Re: [CentOS] CentOS 7 polkit update
On Wed, 2022-01-26 at 10:42 -0600, Johnny Hughes wrote: > That has been pushed to the master server and is syncing to the > mirror > network. It will be announce shortly. Thank you for the update. :) I also noticed (obviously _after_ I emailed the list) my local mirror hadn't done a sync yet today. I just ran my repo sync script manually and it pulled down the updated RPM. Sweet! -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 7 polkit update
Hi All, I was looking for an update to polkit in CentOS 7 to fix CVE-2021-4034, but I don't see one yet. I'm assuming it's coming soon-ish. Is there any word on roughly when that will be? Here's the RHEL 7 advisory: https://access.redhat.com/errata/RHSA-2022:0274 -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] mariadb or mysql web gui
Hello, Is there a web gui available in CentOS 8 for managing mariadb and/or mysql DB servers? I've used phpMyAdmin for many years, but I don't see an RPM for it in EPEL for CentOS 8. Is there a popular alternative to phpMyAdmin that's packaged for CentOS 8? -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] phpMyAdmin for Centos 8
Has anyone seen a phpMyAdmin rpm for Centos 8 out in the wild? I've been using the Centos 7 EPEL package for phpMyAdmin for many years. When I went there to look for the Centos 8 version of the rpm, I couldn't find one. O_O -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] BackupPC v4 from epel
Hello Everyone, Has anyone tried to install BackupPC v4 on CentOS 8 from epel? I just did and this happened: [root@resurrect ~]# dnf --enablerepo epel install BackupPC Last metadata expiration check: 0:18:41 ago on Tue 15 Oct 2019 08:03:59 PM EDT. Error: Problem: conflicting requests - nothing provides par2cmdline needed by BackupPC-4.3.1-2.el8.x86_64 - nothing provides perl(Net::FTP::AutoReconnect) needed by BackupPC-4.3.1-2.el8.x86_64 - nothing provides perl(Net::FTP::RetrHandle) needed by BackupPC-4.3.1-2.el8.x86_64 - nothing provides perl(Time::ParseDate) needed by BackupPC-4.3.1-2.el8.x86_64 - nothing provides perl(XML::RSS) needed by BackupPC-4.3.1-2.el8.x86_64 - nothing provides perl-Time-modules needed by BackupPC-4.3.1-2.el8.x86_64 (try to add '--skip-broken' to skip uninstallable packages or '--nobest' to use not only best candidate packages) If that didn't come out too nice, here's a pastebin link: https://pastebin.com/HgjAQmvV I've checked all the disabled repos on my system and none of them have those packages. Is this just a case of the dependencies not being built yet? -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM won't boot after update to 1804
On Wed, 2018-05-23 at 10:29 -0400, Ranbir wrote: > > Warning: /dev/centos_webman03/root does not exist > Warning: /dev/centos_webman03/swap does not exist > Warning: /dev/mapper/centos_webman11-root does not exist > > dracut:/# lvm vgchange -a y > 6 logical volume(s) in volume group "centos_webman11" now active > dracut:/# ln -s /dev/mapper/centos_webman11-root /dev/root > dracut:/# exit > logout > > How do I fix this problem? Does anyone have any idea about what > caused > this in the first place? Ah, crap. I just figured out what the problem is. I had changed the name of the VG and didn't update the grub2 config to reflect that change. So, of course, no amount of grub2 updating was going to fix the problem because the devices that had "webman03" truly didn't exist (they now had "webman11" in them). After fixing that mistake, the server booted up just fine. Sorry for the noise! -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] KVM won't boot after update to 1804
Hi Everyone, I have a server that I recently applied all updates to to bring it to 1804. After rebooting the server, it would no longer boot and is instead dropping into a dracut shell. Here's a snippet of the output printed to the console (lines will likely wrap): [ 184.163787] dracut-initqueue[256]: Warning: dracut-initqueue timeout - starting timeout scripts [ 184.672525] dracut-initqueue[256]: Warning: dracut-initqueue timeout - starting timeout scripts [ 185.183111] dracut-initqueue[256]: Warning: dracut-initqueue timeout - starting timeout scripts [ 185.183395] dracut-initqueue[256]: Warning: Could not boot. [ 185.281196] dracut-initqueue[256]: Warning: /dev/centos_webman03/root does not exist [ 185.282204] dracut-initqueue[256]: Warning: /dev/centos_webman03/swap does not exist [ 185.283205] dracut-initqueue[256]: Warning: /dev/mapper/centos_webman11-root does not exist Starting Dracut Emergency Shell... Warning: /dev/centos_webman03/root does not exist Warning: /dev/centos_webman03/swap does not exist Warning: /dev/mapper/centos_webman11-root does not exist Generating "/run/initramfs/rdsosreport.txt" Entering emergency mode. Exit the shell to continue. Type "journalctl" to view system logs. You might want to save "/run/initramfs/rdsosreport.txt" to a USB stick or /boot after mounting them and attach it to a bug report. dracut:/# After some monkeying around with the minimal ISO and rescue mode and google searches, I finally found the combination of commands I needed to get the system to find the "missing" devices and finish booting: dracut:/# lvm vgchange -a y 6 logical volume(s) in volume group "centos_webman11" now active dracut:/# ln -s /dev/mapper/centos_webman11-root /dev/root dracut:/# exit logout [ 469.036109] dracut-initqueue[256]: Warning: Not all disks have been found. [ 469.037349] dracut-initqueue[256]: Warning: You might want to regenerate your initramfs. [ OK ] Started Plymouth switch root service. [ OK ] Started Cleanup udevd DB. [ OK ] Reached target Switch Root. Starting Switch Root... Welcome to CentOS Linux 7 (Core)! [snip] Re-runining grub2-mkconfig doesn't fix the issue: rebooting the server still resulted in it dropping into a dracut shell. I tried reinstalling grub2 and that didn't fix it either. How do I fix this problem? Does anyone have any idea about what caused this in the first place? -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Squid + wccp + firewalld
Hi Everyone, I'm trying to get squid + wccp on a Centos 7 box working with a Cisco router. I've done this before several times using Centos 6 and iptables, but never on Centos 7 with firewalld. I've searched far and wide for clear, concise instructions on how to do what I want in Centos 7. I've pieced together what I've found to come up with what I thought should work. Unfortunately, squid simply refuses to respond. At the moment, it looks like squid isn't forwarding the requests it's receiving from the router over the GRE tunnel interface. The cisco router is showing the tunnel is up and active, which means wccp is working in that sense. I've edited sysctl.conf exactly as I would have on a Centos 6 box. Squid is configured like it would have been on a Centos 6 box, too. Here are the firewall rules: [root@s0989-stocac1 ~]# firewall-cmd --list-all public (active) target: default icmp-block-inversion: no interfaces: ens192 tun0 sources: services: ctc-custom dhcpv6-client ssh ports: 8081/tcp 3127/tcp 3128/tcp 8080/tcp protocols: masquerade: yes forward-ports: port=80:proto=tcp:toport=3127:toaddr=1.1.1.1 sourceports: icmp-blocks: rich rules: rule family="ipv4" source address="2.2.2.0/26" protocol value="gre" accept [root@s0989-stocac1 ~]# firewall-cmd --direct --get-all-rules ipv4 nat POSTROUTING 0 -j MASQUERADE ipv4 nat PREROUTING 0 -i tun0 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports 3127 Does anyone have any pointers/tips? I think I've messed up the firewalld rules somehow, but I'm not sure. Thanks in advance. -- Ranbir ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] spice server and GSSAPI
On Fri, 2017-12-29 at 19:43 -0500, Ranbir wrote: > Hello, > > Does anyone have spice server for KVM Linux guests working with > GSSAPI > authentication? I've been trying for a while and I simply can't get > it > to work. I don't know what I'm doing wrong. I wouldn't be surprised > if > I've misunderstood something. Damn it, I "figured" it out. I fixed my issues by removing the video and graphics hardware from the KVMs and adding them back in with the exact same settings. I can now view the consoles! I don't know what removing/adding those two bits of hardware did to fix the issue. I had even dumped the XML configs of the running KVMs before and after doing the hardware changes and upon review, they're exactly the same. :: shrug :: I just have to say FreeIPA + Kerberos + GSSAPI for libvirtd and spice server is fantastic. -- Ranbir ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
[CentOS-virt] spice server and GSSAPI
Hello, Does anyone have spice server for KVM Linux guests working with GSSAPI authentication? I've been trying for a while and I simply can't get it to work. I don't know what I'm doing wrong. I wouldn't be surprised if I've misunderstood something. I followed this guide: https://www.freeipa.org/page/Libvirt_with_VNC_Consoles Yes, the above is for VNC consoles. I just adapted that write up for spice. When I try to connect to a console from either virt-manager or with virt-viewer, I'm prompted to enter a password (though I shouldn't be). When I type in my freeipa domain password, it gets rejected. libvirtd with Kerberos and GSSAPI is working perfectly. I can use virt-manager from my Fedora 26 desktop with the below URI: qemu+tcp://ranbir@kvmhost01/system virt-manager connects, I get a list of all the running KVMs and I can work with them like I would if I was running virt-manager over ssh with X forwarding. The only that doesn't work is viewing the consoles. Details: - my host is a fully updated CentOS 7 system - libvirtd is set to listen for tcp connections - I added the service spice/kvmhost01.theinside.rnr - I created a keytab for the above and put it on kvmhost01 in /etc/qemu-kvm/krb5.tab - the above file has owner:group set to qemu:root with perms 600 - I have the following in /etc/sasl2/qemu-kvm.conf mech_list: gssapi keytab: /etc/qemu-kvm/krb5.tab - I have the following in /etc/libvirt/qemu.conf spice_listen = "0.0.0.0" spice_tls = 0 spice_sasl = 1 spice_sasl_dir = "/etc/sasl2/" - the first time I try to view a console, I get the kerberos tickets I expect to: Ticket cache: KEYRING:persistent:62544:krb_ccache_7rtJmh8 Default principal: ran...@theinside.rnr Valid starting Expires Service principal 2017-12-29 18:37:45 2017-12-30 18:01:40 spice/kvmhost01.theinside@theinside.rnr 2017-12-29 18:37:40 2017-12-30 18:01:40 libvirt/kvmhost01.theinside@theinside.rnr 2017-12-29 18:01:40 2017-12-30 18:01:40 krbtgt/theinside@theinside.rnr I'm surprised there isn't more info available about this online. That's why I'm now here asking for assistance. Does anyone have any suggestions/advice? Thanks in advance! -- Ranbir ___ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt
[CentOS] Postfix and LDAP
Hi Everyone, I thought I'd try asking here before joining the postfix mail list since I'm running postfix on a CentOS 7 box. I want to look up accounts via LDAP (an IPA server also on CentOS 7). I created an "ldap_aliases" file and successfully tested it with the postmap command: I can get the email address for an arbitrary user. But, when I add the very same file to main.cf, I don't see anything in the normal or debug logs for postfix that would indicate postfix is even trying to do a ldap lookup. Here are the relevant configs: # Virtual domains virtual_mailbox_base = /var/spool/mail virtual_mailbox_maps = hash:/etc/postfix/virtual_mailbox virtual_mailbox_domains = thesandhufamily.ca virtual_alias_maps = hash:/etc/postfix/virtual, hash:/etc/mailman/virtual-mailman, ldap:/etc/postfix/ldap_aliases NB: I believe I don't need to use ldap for virtual_mailbox_maps and virtual_mailbox_domains, but I could be wrong. All I get is errors like this: Dec 14 09:53:35 mailman01 postfix/lmtp[31011]: A968CC2516D: to=<ran...@thesandhufamily.ca>, relay=10.200.5.24[10.200.5.24]:24, delay=1.1, delays=0.78/0/0.01/0.27, dsn=5.1.1, status=bounced (host 10.200.5.24[10.200.5.24] said: 550 5.1.1 <ran...@thesandhufamily.ca> User doesn't exist: ran...@thesandhufamily.ca (in reply to RCPT TO command)) Am I supposed to enable something else in postfix to make ldap work? What I've read about this seems to indicate I'm doing it correctly. -- Ranbir signature.asc Description: This is a digitally signed message part ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7.1.1503 + Dovecot + IPA
On Thu, 2015-09-10 at 11:01 -0700, Mike wrote: > < !include auth-system.conf.ext This helped. I enabled pam for passdb and now my GSSAPI auth works, but I don't understand why. I also had to enable "allow_all_users=yes" otherwise the messages weren't delivered. I'm going to have to take this to the Dovecot list to get an explanation. Thanks to you and Alice for the help! -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7.1.1503 + Dovecot + IPA
On 2015-09-09 14:21, Mike wrote: Yep, I have it working. It's been almost 6 months since I set it up so don't recall many details other than it was NOT trivial :). Have only used alpine and thunderbird clients, both work fine. I wonder if that means Evolution is broken. In any case, could you tell me the changes you made to 10-auth.conf and any other files for GSSAPI auth to work? I would like to compare your setup to mine and to what I've read online. Thanks! Ranbir -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7.1.1503 + Dovecot + IPA
On Tue, 2015-09-08 at 13:53 -0700, Alice Wonder wrote: > You could try rebuilding this src.rpm - > > http://awel.domblogger.net/7/libre/src/repoview/dovecot.html > > That's what I use for Dovecot on CentOS 7 but I build it against > LibreSSL so you probably don't want my binary RPM but the src.rpm > will > build against stock CentOS OpenSSL just fine w/o modification. > > I don't know if it will fix your issue but it is latest release that > the > dovecot list claims has the issue fixed. Thanks for the offer, but I need to know if anyone else has encountered the problem I'm having. I'm having a hard time believing no one else has run into this. Is there a point in creating a bug report about this in the CentOS tracker since we'd have to wait for someone to report it to Red Hat (and for them to fix it) first? Ranbir -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 7.1.1503 + Dovecot + IPA
Hi Everyone, I'm running an IPA server on CentOS 7 successfully and now I want to change my Dovecot setup to use GSSAPI for IMAP authentication instead of a flat "userdb" file. I've already joined the Dovecot box to the IPA domain - ssh and ipa policies and all that are working properly. I read a number of articles on how to configure Dovecot for GSSAPI auth and they all said the same thing (even Red Hat's official how to on it agreed). But, when I set up Evolution on my Fedora 22 system to use GSSAPI, Dovecot's log records this: Sep 8 13:49:55 mailman02 dovecot: auth: Panic: file auth-request.c: line 733 (auth_request_is_disabled_master_user): assertion failed: (request->requested_login_user != NULL) Sep 8 13:49:55 mailman02 dovecot: auth: Error: Raw backtrace: /usr/lib64/dovecot/libdovecot.so.0(+0x6a02e) [0x7f27af22202e] -> /usr/lib64/dovecot/libdovecot.so.0(+0x6a10e) [0x7f27af22210e] -> /usr/lib64/dovecot/libdovecot.so.0(i_fatal+0) [0x7f27af1da52c] -> dovecot/auth [1 wait, 0 passdb, 0 userdb](+0x15922) [0x7f27af6c7922] -> dovecot/auth [1 wait, 0 passdb, 0 userdb](auth_request_lookup_credentials+0x32) [0x7f27af6c9332] -> /usr/lib64/dovecot/auth/libmech_gssapi.so(+0x2134) [0x7f27ad615134] -> dovecot/auth [1 wait, 0 passdb, 0 userdb](auth_request_handler_auth_continue+0xe5) [0x7f27af6caf15] -> dovecot/auth [1 wait, 0 passdb, 0 userdb](+0x109da) [0x7f27af6c29da] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_call_io+0x27) [0x7f27af232a47] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_handler_run+0xff) [0x7f27af2338cf] -> /usr/lib64/dovecot/libdovecot.so.0(io_loop_run+0x38) [0x7f27af232598] -> /usr/lib64/dovecot/libdovecot.so.0(master_service_run+0x13) [0x7f27af1df9e3] -> dovecot/auth [1 wait, 0 passdb, 0 userdb](main+0x391) [0x7f27af6c07f1] -> /lib64/libc.so.6(__libc_start_main+0xf5) [0x7f27ae7ceaf5] -> dovecot/auth [1 wait, 0 passdb, 0 userdb](+0xe9e1) [0x7f27af6c09e1] Sep 8 13:49:55 mailman02 dovecot: auth: Fatal: master: service(auth): child 23185 killed with signal 6 (core dumps disabled) I've already asked on the Dovecot list about my GSSAPI auth problems and was told that this is a bug in Dovecot which does not exist in the latest release (I don't know when the problem was actually fixed). My question is simply this: does anyone else have dovecot-2.2.10-4.el7_0.1.x86_64 working with GSSAPI auth against an IPA server? IPA is also running on CentOS 7.1.1503. Regards, Ranbir -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Oracle java RPM
On Fri, 2015-09-04 at 16:16 -0300, Itamar Reis Peixoto wrote: > jailed in a docker is safe to install, Cool, but it doesn't really answer my question. :P -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Oracle java RPM
Hi Everyone, Years ago the recommended way to install Sun's java was to install from the tar.gz file because the RPM they supplied did some bad things (clobbered other files or something...can't remember the details). Is this still the case with Oracle's java RPM, or is it now safe to install? Ranbir -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Satellite 6
Hi Everyone, Since Satellite 6 is an amalgam of other F/OSS projects and is no longer solely based on Spacewalk, is a new upstream project for Satellite 6 going to be created? BEtter yet, is a new upstream project already available? Ranbir -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Satellite 6
On 2015-07-22 13:34, Thomas Eriksson wrote: The upstream project is called Katello, http://www.katello.org/ It has nothing to do with Spacewalk as far as I can tell. Katello is just one piece. Satellite 6 also integrates Candlepin, Puppet and more. What I'm wondering is if the entire set of software - Satellite 6 as one piece - is going to get a new upstream project. I have been tinkering with it a bit for a while and it's not too bad. It still has some maturing to do, at the moment it's fragile and much too easy to break. It needs a lot more horsepower to run than Spacewalk, both I/O and CPU. We're moving to Sat 6 at work. So far it looks pretty neat, but there are some bugs that hit our test system hard. They're still not resolved. -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Satellite 6
On 2015-07-22 14:53, Thomas Eriksson wrote: The Katello project is the whole thing. During installation it pulls in Foreman, Candlepin, Pulp, Puppet and more. Really? I couldn't tell based on the Katello project site. Thanks for the info. I'm going to give Katello a spin at home. -- Kanwar R.S. Sandhu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Windows 10 tech preview build 10130
On Sat, 2015-07-04 at 19:22 -0700, ToddAndMargo wrote: I am glad it worked. Sounds to me like Windows being Windows. SOF (Son-of-Frankenstein or Windows Nein, oops, Windows 10) is terrible quality. If it works right in your other VM's, then it is SOF's doing. The newest update (10162) appears to have improved the weird mouse behaviour I was seeing. It's smoother now, but still not as good as on my Fedora client machine (I'm using virt-viewer to get to the Windows KVM). -- Kanwar R.S. Sandhu ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Windows 10 tech preview build 10130
On Fri, 2015-07-03 at 22:10 -0700, ToddAndMargo wrote: Did it work? Yes, this time around the install worked. Thing is, the sha1sum was the same as the first time I downloaded the ISO so there was no corruption to speak of. I really don't know why it wasn't working before. I haven't done much in the preview except try out Spartan and do some configuration. I like the UI design. The only thing that really is driving me nuts is the mouse. My mouse is not running smoothly in the KVM. On my desktop (Fedora 20 running Gnome) my mouse is fine. In other KVMs (e.g. Fedora 22) the mouse works just as smoothly. But, in this preview build, there appears to be a lag...or something. It's difficult to describe. Umm...it's almost like frames are dropping. I don't know. Overall it just sucks and its killing my desire to play around with it more. My daughter has recently started playing the games at www.roblox.com. In this preview build, starting up any game makes Windows crash. Maybe a future build will fix that. -- Kanwar R.S. Sandhu ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS-virt] Windows 10 tech preview build 10130
Hi Everyone, Has anyone managed to install Windows 10 tech preview build 10130 as a KVM on a CentOS 6 host? I'm having problems that I haven't been able to get past. I can get the CD to boot and the install process to begin, but Windows keeps complaining about missing drivers. I've unsuccessfully tried the VirtIO ISOs from the Fedora project. The images I tried were: virtio-win-0.1-100.iso virtio-win-0.1.105.iso virtio-win-0.1.96.iso I have two IDE CD-ROMs attached which appears to be working fine (otherwise the installer wouldn't start and I wouldn't be able to traverse the VirtIO ISO). The NIC was an e1000, but I changed it to rtl8139. I've changed the HD from IDE, to Virtio iscsi to Virtio disk and none of that has seemed to help. I'd appreciate some pointers/tips. Regards, Ranbir -- Kanwar R.S. Sandhu ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Can we trust RedHAt encryption tools?
On 2014-01-06 11:28, James B. Byrne wrote: I believe that the issue is of pressing interest to the entire community and I would like to read what others have to say on the matter. I think everyone should assume the entire ecosystem is compromised and shouldn't trust anything. Code should be reviewed and bugs/weaknesses removed IMMEDIATELY. The problem is obviously not everyone is a programmer and not everyone will have the knowledge to understand how to fix/improve the security issues. Of course, some software is still good, but who's going to verify that and when? If you don't use free software, you're a goner because now you have no ability whatsoever to audit the code! We can't trust the software or the hardware any longer. When the problem runs this deep, what can anyone do? The NSA program has effectively removed my trust with every single U.S. (actually, 5 eyes) based tech company. I can only imagine what RMS thinks about all of this. If he hadn't fought for so long for free software, we would all truly be up shits creek. Don't trust proprietary anything. Use free software - it'll be fixed sooner and properly before anything else. -- Kanwar Ranbir Sandhu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not installing avahi in a kickstart install
On 2013-03-03 17:46, Robert Moskowitz wrote: Looks a bit too much to take on at this point. But I will put a link in my notes for future study. Thanks. Along with disabling the avahi service in my kickstart files, I also add NOZEROCONF=yes to /etc/sysconfig/network. That way the service does not start and the 169.254.x.x IP doesn't get added to the interface. It's not hard to do after the fact, but putting simple things like that in a kickstart file prevents one from doing all the mundane, mind numbing sys admin tasks. :) HTH, Ranbir -- Kanwar Ranbir Sandhu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] web mail and Squirrelmail
On Mon, 2012-12-24 at 19:02 +0100, Tilman Schmidt wrote: Am 24.12.2012 00:03, schrieb Kanwar Ranbir Sandhu: I switched to Roundcube early on it's life and haven't looked back. The newest release sure is purrrty!! It's worlds better than Squirrelmail. Interesting. Last time I looked, Roundcube had issues with big (1GB) mailboxes. How does it fare these days in this respect? This is where my experience is useless to you: my mailboxes aren't that big. The biggest mailbox is only 201 MB. I use Dovecot for imap/pop, maildir instead of mbox, and it's a really old release to boot (running on a CentOS 5 box). That being said, performance is just fine. The RC interface is snappy. I should also note I'm not using any Roundcube plugins. Well, not yet anyway. I'm sorry if that didn't help you any. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.6.6-1.fc17.x86_64 x86_64 GNU/Linux 00:42:57 up 19 days, 40 min, 11 users, load average: 0.58, 0.86, 0.57 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] web mail and Squirrelmail
On Tue, 2012-12-18 at 23:51 -0500, Digimer wrote: I used it for many years, but switched to RoundCube as SM seems to not be growing much anymore. Been happy with RC so far. I second the RC recommendation! I switched to Roundcube early on it's life and haven't looked back. The newest release sure is purrrty!! It's worlds better than Squirrelmail. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.6.6-1.fc17.x86_64 x86_64 GNU/Linux 18:01:05 up 16 days, 17:58, 8 users, load average: 0.17, 0.31, 0.37 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Assign external esata drive to KVM
On Sun, 2012-10-21 at 17:32 -0700, Gordon Messmer wrote: Disks don't have labels, partitions do. You don't see a partition in the KVM guest because the guest is trying to read a partition table from inside the partition that you're exporting. Doh! I should have known that. Instead, use one of the IDs in /dev/disk/by-id. You should see an ID that indicates the disk's model and serial number, which is usable for your purpose. Most awesome - worked! Thanks a lot for the solution. NB: I did see the disk IDs when I was trying to fix the problem myself and before I emailed the list. But, for some reason or another I didn't actually give it a go. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.5.4-2.fc17.x86_64 x86_64 GNU/Linux 21:17:45 up 18 days, 9:34, 3 users, load average: 0.08, 0.05, 0.08 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Assign external esata drive to KVM
Hello Everyone, I have a CentOS 6.3 host running a few KVMs. One of them is a CentOS 6.3 KVM that I want to use for making backups with BackupPC. What I'm having a problem with is assigning the KVM an external drive. I used to run BackupPC on an Ubuntu box. The backups went to an external eSATA 1.5TB, ext4 format, single partition drive (regular 3.5 in an enclosure). I want to now attach that same external drive to my KVM host, and pass it up to the KVM running BackupPC. I added the entire drive as a second storage disk to the KVM. I used the disk's label (/dev/disk/by-label/backups) so that I wouldn't have to worry about the device name changing down the road. When I booted up the KVM and listed the disks, I only saw /dev/vdb. I was also expecting to see /dev/vdb1. I ran fdisk on it only to see the partition table wasn't detected. The drive itself is OK - I can mount it successfully on the KVM host. Here's the fdisk output: Device contains neither a valid DOS partition table, nor Sun, SGI or OSF disklabel Building a new DOS disklabel with disk identifier 0xd6912a1b. Changes will remain in memory only, until you decide to write them. After that, of course, the previous content won't be recoverable. Warning: invalid flag 0x of partition table 4 will be corrected by w(rite) WARNING: DOS-compatible mode is deprecated. It's strongly recommended to switch off the mode (command 'c') and change display units to sectors (command 'u'). Command (m for help): p Disk /dev/vdb: 1500.3 GB, 1500300861440 bytes 16 heads, 63 sectors/track, 2907018 cylinders Units = cylinders of 1008 * 512 = 516096 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512 bytes Disk identifier: 0xd6912a1b Device Boot Start End Blocks Id System Command (m for help): quit So...how do I properly assign this eSATA disk to the KVM? FYI: the enclosure can use USB as well. Thanks, Ranbir -- Kanwar Ranbir Sandhu Linux 3.5.4-2.fc17.x86_64 x86_64 GNU/Linux 12:20:20 up 12 days, 37 min, 3 users, load average: 0.09, 0.09, 0.12 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Increase console resolution
Hi Everyone, How do I change the console resolution of CentOS 6 KVMs to be 1024x768 or more? I have the spice server and qxl card selected for the KVM. I assumed it would be enough to put the text console into high res, but I was wrong. :/ Regards, Ranbir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can,t get pam_mkhomedir to work...
On Tue, 2012-07-31 at 10:52 -0400, Nicolas Ross wrote: did you try running authconfig --enablemkhomedir --updateall Great, that worked ! That options isn't even in the man page ! That's a bug then. Please report it! Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.5.2-3.fc17.x86_64 x86_64 GNU/Linux 09:49:40 up 3 days, 21:54, 3 users, load average: 0.05, 0.27, 0.20 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS-virt] RAID: by host or within KVM?
Hi Virtualizers, I just setup a CentOS 6 box (at home) to run as a KVM host. It's replacing an absolutely ancient CentOS 5 server that's running Xen. I have one OS drive, and two drives in RAID 1 with LVM on top which is being used as the KVM storage pool. I created a KVM that will run OpenMediaVault (OMV). OMV requires an OS drive (which is really a LVM), and a separate drive(s) to put all the media on. This is where I'm a little unsure on how to proceed. I think I have two options: 1. Let the KVM host manage the drives (i.e. RAID with LVM on top) and just assign the single volume to OMV. OMV will see it as one HD. 2. Assign the individual drives to the OMV KVM, and let OMV manage the RAID creation, management, etc. I'm not sure which one will perform better. My hunch is if the RAID management is left at the host level, I'll see better overall performance. Performance isn't exactly my number one goal here, but I don't want to kill it completely either by going the wrong way. On the other hand, if I let OMV do the RAID management for the media storage disks, I'll gain future flexibility because it'll be much easier to move OMV to bare metal. Which way should I go? What would you guys do? Regards, Ranbir -- Kanwar Ranbir Sandhu ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS] RHEV-H / RHEV-M on CentOS?
Hi Dudes/Dudettes, Does anyone know if Red Hat's bare metal KVM solution, RHEV-H, and the management component, RHEV-M, are available for CentOS? All I know is RHEV-M was being ported to Java and it would be getting released soon. I suppose RHEV-H isn't 100% necessary. Just running a minimum CentOS install for your KVMs would give you essentially the same thing. If there was a similar bare metal install option like RHEV-H through CentOS, I could see going that route for my deployments eventually. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.3.7-1.fc17.x86_64 x86_64 GNU/Linux 08:23:10 up 7 days, 21:17, 13 users, load average: 0.56, 0.58, 0.77 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Rewrite part of a message with rsyslog
On Fri, 2012-04-27 at 12:39 +0200, C. L. Martinez wrote: Somebody knows how can I do this?? This is a really late reply: you should join the rsyslog mail list - you'll get lots of help there. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.3.5-2.fc16.x86_64 x86_64 GNU/Linux 12:27:33 up 1 day, 1:13, 3 users, load average: 0.30, 0.45, 0.71 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nfslock
On Thu, 2012-03-22 at 13:08 -0700, Nataraj wrote: Furthermore RedHat has decided that they don't like Upstart and they are going to yet another replacement for upstart in future releases (sorry, I don't remember the name of it). You're thinking about systemd. I believe Fedora 15 was the first Fedora release with systemd. Regards, Ranbir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] postfix and spam, I am impressed[Solution that works]
On Tue, 2012-03-13 at 15:48 -0400, Bob Hoffman wrote: Still getting a small amount through. My next step is to get procmail to /dev/null according to spam-level from spamassassin...so I may have it set at 5 to tag as spam, but procmail can look at the level somehow and if I say 'greater than 15' /devnull. will figure it out. Add postgrey to your setup. Your spam should drop to nothing (well, so near to nothing it makes no difference). Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 3.2.9-2.fc16.x86_64 x86_64 GNU/Linux 08:10:36 up 23:16, 3 users, load average: 0.00, 0.03, 0.05 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Burning DVDs (was: CentOS 6 x86_64 DVD doesn't boot)
On Fri, 2011-07-15 at 05:57 +0200, Udo Siewert wrote: A shot in the dark: my DVD image burned by K3B won't also boot. Using Brasero and all was fine. Not reproducable, but worth the attempt. I used Brasero: failed to boot. Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 09:34:50 up 9:23, 1 user, load average: 0.15, 0.13, 0.09 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Burning DVDs (was: CentOS 6 x86_64 DVD doesn't boot)
On Thu, 2011-07-14 at 22:17 -0600, Devin Reade wrote: My successful burns (although not tried with CentOS 6 yet) have been using growisofs directly: growisofs -speed=1 -dvd-compat -Z /dev/dvd=image.iso Tried this: failed to boot. Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 09:35:27 up 9:24, 1 user, load average: 0.08, 0.11, 0.09 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 x86_64 DVD doesn't boot
On Thu, 2011-07-14 at 21:36 -0500, Barry Brimer wrote: Can you read other discs burned by that burner in the server machine? I understand that it has a DVD/CD burner, but is a CDRW burner? Can you attach this drive to a USB cable or move it to the affected machine to see if the problem follows the drive or the machine? I used a different burner in a different PC running Fedora 15: failed to boot. Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 09:36:17 up 9:25, 1 user, load average: 0.19, 0.14, 0.10 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 x86_64 DVD doesn't boot
On Thu, 2011-07-14 at 09:32 -0400, Kanwar Ranbir Sandhu wrote: ETCDisolinux: Found something at drive = EF No DEFAULT or UI configuration directive found! boot: The same disc works fine in my 4 year old HP laptop, and when installing CentOS 6 as a KVM. I've tried everything people have so kindly suggested - the DVD has failed to boot each and every time. I decided to burn a Fedora 15 x86_64 DVD ISO to the same rewritable DVD I've been using for the CentOS 6 DVD image. I also used the same burner. The Fedora 15 DVD booted just fine. So, what I can conclude is something is broken. :/ Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 09:36:53 up 9:26, 1 user, load average: 0.10, 0.12, 0.09 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Burning DVDs (was: CentOS 6 x86_64 DVD doesn't boot)
On Fri, 2011-07-15 at 17:05 +0100, Keith Roberts wrote: Did you check the integrity of the downloaded iso image before burning it? The download is good. I made sure to do the checksum before burning the image. Can you try to burn the iso on different machine at a slow speed. See if it boot then? I already tried that: it won't boot. :( Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 12:12:23 up 12:01, 1 user, load average: 0.44, 0.10, 0.03 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Burning DVDs
On Fri, 2011-07-15 at 16:06 +0200, Ljubomir Ljubojevic wrote: Just saw your other reply. Then just do not use DVD-RW, but plain DVD-R. I was going to try that, but seeing as how a Fedora 15 x86_64 ISO burnt to the same rewritable DVD boots properly, I don't see how a DVD-R will resolve the CentOS problem. I'll still try it. It's worth a shot. Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 12:15:29 up 12:04, 1 user, load average: 0.29, 0.16, 0.06 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 x86_64 DVD doesn't boot [SOLVED]
On Fri, 2011-07-15 at 10:07 -0400, DV wrote: I would try the bios setting AHCI (vs. compatibility mode) if you have it. http://www.911cd.net/forums/lofiversion/index.php/t23099.html This is the SATA Advanced Host Controller Interface: http://www.techmetica.com/howto/sata-ahci-mode-bios-setting.-what-does-it-do/ I have all of the SATA channels set to AHCI mode, which includes the Pioneer burner. I was thinking that maybe I should try changing the BIOS setting to IDE, but then tossed it aside as crazy talk. After your email, I decided to change the DVDRW drive's SATA channel to IDE mode. Bingo! The CentOS 6 DVD booted. I have CentOS 6 running and fully updated now. I haven't looked into why the SATA Pioneer DVDRW needed AHCI disabled in order to boot off the CentOS 6 DVD. Since the Fedora 15 DVD booted without issue, I can only surmise isolinux in CentOS 6 and in Fedora 15 behave differently. Thanks to everyone that tried to help out. I appreciate everyone's efforts. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 12:18:37 up 12:07, 1 user, load average: 0.24, 0.16, 0.08 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 6 x86_64 DVD doesn't boot
Hi Everyone, I downloaded the CentOS 6 x86_64 DVD ISOs and burned the first image to a rewritable DVD. When I tried to boot my new home server off it, it didn't, and then this was printed to the screen: ETCDisolinux: Found something at drive = EF No DEFAULT or UI configuration directive found! boot: The same disc works fine in my 4 year old HP laptop, and when installing CentOS 6 as a KVM. I've found one post from a Fedora 14 user that was having the exact same problem, but no one replied to him. Other articles, posts etc. around the net reference something different for the EF part. Does anyone know what's going on? I've never seen this problem before. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 09:21:53 up 10:20, 2 users, load average: 1.20, 1.47, 1.34 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 x86_64 DVD doesn't boot
On Thu, 2011-07-14 at 20:39 -0500, Barry Brimer wrote: I downloaded the CentOS 6 x86_64 DVD ISOs and burned the first image to a rewritable DVD. When I tried to boot my new home server off it, it didn't, and then this was printed to the screen: ETCDisolinux: Found something at drive = EF No DEFAULT or UI configuration directive found! boot: The same disc works fine in my 4 year old HP laptop, and when installing CentOS 6 as a KVM. By any chance is the drive that does not work *NOT* a CDRW drive? Sometimes CD-ROM drives do not like reading rewriteable media. The drive in my little server is a DVD/CD burner, too. So, that's not the problem. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 22:23:20 up 23:22, 4 users, load average: 0.24, 0.12, 0.04 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 x86_64 DVD doesn't boot
On Thu, 2011-07-14 at 21:36 -0500, Barry Brimer wrote: By any chance is the drive that does not work *NOT* a CDRW drive? Sometimes CD-ROM drives do not like reading rewriteable media. The drive in my little server is a DVD/CD burner, too. So, that's not the problem. Can you read other discs burned by that burner in the server machine? I understand that it has a DVD/CD burner, but is a CDRW burner? Can you attach this drive to a USB cable or move it to the affected machine to see if the problem follows the drive or the machine? The burner I'm using is a built in laptop drive. :/ However, I have used it to burn LinuxMCE DVD images, and those have always booted on my new machine without issue. I think it's something specific to CentOS 6 and the particular hardware I'm using. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 23:25:38 up 1 day, 24 min, 4 users, load average: 0.00, 0.04, 0.06 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Burning DVDs (was: CentOS 6 x86_64 DVD doesn't boot)
On Thu, 2011-07-14 at 09:26 -0600, Devin Reade wrote: I have had much better luck with DVD data portability if I always burn DVDs at 1x (or as close to it as the DVD firmware will allow), particularly when it comes to burning on one system and reading on another. I used K3B in Fedora 15 to burn the DVD image. I changed the speed to 1x, but K3B reported the burn speed as 2.4x - I guess it couldn't go any lower. The newly burnt image didn't boot either. The error was the same. So sad. :( Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 23:28:29 up 1 day, 27 min, 4 users, load average: 0.00, 0.02, 0.05 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS-6 Status updates
On Mon, 2011-06-13 at 09:22 -0700, Craig White wrote: easier just to give up - I moved my new servers to ubuntu - no more new CentOS installs any more. I'm just going to maintain the CentOS 5 installs at this point. Holy shit, man! I'd never, by choice, put in an Ubuntu server. Debian, sure (though I'm a Red Hat and Red Hat based guy), but Ubuntu? Forget it! I hope you find it as stable and reliable as CentOS. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 06:47:45 up 23:59, 1 user, load average: 0.04, 0.35, 0.26 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virDomainSetMaxMemory error
On Sat, 2011-04-09 at 13:54 -0500, Russell Jones wrote: In Virt-Manager, when attempting to either change a guest's memory allocation or even just clicking Apply on the memory tab and not actually changing the values, the following error pops up: Error changing memory values: this function is not supported by the connection driver: virDomainSetMaxMemory When Googling around, I am finding reports of this error as early as two days ago, and as late as a year ago. Is there an option in KVM/Virt-Manager I am missing in order to resolve this problem, or is this bug really over a year old and not fixed in CentOS 5.6? I had this problem with a KVM recently. Instead of wasting time with virt-manager, I did this: # virsh shutdown [kvm] # virsh dumpxml [kvm] guest.xml # vim guest.xml - I changed the memory parameters to be what I wanted, saved, and quit # virsh define guest.xml Done. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 21:41:35 up 4 days, 20:21, 2 users, load average: 0.08, 0.21, 0.16 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Printers, aka an old time sysadmin
On Tue, 2011-04-05 at 16:22 -0400, m.r...@5-cent.us wrote: Where - the CentOS wiki? Sure , why not? It's as good a place as any, but since you're talking about your efforts in a CentOS mailing list, I think it's most fitting to post your experience on the CentOS wiki. :) Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 21:15:40 up 1 day, 19:55, 2 users, load average: 0.02, 0.02, 0.05 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Migrating standalone systems to KVM
On Thu, 2011-03-31 at 05:41 -0700, Benjamin Franz wrote: I haven't tried it, but in theory you could take a clonezilla image of the physical machine and restore it to a KVM disk image: Just create the initial virtual drives at least as large as the originals, boot clonezilla in the VM and restore from the images. That's an excellent idea! I didn't consider it when I was trying to figure out how to migrate a physical CentOS 5 server to a KVM. I will try this just for shits and giggles. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 21:37:24 up 5 days, 12:05, 2 users, load average: 0.27, 0.16, 0.07 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM host question about host firewall
On Tue, 2011-01-18 at 17:21 -0500, Kwan Lowe wrote: Yesterday I was troubleshooting an issue with a KVM host. I was unable to access the DNS service on a KVM virtual machine. After verifying that the vm allowed through the DNS ports (53 on UDP/TCP) and still being unable to access, I was able to connect immediately after allowing those ports on the KVM host. Is there anyway around this? The reason is that I would like to allow only SSH access to the host, but allow other services to the virtual machines. I just disable iptables on the host. Maybe that's not the best solution for your particular situation, but in mine, it works fine. I use tcp wrappers to allow ssh access to only those I deem worthy, and we have external firewalls in place as well (I lock down our boxes in other ways, as well). I haven't seen the need to put in a host based firewall...yet, anyway. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.26-175.fc12.x86_64 x86_64 GNU/Linux 15:39:12 up 9 days, 21:23, 3 users, load average: 0.03, 0.07, 0.02 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] RHEVM List
On Fri, 2011-01-07 at 12:02 -0600, Les Mikesell wrote: On 1/7/2011 7:02 AM, Nico Kadel-Garcia wrote: I was testing it with KVM, for comparison to VMWare, and didn't get as far as that. The network configuration, multiple disk at install time, and dog-slow performance of KVM prevented further exploration. KVM was being heavily advertised by RedHat so I wanted a look, and was completely underwhelmed. The requisite bridged network ports have to be set manually on the server, since the built-in network configuration tools have no clue how to do it. This means network pair-bonding has to be done in the guest domain, and it turned out that PXE didn't work at all in the guests. I haven't tried that, but wouldn't you bridge the bond device instead of bonding bridged nics? That's what I do on our various CentOS 5 and RHEL 5 based KVM clusters (I use CentOS/RHEL Cluster Suite for the storage and KVM clustering bits). Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.32.23-170.fc12.x86_64 x86_64 GNU/Linux 07:08:09 up 11 days, 22:13, 6 users, load average: 0.08, 0.26, 0.20 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Networking setup/help
On Wed, 2010-05-19 at 09:31 -0500, Les Mikesell wrote: If you are starting from scratch and don't know your way around the linux system, why not use one of the 'appliance' style distributions like ClearOS (fairly new) or SMEserver (older but still works)? These are based on CentOS code but have a simple web interface for configuration and will probably set up the firewalling/NAT better than you would do by yourself. ClearOS looks awesome. Have you tried it? Regards, Ranbir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Simulate Network Cable Disconnect
On Tue, 2010-05-04 at 12:28 -0400, Tait Clarridge wrote: I am having trouble simulating a network cable disconnect with KVM. I would like to test active backup bonding for a switch IOS upgrade in a production environment. Couldn't you just do a ifdown ethX in the KVM itself? One of the bonded NICs will go down, and the kernel should report it as such. Regards, Ranbir ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] Multiple FreeNX servers and SSH ports
On Sun, 2010-03-21 at 15:54 +0100, Niki Kovacs wrote: I'd like to handle the two PCs from the medical office remotely with FreeNX. I figured that the best way to distinguish them would be to assign a different port for SSH to each of them, and then redirect each of the ports respectively. I think the best option would be to use a freenx proxy server. Then, you only need to forward the standard ssh port to the proxy server. Once you're connected to the proxy machine, you could connect to any freenx server on the LAN. Regards, Ranbir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] Introducing ConVirt 2.0
On Mon, 2010-03-01 at 10:10 -0800, jd wrote: Hi We are very pleased to introduce ConVirt 2.0 – the next major step up in open source virtualization management. The ConVirt 2.0 generation combines a flexible, open architecture, the highest level of management capabilities, and the industry’s most flexible pricing model. Built on a brand-new, 3-tier architecture, ConVirt 2.0 includes a highly interactive, web-based user interface, a new data repository, advanced automation, enterprise scalability, multi-user administration, a full suite of integration capabilities, and much more. Why would one use ConVirt instead of the management tools included in RHEL and/or CentOS? What's the difference? Regards, Ranbir ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] How to install kvm?
On Tue, 2009-08-25 at 11:09 +0200, Andre Vehreschild wrote: give the packagers a little time. The new kernel was published this night and the dependencies are not yet meet completely. The alternative would be to get the archive from http://www.linux-kvm.org/ yourself and build it. I did it several times, it is not that hard and you get the most recent version. Fair enough, but the kmod-kvm rpms in the extras repo are for ancient kernels. There hasn't been a new package since Oct. 2008. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 12:09:03 up 9 days, 13:05, 5 users, load average: 1.39, 1.22, 1.19 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] pulse audio for CentOS 5
Hi All, Does anyone know of a repo packaging a recent pulse audio release as RPMs for CentOS 5? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 11:26:10 up 8 days, 12:22, 5 users, load average: 1.09, 0.35, 0.18 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to install kvm?
Hello All, I want to install kvm in CentOS 5.3. The instructions on the wiki are fine and dandy, but the kmod-kvm package is for an older kernel. The box I want to install it on is up-to-date with the latest kernel packages. How do I install kvm on a fully updated CentOS 5.3 box? Is installing the older kernel my only option? BTW, I'd post this on the virt-list, but I have a hard time getting answers on that list. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 14:44:30 up 8 days, 15:41, 5 users, load average: 0.56, 0.22, 0.21 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-virt] virtio
On Sat, 2009-08-22 at 11:36 -0400, Kanwar Ranbir Sandhu wrote: I've tried change an existing VM to virtio for disk and network, but each time I start it, I get this error: error: Failed to start domain popdns02 error: internal error unsupported disk type 'vda' I don't know why this is happening. From what I've read, virtio should be available. Can someone please tell me what I'm doing wrong? Anyone? I'd really like to fix this. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 20:46:00 up 7 days, 21:42, 4 users, load average: 0.09, 0.06, 0.03 ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS-virt] virtio
Hello Everyone, Can I use virtio modules for network and block devices in CentOS 5.3 VMs when using the KVM packages from the lfarkas repo? I've tried change an existing VM to virtio for disk and network, but each time I start it, I get this error: error: Failed to start domain popdns02 error: internal error unsupported disk type 'vda' I don't know why this is happening. From what I've read, virtio should be available. Can someone please tell me what I'm doing wrong? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 11:32:58 up 6 days, 12:29, 4 users, load average: 0.26, 0.21, 0.33 ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS] KVM - missing dependency
Hello Everyone, I've installed kvm from the lfarkas repo on CentOS 5.3, as per the CentOS wiki page. I now want to install the virt-manager package, but yum is giving me this error: Error: Missing Dependency: python-virtinst = 0.400.3 is needed by package virt-manager-0.7.0-5.el5.x86_64 (lfarkas) I can't find that package anywhere in that repo. So, where do I get it from? BTW, I would have asked this on the CentOS virt list, but that list is really quiet. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 21:14:54 up 1 day, 22:11, 2 users, load average: 0.07, 0.20, 0.21 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM - missing dependency
On Mon, 2009-08-17 at 21:17 -0400, Kanwar Ranbir Sandhu wrote: I can't find that package anywhere in that repo. So, where do I get it from? Forget I asked: I'll just grab it from the CentOS base repo. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 21:29:59 up 1 day, 22:27, 2 users, load average: 0.17, 0.24, 0.20 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS-virt] libvirtd and kvm from lfarkas repo
Hi All, Can I use virt-manager from a Fedora 11 box to manage Qemu/KVM VMs, or is this crazy (re: incompatible)? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.29-170.2.78.fc10.x86_64 x86_64 GNU/Linux 21:36:22 up 4 days, 20:37, 4 users, load average: 0.22, 0.20, 0.18 ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS] kvm in Centos 5.3
On Fri, 2009-07-31 at 22:40 +0200, Farkas Levente wrote: which version from which repo? Never mind. I had a typo in the yum config file for the CentOS repos. Instead of exclude, I had excude. It took me a while to spot that one. I fixed the typo. Now all the dependencies are resolving properly. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 23:53:03 up 12 days, 15:19, 3 users, load average: 0.34, 0.27, 0.18 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm in Centos 5.3
On Thu, 2009-07-30 at 07:59 -0700, Akemi Yagi wrote: As for the wiki article, I was planning to amend it when 5.4 hits the street. But in the meantime, the content is not old because what CentOS offers in extras can be installed by following the instructions in there. I installed the version in extras. But, I couldn't find the tunctl package in the rpmforge repo, and libvirtd wouldn't start (it kept dying). I don't want to use the testing repo version since the kmod-kvm package is for an older kernel (I'm running 2.6.18-128.1.14). So, I'll give the version packaged up by Farkas a try. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 11:27:48 up 6 days, 2:54, 4 users, load average: 1.40, 1.28, 1.29 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm in Centos 5.3
On Thu, 2009-07-30 at 09:14 +0200, Farkas Levente wrote: unfortunately i don't have write access to the howto, but the packages in the virt dir of the http://www.lfarkas.org/linux/packages/centos/5/ have the latest stable kvm and qemu packages and all of it dependencies. we use it for and seems to be finally stable: kmod-kvm-2.6.30.1-2.el5 qemu-*-0.10.5-2.el5 I don't see a libvirt package. Should I just use the one from the extras repo? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 12:24:46 up 6 days, 3:51, 4 users, load average: 1.47, 1.29, 1.16 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm in Centos 5.3
On Thu, 2009-07-30 at 18:56 +0200, Farkas Levente wrote: see around (it's there since 06.28): http://www.lfarkas.org/linux/packages/centos/5/x86_64/virt/RPMS/libvirt-0.6.4-2.el5.x86_64.rpm Wow, I'm blind. Thanks. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 13:31:51 up 6 days, 4:58, 4 users, load average: 1.22, 1.26, 1.22 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm in Centos 5.3
On Thu, 2009-07-30 at 18:56 +0200, Farkas Levente wrote: see around (it's there since 06.28): http://www.lfarkas.org/linux/packages/centos/5/x86_64/virt/RPMS/libvirt-0.6.4-2.el5.x86_64.rpm FYI: when I try to install libvirt from your repo, libvirt in the CentOS base and updates repos keep replacing it, even though I've excluded the package. I've tried cleaning the yum cache and a few other trouble shooting steps, all to no avail. I'll have to install libvirt locally. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 14:41:50 up 6 days, 6:08, 4 users, load average: 1.71, 1.57, 1.40 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] kvm in Centos 5.3
Hi All, Is KVM support in CentOS 5.3 complete? That is, can a CentOS 5.3 system host KVM VMs or does CentOS 5.3 only support being virtualized via KVM? I ask because I installed KVM on a CentOS 5.3 host, but I can't find a kvm module anywhere in /lib/modules/* (let alone the running kernel). Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 17:55:54 up 5 days, 9:22, 5 users, load average: 1.13, 0.47, 0.28 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm in Centos 5.3
On Wed, 2009-07-29 at 18:06 -0400, Kwan Lowe wrote: I don't think kvm is available upstream until 5.4. I figured that out about 5 minutes after sending the email. Just great. Anyone know when 5.4 is hitting? Thanks for the reply! Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 18:21:08 up 5 days, 9:48, 5 users, load average: 0.61, 0.31, 0.36 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kvm in Centos 5.3
On Wed, 2009-07-29 at 15:26 -0700, Akemi Yagi wrote: kvm is available now. Here is the CentOS wiki article for kvm-howto. http://wiki.centos.org/HowTos/KVM I noticed that, too. The version in the testing repo is the one I'd be interested in. But, I have a couple of questions: 1. How stable is it? 2. Any idea if moving from this testing version to the eventual official release in CentOS 5.4 will present any problems? (I suspect not) Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 21:49:02 up 5 days, 13:15, 4 users, load average: 0.40, 0.21, 0.18 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] recent rsyslog package available for CentOS?
On Sun, 2009-07-12 at 22:09 -0400, Eric B. wrote: Do you start from srpms or the tar ball? If sprm, where do you get it from? If tar balls, how do you go from a tgz to an srpm/rpm? I started with the Fedora 10 SRPM, did a test build on CentOS 5, and then rebuilt that new SRPM with mock. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 10:16:18 up 1 day, 16:47, 4 users, load average: 1.37, 1.16, 1.22 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] good small registrar?
On Wed, 2009-06-24 at 16:50 -0400, Ryan Pugatch wrote: I, personally, haven't had any issues with GoDaddy. I ignore their upsells.. it isn't often that I have to bother going through that as I renew or buy domains once or twice a year.. I renew most of mine at once. But, if you really want to stay away, try Gandi - www.gandi.net I use gandi.net for my .com domains. Me likey! Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 10:36:40 up 1 day, 17:07, 4 users, load average: 0.27, 0.30, 0.52 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] recent rsyslog package available for CentOS?
On Sat, 2009-07-11 at 13:34 +0100, Karanbir Singh wrote: I have been building and using myself much newer versions of rsyslog. Let me look at getting these into a slightly more public area. I've been doing the same. Works great, minus maintaining the package myself, but that's not a disaster. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.25-170.2.72.fc10.x86_64 x86_64 GNU/Linux 09:52:40 up 9 days, 19:26, 5 users, load average: 1.61, 1.35, 1.23 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] mock rebuild of rsyslog dies
Hi All, I'm not sure where I should ask this, so I'll try here and the Fedora list. I'm using mock-0.6.13-1.el5_2.3 on a CentOS 5 box to rebuild i386 and x86_64 versions of rsyslog-3.21.10-2.fc10.src.rpm. But, the mock build always dies (for both archs) with the following error: No Package Found for librelp-devel Cannot find build req librelp-devel. Exiting. I can install that library on CentOS 5 outside of mock. I can even rebuild the SRPM outside of mock. So, I don't think there is a problem with the SRPM, but maybe there is. I don't know. :( Does anyone know why librelp-devel wouldn't be found? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.21-170.2.56.fc10.x86_64 x86_64 GNU/Linux 15:22:34 up 2 days, 16:33, 4 users, load average: 1.11, 1.06, 0.67 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mock rebuild of rsyslog dies
On Tue, 2009-05-26 at 15:23 -0400, Kanwar Ranbir Sandhu wrote: Does anyone know why librelp-devel wouldn't be found? Well, shit, I figured it out. librelp-devel is in epel, not in the CentOS repos. So, after adding the epel repo to the mock config for centos-5-x86_64 and centos-5-i386, the rsyslog build completed successfully. Sorry for the noise! p.s. I'm a mock newb, so massive user error is to be expected. 8P -- Kanwar Ranbir Sandhu Linux 2.6.27.21-170.2.56.fc10.x86_64 x86_64 GNU/Linux 15:42:50 up 2 days, 16:53, 4 users, load average: 1.16, 1.17, 1.02 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] rsyslog expression based filters
Hello All, Does the rsyslog version in CentOS 5 support expression based filters? I'm asking because a filter I believe should be working, isn't and I cannot figure out why. I'm trying to get the following expression working (might wrap): if $source == 'astappsrv2' and $programname == 'asterisk' then /var/log/asterisk/astappsrv2.log Every time I restart rsyslog, I get this error (slightly edited to make it fit): rsyslogd:unknown priority name log rsyslogd:the last error occured in /etc/rsyslog.conf, line 16 rsyslogd:warning: selector line without actions will be discarded The line rsyslog is having problems with is the expression based filter. astappsrv2 is the log client, and it's successfully sending it's logs to the remote log host (the one on which I'm having problems with the expression filter). I know the logs are coming in because I've setup property based filters that all work just fine. I can take this to the rsyslog list if need be. I wanted to try here first. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.21-170.2.56.fc10.x86_64 x86_64 GNU/Linux 13:46:04 up 1 day, 14:56, 4 users, load average: 1.03, 0.41, 0.14 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsyslog expression based filters
On Mon, 2009-05-25 at 13:59 -0400, Kanwar Ranbir Sandhu wrote: Hello All, Does the rsyslog version in CentOS 5 support expression based filters? I'm asking because a filter I believe should be working, isn't and I cannot figure out why. I think this is the likely problem: the CentOS version of rsyslog does not support expression based filters. Dang. Does anyone know where I can get i386/x86_64 rpms of the latest 3.0 stable tree release of rsyslog for CentOS 5? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.21-170.2.56.fc10.x86_64 x86_64 GNU/Linux 14:43:08 up 1 day, 15:53, 3 users, load average: 1.35, 1.29, 1.14 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] error when join my Centos machine to win2003 ADS server
On Thu, 2009-03-26 at 22:22 +0300, fabian dacunha wrote: # Generated by authconfig on 2009/03/26 12:50:28 # DO NOT EDIT THIS SECTION (delimited by --start-line--/--end-line--) # Any modification may be deleted or altered by authconfig in future workgroup = BALADIA.LOCAL ; password server = kmun.baladia.local password server = 172.16.2.227 realm = KMUN.BALADIA.LOCAL security = ads idmap uid = 16777216-33554431 idmap gid = 16777216-33554431 winbind separator = + template shell = /bin/bash winbind use default domain = true winbind offline logon = false encrypt passwords = yes log level = 3 #--authconfig--end-line-- encrypt passwords = yes dns proxy = no server string = Samba Server Version %v os level = 20 client use spnego = no server signing = auto -- where i could be goin wrong i would be thankful and really apprecite your advice for any setting in my smb.conf file 1. It's usually better to set password server to *. 2. Your realm is wrong; it should be just the domain, baladia.local. 3. Add netbios name = [your server's hostname] 4. Add wins server = [your wins server(s)] 5. client use spnego should likely be yes 6. Add client ntlmv2 auth = yes. 7. Add smb ports = 445 8. Add local master = no 9. Add domain master =no 10. Add preferred master = no I don't know if that's going to solve your problems. no logon servers indicates either a deeper problem (e.g. network issue), or simply that you've specified the wrong server to use for checking passwords against. BTW, I still don't know why you have two kdc entries in your krb5.conf file. You only need one. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 23:09:16 up 4 days, 2:19, 2 users, load average: 0.17, 0.26, 0.21 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] freeradius version
Hi All, The freeradius version in CentOS 5 is ancient, so I've been considering rebuilding the Fedora 10 rpm for freeradius-2.1.3 on CentOS. That means I'll have to maintain the package, and I'm not an uber packager. Normally I wouldn't care, but in this case I do because the freeradius server is going to be critical. So, should I rebuild the F10 rpm, or should I just stick with the version in CentOS 5? Based on what I'm reading, moving to a newer release would be wise. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 11:37:20 up 19 days, 11:03, 4 users, load average: 0.17, 0.22, 0.18 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] freeradius version
On Wed, 2009-03-25 at 08:44 -0700, Ray Van Dolson wrote: What about branching Fedora freeradius for EPEL? I guess I can I make a package request there (I already checked - they don't have it). Are people really deploying freeradius-1.1.3?? -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 11:54:33 up 19 days, 11:20, 4 users, load average: 0.28, 0.24, 0.19 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] freeradius version
On Wed, 2009-03-25 at 15:51 +, Karanbir Singh wrote: What are these things you are reading ? Might be worth verifying some of them. Attribute changes, additional features, etc. freeradius devs aren't fixing bugs in the 1.1 releases anymore, though I know CentOS' upstream will backport, if need be. I suppose my real concern is if our soon-to-arrive network gear requires features included only in the 2.0 and up releases. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 12:00:42 up 19 days, 11:26, 4 users, load average: 0.72, 0.32, 0.22 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] freeradius version
On Wed, 2009-03-25 at 16:13 +, Karanbir Singh wrote: If there are a few people doing this already - why does one of you not step up and offer to maintain / manage this package in centosplus ? Thats what the plus repo is there for, isnt it :) Maybe a few people can collaborate on this? I suck at packaging. Well, I think I suck, anyway. Beyond taking the F10 SRPM and rebuilding on CentOS 5 with a few customizations (e.g. update the changelog, sign it with our key, change the packager, etc.), I wouldn't be doing anything else. It's probably not the ideal way to do it. I assume there's a particular way packages need to be built for inclusion into centosplus. Where be the info? :) Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 12:13:53 up 19 days, 11:40, 4 users, load average: 0.14, 0.23, 0.18 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] help on kerberos5
On Wed, 2009-03-25 at 13:15 +0300, fabian dacunha wrote:
my domain name is=== baladia.local
Windows 2003 AD server computer name is kmun
my /etc/krb5.conf file is
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
ticket_lifetime=24000
default_realm=BALADIA.LOCAL
dns_lookup_realm = false
dns_lookup_kdc = false
[realms]
BALADIA.LOCAL={
kdc=172.16.2.227:88
# admin_server=kmun.baladia.local:749
default_domain=BALADIA.LOCAL
kdc=BALADIA.LOCAL
}
You only need one kdc here. Choose one, comment/delete the other.
[domain_realm]
.baladia.local=BALADIA.LOCAL
baladia.local=BALADIA.LOCAL
kerberos 88/udp kdc # Kerberos key server
kerberos 88/tcp kdc # Kerberos key server
What are these kerberos lines for? Why have you put them here? They
don't belong - comment/delete them.
[kdc]
profile = /var/kerberos/krb5kdc/kdc.conf
[appdefaults]
pam = {
debug = false
ticket_lifetime = 36000
renew_lifetime = 36000
forwardable = true
krb4_convert = false
}
kinit should work after making the changes above.
Regards,
Ranbir
--
Kanwar Ranbir Sandhu
Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux
14:06:36 up 19 days, 13:32, 4 users, load average: 0.14, 0.20, 0.18
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] freeradius version
On Wed, 2009-03-25 at 11:17 -0700, Craig White wrote: first of all, there's very good instructions which I previously linked. secondly, I can only build i386 at the present time. I can build x86_64 and i386. lastly, I'm up and running and don't see much need to continually monitor updates and releases unless there's a security issue. I'd be doing it for the community, not just myself. It would help everyone out. Besides, what comes around, goes around. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 14:24:09 up 19 days, 13:50, 4 users, load average: 0.19, 0.13, 0.13 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] jboss application server rpm
Hi All, I've been trying to locate a jboss application server rpm for CentOS 5, but I haven't found any. I thought it would be included with CentOS. Searching the yum repos hasn't turned anything up. Maybe my yum search was sub-par. Where should I look? Do any rpms exist? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 15:26:31 up 7 days, 14:53, 5 users, load average: 0.79, 0.32, 0.16 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] jboss application server rpm
On Fri, 2009-03-13 at 15:39 -0400, Jason Pyeron wrote: Download the tgz from the jboss website and unpack it inside the homedirectory of the user you want to run it as. Creating a user specifically for that purpose also hasn't hurt anybody... The only exception to this approach might be if part of your file- system are read-only because you booted the box via PXE. You could make a RPM pretty easy for it. I was kind of hoping not having to go down that route...you know, laziness and all. :) Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.19-170.2.35.fc10.x86_64 x86_64 GNU/Linux 15:50:07 up 7 days, 15:16, 5 users, load average: 1.37, 1.31, 1.03 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Mon, 2009-02-16 at 20:36 -0500, Ross Walker wrote: In Firefox go to your about:config page and scroll down to: network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris and for their string values enter your DNS domain to allow kerberos negotiation and delegation to occur. HA! I had these set already, but I still get prompted. So, today I decided I should delete the saved passwords for the apache hosted site I was trying to access, and viola, SSO worked! I can't believe I didn't remove the saved passwords before. Anyway, thanks for pointing out the Firefox settings. I doubt I would have remembered they were there. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 14:04:07 up 6 days, 15:51, 4 users, load average: 0.92, 1.02, 0.69 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Tue, 2009-02-17 at 14:07 -0500, Kanwar Ranbir Sandhu wrote: On Mon, 2009-02-16 at 20:36 -0500, Ross Walker wrote: In Firefox go to your about:config page and scroll down to: network.negotiate-auth.delegation-uris and network.negotiate-auth.trusted-uris and for their string values enter your DNS domain to allow kerberos negotiation and delegation to occur. HA! I had these set already, but I still get prompted. So, today I decided I should delete the saved passwords for the apache hosted site I was trying to access, and viola, SSO worked! I can't believe I didn't remove the saved passwords before. I should have mentioned that I only set network.negotiate-auth.trusted-uris. I left the other one blank. Setting it or not didn't seem to make a difference. But, based on this: https://developer.mozilla.org/en/Integrated_Authentication The apache server should have been able to handle the authentication. Maybe I'm misunderstanding what delegation does. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 14:12:01 up 6 days, 15:59, 4 users, load average: 1.11, 1.13, 0.87 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Tue, 2009-02-17 at 10:27 -0700, Joseph L. Casale wrote: I haven't tried this one, but make note it lacks NTLMv2 and group support which made it non usable in my environment. Like Filipe suggested mod_auth_ntlm_winbind addresses this but it appears it's not actively maintained and I got stuck configuring it and gave up... I believe you can use kerberos auth and group lookups. For the group support, you need to do direct LDAP lookups. Just run a google search for 'kerberos apache group', or something along those lines, to find some links discussing what I've mentioned here. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 14:58:02 up 6 days, 16:45, 4 users, load average: 1.32, 1.27, 1.21 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Sat, 2009-02-14 at 09:14 -0600, Jeff wrote: OK, so you say it's possible, but how about some hints? You're leaving us completely in the dark here. The problem is I don't have a step-by-step procedure to give you because I didn't document as I went along. Working in smaller company usually means documentation gets delayed or not done at all, unfortunately (not enough time to do it!). I'll see if I saved the links I found the most useful when I did the integration (on my work PC, so has to wait until Feb 17th, at least). The websites I used will hopefully be useful to you, too. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 17:50:59 up 5 days, 19:38, 3 users, load average: 2.08, 1.78, 0.98 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Mon, 2009-02-16 at 09:13 +0100, Sorin Srbu wrote: Probably not, but I was thinking there may be some obscure package somewhere on the 'net to do this. There is - I found it last year, and it works. I have everything on my work PC, so I'll let the list know tomorrow or later this week. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 17:54:53 up 5 days, 19:41, 3 users, load average: 1.20, 1.70, 1.14 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Mon, 2009-02-16 at 15:21 -0500, Ross Walker wrote: Avoid NTLM all together and use Kerberos between apache/squid, Active Directory and the Windows and Linux clients. Firefox and IE both support Kerberos authentication. I believe apache/ squid do too, but you need a manually create the service principal names in AD for those. I was using NTLM at first, but then switched to Kerberos (on the CentOS server side). The Windows users didn't see a difference. For them, SSO works just as well as before, but I still get prompted to enter user/password when I use my Fedora 10 desktop to browse to CentOS hosted web sites. My Fedora desktop is joined to the domain. I can login with my AD user/password. I even have caching working, which lets me sign on to my laptop when it's not connected to the network. I suppose I've missed something, though I don't know what. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 17:57:09 up 5 days, 19:44, 3 users, load average: 0.21, 1.13, 1.00 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Tue, 2009-02-17 at 08:05 +0800, Christopher Chan wrote: Maybe kerberos authentication? I have winbind authentication working here but I have yet to get kerberos working to get SSO on Linux desktops. Isn't winbind enough? Afterall, winbind gets the kerberos ticket when the user logs in. What's the difference between kerberos auth and winbind auth? Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 19:32:30 up 5 days, 21:19, 3 users, load average: 0.30, 0.24, 0.21 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Practical experience with NTLM/Windows Integrated Authentication [Apache]
On Fri, 2009-02-13 at 12:11 +0100, Sven wrote: I wish to migrate Windows IIS webserver to CentOS. Killer-Feature is SSO with Windows Integrated Authentication[0]. Anyone have experience with such a setup and can say a few sentences how to do that and if its stable? I've done this on a few servers at work and it works great. Stable and essentially hands off after the initial config. The very first time I set it up, I had a tough time figuring out all the bits that were necessary to make it work, but I guess that's true of anything you do the first time. You know what the best part is? Nothing was documented. HA! It's actually quite horrible. My plan is to set up the Apache/Windows AD integration again on another box and to document it at that time. Your two keys to success: 1. you better have a solid understanding of administering a CentOS system. You don't have to know Apache inside and out, but good grasp of how to configure apache is a plus. 2. make sure your Windows ADS is configured properly. If there's anything that will throw off your project, it's the Windows server. Your Windows admin better know his stuff! Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.12-170.2.5.fc10.x86_64 x86_64 GNU/Linux 21:12:14 up 2 days, 22:59, 4 users, load average: 0.22, 0.21, 0.29 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos for squid auth
On Sat, 2008-12-20 at 22:00 -0700, Joseph L. Casale wrote: Yeah it's been working ever since but there are some errors in the logs even though users auth silently and it all just works. Once I am back from holidays I had planned to read up on winbind and samba as it relates to AD... If you need any tips/help, let me know. I have lots of CentOS servers and a couple of Fedora and Ubuntu laptops authenticating to AD at work, and they all work flawlessly. Regards, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.7-53.fc9.x86_64 x86_64 GNU/Linux 10:17:32 up 6 days, 14:46, 13 users, load average: 0.82, 0.50, 0.44 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kerberos for squid auth
On Mon, 2008-12-15 at 23:47 -0700, Joseph L. Casale wrote: When you use kinit to acquire a Kerberos ticket prior to joining a Win2k3 domain with net ads join -U upn is that ticket merely used for the join that follows? When it expires does this mean anything? You use kinit before joining the AD to test AD auth. That is, you want to be sure your linux side is configured properly to get a kerberos ticket in the first place. If you're able to get one, you should be to join the domain. HTH, Ranbir -- Kanwar Ranbir Sandhu Linux 2.6.27.7-53.fc9.x86_64 x86_64 GNU/Linux 21:46:24 up 6 days, 2:15, 13 users, load average: 0.61, 0.73, 0.63 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] freenx 7.3?
On Mon, 2008-10-20 at 16:38 -0500, Les Mikesell wrote: Has anyone built a freenx 7.3 for Centos 5? I'd like to be able to use the session shadow mode on some machines. Oh neat! When did this get added to freenx? I've been wanted to test that out for a long time. Regards, Ranbir ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
