Re: [CentOS] squid stops working several times a day
Alexander Farber wrote: > Does anybody know of good Squid rpm's? I have sourced our 2.6 packages from http://people.redhat.com/mnagy/squid/ for the last few years without problems. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix header check help - SOLVED
mouss wrote: > Plant, Dean a écrit : >> Hi list, >> >> I have a requirement for a mail server that only allows email to pass >> with a particular word in the subject line. >> >> Reading the header checks docs for Postfix I thought I may be able >> to add this rule: >> >> !/^Subject: .*dingdong/ REJECT Need to add dingdong to subject line >> to send >> >> Which should reject all mail unless the subject line contains >> "dingdong". Unfortunately this seems to block all mail from passing. >> > > if /^Subject:/ > !/dingdong/ REJECT blah blah > endif > >> Removing the "!" works as expected and the server allows all mail to >> pass, unless dingdong is in the subject line which is rejected. >> >> Is this rule valid? Or is there a better way to make this work? >> > > the rule is (syntactically) valid. but it doesn't do what you want. > take the following header: > > Date: Tue, 13 Jan 2009 15:51:40 - > > does it contain "dingdong"? does it start with "Subject"? so it's a > REJECT. > Thank you. Your example works as expected. It seems I was focusing only on the subject line but as you pointed out header checks apply to all headers. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Postfix header check help
Hi list, I have a requirement for a mail server that only allows email to pass with a particular word in the subject line. Reading the header checks docs for Postfix I thought I may be able to add this rule: !/^Subject: .*dingdong/ REJECT Need to add dingdong to subject line to send Which should reject all mail unless the subject line contains "dingdong". Unfortunately this seems to block all mail from passing. Removing the "!" works as expected and the server allows all mail to pass, unless dingdong is in the subject line which is rejected. Is this rule valid? Or is there a better way to make this work? Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] [rsync -avz] total size/disk usage difference betweensource and destination
Sven wrote: > Hi folks > > We migrated storage from local disk to SAN with: > > # rsync -avz /mnt/lvol00045/* /lvol00045 > > Why there is a difference in size? How to explain this? Do we have > inconsistency? What we did wrong? > > [...] > /dev/mapper/vg01-lvol00045_old > 10321208 3930336 6286016 39% /mnt/lvol00045 > [...] > /dev/mapper/vg01-lvol00045 > 10321208 3163852 6633068 33% /lvol00045 What does the output of df -i show? It should show the same amount of inodes used regardless of block size. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] ks
[EMAIL PROTECTED] wrote: > I made a file partition-ks.cfg and put it in our machine 192.168.5.17 > under /var/www/html. When I install a new machine I just do a > > linux ks=http://192.168.5.17/partition-ks.cfg > > I have a couple questions though: > > 1) I have the following in it: > > clearpart --all > part /boot --fstype ext3 --size=100 > part /var --fstype ext3 --size=1 > part / --fstype ext3 --size=1 > part swap --size=2048 > part /home --fstype ext3 --size=100 --grow > > which is OK if I am installing over a previous installation. But for > new machines it does not seem to recognize the "clearpart" or it is > not enough because I am still prompted whether I want to remove > partitions. Should I be using something else? Take a look at system-config-kickstart to help build your kickstart files. Anyway I think what you are looking for is, # Clear the Master Boot Record zerombr # Partition clearing information clearpart --all --initlabel > > > 2) I would like to duplicate the CentOS installation disk and place > partition-ks.cfg on the disk too so that during boot it automatically > is used (or barring that I can still say ks= drive>/partition-ks.cfg. Automatically would be better. I tried some > ways I thought it said to > do that but it did not work. Any tips? Copy the DVD put the ks.cfg file in the root of the DVD files vi //isolinux/isolinux.cfg and edit the append line or add a new entry like this label yourlabel kernel vmlinuz append initrd=initrd.img ks=cdrom:/ks.cfg Make iso and burn as described here: http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/x8664-multi- install-guide/s1-steps-install-cdrom.html Boot DVD and type "yourlabel" to activate your kickstart file. HTH Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Command line partition manipulation
Karanbir Singh wrote: > Plant, Dean wrote: >> Is there a way to use a non-interactive command to create the new 2nd >> partition in the free space? > > parted works well for such situations, and if python is your thing, > pyparted is already included in the distro. > Sorry, I should have worded my first email better. I know there are command line tools like fdisk, sfdisk and parted. I am trying to script the creation of a partition in the free space of a disk without knowing the exact structure of the disk. Parted seems to want to know the exact layout you want to create >From the man page mkpart part-type [fs-type] start end But the script will not know the start or the end point. Something similar to what I am trying to achieve is described here http://ubuntuforums.org/showthread.php?p=5435429 They seem to be creating a single partition the size of the disk without specifying the exact sizes. # parted /dev/${i} --script -- mkpart primary 0 -1 Similar to this, I want to create a partition without knowing the exact start or end point but im not interested in that, I just want to use the free space. Hope this is clearer. Thanks Dean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Command line partition manipulation
I want to write a script to automatically modify the partition table I am starting with 3 partitions like this # parted /dev/sda print Model: VMware, VMware Virtual S (scsi) Disk /dev/sda: 10.7GB Sector size (logical/physical): 512B/512B Partition Table: msdos Number Start End SizeType File system Flags 1 32.3kB 107MB 107MB primary ext3 boot 2 107MB 4828MB 4721MB primary ext3 3 4828MB 9023MB 4195MB primary lvm And I want to remove partitions 2 & 3 and recreate 2 from the end of 1 to the end of the disk i.e. all the free space. Removing 2 and 3 is easy. # parted /dev/sda rm 3 # parted /dev/sda rm 2 # parted /dev/sda print Model: VMware, VMware Virtual S (scsi) Disk /dev/sda: 10.7GB Sector size (logical/physical): 512B/512B Partition Table: msdos Number Start EndSize Type File system Flags 1 32.3kB 107MB 107MB primary ext3 boot Is there a way to use a non-interactive command to create the new 2nd partition in the free space? Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Whole disk encryption - SOLVED
Timothy Selivanow wrote: > On Mon, 2008-08-04 at 16:51 +0100, Plant, Dean wrote: >> Has there been any updates to support encrypting the whole disk in >> 5.2? > > There hasn't been any built-in support until Fedora 9, so perhaps at > the earliest it would be 5.3 if at all. There are however, ways you > can implement it yourself. The biggest things you have to keep in > mind are that you need to make a change to the mkinitrd script and > then generate a new initrd image to be able to encrypt /, otherwise > you could just modify init. > > There are a number of websites that have some docs on how to do it, > here is just one that I've seen in the past: > > http://www.tummy.com/Community/Articles/cryptoroot-f8/ > > Thank you to everyone who replied. Tim, Thanks for the above link. Those instructions work fine on v5.2. You have to manually edit /sbin/mkinitrd but the changes are obvious enough from their patch file. Not quite whole disk encryption but a good compromise. Now just need to put this in a kickstart file to try and automate the setup. Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Whole disk encryption
Has there been any updates to support encrypting the whole disk in 5.2? If not, Is anyone doing this and can point me to some good documentation? Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Wheel and YUM!!
Ian Blackwell wrote: > Plant, Dean wrote: >> I see your trying to protect your users from becoming root. You do >> realise that with that sudo configuration a user can still run "sudo >> /bin/bash" or any of the other shells to gain root access. >> > Hi Dean, > > I don't think that's correct. One of the purposes of the sudoers file > is you can limit users to specific programs, excluding them from > others. This entry, which I just tested in my CentOS5.2 box, allows > the user tldap to use yum, but not /bin/bash:- > tldap ALL=/usr/bin/yum > > Here's what happens when I try sudo as user tldap:- > [EMAIL PROTECTED] ~]$ sudo yum update > Loading "fastestmirror" plugin > Loading "priorities" plugin > Loading mirror speeds from cached hostfile > * base: rsync.atworks.co.jp > * updates: rsync.atworks.co.jp > * centosplus: mirror.exetel.com.au > * addons: mirror.exetel.com.au > * extras: mirror.exetel.com.au > 0 packages excluded due to repository priority protections > Setting up Update Process > No Packages marked for Update > [EMAIL PROTECTED] ~]$ sudo /bin/bash > Sorry, user tldap is not allowed to execute '/bin/bash' as root on www > [EMAIL PROTECTED] ~]$ > Yes you are correct in your example only yum would run and no exclude is required. We can not see from his posting exactly what commands he is allowing as he is calling groups. What I was trying to point out is that if is he is disabling commands like su then they must be enabled somewhere in the groups he is calling and it is good practice to disable all the shells as well. All my sudoers lines that call groups like he was trying to do always have a !SU, !SHELLS to specifically deny root access. Anyway I will shut up now as none of this will help fix his problem. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Wheel and YUM!!
Harry Sukumar wrote: > Hi James, > > Yes I tried to do this on another machine unfortunately this didn't > work for me, good you raised this topic > > On the other machine I edited the visudo > > User_Alias PROJECT = emma, paddy, sb > PROJECT ALL = !/usr/su, !/bin/su, !/usr/bin/passwd > I see your trying to protect your users from becoming root. You do realise that with that sudo configuration a user can still run "sudo /bin/bash" or any of the other shells to gain root access. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] dm-multipath use
Geoff Galitz wrote: > Are folks in the Centos community succesfully using > device-mapper-multipath? I am looking to deploy it for error handling > on our iSCSI setup but there seems to be little traffic about this > package on the Centos forums, as far as I can tell, and there seems > to be a number of small issues based on my reading the dm-multipath > developer lists and related resources. > > -geoff Here's my notes from working with our SAN. Please check thoroughly as these instructions worked for me but I had to learn this from scratch and there maybe mistakes. One thing I never figured how to achieve was to rescan an existing ISCSI device for changes if you resize a partition on the SAN. I have always had to reboot to get the new partition size to be seen. ### ISCSI notes. # yum -y install iscsi-initiator-utils lsscsi device-mapper-multipath # service iscsi start Add the ISCSI targets iscsiadm -m discovery -t sendtargets -p 192.168.100.6 iscsiadm -m discovery -t sendtargets -p 192.168.100.2 iscsiadm -m discovery -t sendtargets -p 192.168.100.8 iscsiadm -m discovery -t sendtargets -p 192.168.100.4 # lsscsi [0:0:0:0]diskVMware, VMware Virtual S 1.0 /dev/sda [1:0:0:0]diskCOMPELNT Compellent Vol 0306 - [2:0:0:0]diskCOMPELNT Compellent Vol 0306 - [3:0:0:0]diskCOMPELNT Compellent Vol 0306 - [4:0:0:0]diskCOMPELNT Compellent Vol 0306 - service multipathd start chkconfig multipathd on Configuring SAN volumes without reboot Rescan for ISCSI devices # iscsiadm -m session -R Add your partitions For this example I created 2 partitions Let the running kernel see the new partitions # partprobe fdisk /dev/mapper/mpath2 We need to tell the mapper about the new partitions # ls -l /dev/mapper/mpath2* brw-rw 1 root disk 253, 7 Jan 30 15:42 /dev/mapper/mpath2 # kpartx -l /dev/mapper/mpath2 # ls -l /dev/mapper/mpath2* brw-rw 1 root disk 253, 7 Jan 30 15:42 /dev/mapper/mpath2 brw-rw 1 root disk 253, 8 Jan 30 15:43 /dev/mapper/mpath2p1 brw-rw 1 root disk 253, 9 Jan 30 15:43 /dev/mapper/mpath2p2 # mke2fs -j /dev/mapper/mpath2p1 # mke2fs -j /dev/mapper/mpath2p2 # iscsiadm -m node 192.168.100.6:3260,0 iqn.2002-03.com.compellent:5000d31a630a 192.168.100.2:3260,0 iqn.2002-03.com.compellent:5000d31a6302 192.168.100.4:3260,0 iqn.2002-03.com.compellent:5000d31a6304 192.168.100.8:3260,0 iqn.2002-03.com.compellent:5000d31a630c [EMAIL PROTECTED] ~]# iscsiadm -m session tcp: [12] 192.168.100.6:3260,0 iqn.2002-03.com.compellent:5000d31a630a tcp: [13] 192.168.100.2:3260,0 iqn.2002-03.com.compellent:5000d31a6302 tcp: [14] 192.168.100.4:3260,0 iqn.2002-03.com.compellent:5000d31a6304 tcp: [15] 192.168.100.8:3260,0 iqn.2002-03.com.compellent:5000d31a630c # iscsiadm -m discovery 192.168.100.2:3260 via sendtargets 192.168.100.6:3260 via sendtargets 192.168.100.4:3260 via sendtargets 192.168.100.8:3260 via sendtargets To automatically mount a file system during startup you must have the partition entry in /etc/fstab marked with the "_netdev" option. For example this would mount a iscsi disk sdb: /dev/sdb /mnt/iscsi ext3 _netdev 0 0 NOTES WHEN USING LVM WITH MULTIPATH http://www.redhat.com/docs/manuals/enterprise/RHEL-5-manual/en-US/RHEL51 0/DM_Multipath/multipath_logical_volumes.html When you create an LVM logical volume that uses active/passive multipath arrays as the underlying physical devices, you should include filters in the lvm.conf to exclude the disks that underlie the multipath devices. This is because if the array automatically changes the active path to the passive path when it receives I/O, multipath will failover and failback whenever LVM scans the passive path if these devices are not filtered. For active/passive arrays that require a command to make the passive path active, LVM prints a warning message when this occurs. To filter all SCSI devices in the multipath configuration file (lvm.conf), include the following filter in the devices section of the file. filter = [ "r/disk/", "r/sd.*/", "a/.*/" ] A filter to allow sda but disallow all other sd* drives filter = [ "a|/dev/sda|","r/disk/", "r/sd.*/", "a/.*/" ] CREATE LVM on top of a SAN MULTI PATH vi /etc/lvm/lvm.conf #preferred_names = [ ] # DAP preferred_names = [ "^/dev/mpath/", "^/dev/[hs]d" ] # filter = [ "a/.*/" ] # DAP filter = [ "a|/dev/sda|","r/disk/", "r/sd.*/", "a/.*/" ] pvcreate /dev/mpath/mpath2p1 # pvdisplay /dev/mpath/mpath2p1 --- Physical volume --- PV Name /dev/mpath/mpath2p1 VG Name VGSAN00 PV Size 1019.72 MB / not usable 3.72 MB Allocatable yes (but full) PE Size (KByte) 4096 Total PE 254 Free PE 0 Allocated PE 254 PV UUID ZjqvDp-mxMh-xbuV-CFql-QzaB-cC4l-Eo7RNl vgcreate VGSAN00 /dev/mpath/mpath2p1 # vgdisplay VGSAN00 --- Volume g
RE: [CentOS] Hardened ver of CentOS?
Rogelio wrote: > John R Pierce wrote: >> CentOS /is/ a distro, there is only one centos 'distribution'. >> centos configured with selinux enabled, appropriate firewall rules, >> and the minimum number of services required for your application >> should be fairly 'hardened' as-is. > > Understood. I meant CentOS-based, but I suppose the "best" way is to > just roll something myself. > > I was hoping to find a nice list HOWTO or script that someone else was > using so I wouldn't have to think through everything from scratch. > Have you looked at Bastille Linux? http://bastille-linux.sourceforge.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] centos 5.1 i386 on a 1GIG flash
Jerry Geis wrote: > I have found this link http://owlriver.com/tips/tiny-centos > for installing centos on a minimal system. I am looking at putting > centos on a 1 GIG flash drive. The above page talks about removing > packages after install to attain the small size. > > however, I am getting blocked at the install page about not enough > room > to install. > All I have selected is the base package. nothing else. > > Is there a way to install "less thank" base... I tried to option off > items in the base package > but the last message I got was about 1044 was my packages size... > > Anyone have suggestions or have tried to install on a small device. > THanks, > > Jerry Create a kickstart file with the packages removed as shown in the appendix on their web page. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: Kickstart network settings problem -SOLVED
Tony Mountifield wrote: > In article > <[EMAIL PROTECTED]>, > Plant, Dean <[EMAIL PROTECTED]> wrote: >> >> If like me you have never had to mess with the stage2.img file to fix >> installations issues, below shows what is required. >> >> cd ~ >> wget http://yourwebserver/centos5-dvd/images/stage2.img >> mkdir tmp >> mount -t squashfs -o loop stage2.img ./tmp >> cd tmp >> vi ./usr/lib/anaconda/kickstart.py # comment out >> dispatch.skipStep("network") at around line 876 or use Ray's patch. > > hmm, isn't this editing the file on a read-only file system? Oops..yes, not going to do much good editing the ro file system! Sorry. > >> mkdir ../new-stage2 >> tar cf - . | ( cd ../new-stage2/ ; tar xf - . ) > > I suspect here is where you need to cd ../new-stage2 and edit > kickstart.py > >> cd .. >> yum -y install squashfs-tools >> mksquashfs ./new-stage2/ stage2.img.new >> >> Now replace the stage2.img file on the web server with the >> stage2.img.new file, renamed to stage2.img of course. > > Cheers > Tony ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Kickstart network settings problem -SOLVED
Ray Van Dolson wrote: > On Tue, Apr 22, 2008 at 12:47:39PM +0100, Plant, Dean wrote: >> I would like one of my kickstart scripts to prompt for disk and >> networking only. Commenting out the disk and network settings makes >> the installer prompt for disk settings but not for network settings, >> they default to DHCP. Any idea's how to fix this? > > I'm assuming you are using CentOS 5 here. I'm not sure why upstream > disabled this feature -- it was very useful to be able to use > kickstart with a DHCP IP address initially, but still be prompted for > network information during the installer portion later (as it did in > RHEL4). > > See: > > https://bugzilla.redhat.com/show_bug.cgi?id=401531 > > In addition, I have an RFE in with Upstream to re-add this feature and > I believe it's slated for inclusion in 5.2 with the --bootproto=query > option. > > The attachment there however: > > https://bugzilla.redhat.com/attachment.cgi?id=291881 > > patches Anaconda to not skip the network step during installation. > I've been using this successfully here to "do what I need" while > waiting for the official fix. > > You can include this in an updates.img file and have it loaded > automatically on installs. Thank you Ray, worked a treat. If like me you have never had to mess with the stage2.img file to fix installations issues, below shows what is required. cd ~ wget http://yourwebserver/centos5-dvd/images/stage2.img mkdir tmp mount -t squashfs -o loop stage2.img ./tmp cd tmp vi ./usr/lib/anaconda/kickstart.py # comment out dispatch.skipStep("network") at around line 876 or use Ray's patch. mkdir ../new-stage2 tar cf - . | ( cd ../new-stage2/ ; tar xf - . ) cd .. yum -y install squashfs-tools mksquashfs ./new-stage2/ stage2.img.new Now replace the stage2.img file on the web server with the stage2.img.new file, renamed to stage2.img of course. Dean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Kickstart network settings problem
Ray Van Dolson wrote: > On Tue, Apr 22, 2008 at 12:47:39PM +0100, Plant, Dean wrote: >> I would like one of my kickstart scripts to prompt for disk and >> networking only. Commenting out the disk and network settings makes >> the installer prompt for disk settings but not for network settings, >> they default to DHCP. Any idea's how to fix this? > > I'm assuming you are using CentOS 5 here. I'm not sure why upstream > disabled this feature -- it was very useful to be able to use > kickstart with a DHCP IP address initially, but still be prompted for > network information during the installer portion later (as it did in > RHEL4). > > See: > > https://bugzilla.redhat.com/show_bug.cgi?id=401531 > > In addition, I have an RFE in with Upstream to re-add this feature and > I believe it's slated for inclusion in 5.2 with the --bootproto=query > option. > > The attachment there however: > > https://bugzilla.redhat.com/attachment.cgi?id=291881 > > patches Anaconda to not skip the network step during installation. > I've been using this successfully here to "do what I need" while > waiting for the official fix. > > You can include this in an updates.img file and have it loaded > automatically on installs. > > Ray Ah. Im not going daft then. Ill give the patches a go. Thanks everyone for your replies. Dean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Kickstart network settings problem
James Pearson wrote: > Plant, Dean wrote: >> James Pearson wrote: >> >>> Plant, Dean wrote: >>> >>>> I would like one of my kickstart scripts to prompt for disk and >>>> networking only. Commenting out the disk and network settings makes >>>> the installer prompt for disk settings but not for network >>>> settings, they default to DHCP. Any idea's how to fix this? >>> >>> I think you need to have the network settings defined - something >>> like: >>> >>> network --bootproto static >>> >>> If you don't give it an IP address (with the --ip option), then it >>> will prompt for it. This is what I do for NFS installs - as my >>> netmask, gateway and nameserver addresses are static, I also give >>> these on the network line. >>> >> >> >> Does not work, still defaults to DHCP with no prompt. Also if it >> makes any difference im using v5.1. >> >> I have tried with the 2 network lines shown below in the kickstart >> file, with and without interactive variable. Still no network >> configuration screen. :-( > > Hmmm, works OK for me with CentOS 4.X - however, I used a hacked > version of anaconda - one of my hacks is to set 'netDev.isDynamic' to > 0 in loader2/loader.c i.e. make static IP the default ... however, I > thought this was for non-kickstart installs only ... but may be it > isn't. > Looks like it's a CentOS 5 feature/bug as I have just tested every incarnation of the network line and they all get ignored unless I put in the complete line as per Marc-Andre's post. This DID work in CentOS 4 as long as the interactive line was specified. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Kickstart network settings problem
James Pearson wrote: > Plant, Dean wrote: >> I would like one of my kickstart scripts to prompt for disk and >> networking only. Commenting out the disk and network settings makes >> the installer prompt for disk settings but not for network settings, >> they default to DHCP. Any idea's how to fix this? > > I think you need to have the network settings defined - something > like: > > network --bootproto static > > If you don't give it an IP address (with the --ip option), then it > will prompt for it. This is what I do for NFS installs - as my > netmask, gateway and nameserver addresses are static, I also give > these on the network line. > Does not work, still defaults to DHCP with no prompt. Also if it makes any difference im using v5.1. I have tried with the 2 network lines shown below in the kickstart file, with and without interactive variable. Still no network configuration screen. :-( Below is my test kickstart. #platform=x86, AMD64, or Intel EM64T # System authorization information authconfig --enableshadow --enablemd5 # System bootloader configuration bootloader --location=mbr --md5pass=apssword # Reboot after installation reboot # Interactive interactive # Use graphical install graphical # Firewall configuration firewall --disabled # Run the Setup Agent on first boot firstboot --disable # System keyboard keyboard uk # Network settings #network --bootproto=static --device=eth0 --gateway=192.168.10.1 --nameserver=192.168.10.1 --netmask=255.255.255.0 --onboot=on network --bootproto=static # System language lang en_GB # Installation logging level # Use this to debug logging --host=alogmachine.domain.co.uk --level=info # Use network installation url --url=http://amachine.domain.co.uk/5/en/os/i386/ # Root password rootpw --iscrypted apassword # SELinux configuration selinux --disabled # System timezone timezone --isUtc Europe/London # Install OS instead of upgrade install # XWindows configuration information xconfig --depth=16 --resolution=1280x1024 --defaultdesktop=GNOME --startxonboot ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Kickstart network settings problem
I would like one of my kickstart scripts to prompt for disk and networking only. Commenting out the disk and network settings makes the installer prompt for disk settings but not for network settings, they default to DHCP. Any idea's how to fix this? Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 5.1 on Dell R200 with 6iR?
Hello list, Can anyone confirm if CentOS 5.1 works happily on a Dell R200 with a SAS 6iR RAID controller. Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ISCSI help
I am fairly new to ISCSI and SAN technology but having recently invested in the technology I am trying to find out exactly what can and can not be manipulated, filesystem wise, without requiring a reboot. I am using the inbuilt software ISCSI initiator and multipathing in CentOS 5.1. My steps so far. Create 10GB volume on SAN # iscsiadm -m session -R # fdisk /dev/mapper/mpath0 # kpartx -a /dev/mapper/mpath0 # mke2fs -j /dev/mapper/mpath0p1 # mount /dev/mapper/mpath0p1 /test-mount <--works fine to here--> Now I want to extend the volume on the SAN to 15GB run fdisk and use resize2fs to extend the filesystem, is this possible without a reboot? Currently, I don't seem to be able to get fdisk to see the new disk size after extending the volume. I know this can be done using LVM if I created 2 volumes rather than extending but I am curious to know if it can be done without LVM. Any other tips about what can be done with ISCSI would be welcome. Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Centos 5.1 distro: How to upgrade 5.0 to 5.1 with yum??
Robinson Tiemuqinke wrote: > --- Jancio Wodnik <[EMAIL PROTECTED]> wrote: > >> Robinson Tiemuqinke pisze: >>> >>> Currently I download the Centos 5.0 upgrade packages from mirror >>> sites on Internet (.../centos/5/updates/{SRPMS,i386,x86_64}/...), >>> with the arrival of Centos 5.1, are the existing Centos 5.0 >>> update packages will be removed in honor of Centos 5.1 >>> updates? or it will stay? And how about the Centos >>> 5.1's default packages in distro? >>> >>> Give an example here: >>> >>> 2.6.18-8.1.15 version kernel is the most recently >>> updated kernel for Centos 5.0 distro, if the Centos >>> 5.1 distro comes with 2.6.18-8.1.1 kernel and in >>> the first few weeks there are no kernel updates for >>> 5.1, then how can I upgrade my kernel to >>> 2.6.18-8.1.1 naturally -- will the >>> 2.6.18-8.1.1 shows in the same update sources >>> >> > directories(.../centos/5/updates/{SRPMS,i386,x86_64/...)? >>> >>> A similar question is: are the update diretories >>> contains only updates for 5.1 distro, or both 5.0 and >>> 5.1? >>> >>> Any clarifications are greatly appreciated. >>> >> It's simply. All things from 5.0 to 5.1 will be done automatically >> via yum (as standard update) or in rare situation can be possibly >> depedency problem (when mixing different repo ?). >> >> So don't worry. if you are really affraid - update >> only one box and test >> ... test ... then update the rest. >> >> I must say. In Centos 4 world all updates from 1 to 2 to 3 ... to 5 >> were go in smooth way. >> >> Regards, >> >> Irens >> > > I have had my local 5.0 update repository > (.../centos/5.0/updates/{SRPMS,i386,x86_64}/...) setup > and used it for my 900+ boxes's daily upgrade already. > The repository is synchronized with official Internet > mirrors daily to keep it current. > > My major concerns is: After the 5.1 is released, the > update channel/directory > (.../centos/5.1/updates/{SRPMS,i386,x86_64}/...) may > change to contain only updates for 5.1 > snapshot/release, not updates since 5.0. If so, then > all my Centos 5.0 boxes will suffer. > > I have the serious concern because most Centos Mirror > sites on Internet ONLY keep the updates for latest > release/snapshot, not holds updates since the > base(3.0, 4.0, 5.0 etc) release. This seems like a big > problem if we would like to install from base|initial > release (3.0, 4.0, 5.0) continuously and then use a > single up-to-date update/ repository to upgrade > machines to current level. > > For example, at Stanford's Centos 4 mirror site, only > 4.5 is mirrored while all the other > 4.0/4.1/4.2/4.3/4.4 are not. and in the updates/ > directory only updates for 4.5 are kept there. If the > same is true for all other sites honoring 5.0 series, > then I think I will definitely get screwed If I tried > to keep on using base 5.0 and daily synced updates/ > (exactly the same) for upgrade. > > Any mirror sites hold updates since base release? Or I > have to keep on adding more repositories to yum's > configuration? 5.0 distro, 5.0 updates, 5.1 distro, > 5.1 updates, 5.2 distro, 5.2 updates. etc. If so, then > it is too low-performanced and erro-prone. > > Any one have experience on upgrade Centos 4 releases > from 4.0 to 4.5 can shed a light on this? > > Thanks a lot. > > --Robinson > > If you remove the point release numbers from your update paths you do not need the old versions. If you really need the old updates use http://vault.centos.org/ >From http://mirror.centos.org/centos-4/4.4/readme This directory (and version of CentOS) is depreciated. For normal users, you should use /4/ and not /4.4/ in your path. Please see this FAQ concerning the CentOS release scheme: http://www.centos.org/modules/smartfaq/faq.php?faqid=34 If you know what you are doing, and absolutely want to remain at the 4.4 level, go to http://vault.centos.org/ for packages. To simplfy our yum configuration I disable all the repo files in /etc/yum.repos.d and call the yum configuration from a local web server in yum.conf by using the include statement. One change on the web server changes the yum configuration on all CentOS machines. In the yum.conf I add # Site yum files include=http://ourserver.ourdomain.com/centos/yum/centos.repo include=http://ourserver.ourdomain.com/centos/yum/centos-updates.repo The centos.repo looks like this, [base] name=CentOS-$releasever - Base baseurl=http://ourserver.ourdomain.com/centos/$releasever/os/$basearch/ enabled=1 gpgcheck=1 And the centos-updates.repo looks like this, [updates-released] name=CentOS-$releasever - Updates baseurl=http://ourserver.ourdomain.com/centos/$releasever/updates/$basea rch/ enabled=1 gpgcheck=1 [custom-repo] name=CentOS-$releasever - Custom-rpms baseurl=http://ourserver.ourdomain.com/centos/$releasever/customrepo/ enabled=1 gpgcheck=1
RE: [CentOS] NIS binding probs w/Firewall and SELinux
Scott Ehrlich wrote: > > Is there a file I can edit to ensure SELinux is disabled? The > system was initially installed with SELinux Enabled, then disabled > later by me. Are you aware of the commands getenforce & setenforce? Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Adaptec 39320A woes
David Groep wrote: > Hi, > > Plant, Dean wrote: >> Simple fix, >> >> Adaptec & CentOS = :-( >> LSI & CentOS = :-) > > Which is why after a few hours of testing I decided to indeed buy a > couple of LSI cards to test with -- far better than a lot of > frustration. > > But, meanwhile, I decided to test one more thing: just suppose that > the SCSI auto-negotiation, which worked fine before, had suddenly > given up in version 3.0 of the aic79xx driver? > > I forced the transfer rate in the Adaptec BIOS for those IDs to the > maximum that my Infortrend could support (U160) and for good measure > disabled "Disconnect" as well. Then, rebooted into 2.6.18-8.1.6&8, and > it worked: User==Goal==Curr==160.0 MB/s. > Apparently, the latest aic79xx driver V3.0 does no longer support > auto-negotiation, whereas all drivers <=1.3.11 did negotiate > correctly. > > Michael, maybe that works for you as well (unless your tapedrive > actually does do U320)? > We tested forcing the speeds as well. The tape drive worked but when stress testing we found backups over > 2TB would never complete. Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Adaptec 39320A woes
Simple fix, Adaptec & CentOS = :-( LSI & CentOS = :-) We spent a few days trying to get Adaptec cards working with LTO-3 drives. It was suggested to me from this list to try an LSI, we bought one, it worked, problem solved. Dean David Groep wrote: > [sorry for breaking the threading, only joined after reading this on > the web] > > Michael St. Laurent wrote: >> I'm having speed problems with the SCSI card we're using to do tape >> backup. It seems to be functioning in 16 bit mode and the current >> thinking is that perhaps it's using a legacy driver instead of the >> correct one. The Adaptec site has a 'driver' for RHEL5 which I've >> downloaded and tried to install but it seems to have a problem >> installing on a CentOS-5 system. > > Hit this same issue with a slightly different configuration, and > although not able to offer a solution, I can at least give some more > boundary conditions. As I see it now, it starts to look like a driver > issue. > > - I found the issue with a 39320 controller on CentOS5/i386, >talking to an Infortrend IFT-7250F enclosure. It should be doing >U160 (Wide, 80 MHz synchonous), but it decays to 3.300 MB/s >transfers. The driver indeed even says the "Goal" is 3.300 MB/s ... > >It is confirmed by the infortrend: it shows asynchonous/narrow as >transfer settings for the SCSI channels after loading the aic79xx > driver. > > - Exchanging the 39320 for a 29320, still on the same machine with >CentOS5/i386, does not change it: still 3.300 MB/s (as confirmed >by the infortrend itself) > > - putting this same 29320, with the same IFT7250F and with the >same cabling, in another machine running CentOS3.7: presto, it >synchonizes again at 160 MB/s (Wide, 80 MHz)! > > - similar Adaptec 29320 and 39320's in a CentOS4/i386 box, connected >to similar Infortrends: work correctly at 160 and 320 MB/s > > - Booting into kernel 2.6.18-8.el5 or 2.6.18-8.1.8.el5 makes no > difference > > For CentOS5, the aic79xx driver is "Version: 3.0". For CentOS3 it's > using driver "1.3.10-RH1", and for the CentOS4 systems, it's "1.3.11". > What changed between 1.3.11 and 3.0? > > At least you're not alone ... > > Regards, > DavidG. > > PS: and indeed, the adaptec driver RPM does not install correctly, > with > the same errors you reported below. > >> [root hcnas modules]# cd /proc/scsi >> [root hcnas scsi]# cat scsi >> Attached devices: >> Host: scsi0 Channel: 00 Id: 08 Lun: 00 >> Vendor: DP Model: BACKPLANERev: 1.05 >> Type: EnclosureANSI SCSI revision: 05 >> Host: scsi0 Channel: 02 Id: 00 Lun: 00 >> Vendor: DELL Model: PERC 5/i Rev: 1.03 >> Type: Direct-AccessANSI SCSI revision: 05 >> Host: scsi1 Channel: 00 Id: 06 Lun: 00 >> Vendor: CERTANCE Model: ULTRIUM 2Rev: 1914 >> Type: Sequential-AccessANSI SCSI revision: 03 >> Host: scsi1 Channel: 00 Id: 06 Lun: 01 >> Vendor: DELL Model: PV-124T Rev: 0043 >> Type: Medium Changer ANSI SCSI revision: 02 >> Host: scsi3 Channel: 00 Id: 00 Lun: 00 >> Vendor: Dell Model: Virtual CDROM Rev: 123 >> Type: CD-ROM ANSI SCSI revision: 02 >> Host: scsi4 Channel: 00 Id: 00 Lun: 00 >> Vendor: Dell Model: Virtual Floppy Rev: 123 >> Type: Direct-AccessANSI SCSI revision: 02 >> [root hcnas scsi]# ll total 0 >> dr-xr-xr-x 2 root root 0 Aug 3 13:21 aic79xx >> -r--r--r-- 1 root root 0 Aug 3 13:21 device_info >> -r--r--r-- 1 root root 0 Aug 3 13:21 scsi >> dr-xr-xr-x 2 root root 0 Aug 3 13:21 sg >> dr-xr-xr-x 2 root root 0 Aug 3 13:21 usb-storage >> [root hcnas scsi]# cd aic79xx/ >> [root hcnas aic79xx]# ll >> total 0 >> -rw-r--r-- 1 root root 0 Aug 3 13:09 1 >> -rw-r--r-- 1 root root 0 Aug 3 13:09 2 >> [root hcnas aic79xx]# cat 1 >> Adaptec AIC79xx driver version: 3.0 >> Adaptec 39320A Ultra320 SCSI adapter >> aic7902: Ultra320 Wide Channel A, SCSI Id=7, PCI-X 101-133Mhz, 512 >> SCBs Allocated SCBs: 4, SG List Length: 128 >> >> Serial EEPROM: >> 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 >> 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 0x17c8 >> 0x09f4 0x0142 0x2807 0x0010 0x 0x 0x 0x >> 0x 0x 0x 0x 0x 0x 0x0430 0xb3f3 >> >> Target 0 Negotiation Settings >> User: 320.000MB/s transfers (160.000MHz >> RDSTRM|DT|IU|RTI|QAS, 16bit) Target 1 Negotiation Settings >> User: 320.000MB/s transfers (160.000MHz >> RDSTRM|DT|IU|RTI|QAS, 16bit) Target 2 Negotiation Settings >> User: 320.000MB/s transfers (160.000MHz >> RDSTRM|DT|IU|RTI|QAS, 16bit) Target 3 Negotiation Settings >> User: 320.000MB/s transfers (160.000MHz >> RDSTRM|DT|IU|RTI|QAS, 16bit) Target 4 Negotiation Settings >> User: 320.000MB/s transfers (160.000MHz >> RDSTRM|DT|IU|RTI|QAS, 16bit) Target 5 Negotiation Settings >> User: