR_SECONDARIES clause in the link you included. I am not sure that you can use alias interfaces for IPv6. Put that in the ifcfg-ethx file, not in the config for the aliases (ifcfgx:y) When I run service network restart, it doesn't even provision the default IPv6 GW on eth0:1, nor does eth0:1 even show up. I don't think you can use alias interfaces for IPv6. It at least did not work on my other (Fedora) box IPV6ADDR_SECONDARIES on the device DOES work on Centos 5.3 However, this is not provisioning an entire range as follows: eth0 Link encap:Ethernet HWaddr 00:16:3E:70:FC:96 inet addr:***.***.***.*** Bcast:***.***.***.*** Mask:255.255.255.0 inet6 addr: 2001:470:103:1a::2/64 Scope:Global inet6 addr: fe80::216:3eff:fe70:fc96/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:70 errors:0 dropped:0 overruns:0 frame:0 TX packets:29 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:6738 (6.5 KiB) TX bytes:2050 (2.0 KiB) You have a single address provsioned indeed 2001:470:103:1a::2/64 with a network part of 64 bits. I also have a large number of unreachable routes shown on the local loopback when I do ip -6 route show: unreachable ::/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable :::0.0.0.0/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:a00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:7f00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:ac10::/28 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:e000::/19 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 3ffe:::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 Nothing to worry abouot. I have that too: [r...@nest network-scripts]# ip -r ro sh 192.168.178.0/24 dev eth0.178 proto kernel scope link src 192.168.178.2 192.168.160.0/24 dev eth0.160 proto kernel scope link src 192.168.160.1 192.168.1.0/24 dev eth0.1 proto kernel scope link src 192.168.1.1 192.168.159.0/24 dev eth0.159 proto kernel scope link src 192.168.159.1 192.168.158.0/24 dev eth0.158 proto kernel scope link src 192.168.158.1 192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 169.254.0.0/16 dev eth0.178 scope link default via fritz.pheasant dev eth0.178 [r...@nest network-scripts]# ip -6 ro sh ::/96 via :: dev sit0 metric 256 mtu 1480 advmss 1420 hoplimit 4294967295 unreachable ::/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable :::0.0.0.0/96 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 2001:888:10:18e::/64 via :: dev sit1 proto kernel metric 256 mtu 1480 advmss 1420 hoplimit 4294967295 2001:888:118e:18e1::/64 dev eth0.158 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 2001:888:118e:18e2::/64 dev eth0.159 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 2001:888:118e:18e3::/64 dev eth0.160 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 2001:888:118e:18e4::/64 dev eth0.178 proto kernel metric 256 mtu 1500 advmss 1440 hoplimit 4294967295 unreachable 2002:a00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:7f00::/24 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:a9fe::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:ac10::/28 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:c0a8::/32 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable 2002:e000::/19 dev lo metric 1024 error -101 mtu 16436 advmss 16376 hoplimit 4294967295 unreachable
Re: [CentOS] IPv6 range provisioning question
On Thu, 2009-06-11 at 14:46 -0500, Vadtec wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ok, firstly, I have dropped using the alias notation and am now working solely on eth0. Secondly, yes, I am talking about provisioning more than *one* IP at a time as being a range. As for IPV6ADDR_SECONDARIES, when I use the following config: /etc/sysconfig/network-scripts/ifcfg-eth0: DEVICE=eth0 IPADDR=***.***.***.*** NETMASK=255.255.255.0 BROADCAST=***.***.***.*** ONBOOT=yes IPV6INIT=yes IPV6ADDR=2001:0470:0103:001A::2/64 IPV6ADDR_SECONDARIES=2001:0470:0103:001A::3-2001:0470:0103:001A:: IPV6_AUTOCONF=no IPV6_ROUTER=no IPV6FORWARDING=no PEERDNS=no VLAN=no I get the following error: Shutting down interface eth0: [ OK ] Shutting down loopback interface: [ OK ] Bringing up loopback interface: [ OK ] Bringing up interface eth0: ERROR: [ipv6_test_ipv6_addr_valid] Given IPv6 address '2001:0470:0103:001A::3-' is not valid WARN : [ipv6_add_route] 'No route to host' adding route '::/0' via gateway '2001:0470:0103:001A::1' through device 'eth0' the file /usr/share/doc/initscripts-8.45.25/sysconfig.txt does NOT mention the - for ranges either, so I guess you are out of luck. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPv6 range provisioning question
On Wed, 2009-06-10 at 13:08 -0500, Vadtec wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 A few months back, I tried to use the network scripts to provision an IPv6 range like can be done with IPv4. I was using CentOS 5.2 at the time and was informed that 5.2 was broken in this regard. I have upgraded to CentOS 5.3 now and I am trying to get IPv6 to provision an entire range of IPs, but I am still getting the old behavior and no IPs are being provisioned. I have been following the docs provided by the link in the /etc/sysconfig/network-scripts/ifup-ipv6 at http://www.deepspace6.net/projects/initscripts-ipv6.html#id2801589 and using the following configs: /etc/sysconfig/network NETWORKING=yes GATEWAY=***.***.***.*** GATEWAYDEV=eth0 HOSTNAME=vadtec NETWORKING_IPV6=yes IPV6FORWARDING=no IPV6_AUTOCONF=no IPV6_AUTOTUNNEL=no IPV6_DEFAULTDEV=eth0:1 IPV6_DEFAULTGW=2001:0470:0103:001A::1 /etc/sysconfig/network-scripts/ifcfg-eth0-1 Why do you need an alias device here? Put the ipv6 config on the eth0 device,and add the configuration to the ifcfg-eth0 file DEVICE=eth0:1 IPV6INIT=yes IPV6ADDR=2001:0470:0103:001A:0001::::/96 You are allocating a /96 with all 0 in the last 32 bits. So you are not allocating an address. Why a /96? Using a /64 is pretty much the standard for ipv6. IPV6_AUTOCONF=no IPV6_ROUTER=no IPV6FORWARDING=no ONBOOT=no When I run service network restart, it doesn't even provision the default IPv6 GW on eth0:1, nor does eth0:1 even show up. I must admit I never tried an v6 address on an alias, so I have no clue whether it works or not. But you can have both v4 and v6 addresses next to each other on the eth0 device If I run tail /var/log/boot.log, boot.log is empty. If I run tail /var/log/messages, I see varying amounts of: Jun 10 11:42:14 localhost kernel: [208192.884652] eth0: duplicate address detected! Probably due to the all 0 in the part AFTER the /96 I see no other errors or messages saying anything is wrong or otherwise. Autoconfiguration is the way to go if you want to make it easy. On my server I set the addresses manually like DEVICE=eth0.159 ONBOOT=yes BOOTPROTO=none NETMASK=255.255.255.0 HWADDR=00:1a:92:d6:99:91 IPADDR=192.168.159.1 #GATEWAY=192.168.178.1 TYPE=Ethernet USERCTL=no IPV6INIT=yes IPV6FORWARDING=yes # v6 address changed to protect the innocent IPV6ADDR=2001:888:118e:18a2::1/64 PEERDNS=no VLAN=yes Please not that I am using vlans, hence the .159 on the eth0. Normally you do not need that and you leave the VLAN=yes off. Please note the ::1 at the end of the address. I use radvd on that machine (so here I need to set fixed v6 addresses), but the clients do not neede that: DEVICE=eth0 BOOTPROTO=none DNS1=192.168.159.1 IPADDR=192.168.159.3 NETMASK=255.255.255.0 HWADDR=00:11:d8:be:98:fa ONBOOT=yes SEARCH=pheasant USERCTL=no PEERDNS=no IPV6INIT=yes NM_CONTROLLED=yes GATEWAY=192.168.159.1 TYPE=Ethernet Here the address is set depending on the (/64) prefix received from the radvd server. kind regards, Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Cannot get LD_LIBRARY_PATH to work under NX (freenx)
On Mon, 2009-06-08 at 21:04 +0200, Andrzej Szymanski wrote: Thanks for a fast resolution. However, moving this to .bashrc is a workaround. If I log in graphically to the console the LD_LIBRARY_PATH from .bash_profile is set correctly. It is unset only on NX session (and the other settings from .bash_profile are set properly, so this file is definitely parsed during nx session startup). As suggested before some terminals do not run as login-shell. Gnome-terminal has an option (under edit- profile preferences - title and command that allows you to change this behaviour: Run command as login shell. You may want to check your terminal program for a similar setting Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] fetchmail SSL protoco; issue
I am using fetchmail to collect mail from some secondary mail accounts, among which is hotmail. So far I have used hotwayd to fetch the mail from hotmail using httpmail. Hotmail now supports pop3 access, so I decided to change fetchnail to fetch the mail directly over pop3. This works, but whatever I try, I get an error message when I run fetchmail: Invalid SSL protocol 'SSLv23' specified, using default (SSLv23). Invalid SSL protocol '' specified, using default (SSLv23). The relevant part of my .fetchmailrc is included below (userids and password changed for privacy reasons :-) poll pop3.live.com port 995 proto pop3 user xx...@hotmail.com password yy no keep ssl sslproto ssl23 fetchall to myuserid The error message remains almost the same when I remove the sslproto option, only the second line is printed My mail is correctly fetched however. For gmail I use the same setup, but do not get any errors there. Anybody got this working WITHOUT error messages? What am I doing wrong? Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Intermittent NFS problems with NetApp server
On Wed, 2009-03-11 at 17:23 -0400, Alfred von Campe wrote: # sysctl net.ipv4.tcp_mem net.ipv4.tcp_mem = 98304131072 196608 # sysctl net.ipv4.tcp_rmem net.ipv4.tcp_rmem = 409687380 4194304 # sysctl net.ipv4.tcp_wmem net.ipv4.tcp_wmem = 409616384 4194304 So these seem fine to me (i.e., the max is greater than 32768). Is there an NFS (as opposed to TCP) setting I should be tweaking? Any ideas why the NetApp is issuing those warnings? Any other suggestions on how to debug this problem? man nfs man mount.nfs cat /proc/mounts Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPv6 under Centos?
On Tue, 2009-03-10 at 10:25 -0400, Robert Moskowitz wrote: Timothy Murphy wrote: I wonder if anyone is running IPv6 under Centos-5.2? YES!!! On some systems it is strictly IPv6. IPv4 only on lo loopback. Running IPv4 + IPv6 hereBut see below... Particularly with shorewall? NO!!! yes, but see below. I see that shorewall6 is specifically designed for updating shorewall to IPv6, as described in http://www.shorewall.net/IPv6Support.html. Unfortunately, this explicity requires kernel 2.6.25 or later, and iptables 1.4.0 or later, both of which are later than any versions I've seen on a Centos repository. Tom was rather explicit about why we will NOT see Shorewall6 with Centos and the 2.6.18 kernel: 2.6.18 doesn't support stateful IPv6 firewalling at all! I think that says it. You want stateful IPv6 firewalling, then you will get a newer kernel which means most likely Centos 6.0... I'm wondering how safe it would be to install Fedora versions of the required kernel and iptables? I seem to recall kernel discussions here on this list and why this is a VERY bad idea. It is definitively NOT recommended.If it breaks you get to keep all the pieces That being said, I really wanted to have some ipv6 firewall on my Centos box. At first I thought of running a Fedora VM in Xen. I ran into some issues with my Sun quad fast ethernet card. So in the end I compiled an RPM from the stock kernel and compiled some RPMs myself from Fedora RPMs: iptables iptables-ipv6 lmsensors I am not sure that this is the complete list of kernel dependent rpms that are needed. It can be done when you compile your own stuff, but is definitely NOT recommended. If you want to go this route you will need a pretty good background on compiling your own RPMs etc. Running Fedora kernels is still more tricky: there are way too many dependencies. Don't even try Or is there any alternative to shorewall that is IPv6 compatible? I don't really want to run iptables directly, unless forced to do so, as I have found shorewall very reliable and simple to configure. What I am working on is a FC9 system with shorewall6, then doing a ip6tables -L and copying those rules that do not require stateful firewalling... If you do not use a kernel that has statefull ipv6 firealling I would recommend 6wall. This is a pretty old shorewall-shell derived package that does ipv6 fire walling. The syntax should be familiar to old shorewall users. It does however not offer macros or actions. And you will have to write rules for incoming and outgoing traffic separately. Something like: ACCEPT all all tcp domain ACCEPT all all tcp - domain It is still probably easier to use 6wall than porting just the shorewall6 generated ip6tables rules. I am personally considering going back to running the firewall in a Fedora VM now that I have a managed vlan capable swith. Simply being able to update using yum is so much easier and more reliable. Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Memory vs. Display Card
On Sun, 2009-03-08 at 19:27 -0700, John R Pierce wrote: Rick wrote: In article 20090308031754.ga11...@bludgeon.org, Ray Van Dolson centos@centos.org wrote: That sounds pretty strange. Have you confirmed that removing the new memory allows you to run in runlevel 5 again? Yes, that's how I'm running right now. now, try taking out the OLD memory and putting in just the NEW memory. see how it runs that way. if this works, try with the new 4GB as the 0 bank, and the old 2GB as the 1 bank. also, in the BIOS, check the memory timings, I'd leave them all on 'automatic' or 'default' or whatever the limited choices are in the Intel BIOS, trying to squeeze an extra clock out of CAS or whatever doesn't really help much under the best of conditions and it can destabilize a system under suboptimal conditions. When you use 4 banks of memory, some boards require slower settings. Tweaking the voltage may help there I guess, but I would opt for the slower settings. I recall that my BIOS chose a slower memory setting when I added 4G to my small server at home that already had 2G That system has been rock stable (except for my Sun quad ethernet that had problems with the Xen kernel due to MMIO issues. I solved that by ditching the Sun card and using a vlan capable switch with vlan trunking so that I no longer need so may ethernet interfaces) Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Mail delivery failing with 450
hi James there is a MX recond for mail.obrien-pifer.com, not for obrien-pifer.com: bash-3.2$ dig obrien-pifer.com any ; DiG 9.5.1-P1-RedHat-9.5.1-1.P1.fc10 obrien-pifer.com any ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 10894 ;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;obrien-pifer.com. IN ANY ;; ANSWER SECTION: obrien-pifer.com. 36647 IN A 70.62.90.185 obrien-pifer.com. 36647 IN NS porky.obrien-pifer.com. obrien-pifer.com. 36647 IN NS sammy.obrien-pifer.com. obrien-pifer.com. 36647 IN NS ns1.obrien-pifer.com. obrien-pifer.com. 36647 IN NS ns2.obrien-pifer.com. ;; AUTHORITY SECTION: obrien-pifer.com. 36647 IN NS ns2.obrien-pifer.com. obrien-pifer.com. 36647 IN NS porky.obrien-pifer.com. obrien-pifer.com. 36647 IN NS sammy.obrien-pifer.com. obrien-pifer.com. 36647 IN NS ns1.obrien-pifer.com. ;; ADDITIONAL SECTION: ns1.obrien-pifer.com. 36647 IN A 70.62.90.185 ns2.obrien-pifer.com. 36647 IN A 70.62.90.185 porky.obrien-pifer.com. 36647 IN A 70.62.90.185 sammy.obrien-pifer.com. 36647 IN A 70.62.90.185 ;; Query time: 3 msec ;; SERVER: 192.168.159.1#53(192.168.159.1) ;; WHEN: Sat Mar 7 13:53:39 2009 ;; MSG SIZE rcvd: 246 bash-3.2$ dig mail.obrien-pifer.com any ; DiG 9.5.1-P1-RedHat-9.5.1-1.P1.fc10 mail.obrien-pifer.com any ;; global options: printcmd ;; Got answer: ;; -HEADER- opcode: QUERY, status: NOERROR, id: 31815 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 4, ADDITIONAL: 4 ;; QUESTION SECTION: ;mail.obrien-pifer.com. IN ANY ;; ANSWER SECTION: mail.obrien-pifer.com. 38400 IN MX 1 70.62.90.185.obrien-pifer.com. ;; AUTHORITY SECTION: obrien-pifer.com. 36592 IN NS ns1.obrien-pifer.com. obrien-pifer.com. 36592 IN NS ns2.obrien-pifer.com. obrien-pifer.com. 36592 IN NS porky.obrien-pifer.com. obrien-pifer.com. 36592 IN NS sammy.obrien-pifer.com. ;; ADDITIONAL SECTION: ns1.obrien-pifer.com. 36592 IN A 70.62.90.185 ns2.obrien-pifer.com. 36592 IN A 70.62.90.185 porky.obrien-pifer.com. 36592 IN A 70.62.90.185 sammy.obrien-pifer.com. 36592 IN A 70.62.90.185 ;; Query time: 140 msec ;; SERVER: 192.168.159.1#53(192.168.159.1) ;; WHEN: Sat Mar 7 13:54:34 2009 ;; MSG SIZE rcvd: 208 bash-3.2$ Br, Louis On Sat, 2009-03-07 at 08:18 -0500, James Pifer wrote: I'm not sure why this started, but apparently I'm having a DNS problem. Yesterday mail started bouncing with this error: 450 Unable to find obrien-pifer.com I think the messages eventually get delivered, but not sure. I guess I'll see if this one makes the list. I checked my domain using http://www.checkdns.net/ and it gives me a couple warnings. One is that there's no MX record, but there is. I use a smarthost for sending mail. My DNS records are: http://www.obrien-pifer.com/mydns.txt Anyone see any problems in my DNS records? Thanks, James ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Miredo 1.1.5
On Wed, 2008-12-10 at 13:33 -0500, Robert Moskowitz wrote: I found a src.rpm for 1.1.5-1 for fc8 (not rh8!). I was able to rebuild it on my Centos build system. The rpms are identified as 1.1.5-1.i386.rpm, no el5 or other identification was placed in the files. I don't see how to control this when you rebuild from an existing src.rpm. Interestingly the fc8 designation was lost. I also rebuild it on my fc10 system. It worked, and the rpms have fc10 in their names. Don't know how well they will work. I will be trying them over the next couple weeks. If anyone wants a copy, let me know If you want the el5 in the name, a file /etc/rpm/macros.dist with the following content: # dist macros. %rhel 5 %dist .el5 %el51 Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Config for NFSv4 an Kerberos on CentOS 5.1
On Thu, 2008-05-29 at 15:34 +0200, Sebastian Marten wrote: Hi list, Is it possible to set up an NFSv4/Kerberos environment on CentOS 5.1? I set up Kerberos and NFS but get several erros Warning: rpc.gssd appears not to be running. mount.nfs4: Permission denied Yes, NFS4 works with Kerberos on Centos5. But the kernel only supports es-cbc-crc:normal, so when you add the key for NFS to the keytab, use: ktadd -e des-cbc-crc:normal -k /tmp/keytab nfs/myclient.mydomain Is this an CentOS oder an config problem? config ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Remove all 3rd party rpms
On Tue, 2008-04-01 at 07:37 -0700, Michael A. Peters wrote: Joseph L. Casale wrote: How does one do this? Also, is it possible an rpm installed by rpm and not yum does not indicate what it provides to yum when yum queries needed dependencies for another package? Thanks! jlc While you have gotten an answer that works - I believe there is a cleaner way. I don't remember the exact command - and it may require the installation of a utilities package - but if you remove the 3rd party repositories from your yum configuration, there is a command that will identify and remove orphaned packages - packages which do not exist in any of the yum repositories yum is configured to use. Anyone recall what that command is? yum list extras Louis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NFSv4 on CentOS 4.5
On Wed, 2007-08-15 at 19:38 -0700, Anoop Rajendra wrote: Hi. I'm having trouble accessing a shared directory over NFSv4 on a CentOS 4.5 machine. My export file reads /test 10.0.0.0/255.0.0.0(ro,async,insecure,nohide,no_subtree_check) I've also tried to include the fsid=0 argument in my /etc/exports file. That gives me a whole different error fsid MUST be included on the main mount point like this: /export gss/krb5(fsid=0,sync,no_root_squash,insecure,no_subtree_check,anonuid=65534,anongid=65534) /export/home1 gss/krb5(rw,nohide,sync,insecure,no_subtree_check,anonuid=65534,anongid=65534) /export/home2 gss/krb5(rw,nohide,sync,insecure,no_subtree_check,anonuid=65534,anongid=65534) # # legacy mounts # /export/home1 192.168.159.1/24(rw,sync,no_root_squash,insecure,no_subtree_check) # /export/home2 192.168.159.1/24(rw,sync,no_root_squash,insecure,no_subtree_check) (sorry, evolution forces extra linebreaks, after the pathnames), so /eports is the base path, home1 and home2 the exported filesystems. I use kerberos so I do not have the hostnames there, but the gss/krb5 [EMAIL PROTECTED] ~]# mount -v -t nfs4 pebble-anoop:/test/ /mnt/ mount: pinging: prog 13 vers 4 prot tcp port 2049 mount: special device pebble-anoop:/test/ does not exist Here is your real problem: nfs mount points are relative to the base export point, i.e. /export in my case. If you only have /test exported, you have to mount peobble-anop:/ not ../test! In my case I mount server:/home1 and server:/home2 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos