Re: [CentOS] how to clear out /var/cache?

[Stephen John Smoogen]

On Thu, 30 Dec 2021 at 18:21, Fred  wrote:

> Is it safe to just remove files from /var/cache on a running system, or is
> there a correct procedure for doing that?
>
> Mine has hit over 3 gigs, making it one of the larger directories in /,
> which is running low on space. I've hit all the low-hanging fruit I can
> find and now I come to things like /var/cache, and I don't know what to do
> about such.
>
>
The first step is to find out what is using it. It is probably dnf but
could be other utilities which are trying and failing to do something. I
start off with

```
$ sudo -i
# cd /var/cache
# du -sch | sort -h
0   ./PackageKit
0   ./app-info
0   ./bpf
0   ./fwupd
0   ./httpd
0   ./krb5rcache
0   ./libX11
0   ./libvirt
0   ./private
0   ./realmd
36K ./ldconfig
1.7M./man
29M ./dnf
31M total

while on a different system:
4.0K./abrt-di
4.0K./bpf
4.0K./foomatic
4.0K./krb5rcache
4.0K./private
4.0K./realmd
8.0K./httpd
8.0K./libX11
8.0K./powertop
96K ./ldconfig
300K./ibus
520K./libvirt
3.5M./man
4.2M./fwupd
38M ./app-info
59M ./cups
213M./PackageKit
332M./dnf
2.1G./mock
2.7Gtotal

```

As others have noted, dnf is probably the most used tool here, but it could
be mock or some other utility (I had cups because I misconfigured something
once)

dnf is a tricky tool because sometimes a command will create a
'not-so-temporary' cached tree which can't be cleaned because `dnf clean
all` doesn't know it. What I do is a `dnf clean all` and then go into
/var/cache/dnf and see what else might be still there. In my case I found a
large trove of packages from when I had enabled testing at one point and
then turned it off before doing a clean. I normally just delete all the
directories and do a `dnf update` to see if it reports errors.

Hope this helps.



Thanks in advance!
>
> Fred
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard battle.
-- Ian MacClaren
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 9-stream "CRB" repo

[Stephen John Smoogen]

On Tue, 14 Dec 2021 at 18:26, Leon Fauster via CentOS  wrote:
>
> Am 15.12.21 um 00:24 schrieb Chris Adams:
> > I'm starting to look at CentOS 9-stream... what is the CRB repo?  It
> > appears to be a lot of development libraries and such, but I didn't see
> > a definition or "CRB" anywhere.
>
> https://developers.redhat.com/blog/2018/11/15/introducing-codeready-linux-builder

It is what in C8 is called PowerTools.


-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard
battle. -- Ian MacClaren
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos and ModemManager

[Stephen John Smoogen]

Without knowing what kind of network, what kind of workload etc.. the
answer is 'no idea'. In most cases, you are going to have to make this
sort of judgement yourself and in the end, if it is off and you needed
it because some weird network or bluetooth keyboard acts like a
modem.. then you can turn it on. [well if you have a plugged in
keyboard.]

On Thu, 18 Nov 2021 at 10:00, Jay Hart  wrote:
>
> Any answers here?
>
> Jay
>
> > For a hard wired only server, does ModemManger need to be enabled?
> >
> > The only thing that ever might be hooked up to this server would be an 
> > external USB DVD drive.
> >
> > Thanks in Advance,
> >
> > Jay
> >
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard
battle. -- Ian MacClaren
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ruby on Cent OS 8

[Stephen John Smoogen]

On Mon, 15 Nov 2021 at 10:04, Simon Matter  wrote:
>
> > On Mon, 15 Nov 2021 at 09:18, Nikolaos Milas  wrote:
> >>
> >> Another option is to migrate to an RHEL 8 -compatible OS, like Rocky
> >> Linux, AlmaLinux, Oracle Linux, Springdale Linux.
> >>
> >> (I remind that CentOS Stream is no more a RHEL 8 twin.)
> >>
> >> I have already migrated successfully all my CentOS 8 boxes to Rocky. (I
> >> am informed that in Academic Institutions in Greece -at least-, SysAdmin
> >> teams have also selected Rocky to migrate from CentOS 8.)
> >>
> >> Rocky seems to be gaining momentum as the main CentOS 8 successor.
> >>
> >
> > Going off of EPEL8 client use meters, it is still a fair tie between
> > Rocky usage and Alma usage.
> >
> > Date | OS Name | Number of systems longer than 2 weeks old (so
> > probably not CI/Containers)
> > 2021-11-01 | Red Hat Enterprise Linux | 119625
> > 2021-11-01 | CentOS Linux | 461424
> > 2021-11-01 | CentOS Stream | 56902
> > 2021-11-01 | Oracle Linux | 20683
> > 2021-11-01 | AlmaLinux | 25880
> > 2021-11-01 | Rocky | 28167
>
> These figures are interesting but they can not be compared directly.
> Oracle has its own EPEL repo and therefore I guess that the number here
> shows only those who are using the official EPEL instead of the one
> provided by Oracle. That said, I expect that the true number of Oracle
> Linux installations is quite a bit higher than what we see here.
>

Correct and my deepest apologies for not saying so. I usually list the
Oracle caveat and I forgot to do so. The Oracle numbers are a lower
bound at best as it requires someone to install and/or convert to
Oracle and then use an upstream epel-release. Most Oracle users will
be using their rebuild of EPEL.


> Even more interesting and worrying is the still growing number of CentOS
> Linux 8 installations ;)
>
> Regards,
> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard
battle. -- Ian MacClaren
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ruby on Cent OS 8

[Stephen John Smoogen]

On Mon, 15 Nov 2021 at 09:18, Nikolaos Milas  wrote:
>
> Another option is to migrate to an RHEL 8 -compatible OS, like Rocky
> Linux, AlmaLinux, Oracle Linux, Springdale Linux.
>
> (I remind that CentOS Stream is no more a RHEL 8 twin.)
>
> I have already migrated successfully all my CentOS 8 boxes to Rocky. (I
> am informed that in Academic Institutions in Greece -at least-, SysAdmin
> teams have also selected Rocky to migrate from CentOS 8.)
>
> Rocky seems to be gaining momentum as the main CentOS 8 successor.
>

Going off of EPEL8 client use meters, it is still a fair tie between
Rocky usage and Alma usage.

Date | OS Name | Number of systems longer than 2 weeks old (so
probably not CI/Containers)
2021-11-01 | Red Hat Enterprise Linux | 119625
2021-11-01 | CentOS Linux | 461424
2021-11-01 | CentOS Stream | 56902
2021-11-01 | Oracle Linux | 20683
2021-11-01 | AlmaLinux | 25880
2021-11-01 | Rocky | 28167

The Rocky and Alma numbers trade places a couple of times over the
weeks so I won't say either one is the successor. Instead as you said
each one has a regional selection where certain groups of people flock
to the same choice via word of mouth.  The number of Alma

It will be interesting to see how the CentOS Linux 8 number change.
Since the announcement of EOL of CentOS 8 a year ago, they have gone
up steadily from 200k to 460k. I am expecting that even after the EOL,
they will continue to go up in the same way that CentOS-6 went up
after it was EOL.

> You may check earlier threads in this mailing list for more info.
>
> Cheers,
> Nick
>
> On 8/11/2021 5:06 μ.μ., Josh Boyer wrote:
>
> > However, CentOS Linux 8 will be going EOL on December 31, 2021.  Users
> > are strongly encouraged to migrate to CentOS Stream 8.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard
battle. -- Ian MacClaren
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 9-stream modules?

[Stephen John Smoogen]

On Sun, 14 Nov 2021 at 17:48, Chris Adams  wrote:
>
> I started looking at 9-stream a bit... and I notice there are no package
> modules.  All the things that were modules in 8/8-stream appear to have
> been folded back into the base OS, with no variants included (like
> different versions of MariaDB and php for example).  Is this expected to
> be the way forward, or are modules just still to be filled out?
>

Modules will probably occur later in time. Made up example follows
which bears no resemblance to reality: Perl-5.400 comes out and it is
a good candidate for use, then it will be added as a module which
would replace regular packages.  Same with PHP, IDM and other
'fast-but-useful' tool-sets.



> --
> Chris Adams 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
Let us be kind to one another, for most of us are fighting a hard
battle. -- Ian MacClaren
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Version of curl does not support session resumption

[Stephen John Smoogen]

On Thu, 28 Oct 2021 at 10:28, Joscha Knobloch  wrote:
>
> Hi,
>
> we have a CentOS7 Server running that pushes some Backups via FTP onto 
> another server. We switches the FTP-Server for a new one that works very 
> well. One new thing is that FTPS session resumption is now mandetory and 
> cannot be turned off since it is an important security feature.
>
> Unfortunately the version of curl on the system does not yet support it. This 
> is the version installed on the system:
> curl 7.29.0 (x86_64-redhat-linux-gnu) libcurl/7.29.0 NSS/3.53.1 zlib/1.2.7 
> libidn/1.28 libssh2/1.8.0
>
> I have discussed this on the curl mailing list and they said the version is 
> from 2013 and we should update to a new version of curl.
>
> Is curl going to be updated to support ftps session resumption in the near 
> future? If not: What would be the best way to get a newer version onto the 
> system?

Enterprise Linux and other Long Time Support distributions are usually
very strict on updating packages which are in scripts. CentOS-7 is
based on Red Hat Enterprise Linux 7 which was released in 2014 and had
its last package set updated in 2020 with the release of 7.9. All
changes til its end of life in 2024 will be security fixes or other
critical fixes.

Normally to get a newer package like this you will want to compile the
version you want in /usr/local/ or some /opt/ tree directory to a)
make sure it doesn't break existing tools but b) is available for
scripts.



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on a BBS...
time to shutdown -h now.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Infiniband

[Stephen John Smoogen]

On Fri, 8 Oct 2021 at 23:15, Gordon Messmer  wrote:
>
> On 10/8/21 10:51, Mark Woolfson wrote:
> > I have a large server cluster running CentOS 6.4 and CentOS 6.6 using 10GbE.
> > I want to upgrade to Infiniband.
>
>
> CentOS 6 hasn't received any feature updates since May 2017, so any
> compatible hardware would have had to be released and supported before
> that date (possibly substantially before then).
>
> CentOS 6 has been EOL for almost a year, and isn't receiving any
> security updates.  You *really* should upgrade.
>

The versions of CentOS 6 this cluster is running are from 2013 and
2014 so they are looking at 10 year old infiniband. Going from that, I
think the best they can hope for is a Mellanox ConnectX-3 which seems
to have some caveats https://access.redhat.com/solutions/302543. The
ConnectX-4 came out in late 2014 early 2015 so i don't know if its
drivers ever were set to EL-6

I agree with Gordon that you need to plan on upgrading more than just
the backbone network since you are probably looking at significant
downtime to do that AND are in a high risk for security problems.


-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on a BBS...
time to shutdown -h now.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Find out which process consumed Network bandwidth

[Stephen John Smoogen]

On Mon, 6 Sept 2021 at 14:24, Anand Buddhdev  wrote:
>
> On 06/09/2021 19:35, Kaushal Shriyan wrote:
>
> Hi Kaushal,
>
> > I am running CentOS Linux release 7.9.2009 (Core). Is there a way to find
> > out which process consumed network bandwidth during a specific time period?
> >
> > For example, the Nginx process consumed how much network traffic on Sept
> > 01, 2021.
>
> As far as I know, such accounting isn't done in a standard CentOS
> system, so there's no way to determine such information about a past event.
>

Agreed. The best at this point is looking at the nginx logs and hope
they are set up to show bits transferred or something similar to see
what ip addresses and files were being used.


> Regards,
> Anand
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on a BBS...
time to shutdown -h now.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Troubles expanding file system.

[Stephen John Smoogen]

On Wed, 1 Sept 2021 at 12:42, Jeff Boyce  wrote:
>
> Greetings -
>
>  I have tried posting this four times now, from two different email
> addresses (on the 25th, 27th, 30th, and 31st) and it never appeared.  I
> don't see it in the archives, so it appears to be getting dropped in
> transition for some reason.  I am not getting messages from the email
> system saying it is undeliverable, or is bounced; I am sending as plain
> text, not HTML, I stripped off my signature.  If this makes it through,
> someone please give me a clue why the others might not have.  But that
> is not as important as the real issue that I am trying to get addressed
> below.  Thanks for any assistance.
>
>  I have a Dell PowerEdge server with a CentOS KVM host (Earth) with
> one CentOS guest (Sequoia) that I am trying to expand the partition and
> filesystem on.  I have LVM logical volumes on the host system (Earth),
> which are used as devices/partitions on the guest system (Sequoia).  In
> this particular situation I have successfully extended the logical
> volume (lv_SeqEco) on Earth from 500GB to 700GB.
>
> 1.  Checking the disk information (lsblk) on Earth shows that the
> logical volume (lv_SeqEco) is now listed as 700GB.
>
> 2.  Checking disk information (lsblk) on Sequoia shows that the disk
> /dev/vde is still listed as 500GB, and partition /dev/vde1 where the
> mount point /ecosystem is located is also listed as 500GB.
>
> 3.  I had tried using the resize2fs command to expand the filesystem on
> /dev/vde1, but it returned with the result that there was nothing to
> do.  Which makes sense now after I checked the disk information, since
> /dev/vde on Sequoia has not increased from 500GB to 700GB.
>

Thanks for the long list of items of what you have done. In Fedora
Infrastructure, we used this method to resize images in the past
https://pagure.io/infra-docs/blob/main/f/docs/sysadmin-guide/sops/guestdisk.rst

The guest system usually needs to have the `fdisk` , `gdisk` or
`parted` commands rerun to resize the disk to its new size.


> 4.  On previous occasions when I have done this task, I would just start
> GParted on Sequoia and use the GUI to expand the partition and
> filesystem.  A real quick and simple solution.
>
> 5.  The problem I have now is that the VGA adapter on my server has died
> and I have no graphical output to the attached monitor, nor to the iDrac
> console display.  So I am stuck doing this entirely by the command line
> while logged into the system remotely.
>
> 6.  I suspect that I need to rescan the devices on Sequoia so that it
> recognizes the increased space that has been allocated from the extended
> the logical volume.  But when I did that (command below) it came back
> with a no such file or directory.
>
> echo 1 > /sys/class/block/vde1/device/rescan
>

Not sure that would do anything.


> 7.  This server is being retired in the next few months, but I need this
> additional space prior to migrating to the new system. Can someone give
> me some guidance on what I am missing in this sequence?
>
> Let me know if I haven't been clear enough in the explanation of my
> systems and objective.  Thanks.
>
> Jeff
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on a BBS...
time to shutdown -h now.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Unable to update Google products on CentOS 7

[Stephen John Smoogen]

On Wed, 1 Sept 2021 at 10:34, Frank Bures  wrote:
>
> Hi,
>
> I have Google rpm repository enabled.
>
> However, running "yum update" returns
>
> https://dl.google.com/linux/chrome/rpm/stable/x86_64/repodata/repomd.xml:
> [Errno 14] HTTPS Error 404 - Not Found
>

It works for me and can be tested with:

$ curl https://dl.google.com/linux/chrome/rpm/stable/x86_64/repodata/repomd.xml

http://linux.duke.edu/metadata/repo;
xmlns:rpm="http://linux.duke.edu/metadata/rpm;>
 1630438383

  72bd1120db31564215cde423e900596e2fd9cc583850782355aaf7c283aa1c54
  028e855817d7529b77f5a197460250178e2251c8d97f4b1042549f4b698da63a
  
  1630438384
  1823
  19397


  e2475ced0fbc6c2b3ea79e7a549c3de637734bf8b93a8c2d8c0b87b278f244ae
  ac55966bc79fdb3ca5152fad6ba96f0ffbe52a9e55c5dbfa651cef2b6f447a2e
  
  1630438384
  368
  690


  692f4b277acda5a9e039dca2758d79de6f0c35b65677ff71015722037b87b0f6
  d39a3502be6913450d4cdaa70cb22abedea7c23c77988364c6f494927f14231e
  
  1630438384
  1801
  17371


$ host dl.google.com
dl.google.com has address 172.217.2.110
dl.google.com has IPv6 address 2607:f8b0:4004:80a::200e

If it doesn't work for you then compare if the ips are blocked somewhere.


> It worked OK just a couple of days ago.
>
> Is anyone aware of any recent changes in Google repositories?
>
> Thanks
> Frank
>
>
> --
>
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on a BBS...
time to shutdown -h now.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Minimising a CentOS installation

[Stephen John Smoogen]

On Fri, 20 Aug 2021 at 10:25, Anand Buddhdev  wrote:
>
> Hi folks,
>
> After doing a minimal CentOS 8.4 installation, I found the following
> packages to be useful for a simple server, so I removed them:
>
> cronie-anacron (replaced with cronie-noanacron)
> alsa-firmware
> ivtv-firmware
> iwl*-firmware
> sssd-common (along with all packages that depended on it)
>
> What other things do folk usually remove to make their installation smaller?
>

Usually it breaks down at this point because everyone has different
things they want for their minimal install. Getting 3 people to agree
on a minimal working set seems to be harder than doing a three body
physics problem :).



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] A Blast from the past

[Stephen John Smoogen]

On Tue, 17 Aug 2021 at 12:02, Mark Woolfson  wrote:
>
> Thank you for your feedback.
>
> Unfortunately the manufacturer of our application software will only support
> it on RHEL/CentOS 7.0. I have asked and that is all they say.
> When the CentOS 7.0 boots it does not recognise the CPU ID, flags it as a
> soft error then continues.
> The Haswell and the Ice Lake both have 28 cores but different frequencies.
> A couple of clues. At the boot prompt the server cooling fans are running
> slowly. When it hangs, after a short delay, the fans run faster and this is
> repeated.
> Also, when it hangs the keyboard is unresponsive and the server status LED's
> state that all is okay.
> If Intel adhere to the x86_64 standard for their processors then surely the
> only difference would be the addition functionality.
> I am trying to find a resolution as this particular application is perfect
> for our requirements.

You will either need an older computer or a different application. A
company which only supports a .0 version of an OS usually means they
aren't really supporting their customers. They are expecting you to
run an application on an OS without any security updates or
improvements. There are 7 years of CVE's in the kernel, libraries and
other parts the customer has to live with if they want the
application. Good luck.



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] hosts.deny, fail2ban etc.

[Stephen John Smoogen]

On Tue, 27 Jul 2021 at 17:17, Pete Biggs  wrote:
>
> On Tue, 2021-07-27 at 16:43 -0400, H wrote:
> > > Running CentOS 7. I was under the impression - seemingly mistaken -
> > > that by adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.*
> > > would ban all attempts from that network segment to connect to the
> > > server, ie before fail2ban would (eventually) ban connection
> > > attempts.
> >
> > This, however, does not seem correct and I could use a pointer to
> > correct my misunderstanding. How is hosts.deny used and what have I
> > missed?
>
> hosts.deny is only used by specific programs that use TCP wrappers. It
> is not a general "deny this host access".
>
> Also note that fail2ban operates on individual hosts, not subnets.
>

[I should have waited and read all my email before responding. Peter
covered parts I did not.]


-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] hosts.deny, fail2ban etc.

[Stephen John Smoogen]

On Tue, 27 Jul 2021 at 16:43, H  wrote:
>
> |Running CentOS 7. I was under the impression - seemingly mistaken - that by 
> adding a rule to /etc/hosts.deny such as ALL: aaa.bbb.ccc.* would ban all 
> attempts from that network segment to connect to the server, ie before 
> fail2ban would (eventually) ban connection attempts.
>
> This, however, does not seem correct and I could use a pointer to correct my 
> misunderstanding. How is hosts.deny used and what have I missed?
>
> Is it necessary to run:
>
>  iptables -I INPUT -s aaa.bbb.ccc.0/24 -j DROP
>

yes. iptables is one of the first things which will see the packets
coming to the server as it is implemented in kernel space. hosts.deny
only comes in for specific services which are compiled to use it.

[Internet] <-> [iptables] <-> [systemd if used] <-> [xinetd w/tcp-wrappers]

In the above example, a packet coming from the internet gets
interpreted and dealt with multiple tools and hosts.deny is only used
in the last section where xinetd and similar programs compiled with
tcp-wrappers look at hosts.deny file.


> to drop incoming connection attempts from that subnet?
>
> Thank you!
> |
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT: firefox question

[Stephen John Smoogen]

On Fri, 23 Jul 2021 at 11:43, Valeri Galtsev  wrote:
>
> Dear Experts,
>
> My question is OT, as it is related to firefox, not CentOS system per
> se. Even more: my firefox runs on FreeBSD workstation. But I figured
> this list have largest likelihood of having experts in firefox (as well
> as on other things), so...
>
> My firefox behavior changed after one of recent updates..
>
> When one logs in to website that is locked using web password (e.g., set
> in .htacess/.htpasswd in apache), one gives username/password once. Then
> firefox remembers that while firefox is running, and you don't have to
> give credentials (though authentication does happen behind the scenes
> all the time since). But not anymore for me at least on my (FreeBSD)
> workstation: in the morning I discover firefox (though it had not been
> restarted) asks yet again credentials to websites I have been logged to.
> As if firefox purges credentials to websites after some period of time
> (or inactivity on those websites).
>

Not happening for me on any of my platforms (though I don't have BSD
beyond Mac) so the usual suspects need to be checked:

1. Have the websites you log into changed their policies. A lot of
places are being required to shorten login credentials.
2. Is something causing your ip address for the workstation to change.
This can cause the server to see the existing login transaction as
invalid and requires reauthentication.
3. Is it something with that profile. Corruptions happen and sometimes
you either have to restore from before it happened or start over with
a new profile. The best way is to create a new profile and test but
you can also just mv .firefox to .firefox-broke and start over too.
Then log into some sites and then see if it happens.

-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [External] Re: Microsoft Teams on CentOS 7. Does the latest version work?

[Stephen John Smoogen]

On Thu, 15 Jul 2021 at 05:30, Toralf Lund  wrote:
>
> On 15/07/2021 09:37, Gianluca Cecchi wrote:
> > On Tue, Jul 13, 2021 at 2:03 PM Toralf Lund  wrote:
> >
> >> Does anyone else run Microsoft Teams on CentOS 7?
> >>
> >> I've used it for a while now, and it's generally worked reasonably well.
> >> However, after upgrading to the latest version from the Microsoft repos,
> >> it doesn't start up properly. Processes start and remain active until I
> >> give up and kill them, but I can't see a window or a tray icon or anything.
> >>
> >> Has anyone else seen this? Is there anything I can do to make the GUI
> >> appear?
> >>
> >> This is not a big deal as everything just works fine if I revert to the
> >> previous release, but it would be interesting to know if this is a
> >> general problem with the software, or I have some weird issue with my
> >> system.
> >>
> >> The release that doesn't work is 1.4.00.13653. The one that does is
> >> 1.4.00.7556.
> >>
> >> - Toralf
> >>
> >>
> >>
> > At the end I think you have something broken with your repo config or you
> > installed forcing something.
>
> Like I said elsewhere, it turns out that it's a little more complicated
> than that. The libraries are actually "provided", but they're not on the
> library path.
>

That isn't provided.. that is a private copy that chrome bundles
itself to use. It may or may not have all of the library calls in it
(the chrome upstream may only turn on things it knows it wants), and
it may have changes which the team doesn't expect.

Also teams is looking for `rpm -q --whatprovides
'libstdc++.so.6(GLIBCXX_3.4.20)(64bit)'` and you typed
`rpm -q --whatprovides 'libstdc++.so.6(GLIBCXX_3.4.22)(64bit)'`

Basically Microsoft teams will need to bundle this newer version of
glibc they are using to make your software work.

-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Auditing all Linux clients with centralised server

[Stephen John Smoogen]

On Fri, 9 Jul 2021 at 08:14, mario juliano grande-balletta
 wrote:
>
> This is what I remember about evil
> Microsoft...
> In 1992, Microsoft released Windows NT, and advertised it as the
> greatest operating system and began giving away free licenses to

This is drifting off of being anywhere on-topic for this list.


-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problems with CentOS 8 kickstart

[Stephen John Smoogen]

On Wed, 7 Jul 2021 at 08:29, Hooton, Gerard  wrote:
>
> I put nvme_core.multipath=N in the grub.cfg as follows
> linuxefi /Centos8/images/pxeboot/vmlinuz 
> inst.stage2=hd:LABEL=CentOS-8-x86_64-dvd nvme_core.multipath=N rd.live.check 
> inst.ks=http://192.168.1.10/kickstart/ks.cfg<http://143.239.132.208/kickstart/ks.cfg>
>
> This did not solve the problem.
>

OK remove that suggestion and try the following from
https://docs.fedoraproject.org/en-US/Fedora/24/html/Installation_Guide/sect-kickstart-commands-ignoredisk.html

try adding the following to the kickstart

ignoredisk --only-use=nvme0n1



> -----Original Message-
> From: Stephen John Smoogen 
> mailto:stephen%20john%20smoogen%20%3csmo...@gmail.com%3e>>
> Reply-To: CentOS mailing list 
> mailto:centos%20mailing%20list%20%3ccen...@centos.org%3e>>
> To: CentOS mailing list 
> mailto:centos%20mailing%20list%20%3ccen...@centos.org%3e>>
> Subject: Re: [CentOS] Problems with CentOS 8 kickstart
> Date: Tue, 06 Jul 2021 06:49:24 -0400
>
>
> [EXTERNAL] This email was sent from outside of UCC.
>
>
> On Mon, 5 Jul 2021 at 07:57, Hooton, Gerard <
>
> <mailto:g.hoo...@ucc.ie>
>
> g.hoo...@ucc.ie
>
> > wrote:
>
>
> The computer is Lenovo Thinkstation p620
>
> From df command I see:
>
> Filesystem   Size  Used Avail Use% Mounted on
>
> devtmpfs  16G 0   16G   0% /dev
>
> tmpfs 16G 0   16G   0% /dev/shm
>
> tmpfs 16G   26M   16G   1% /run
>
> tmpfs 16G 0   16G   0% /sys/fs/cgroup
>
> /dev/mapper/cs_uews027-root   70G  7.1G   63G  11% /
>
> /dev/nvme0n1p2  1014M  386M  629M  39% /boot
>
> /dev/nvme0n1p1   599M  7.3M  592M   2% /boot/efi
>
> /dev/mapper/cs_uews027-home  390G  2.8G  387G   1% /home
>
> tmpfs3.2G  8.0K  3.2G   1% /run/user/42
>
> tmpfs3.2G 0  3.2G   0% /run/user/0
>
>
>
> I am not familiar with this hardware, and a quick looks shows that
>
> there are a lot of variations on the p620. However I did find
>
> <https://download.lenovo.com/pccbbs/thinkcentre_pdf/ts_p620_redhat_enterprise_linux_8_installation_v1.0.pdf>
>
> https://download.lenovo.com/pccbbs/thinkcentre_pdf/ts_p620_redhat_enterprise_linux_8_installation_v1.0.pdf
>
>
> and
>
> <https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/pdf/configuring_device_mapper_multipath/Red_Hat_Enterprise_Linux-8-Configuring_device_mapper_multipath-en-US.pdf>
>
> https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/pdf/configuring_device_mapper_multipath/Red_Hat_Enterprise_Linux-8-Configuring_device_mapper_multipath-en-US.pdf
>
>
>
> I haven't used multipath and hope some people who have better ideas
>
> will chime in, but at this point I would see if passing the PXE kernel
>
> boot a  `nvme_core.multipath=N` helps any.
>
>
>
> See attached files for more info.
>
> -Original Message-
>
> From: Stephen John Smoogen <
>
> <mailto:smo...@gmail.com>
>
> smo...@gmail.com
>
> 
> <mailto:stephen%20john%20smoogen%20%3csmo...@gmail.com>
>
> stephen%20john%20smoogen%20%3csmo...@gmail.com
>
> %3e>>
>
> Reply-To: CentOS mailing list <
>
> <mailto:centos@centos.org>
>
> centos@centos.org
>
> 
> <mailto:centos%20mailing%20list%20%3ccen...@centos.org>
>
> centos%20mailing%20list%20%3ccen...@centos.org
>
> %3e>>
>
> To: CentOS mailing list <
>
> <mailto:centos@centos.org>
>
> centos@centos.org
>
> 
> <mailto:centos%20mailing%20list%20%3ccen...@centos.org>
>
> centos%20mailing%20list%20%3ccen...@centos.org
>
> %3e>>
>
> Subject: Re: [CentOS] Problems with CentOS 8 kickstart
>
> Date: Mon, 05 Jul 2021 07:28:05 -0400
>
>
>
> [EXTERNAL] This email was sent from outside of UCC.
>
>
>
> On Mon, 5 Jul 2021 at 07:15, Hooton, Gerard <
>
>
> 
> <mailto:g.hoo...@ucc.ie>
>
> g.hoo...@ucc.ie
>
> >
>
>
> <mailto:g.hoo...@ucc.ie>
>
> g.hoo...@ucc.ie
>
>
>
> wrote:
>
>
>
> Hi All,
>
>
> I am having problems with a kickstart install of CentOS 8
>
>
> When I try to do a completely automated install  using PXE/UEFI  it get to 
> the point where it reads the kickstart config file.
>
>
> Then I see the following message
>
>
> "kickstart install Started cancel waiting for multipath siblings for nvme0n1"
>
>
>
>
> The above says that the sy

Re: [CentOS] Problems with CentOS 8 kickstart

[Stephen John Smoogen]

On Mon, 5 Jul 2021 at 07:57, Hooton, Gerard  wrote:
>
> The computer is Lenovo Thinkstation p620
> From df command I see:
> Filesystem   Size  Used Avail Use% Mounted on
> devtmpfs  16G 0   16G   0% /dev
> tmpfs 16G 0   16G   0% /dev/shm
> tmpfs 16G   26M   16G   1% /run
> tmpfs 16G 0   16G   0% /sys/fs/cgroup
> /dev/mapper/cs_uews027-root   70G  7.1G   63G  11% /
> /dev/nvme0n1p2  1014M  386M  629M  39% /boot
> /dev/nvme0n1p1   599M  7.3M  592M   2% /boot/efi
> /dev/mapper/cs_uews027-home  390G  2.8G  387G   1% /home
> tmpfs3.2G  8.0K  3.2G   1% /run/user/42
> tmpfs3.2G 0  3.2G   0% /run/user/0
>

I am not familiar with this hardware, and a quick looks shows that
there are a lot of variations on the p620. However I did find
https://download.lenovo.com/pccbbs/thinkcentre_pdf/ts_p620_redhat_enterprise_linux_8_installation_v1.0.pdf
and 
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/pdf/configuring_device_mapper_multipath/Red_Hat_Enterprise_Linux-8-Configuring_device_mapper_multipath-en-US.pdf

I haven't used multipath and hope some people who have better ideas
will chime in, but at this point I would see if passing the PXE kernel
boot a  `nvme_core.multipath=N` helps any.


> See attached files for more info.
> -Original Message-
> From: Stephen John Smoogen 
> mailto:stephen%20john%20smoogen%20%3csmo...@gmail.com%3e>>
> Reply-To: CentOS mailing list 
> mailto:centos%20mailing%20list%20%3ccen...@centos.org%3e>>
> To: CentOS mailing list 
> mailto:centos%20mailing%20list%20%3ccen...@centos.org%3e>>
> Subject: Re: [CentOS] Problems with CentOS 8 kickstart
> Date: Mon, 05 Jul 2021 07:28:05 -0400
>
>
> [EXTERNAL] This email was sent from outside of UCC.
>
>
> On Mon, 5 Jul 2021 at 07:15, Hooton, Gerard <
>
> <mailto:g.hoo...@ucc.ie>
>
> g.hoo...@ucc.ie
>
> > wrote:
>
>
> Hi All,
>
> I am having problems with a kickstart install of CentOS 8
>
> When I try to do a completely automated install  using PXE/UEFI  it get to 
> the point where it reads the kickstart config file.
>
> Then I see the following message
>
> "kickstart install Started cancel waiting for multipath siblings for nvme0n1"
>
>
>
> The above says that the system thinks your box is multipath but the
>
> other drives are not showing up correctly. You will need to provide a
>
> lot more information for anyone to be able to help diagnosis this for
>
> you:
>
>
> 1. What is the build system
>
> 2. What kind of drives/drive controller is it
>
> 3. What is the rest of the kickstart that might tell it that it is multipath?
>
> 4. What are the pxe/uefi boot options in case that is telling it to
>
> try and probe for multipath that doesn't exist.
>
>
>
> This is what I have in the kickstart file
>
>
> # Clear the Master Boot Record
>
> zerombr
>
> # Partition clearing information
>
> clearpart --all --initlabel
>
> autopart --nohome --type=lvm --fstype=xfs
>
>  
>
>
> When I install from a USB drive it works OK and I have the following in  
> /dev/disk/by-id
>
>
> lrwxrwxrwx. 1 root root  13 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810 -> ../../nvme0n1
>
> lrwxrwxrwx. 1 root root  13 Jul  5 10:28 nvme-eui.002538b11102f46d -> 
> ../../nvme0n1
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 wwn-eui.002538b11102f46d-part3 -> 
> ../../nvme0n1p3
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810-part3 -> ../../nvme0n1p3
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 nvme-eui.002538b11102f46d-part3 -> 
> ../../nvme0n1p3
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> lvm-pv-uuid-5Dg4mg-saHa-hJJ6-n5a8-MxBS-gdFi-5jPoNn -> ../../nvme0n1p3
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 wwn-eui.002538b11102f46d-part2 
> UNG_MZVL2512HCJQ-0-> ../../nvme0n1p2
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810-part2 -> ../../nvme0n1p2
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 nvme-eui.002538b11102f46d-part2 -> 
> ../../nvme0n1p2
>
> drwxr-xr-x. 2 root root 400 Jul  5 10:28 .
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 wwn-eui.002538b11102f46d-part1 -> 
> ../../nvme0n1p1
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810-part1 -> ../../nvme0n1p1
>
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 nvme-eui.002538b11102f46d-part1 -> 
>

Re: [CentOS] Problems with CentOS 8 kickstart

[Stephen John Smoogen]

On Mon, 5 Jul 2021 at 07:15, Hooton, Gerard  wrote:
>
> Hi All,
> I am having problems with a kickstart install of CentOS 8
> When I try to do a completely automated install  using PXE/UEFI  it get to 
> the point where it reads the kickstart config file.
> Then I see the following message
> "kickstart install Started cancel waiting for multipath siblings for nvme0n1"
>

The above says that the system thinks your box is multipath but the
other drives are not showing up correctly. You will need to provide a
lot more information for anyone to be able to help diagnosis this for
you:

1. What is the build system
2. What kind of drives/drive controller is it
3. What is the rest of the kickstart that might tell it that it is multipath?
4. What are the pxe/uefi boot options in case that is telling it to
try and probe for multipath that doesn't exist.


> This is what I have in the kickstart file
>
> # Clear the Master Boot Record
> zerombr
> # Partition clearing information
> clearpart --all --initlabel
> autopart --nohome --type=lvm --fstype=xfs
>  
>
> When I install from a USB drive it works OK and I have the following in  
> /dev/disk/by-id
>
> lrwxrwxrwx. 1 root root  13 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810 -> ../../nvme0n1
> lrwxrwxrwx. 1 root root  13 Jul  5 10:28 nvme-eui.002538b11102f46d -> 
> ../../nvme0n1
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 wwn-eui.002538b11102f46d-part3 -> 
> ../../nvme0n1p3
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810-part3 -> ../../nvme0n1p3
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 nvme-eui.002538b11102f46d-part3 -> 
> ../../nvme0n1p3
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> lvm-pv-uuid-5Dg4mg-saHa-hJJ6-n5a8-MxBS-gdFi-5jPoNn -> ../../nvme0n1p3
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 wwn-eui.002538b11102f46d-part2 
> UNG_MZVL2512HCJQ-0-> ../../nvme0n1p2
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810-part2 -> ../../nvme0n1p2
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 nvme-eui.002538b11102f46d-part2 -> 
> ../../nvme0n1p2
> drwxr-xr-x. 2 root root 400 Jul  5 10:28 .
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 wwn-eui.002538b11102f46d-part1 -> 
> ../../nvme0n1p1
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 
> nvme-SAMSUNG_MZVL2512HCJQ-00BL7_S64KNE0R161810-part1 -> ../../nvme0n1p1
> lrwxrwxrwx. 1 root root  15 Jul  5 10:28 nvme-eui.002538b11102f46d-part1 -> 
> ../../nvme0n1p1
> lrwxrwxrwx. 1 root root  10 Jul  5 11:07 
> dm-uuid-LVM-qQok4M7AOo1TxZZ42GwZcbuVNBs0hnkKtEdtLjwJQyIdxJcSvPv8TEAjwYGMv6yU 
> -> ../../dm-0
> lrwxrwxrwx. 1 root root  10 Jul  5 11:07 
> dm-uuid-LVM-qQok4M7AOo1TxZZ42GwZcbuVNBs0hnkKAooqrczySYJyiHvUAUji9oScPN2cVi7J 
> -> ../../dm-1
> lrwxrwxrwx. 1 root root  10 Jul  5 11:07 dm-name-cs_uews027-swap -> ../../dm-1
> lrwxrwxrwx. 1 root root  10 Jul  5 11:07 dm-name-cs_uews027-root -> ../../dm-0
> lrwxrwxrwx. 1 root root  10 Jul  5 11:07 
> dm-uuid-LVM-qQok4M7AOo1TxZZ42GwZcbuVNBs0hnkK5HZXbR2ow5xKGuD7jVe4UPzZm2qRLLXI 
> -> ../../dm-2
> lrwxrwxrwx. 1 root root  10 Jul  5 11:07 dm-name-cs_uews027-home -> ../../dm-2
>
>
> It's looks like that I am not doing the disk drive stuff in the config file 
> correctly.
>
>
> --
>
> Gerard Hooton.
> Senior Technical Officer
> School of Engineering.
> University College Cork.
> College Road.
> Cork.
> Ireland.
> Loc8: WDR-04-60G
> Tel: +353 21 4902296
> Mobile: +353 852813491
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Help with default shell

[Stephen John Smoogen]

On Thu, 24 Jun 2021 at 06:22, Hooton, Gerard  wrote:
>
> Thanks Stephen,
> Where will I find the attribute mapping?
> Today I only have remote access via ssh and RDP.
>
>

The various pages on this were rather 'vague' on where it might be. I
would try with

find /etc -type f -print0 | xargs grep -il 'map.*passwd.*shell'

and see if it comes up with anything. After that I really don't know.
I haven't used openldap in 15 years and I have not used csh in 20.


-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Help with default shell

[Stephen John Smoogen]

On Wed, 23 Jun 2021 at 09:13, Hooton, Gerard  wrote:
>
> Hi all,
> I have a computer with CentOS 7.
> The users are authenticated using OpenLDAP.
> On LDAP the default shell is csh.
> When  ssh to login it works, i.e. $SHELL = /bin/csh
> Also, when using xrdp it works.
> However, a login from the  keyboard and screen attached computer we get 
> $SHELL = /bin/bash
>

So my first thing I would try to do would be to see if `getent passwd
` showed different configs when a person logged in different
ways. Aka
```
$ ssh foobaz
$ getent passwd ssmoogen
ssmoogen:x:14353:14353:Stephen Smoogen:/home/ssmoogen:/bin/csh
$ exit

login: ssmoogen
passwd:
$ getent passwd
ssmoogen:x:14353:14353:Stephen Smoogen:/home/ssmoogen:/bin/bash
$ exit
```

In either case, I think from going down the rabbithole of bugs/etc
that something in your system is using attribute mapping to force a
shell but only for console logins. The general way this is done is
sticking

map passwd loginShell "/bin/bash"
map passwd shell "/bin/bash"

Beyond that I do not have any openldap systems to confirm how this
would be done.

> Any help is welcome.
> Regards,
>
> Ger.
>
>
>
> --
>
> Gerard Hooton.
> Senior Technical Officer
> School of Engineering.
> University College Cork.
> College Road.
> Cork.
> Ireland.
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] pass on CentOS 7

[Stephen John Smoogen]

On Wed, 16 Jun 2021 at 09:39, wwp  wrote:
>
> Hello,
>
>
> I read here and there that `pass` is available for CentOS 7 through the
> EPEL repository. In which I cannot find it :-). I see it available for
> C8 but not C7. Was it removed?
>

Packages in EPEL are made available by the volunteer who maintains it.
https://koji.fedoraproject.org/koji/packageinfo?packageID=14675 shows
that the maintainer of pass seems to have stopped maintaining it in
EL7 a long time ago and it is currently 'orphaned' in it.


>
>
> Regards,
>
> --
> wwp
> https://useplaintext.email/
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos



-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's
Law. All those moments will be lost in time... like posts on  BBS...
time to reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] getssl was working stopped

[Stephen John Smoogen]

On Fri, 14 May 2021 at 13:43, Jerry Geis  wrote:

> On Fri, May 14, 2021 at 11:52 AM Jerry Geis  wrote:
>
> > Hi All  - I am using getssl on CentOS 7.
> > It have been working fine since  Feb 17th and just stopped.
> >
> > My script:
> > getssl -u -a -q
> > getssl: for some reason could not reach
> >
> http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM
> > - please check it manually
> >
> > So I did check it manually from another machine - it works fine:
> > curl
> >
> http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM
> >
> >
> >
> lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM.tIS27xF0xtz7YHES31MATofXyCeyfqttq7B_YBYZetI
> >
> > So it works fine.
> >
> > I then thought perhaps a firewall issue. So I "systemctl stop firewalld",
> > redid the getssl -u -a -q command above - and I get the same error.
> >
> > How do I see/tell what its not liking ?
> >
> > Thanks,
> >
> > Jerry
> >
>
> I took off the -q as requested - doesnt say much more.
>
>
> Redirecting to /bin/systemctl stop httpd.service
> Check all certificates
> MY_NAME: no certificate obtained from host
> Registering account
> Verify each domain
> Verifying MY_NAME
> copying challenge token to
>
> /var/www/html/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM
> getssl: for some reason could not reach
>
> http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM
> - please check it manually
> Redirecting to /bin/systemctl start httpd.service
>
>
>
> I thought the -u does the automatic upgrade -
>
> getssl -v
> getssl V2.36
>
>
I would check the getssl.cfg file and see if it is asking for version 1
acme certs.  [ I do not use this software and am just going from
https://github.com/srvrco/getssl where it has the certificate server it
wants to use in the latest version to be

CA="https://acme-v02.api.letsencrypt.org;


-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law.
All those moments will be lost in time... like posts on  BBS... time to
reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] getssl was working stopped

[Stephen John Smoogen]

On Fri, 14 May 2021 at 11:52, Jerry Geis  wrote:

> Hi All  - I am using getssl on CentOS 7.
>

which getssl are you using? I could assume https://github.com/srvrco/getssl
but it could be all numbers of things.

If it is that one, then it is written in bash so it should work via bash -x
and removing the -q to get more data on what might be broken.


It have been working fine since  Feb 17th and just stopped.
>
> My script:
> getssl -u -a -q
> getssl: for some reason could not reach
>
> http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM
> - please check it manually
>
> So I did check it manually from another machine - it works fine:
> curl
>
> http://MY_NAME/.well-known/acme-challenge/lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM
>
>
> lL_ublhWh3fnmbXhhh3BR3bdnjHoMFAgTimTvZUTLQM.tIS27xF0xtz7YHES31MATofXyCeyfqttq7B_YBYZetI
>
> So it works fine.
>
> I then thought perhaps a firewall issue. So I "systemctl stop firewalld",
> redid the getssl -u -a -q command above - and I get the same error.
>
> How do I see/tell what its not liking ?
>
> Thanks,
>
> Jerry
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
I've seen things you people wouldn't believe. Flame wars in
sci.astro.orion. I have seen SPAM filters overload because of Godwin's Law.
All those moments will be lost in time... like posts on  BBS... time to
reboot.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos versions in the future?

[Stephen John Smoogen]

On Wed, 28 Apr 2021 at 04:09, Nikolaos Milas  wrote:

> On 28/4/2021 10:35 π.μ., Nikolaos Milas wrote:
>
> > All that, in turn, are very much dependent on community involvement
> > and project management & financing.
>
> By the way, I think that CentOS, before it was "absorbed" by Redhat,
> could/might have addressed the community for fund raising, rather than
> abandoning the project to RH, which, as others have mentioned, was an
> unmistakable sign of upcoming CentOS EOL as we had come to know it.
>
>
So CentOS when it was brought into Red Hat was not a company or
organization. It was much more like some sort of libertarian anarchy where
a group of people came together in an IRC channel and did what they wanted
to get an OS out. Many of these people were consultants who had daily
clients and did this as a night gig to help those clients and others but it
wasn't a single company which could accept funding. Things like the domain
name, trademark, etc were in the name of one person due to a past
historical problem.

That problem was that CentOS did once have an organization to collect
funds, but it had been mismanaged. This caused all kinds of problems with
the community and groups which had given funding  and there were legal and
tax problems due to it. In those cases, it is better to 'walk' away from
the organization as resetting it up usually triggers audits and additional
paperwork to show the people involved now are no way the same ones before.
So instead things were set up with most of the items owned by individuals.


> If the financing need was communicated correctly, I am very confident
> that financing would have been secured, e.g. by using a public fund
> raising platform, due to CentOS huge install base and community.
>
> Any of those current (or future) projects that might prove successful
> enough to become CentOS successor (as a RHEL binary twin, and not as
> Stream), should use the community financing model, in order to avoid
> CentOS fate.
>
> My 0.01$ :)
>
> Nick
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Proxmox Backup Server equivalent for the RHEL/CentOS world ?

[Stephen John Smoogen]

On Tue, 13 Apr 2021 at 08:24, Simon Matter  wrote:

> > On 13.04.21 12:33, Simon Matter wrote:
> >>> Once upon a time, Nicolas Kovacs  said:
>  Both PVE and PBS are based on Debian, and now I wonder if RHEL-based
>  systems
>  have something similar to offer.
> >>>
> >>> I believe Red Hat Virtualization, and its open upstream oVirt, are
> >>> comparable to Proxmox.  I have used oVirt for a number of years.  oVirt
> >>> itself doesn't include backup software (it supports VM snapshots and
> >>> clones), but there are several third-party backup tools (both free and
> >>> commercial) compatible with oVirt/RHV, like Storeware's vProtect (I
> >>> haven't used it but seen others mention it).
> >>
> >> I haven't followed oVirt/RHV but I'm wondering how free it is? Is it as
> >> "free" as RHEL or as CentOS/Alma/Rocky/Navy/Oracle Linux?
> >
> > Upstream -> Product
> >
> > Fedora -> RHEL
> > oVirt  -> RHV
>
> Thanks for the confirmation.
>
> In other words, we'll soon have four or more almost 100% identical
> rebuilds of RHEL but only 1 very lacking EPEL and 0 RHV clones ;-)
>
>
Those all depend on committed volunteers to do the work. That takes up a
lot of time and effort from people who are in short supply because doing
those things are more like a job than a 'weekend fun project'. This would
normally be where people would pay for a product but there are not a lot of
paying customers and a larger number of people who either expect it there
or would rather go without than pay for it.



> Regards,
> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8

[Stephen John Smoogen]

On Fri, 9 Apr 2021 at 12:40, Valeri Galtsev 
wrote:

>
>
> On 4/9/21 11:23 AM, Stephen John Smoogen wrote:
> > On Fri, 9 Apr 2021 at 12:19, Stephen John Smoogen 
> wrote:
> >
> >>
> >>
> >> On Fri, 9 Apr 2021 at 12:02, Valeri Galtsev 
> >> wrote:
> >>
> >>>
> >>>
> >>> On 4/9/21 10:47 AM, Binet, Valere (NIH/NIA/IRP) [C] wrote:
> >>>> The NIST and CIS baselines don't allow su, we have to use sudo on
> >>> government computers.
> >>>>
> >>>
> >>> Could you enlighten me on the rationale behind that restriction? As, as
> >>> you already noticed, my [ancient, maybe] reasoning makes me arrive at
> an
> >>> opposite conclusion. (but mine is pure security consideration with full
> >>> trust vested into sysadmin, see below...)
> >>>
> >>> On a second guess: it is just for a separation of privileges, and
> >>> accounting of who did what which sudo brings to the table... Right?
> >>>
> >>>
> >> sudo brings into accounting and the ability to restrict a person to a
> >> single command. [That is hard to do well but it is possible.] It also
> >> allows for an easily auditable configuration file set so that you can
> see
> >> what should have been allowed and what shouldn't. Versus the usual 'oh
> lets
> >> make it setgid blah or setuid foo but restricted to this group..' and
> >> people forgetting it was done that way or why.
> >>
> >> That said it is like any tool can be used as a hammer when it should
> have
> >> remained a phillips head.
> >>
> >>
> > Finally sudo can allow for better RBAC rules where if that is needed you
> > had to have multiple su commands that were aligned to each role so that
> > people could not escape their jail. [My understanding is that this is
> where
> > your chosen OS shines
>
>
that should have been written as

your chosen OS, FreeBSD, shines ...

my apology for dropping the packets as I thought i typed it but didn't



> Which one OS would be that?
>
> Valeri
>
> > with sudo and this was lifted to other os's laster.]
> > By 2005 most .gov/.mil baselines required su to be no longer allowed
> > because of this.
> >
> >
>
> --
> 
> Valeri Galtsev
> Sr System Administrator
> Department of Astronomy and Astrophysics
> Kavli Institute for Cosmological Physics
> University of Chicago
> Phone: 773-702-4247
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8

[Stephen John Smoogen]

On Fri, 9 Apr 2021 at 12:19, Stephen John Smoogen  wrote:

>
>
> On Fri, 9 Apr 2021 at 12:02, Valeri Galtsev 
> wrote:
>
>>
>>
>> On 4/9/21 10:47 AM, Binet, Valere (NIH/NIA/IRP) [C] wrote:
>> > The NIST and CIS baselines don't allow su, we have to use sudo on
>> government computers.
>> >
>>
>> Could you enlighten me on the rationale behind that restriction? As, as
>> you already noticed, my [ancient, maybe] reasoning makes me arrive at an
>> opposite conclusion. (but mine is pure security consideration with full
>> trust vested into sysadmin, see below...)
>>
>> On a second guess: it is just for a separation of privileges, and
>> accounting of who did what which sudo brings to the table... Right?
>>
>>
> sudo brings into accounting and the ability to restrict a person to a
> single command. [That is hard to do well but it is possible.] It also
> allows for an easily auditable configuration file set so that you can see
> what should have been allowed and what shouldn't. Versus the usual 'oh lets
> make it setgid blah or setuid foo but restricted to this group..' and
> people forgetting it was done that way or why.
>
> That said it is like any tool can be used as a hammer when it should have
> remained a phillips head.
>
>
Finally sudo can allow for better RBAC rules where if that is needed you
had to have multiple su commands that were aligned to each role so that
people could not escape their jail. [My understanding is that this is where
your chosen OS shines with sudo and this was lifted to other os's laster.]
By 2005 most .gov/.mil baselines required su to be no longer allowed
because of this.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 8

[Stephen John Smoogen]

On Fri, 9 Apr 2021 at 12:02, Valeri Galtsev 
wrote:

>
>
> On 4/9/21 10:47 AM, Binet, Valere (NIH/NIA/IRP) [C] wrote:
> > The NIST and CIS baselines don't allow su, we have to use sudo on
> government computers.
> >
>
> Could you enlighten me on the rationale behind that restriction? As, as
> you already noticed, my [ancient, maybe] reasoning makes me arrive at an
> opposite conclusion. (but mine is pure security consideration with full
> trust vested into sysadmin, see below...)
>
> On a second guess: it is just for a separation of privileges, and
> accounting of who did what which sudo brings to the table... Right?
>
>
sudo brings into accounting and the ability to restrict a person to a
single command. [That is hard to do well but it is possible.] It also
allows for an easily auditable configuration file set so that you can see
what should have been allowed and what shouldn't. Versus the usual 'oh lets
make it setgid blah or setuid foo but restricted to this group..' and
people forgetting it was done that way or why.

That said it is like any tool can be used as a hammer when it should have
remained a phillips head.

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can't upgrade sssd-*

[Stephen John Smoogen]

On Mon, 5 Apr 2021 at 13:05, Warren Young  wrote:

> On Apr 5, 2021, at 8:32 AM, Johnny Hughes  wrote:
> >
> > wrt private keys .. we don't want any to live on machines we
> > don't physically own.
>
> Yeah, I get that.
>
> What I don’t get is why, if DNF goes to http://foo.centos.org to pull
> metadata, and it tells DNF to go to https://bar.qux.example.edu to
> download the packages specified by that metadata, why must there be any
> private keys for *.centos.org involved on example.edu’s servers?
>
>
I don't think they do require it unless that node is supposed to look like
a part of mirror.centos.org. The issue is that various tools fail when a
mirrorlist sends them data which is not the same as 'requested'. So if you
send over a http link and get an https, the tool may crash or try to talk
HTTP to the TLS port etc.

```
$ curl 'http://mirrorlist.centos.org/?release=8=x86_64=BaseOS'
http://mirror.us.oneandone.net/linux/distributions/centos/8.3.2011/BaseOS/x86_64/os/
http://mirror.cs.vt.edu/pub/CentOS/8.3.2011/BaseOS/x86_64/os/
http://distro.ibiblio.org/centos/8.3.2011/BaseOS/x86_64/os/
http://ftpmirror.your.org/pub/centos/8.3.2011/BaseOS/x86_64/os/
http://mirrors.rit.edu/centos/8.3.2011/BaseOS/x86_64/os/
http://mirror.atl.genesisadaptive.com/centos/8.3.2011/BaseOS/x86_64/os/
http://atl.mirrors.clouvider.net/CentOS/8.3.2011/BaseOS/x86_64/os/
http://repos-va.psychz.net/centos/8.3.2011/BaseOS/x86_64/os/
http://centos-distro.cavecreek.net/centos/8.3.2011/BaseOS/x86_64/os/
http://mirror.vtti.vt.edu/centos/8.3.2011/BaseOS/x86_64/os/
```

A metalink system provides different data which would allow for these
'transfers' but it has other problems which are mitigated with TLS
connections

```
http://www.metalinker.org/; type="dynamic"
pubdate="Mon, 05 Apr 2021 17:20:24 GMT" generator="mirrormanager"
xmlns:mm0="http://fedorahosted.org/mirrormanager;>
 
  
   1603150039
   6282
   
7de20cbe8e7ef87b4fc1b35191277ab4
7d0c65c0daf1677eda2152e25e39a3dc4f3be027
7a75be2ebd56e44c9d33252a12158c8b7079331e9c73aa62c609414299dabf06
dfcc30a274b140d3ff65c3b3c9987a7c057a30e89880b13472f61be5fdd8829761653e11309d25680dc89d1af91d015ea0ca6992bbabec60d8b472f3e81ebba2
   
   

http://download-ib01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/x86_64/os/repodata/repomd.xml

rsync://
download-ib01.fedoraproject.org/fedora-enchilada/linux/releases/33/Everything/x86_64/os/repodata/repomd.xml


https://download-ib01.fedoraproject.org/pub/fedora/linux/releases/33/Everything/x86_64/os/repodata/repomd.xml

   
  
 

```

In this way the tool can know and choose the version of TLS or download
protocol (rsync) which it can deal with.

I don't present this as a better way, just a different way. Both systems
make different security and availability choices to meet different
requirements. [The Fedora system is known to be fragile in TLS bringup
during the thundering bison rush of several million EPEL systems updating
caches at 04:00 while the CentOS system doesn't have this issue.]




> Surely the sysadmin of bar.qux.example.edu obtains a TLS key pair from
> some trusted CA that certifies that bar.qux.example.edu is valid
> according to the worldwide TLS public PKI.
>
> If we’re talking about package signing keys, surely that all happens on
> centos.org servers, and the resulting RPM packages are distributed as-is,
> not re-signed on each mirror server.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] KVM vs. incremental remote backups

[Stephen John Smoogen]

On Wed, 31 Mar 2021 at 08:41, Nicolas Kovacs  wrote:

> Hi,
>
> Up until recently I've hosted all my stuff (web & mail) on a handful of
> bare
> metal servers. Web applications (WordPress, OwnCloud, Dolibarr, GEPI,
> Roundcube) as well as mail and a few other things were hosted mostly on
> one big
> machine.
>
> Backups for this setup were done using Rsnapshot, a nifty utility that
> combines
> Rsync over SSH and hard links to make incremental backups.
>
> This approach has become problematic, for several reasons. First, web
> applications have increasingly specific and sometimes mutually exclusive
> requirements. And second, last month I had a server crash, and even though
> I
> had backups for everything, this meant quite some offline time.
>
> So I've opted to go for KVM-based solutions, with everything split up over
> a
> series of KVM guests. I wrapped my head around KVM, played around with it
> (a
> lot) and now I'm more or less ready to go.
>
> One detail is nagging me though: backups.
>
> Let's say I have one VM that handles only DNS (base installation + BIND)
> and
> one other VM that handles mail (base installation + Postfix + Dovecot).
>
> Under the hood that's two QCOW2 images stored in /var/lib/libvirt/images.
>
> With the old "bare metal" approach I could perform remote backups using
> Rsync,
> so only the difference between two backups would get transferred over the
> network. Now with KVM images it looks like every day I have to transfer the
> whole image again. As soon as some images have lots of data on them (say,
> 100
> GB for a small OwnCloud server), this quickly becomes unmanageable.
>
> I googled around quite some time for "KVM backup best practices" and was a
> bit
> puzzled to find many folks asking the same question and no real answer, at
> least not without having to jump through burning loops.
>
> Any suggestions ?
>
>
For Fedora Infrastructure we use a three prong approach
1. Kickstarts for the basic system
2. Ansible for the deployment and 'general configuration management'
3. rdiff-backup of things which ansible would not be able to bring back.

So most of our infrastructure is KVM only and the only systems we have to
kickstart by 'hand' are the bare metal. The guests are then fired off with
an ansible playbook which uses libvirt to fire up the initial guest and
kickstart from known data. Then the playbook continues and builds out the
system for the rest of the deployment. [Our guests are also usually lvm
partitions so we can use LVM tools to snapshot the system in different
ways.]

After it is done there are usually scripts which do things like do ascii
dumps of databases and such.

As you pointed out this isn't the only way to do so. Other sites have a
master qemu image for all their guests on a machine and clone that instead
of doing kickstarts for each. They also do snapshots of the images via lvm
or some other tool in order to make backups that way.

hope this helps.



> Niki
>
> --
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Blog : https://blog.microlinux.fr
> Mail : i...@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Prevent Anaconda from switching root and swap partition

[Stephen John Smoogen]

On Wed, 31 Mar 2021 at 05:11, Nicolas Kovacs  wrote:

> Hi,
>
> More often than not, when installing CentOS, I choose manual partitioning
> and
> then apply the KISS principle, with a very simple partitioning scheme that
> looks more or less like this:
>
>   * /boot partition: 500 MB, ext2
>   * swap partition: equivalent to amount of RAM
>   * root partition: available space, ext4
>
> Now when I do this, Anaconda insists on switching my swap and root
> partitions,
> so instead of this:
>
>   * /dev/sda1: boot partition
>   * /dev/sda2: swap partition
>   * /dev/sda3: root partition
>
> ... I get this:
>
>   * /dev/sda1: boot partition
>   * /dev/sda2: root partition
>   * /dev/sda3: swap partition
>
> Up until now this hasn't bothered me much. But for my needs right now it
> does,
> because I need my root partition to be at the end of the disk, so it can be
> expanded later on.
>
> Anyone knows how I can prevent Anaconda from switching my root and swap
> partitions? What I'm doing right now is switching to a text console with
> Ctrl-Alt-F5, manually partition using fdisk, switch back to Anaconda and
> then
> rescan the disk, but it's quite a PITA.
>
> These are the moments where I miss the good old bone-headed Slackware
> installer. :o)
>
> Cheers,
>
>
Since you are doing manual vs kickstart, you need to do additional steps
Before you go into the disk system in the UI

Control-Alt-F2
fdisk (or gfdisk  or parted depending on your prefs and needs)
clear the disk and set it up how you want it with the types set on each
partition.
go back into the UI and do the things you wanted. have it reread the disks
and have it use the existing partitions versus anything else

Option 2 is to go into the advanced partitioning tool blivet and see if it
can be done through that.. but I think you still need to do a
'slackware/arch' setup first

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.3

[Stephen John Smoogen]

On Thu, 18 Mar 2021 at 12:44, Mark Woolfson  wrote:

> Hello,
>
>
>
> I wonder if you could help.
>
>
>
> I have a requirement to load CentOS 7.3 on to a server. I have the
> distribution on a bootable USB key.
>
>
>
What kind of server? This is a hardware issue and is going to need to know
what kind of CPU and what the firmware on the system is. My uninformed
guess is that the kernel is finding a large number of CPUs (either virtual
or real) and it is probably only fixed by the kernel/software in 7.4. [A
test would be to see if 7.2 also has this issue and if not then walk
through the kernels until it does.. then look at the change logs for when
it starts working again.]

Or I would try installing with a smaller number of CPUs with a command line
entry like

maxcpus=16 (if this system has 82+?)


>
> CentOS boots to the first menu but when I select the option to install
> almost immediately I get the error below:
>
>
>
> NMI watchdog: BUG: soft lockup - CPU#82 stuck for 23s! [system-udevd:1221]
>
>
>
> The above error is output every 23s
>
>
>
> This is a repeatable error condition.
>
>
>
> When I load CentOS 7.4 on to the server I get no problems.
>
>
>
> When I load the above CentOS 7.3 distribution on to an older server I get
> no
> problems.
>
>
>
> Has anyone every seen the NMI watchdog error and found a resolution.
>
>
>
> Thank you in advance,
>
> Mark
>
>
>
>
>
> --
> This email has been checked for viruses by AVG.
> https://www.avg.com
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-7-x86_64-dvd-2009.iso is too big for DVD blanks

[Stephen John Smoogen]

On Thu, 18 Mar 2021 at 10:56, Lamar Owen  wrote:

> On 3/18/21 10:23 AM, Stephen John Smoogen wrote:
> > [what can be done] I am guessing
> > someone could make an unofficial set of spins which cut out some
> packages to try and make it fit in single density.
> >
> This is probably the solution at this point for the 'Full' DVD. In the
> interim, older machines such as this should just use the 'Minimal' DVD,
> since it fits on single-layer nicely.  (I hear or read single-density
> and think FM encoding, 128 bytes per sector, 77-track IBM 3740 format 8
> inch floppies..which are still in use in certain places...)  Same
> for 8.x or 8 Stream -- oh, wait, there is no 'Minimal' ISO, so net
> install or USB is it, can't use optical media at all.
>
>
https://mirrors.edge.kernel.org/centos/7/isos/x86_64/CentOS-7-x86_64-Minimal-2009.iso

There is a 7.9 minimal. There was no 8 minimal because composing is harder
and the 'minimum' set of packages did not shave off a lot of disk space.


> You're right; we're rabbit-holing.  Being at a non-profit, I have to
> rabbit hole a lot, since I tend to use much older hardware than 'normal.'
>

Understood. This is where the modern OS assumptions of  'you should be in
the cloud' and/or the 'your hardware must be only this old to be used'
cause a hard fork with parts of the community.


> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-7-x86_64-dvd-2009.iso is too big for DVD blanks

[Stephen John Smoogen]

On Thu, 18 Mar 2021 at 09:36, Lamar Owen  wrote:

> On 3/18/21 1:24 AM, John R. Dennison wrote:
> > It's not realistic to expect server-class machines not to be able to
> > boot from dual-layer or USB media in 2021.
> There are environments where USB or other writeable media are not
> allowed on premises.
>
> While all DVD-ROM drives are supposed to read DL media, in practice the
> compatibility has not proven to be 100%.
> ___
>

I think we are rabbit-holing on a bunch of related issues:


1. "How old hardware should be expected to work." Again this is not the
core issue the original person was asking.

Upstream (RHEL) usually expects hardware that is confirmed to work to be
usable through the release time. This hardware is usually on the year of
release to 4 years afterwards. So RHEL-7 was released in 2014, so tested
hardware configurations from 2014-2018 should work. Outside of that there
are some work to make it work but the rules from online docs seem to be
that if the hardware was from before 2012 and not a tested configuration,
it should stick to RHEL-6. [This is mostly about a level of support that
would be given point of view.. sure you could get it to work on a 2004
computer.. but if it breaks support is not going to spend hours/days/weeks
trying to make it work. Consulting services are for that..]

CentOS has no support levels so if it works cool. if it doesn't then sorry.
That goes for any dot release. If something is not caught in testing when
various dot releases are being built.. that's too bad. [This isn't a new
thing.. we didn't respin 5 releases when something wasn't caught until
months later.] Also this is not really related to the original person's
problem. It worked for them for many different releases and doesn't now.

2. "What are expected release results?" This is what the original question
falls into. They have been running under the assumption that one set of
DVD's would fall under a limit size for the single density drives. It has
worked for multiple releases before 7.9 and then it didn't. However that
expectation does not seem to have been in the testing procedures as a
'halt' level problem (i.e. measured in testing and then sent back if
failed.) I will be honest on my part, I have only done a 'looks' good
enough as I don't have single density DVD's to test if it worked or not. I
use USB sticks and virtual machines. I am expecting the other testers to
have done the same thing.

3. "What can be done". This is what the original question needs answered.

This was not caught in the release of 7.9 and that was a while ago. There
are not going to be any more dot releases for 7.. there is no planned 7.10
so this is the final set of DVD's until 2024. At this moment, I don't know
if a respin will make the images small enough and what would have to be
dropped to make it fit. Respinning 'official images'  now will also cause
problems for a lot of mirrors and users who will ask 'did these images get
hacked? why did it change now?' [And in either case, the original person
needed this fixed yesterday, not in the 2+ weeks to do this.] I am guessing
someone could make an unofficial set of spins which cut out some packages
to try and make it fit in single density.

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-7-x86_64-dvd-2009.iso is too big for DVD blanks

[Stephen John Smoogen]

On Mon, 15 Mar 2021 at 16:26, Lamar Owen  wrote:

> On 3/15/21 8:51 AM, Stephen John Smoogen wrote:
> > Exactly that. Upstream Fedora and RHEL went to require dual density
> around
> > Fedora 18, RHEL-7 because the amount of data was too much.
> Well, what's odd is that the actual upstream RHEL 7.9 DVD WILL fit on a
> single-layer DVD.  Just burned one.
>
>
Well I am batting 0 for 1000 today. I am clearly not a good resource at the
moment :). Thanks Lamar for checking the real source.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-7-x86_64-dvd-2009.iso is too big for DVD blanks

[Stephen John Smoogen]

On Mon, 15 Mar 2021 at 08:19, Robert Heller  wrote:

> At Sun, 14 Mar 2021 21:49:40 -0500 "Robert G. \(Doc\) Savage" <
> dsav...@peaknet.net>, CentOS mailing list  wrote:
>
> >
> > On Sun, 2021-03-14 at 21:31 -0400, John Plemons wrote:
> > > Sounds like you need to use a dual layer DVD disc, it is double the
> > > capacity.
> >
> > John,
> >
> > Wrong answer. The server's optical drive doesn't support double-layer
> > disks. The CentOS developers made a mistake on their DVD iso, and they
> > need to fix it.
>
> Actually not -- the CentOS ISOs have not been meant for optical media
> since
> CentOS 6 -- they have been meant for thumb drives (>= 8G).
>
>
Exactly that. Upstream Fedora and RHEL went to require dual density around
Fedora 18, RHEL-7 because the amount of data was too much. The CentOS
developers have tried to their best to keep a single density working but
there has been a constant race of problems with various 'important'
packages having to be dropped from this ISO every time. For the final
EL-7.x series, there were too many packages to do this with. The
alternatives you have are:

1. Use CentOS-7.8 (or 7.7, or... ) as the boot media and then network
update
2. Use CentOS-7.9 minimal and network update
3. Use CentOS-7.9 netiso and network install.
4. Use some mixture of the above with a USB disk of all the data and a
kickstart to point to it so it gets there.
5. Look for a completely different alternative.


> You are going to have to something different.  Is it possible to do a
> network
> install on this machine.  I believe the netboot ISO should be small enough
> to
> fit on a CD or DVD.
>
> >
> > --Doc
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
> >
> >
>
> --
> Robert Heller -- Cell: 413-658-7953 GV: 978-633-5364
> Deepwoods Software-- Custom Software Services
> http://www.deepsoft.com/  -- Linux Administration Services
> hel...@deepsoft.com   -- Webhosting Services
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] qemu-kvm images of old Windows XP SP3

[Stephen John Smoogen]

On Sat, 13 Mar 2021 at 10:04, David McGuffey  wrote:

> I have a Nikon slide scanner (very high quality) for which the software
> has not been updated. It last ran on WinXP SP3 and I was not able to
> get it to run under Win 7 and certainly not Win 10.
>
> Anyone know where I can obtain images of this old OS to run in CentOS 7
> under kvm?
>
>
Even if the Windows XP was running in a VM, you would need to have the
underlying OS able to 'recognize' the device somewhat to pass it to the VM.
That can take enough work that you will find it easier to buy off of ebay
someone selling a laptop or computer from that era and run Windows XP
native.



> Dave McGuffey
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] R730xd & SD card identfication

[Stephen John Smoogen]

On Sun, 7 Mar 2021 at 18:39, Pete Biggs  wrote:

> On Sun, 2021-03-07 at 11:17 -0600, Gregory P. Ennis wrote:
> > Everyone,
> >
> > We have migrated a platform to a Centos 8 host using kvm guest machines
> >
> > Recently I tried to copy one of the guests to the external SD card on
> > the back of the Dell R730xd, but I have not been able to get the Centos
> > 8 host to recognize the SD card.
> >
> > I can use DRAC interface of the R730xd to see that the SD card is being
> > recognized and the status of the external SD slot is turned from
> > inactive to active when the card is inserted.
> >
>
> I have a nagging feeling at the back of my mind that that slot is
> associated with the iDrac system and not the main board.
>
> In any case doesn't that need a vFlash card not a standard SD/SDHC
> card? From Wikipedia:
>
>
I think the SD card on the back of the IDRAC7 systems on the Dell 730xd are
similar to this. They are accessible by the IDrac and dell software and are
primarily there for emergency install of the hardware from known good
media. I believe that vmware has a module which talks to the card so you
can install software in vm's from said known good media.




-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Koji packages

[Stephen John Smoogen]

On Wed, 3 Mar 2021 at 12:40, Frederick  wrote:

> Thank you!
>
> I am specifically looking for the dlm package that seems to be missing
> from the repos in 8.  I went to https://git.centos.org/rpms/dlm but I
> cannot find the source.  Is there anywhere I can get the source to
> build this package?  Without it I cannot set up a gfs2 cluster on
> centos8.  I've seen many discussions about RedHat having it but its
> not available for centos, so I just need the source so I can move
> forward.  Any help would be greatly appreciated!
>
>
I followed the directions in https://wiki.centos.org/Sources
```
$ mkdir centos-sources; cd centos-sources
$ git clone https://git.centos.org/centos-git-common.git
$ git clone https://git.centos.org/rpms/dlm.git -b c8
$ cd dlm
$ ../centos-git-common/get_sources.sh
Retrieving
https://git.centos.org/sources/dlm/c8/3655865fa215e6b50e6b82ba66cb13f2d8005f67
  % Total% Received % Xferd  Average Speed   TimeTime Time
 Current
 Dload  Upload   Total   SpentLeft
 Speed
100  124k  100  124k0 0   443k  0 --:--:-- --:--:-- --:--:--
 443k
$ ls
SOURCES/  SPECS/
$ ls SOURCES/
dlm-4.0.9.tar.gz
$ ls SPECS/
dlm.spec


```

On Mon, Mar 1, 2021 at 9:41 AM Johnny Hughes  wrote:
> >
> > On 2/28/21 10:24 AM, Frederick wrote:
> > > Good Day All!
> > >
> > > I am trying to grab some packages from the Koji site.  Any idea why it
> > > seems to be down and if/when it will be back?
> > >
> > > 403 Forbidden
> > > Request forbidden by administrative rules.
> > >
> > > https://koji.mbox.centos.org/pkgs/packages/
> >
> > Access is limited to only developers for now .. it is the only
> > 'bandwidth' we have for development.
> >
> > There are plans to mirror the content and make it all available in the
> > future.
> >
> > For now all the source code is available on git.centos.org.  It is where
> > all the content is built from.
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Tar of files

[Stephen John Smoogen]

On Wed, 3 Mar 2021 at 09:54, Jerry Geis  wrote:

> When I "tar" up an archive the files have an owner bob,
> when I extract that to another machine bob is there also but user number is
> different.
> So when I extract bob is no longer the owner of the files but someone else.
>
> Is there a good way to account for this ?
> User ID on one box being different to the next box ?
>
> I was expecting to untar and bob still be the owner .
>
>
The system has no way of knowing that bob:uid1 and bob:uid2 are the same
person and in fact on a lot of systems they are not (aka if you downloaded
a tar ball from my box and it had the user bob on it.. it definitely is not
your bob).

The ways to do this are any of the following or a list of ones not there.
1. find ./tree_you_untarred -uid  -print0 | xargs -0 chown bob2
2. su bob2 (cd /tree_place_to_untar; tar xzvf )
3. use gnu tar's many options to create the tar file with the correct
uid/gid you wanted using --owner --group (or a map if there are multiple).



> Thanks,
>
> Jerry
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Recommendations for webmail client on EL8

[Stephen John Smoogen]

On Mon, 1 Mar 2021 at 20:41, Gordon Messmer 
wrote:

> On 3/1/21 4:31 PM, Joshua Kramer wrote:
> > Do those scripts also handle the building of Objective-C, which is
> > needed to build SOGo?  I have been toying with this off and on,
> > there's an independent repo somewhere that has the EL8 builds of Obj-C
> > and SOGo, but I haven't had time to get everything set up.
>
>
> I'm still running on 7, where gnustep is available from EPEL.  I think
> you'd need to manually rebuild gnustep for CentOS 8.
>
>
You may need to rebuild gcc from different source rpms to get Objective-C
in EL-8.  The RHEL gcc source rpms did not produce Objective-C rpms or
binaries when I looked at it in 2019.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Recommendations for webmail client on EL8

[Stephen John Smoogen]

On Mon, 1 Mar 2021 at 14:21, Simon Matter  wrote:

> > On Mon, 1 Mar 2021 at 12:46, Simon Matter 
> wrote:
> >
>
> > EPEL has always been in the need of more people who can volunteer time to
> > help maintain and package things. However for the last 5 years (so even
> > before EL8) the need has gotten worse:
> > 1) The core maintainers who pushed EL6 and EL7 have been increasingly
> > 'retired to management' at their respective jobs.
>
> Are they Red Hat paid people? If so it confirms my impression that EPEL is
> not seen very important by Red Hat.
>
>
I am pretty sure that whatever I will say would confirm your impression :).

In this case, most of the people I am talking about have been outside of
Red Hat volunteers versus Red Hat employees. Many of the original people
involved have become VP's, CIO's and other places in upper management in
their companies. Others have not but found that real life in other ways got
in the way. It happens with any volunteer activity.

Does that mean Red Hat never took EPEL seriously? Maybe. But the same can
be said of the EPEL users. Most of the rules for package inclusion and the
retirement problem I have said are public knowledge brought up over and
over through the years and yet most people only 'see' them when EPEL is
'broken' to them.  There is a continual forgetting that for the first 2
years of EPEL-7 we didn't have as many packages as we did in EPEL-6.. and
that 'EPEL is so broke'. There is an expectation that someone is paid to
work on this when no one is.

Anyway this rant has had to be revised multiple times so I am ending it
here.



-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Recommendations for webmail client on EL8

[Stephen John Smoogen]

On Mon, 1 Mar 2021 at 12:46, Simon Matter  wrote:

> > On Mon, 1 Mar 2021 at 10:42, Simon Matter 
> wrote:
> >
> >> > Am 01.03.21 um 15:56 schrieb Simon Matter:
> >>
> >> >> Thanks for your suggestion. No, I'm not really thinking about
> >> >> docker/podman. I prefer having clean system installs, even if I have
> >> to
> >> >> create RPMs myself. This has worked fine for the last two decades but
> >> >> yes,
> >> >> I'm afraid, this is considered old school these days :-)
> >> >>
> >> >
> >> > Hey Simon, take a look at Remi's repository ...
> >> >
> >> > --
> >> > Leon
> >>
> >> Hi Leon, thanks.
> >> I'm wondering why these things are not in EPEL?
> >>
> >>
> > Because building with modules in EPEL is very limited. I think
> > https://pagure.io/epel/issue/75 covers many of the issues and the
> > frustration of dealing with them.
> >
>
> I found this link last Saturday but didn't want to give up too quickly.
>
> I wasn't aware that the situation with EPEL8 is so bad because a) we just
> started migrating systems to CentOS 8 when the bad news came some weeks
> ago about CentOS, and b) because we mostly built our own RPMs and didn't
> depend on EPEL in the past.
>
> Now that building became more difficult with the new modularity, it seemed
> a good thing to rely more on EPEL - just to discover that EPEL is also
> lacking so much in 8.
>
>
EPEL has always been in the need of more people who can volunteer time to
help maintain and package things. However for the last 5 years (so even
before EL8) the need has gotten worse:
1) The core maintainers who pushed EL6 and EL7 have been increasingly
'retired to management' at their respective jobs.
2) Usage has grown greatly with the expectation that what is in EL6 will be
in EL7 will be in EL8.
3) Package complexity has grown exponentially. You need more and more
packages in the repo as 'buildrequires' or 'install' but are not 'leaf
nodes' like say squirrelmail.
4) Most people who 'maintain' the package in Fedora see that as a full time
job already and dealing with EPEL issues/complaints is added unpaid work
they don't care less for. [For some reason a good many people who open bugs
for EPEL packages expect the same level of support as they would for a paid
for enterprise product.. and feel like being jerks is the way to get that
from EPEL.]
5) Many upstreams have gone whole-hog into containers and will only work
with/deal with the set of tools in their container versus in RPMs or debs.
They are especially that way for laggard operating systems like Enterprise
Linux or LTS versions.
6) Building *good rpms is hard. Building *good modules is harder. However
building *good containers makes modularity look easy. So it is easier to
just grab someone elses and YOLO.

*good = a package which is reproducible, upgradable, secure, debugable,
maintainable and probably 10 other features everyone silently expects from
EPEL packages versus some one who did a tar2rpm


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Recommendations for webmail client on EL8

[Stephen John Smoogen]

On Mon, 1 Mar 2021 at 10:42, Simon Matter  wrote:

> > Am 01.03.21 um 15:56 schrieb Simon Matter:
>
> >> Thanks for your suggestion. No, I'm not really thinking about
> >> docker/podman. I prefer having clean system installs, even if I have to
> >> create RPMs myself. This has worked fine for the last two decades but
> >> yes,
> >> I'm afraid, this is considered old school these days :-)
> >>
> >
> > Hey Simon, take a look at Remi's repository ...
> >
> > --
> > Leon
>
> Hi Leon, thanks.
> I'm wondering why these things are not in EPEL?
>
>
Because building with modules in EPEL is very limited. I think
https://pagure.io/epel/issue/75 covers many of the issues and the
frustration of dealing with them.




> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 25 Feb 2021 at 17:26, Gionatan Danti  wrote:

> Il 2021-02-25 22:35 Stephen John Smoogen ha scritto:
> > Mainly because customers don't want to pay for that work which is
> > considerable. If Red Hat builds it, it is expected to have all kinds of
> > 'promises' equivalent to its other products and that is expensive in
> > terms
> > of QA, engineering, documentation, various certifications, etc. Package
> > growth goes up quickly so if people are complaining about the cost of a
> > RHEL license for 4000 src rpms, then what would it be at 20,000 to
> > 30,000.
> > It is easier to allow the community to choose to do the work it wants
> > and
> > then 'consumers' of said repository get what they can.
>
> [Including Valeri] I doubt it. Price is mainly defined by offer and
> demand (which is, in turn, driven by how much value the customer put
> behind the product). While production/support cost can put a lower bound
> on it, I don't think this is the case for Red Hat.
>

The fun part about this doubt is that anyone should be able to prove it
right or wrong easily. All it takes is to set up a build system, recompile
all the code from Fedora wanted in it, and then offer support contracts to
cover work on it. If there is a market for it then they can set the price
to cover all 20,000 packages and then find out what is expected by the
customer for the prices charged.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 25 Feb 2021 at 16:10, Gionatan Danti  wrote:

> Il 2021-02-25 14:27 Simon Matter ha scritto:
> > EL on the other side has a very limited, supported package set and
> > therefore a lot of packages needed to build a lot of packages are just
> > missing.
>
> Yeah, same impressions here. EPEL really is a key package repository for
> RHEL - and I always wondered why they did not invest into maintaining
> (and extending) this excellent repo.
>
>
Mainly because customers don't want to pay for that work which is
considerable. If Red Hat builds it, it is expected to have all kinds of
'promises' equivalent to its other products and that is expensive in terms
of QA, engineering, documentation, various certifications, etc. Package
growth goes up quickly so if people are complaining about the cost of a
RHEL license for 4000 src rpms, then what would it be at 20,000 to 30,000.
It is easier to allow the community to choose to do the work it wants and
then 'consumers' of said repository get what they can.


> I think RH now is extremely focused on cloud and SaaS platform, which
> leave us "normal" sysadmin in an uncomfortable situation...
>
>
I think the industry is entering another crux point where 'classical'
system administration will be in the same class as mainframe/miniframe
system administration were in the late 1980's and early 1990's with Unix
systems and then Linux. Our wor will remain incredibly important to various
industries but it will increasingly be a smaller amount of 'total
deployments'.  Which is why so many of our conversations echo so much of
the USEnet in the early-1990s, where mainframes/miniframes admins wondered
why companies were not focusing on their industries anymore.



> Regards.
>
> --
> Danti Gionatan
> Supporto Tecnico
> Assyoma S.r.l. - www.assyoma.it
> email: g.da...@assyoma.it - i...@assyoma.it
> GPG public key ID: FF5F32A8
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 25 Feb 2021 at 10:07, J Martin Rushton <
martinrushto...@btinternet.com> wrote:

>
>
> On 25/02/2021 14:49, Stephen John Smoogen wrote:
> >
> >
> > On Thu, 25 Feb 2021 at 09:13, J Martin Rushton via CentOS
> > mailto:centos@centos.org>> wrote:
> >
> >
> >
> > On 25/02/2021 13:37, Stephen John Smoogen wrote:
> >
> > I was recently looking at Raymond's book "The Art of UNIX
> Programming"
> > from 2003.  He, along with contributors Thompson (inventor of UNIX),
> > Kernigham (C and AWK), Korn and others of that callibre, espouse
> > creating "little tools" that do one job reliably and well.  The
> > likes of
> > Gnome or systemd certainly would never fit into this philosophy.  I
> > really think we have lost a lot of maintainability and ease of
> > management over the last 20 years as applications are stretched to do
> > ever more.
> >
> >
> > Maybe but everytime someone says "I think these are too complex" they
> > then turn around and say "but I really need this to do this one more
> > thing." Also the complexity of tools is generational. The oldschool
> > 1970's Unix people were screaming that the 1980's software was too
> > complex because various flags had been added to central commands. The
> > 1980's people complained that even early Linux was too complex because
> > it had so much more software that depended on each other. And so forth.
> >
> > In the X11 world, there were as many people saying FVWM was way too
> > complex when twm was all you needed and it was making software too hard
> > to build. BUT could you get twm to work on our new monitor which has a
> > different view screen feature that made the fonts look like crap.
> >
> > The counter argument I heard from a 1970's Unix era person was "Software
> > gets more complicated over time as we find that more problems need to be
> > solved. You either keep up with it, or get out of software." He was
> > working in software until his death a short while ago in his 80's.
> >
> > --
> > J Martin Rushton MBCS
> > ___
> > CentOS mailing list
> > CentOS@centos.org <mailto:CentOS@centos.org>
> > https://lists.centos.org/mailman/listinfo/centos
> > <https://lists.centos.org/mailman/listinfo/centos>
> >
> >
> >
> > --
> > Stephen J Smoogen.
> >
> The irony being that moving to UNIX I had it drummed into me that the
> one tool-one job ethos was a great advance upon the rigidly defined and
> integrated monolith of VMS.  Oh, and that was in the 1990s.
> --
> J Martin Rushton MBCS
>

And everyone I worked with told me that Unix was a poor reinvention of
TSX-11 where you could get real work done. But since VMS came out over a
decade after Unix, I can't say Unix is an advance over VMS.

In any case this is devolving into the 4 Yorkshiremen skit so I am done
here.

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 25 Feb 2021 at 09:13, J Martin Rushton via CentOS 
wrote:

>
>
> On 25/02/2021 13:37, Stephen John Smoogen wrote:
>
> I was recently looking at Raymond's book "The Art of UNIX Programming"
> from 2003.  He, along with contributors Thompson (inventor of UNIX),
> Kernigham (C and AWK), Korn and others of that callibre, espouse
> creating "little tools" that do one job reliably and well.  The likes of
> Gnome or systemd certainly would never fit into this philosophy.  I
> really think we have lost a lot of maintainability and ease of
> management over the last 20 years as applications are stretched to do
> ever more.
>

Maybe but everytime someone says "I think these are too complex" they then
turn around and say "but I really need this to do this one more thing."
Also the complexity of tools is generational. The oldschool 1970's Unix
people were screaming that the 1980's software was too complex because
various flags had been added to central commands. The 1980's people
complained that even early Linux was too complex because it had so much
more software that depended on each other. And so forth.

In the X11 world, there were as many people saying FVWM was way too complex
when twm was all you needed and it was making software too hard to build.
BUT could you get twm to work on our new monitor which has a different view
screen feature that made the fonts look like crap.

The counter argument I heard from a 1970's Unix era person was "Software
gets more complicated over time as we find that more problems need to be
solved. You either keep up with it, or get out of software." He was working
in software until his death a short while ago in his 80's.


> --
> J Martin Rushton MBCS
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 25 Feb 2021 at 08:18, Tony Schreiner 
wrote:

> On Thu, Feb 25, 2021 at 7:31 AM Stephen John Smoogen 
> wrote:
>
> > On Thu, 25 Feb 2021 at 02:11, Simon Matter 
> wrote:
> >
> > > >>
> > > >> Smooge, you know I feel your pain, but becoming a maintainer in EPEL
> > has
> > > >> a pretty high bar (lots of new tools and methods to work with,
> amongst
> > > >> other things) -- as it SHOULD, given that it's intended as an addon
> to
> > > >> EL and needs to be very tightly controlled.  It's just more
> difficult
> > to
> > > >> get started these days relative to when anyone could build an rpm as
> > > >> long as they had a copy of Maximum RPM and knew how to drive 'rpm
> -ba'
> > > >>  back when building as root in a non-reproducible buildroot
> > wasn't a
> > > >> cardinal sin.
> > > >>
> > > >
> > > > Not that it matters .. BUT .. EL8 is much harder to build for.  There
> > > > are modular components, not all the Devel files exist, etc.
> > > >
> > > > It is much harder than EL7.
> > >
> > > Thanks Johnny for reminding. I was wondering why the situation for EL8
> is
> > > so much worse than for EL7 and that was true before CentOS Stream came
> > up.
> > >
> > > In the end I have never been happy with the new modules system and how
> it
> > > makes packaging much more difficult than it was and than it should be.
> > >
> > > IMHO the hurdles to build high quality packages should be as simple as
> > > possible but the difficulties to do so went in the wrong direction. The
> > > result we see now. Today we have an unstable distribution (Fedora)
> with a
> > > quite good and comprehensive package set, and we have stable (EL) with
> an
> > > unstable and lacking package set.
> > >
> > >
> > Even without modules (A person wrote a program which undid some of those
> > problems for us in EPEL), EL8 is not easy to build. Packages and software
> > themselves have gotten more interdependent and complex. This leads to a
> > larger and larger chain of 'buildrequires' and 'requires' for each
> package.
> > To get some of the XFCE packages into EPEL you need to bring into EPEL
> all
> > kinds of quaternary packages so you can build the tertiary packages which
> > are needed for the secondary packages which allow you to get something
> like
> > xfce4-cpufreq-plugin-1.2.1-7.fc33.src.rpm built. Each of those packages
> > needs a maintainer who wants to deal with them in EPEL which requires
> them
> > to run an EL to test.
> >
> > I tried an experiment during the RHEL-8 beta to see what it would take to
> > get EPEL-8 1:1 with EPEL-7.. I gave up after adding nearly a thousand
> > packages to the 'build chain' which were not in EPEL-7 nor even in the
> > RHEL-8 beta or its 'buildroot'. These were mainly packages that are in
> > Fedora already and would need to be maintained in EPEL and no one wants
> to
> > do that.
> >
> > This was supposed to be a problem modularity was to fix.. so you need 100
> > packages not in EPEL for your 1 application set, and you don't  want to
> > maintain those extra packages? Just put them inside your module build
> chain
> > and deliver what you wanted. Of course that is still a monumental task
> and
> > most packagers would say 'meh I got better things to do, like do a root
> > canal without anesthesia.'
> >
>
> Does package building for debian and derivatives not run into this same
> issue of interdependency? Is it because they have more packages to begin
> with?
> Not judging, I'm curious.
>
>
They run into the same interdependency.. but because they have organically
grown their distro every day, those dependencies grew 1 at a time.

For EPEL and other EL repos you have to jump multiple Fedora releases to
catch up. So in EL6 we were Fedora Linux 12. In EL7.0 we had to jump and
rebuild from scratch a lot of Fedora Linux 18 and Fedora Linux 19 and then
progressed up to about Fedora 24 as various parts got rebased and upgraded
to 7.9. For EL8, we have to jump to Fedora Linux 28 and then each dot
release rebase parts while keeping other parts back because rebasing is
focused. [This means that if something needs glibc-2.32 you can't put it in
EL8 without a lot of patching to make it work with whatever changed... but
some other related components may be able to recompile fine.]

Thus you need people who enjoy that kind of work to do this because EPEL is
nearly all volunteer work. I had to work after hours or take vacation time
to work on getting EPEL-8 out so that I could get focused effort on it.
Most people don't have that 'luxury' and so the number of volunteers is
small but the expectation that it will be there is large.



> Tony Schreiner
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 25 Feb 2021 at 02:11, Simon Matter  wrote:

> >>
> >> Smooge, you know I feel your pain, but becoming a maintainer in EPEL has
> >> a pretty high bar (lots of new tools and methods to work with, amongst
> >> other things) -- as it SHOULD, given that it's intended as an addon to
> >> EL and needs to be very tightly controlled.  It's just more difficult to
> >> get started these days relative to when anyone could build an rpm as
> >> long as they had a copy of Maximum RPM and knew how to drive 'rpm -ba'
> >>  back when building as root in a non-reproducible buildroot wasn't a
> >> cardinal sin.
> >>
> >
> > Not that it matters .. BUT .. EL8 is much harder to build for.  There
> > are modular components, not all the Devel files exist, etc.
> >
> > It is much harder than EL7.
>
> Thanks Johnny for reminding. I was wondering why the situation for EL8 is
> so much worse than for EL7 and that was true before CentOS Stream came up.
>
> In the end I have never been happy with the new modules system and how it
> makes packaging much more difficult than it was and than it should be.
>
> IMHO the hurdles to build high quality packages should be as simple as
> possible but the difficulties to do so went in the wrong direction. The
> result we see now. Today we have an unstable distribution (Fedora) with a
> quite good and comprehensive package set, and we have stable (EL) with an
> unstable and lacking package set.
>
>
Even without modules (A person wrote a program which undid some of those
problems for us in EPEL), EL8 is not easy to build. Packages and software
themselves have gotten more interdependent and complex. This leads to a
larger and larger chain of 'buildrequires' and 'requires' for each package.
To get some of the XFCE packages into EPEL you need to bring into EPEL all
kinds of quaternary packages so you can build the tertiary packages which
are needed for the secondary packages which allow you to get something like
xfce4-cpufreq-plugin-1.2.1-7.fc33.src.rpm built. Each of those packages
needs a maintainer who wants to deal with them in EPEL which requires them
to run an EL to test.

I tried an experiment during the RHEL-8 beta to see what it would take to
get EPEL-8 1:1 with EPEL-7.. I gave up after adding nearly a thousand
packages to the 'build chain' which were not in EPEL-7 nor even in the
RHEL-8 beta or its 'buildroot'. These were mainly packages that are in
Fedora already and would need to be maintained in EPEL and no one wants to
do that.

This was supposed to be a problem modularity was to fix.. so you need 100
packages not in EPEL for your 1 application set, and you don't  want to
maintain those extra packages? Just put them inside your module build chain
and deliver what you wanted. Of course that is still a monumental task and
most packagers would say 'meh I got better things to do, like do a root
canal without anesthesia.'



> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Permission denied when updating CentOS 8 Streams

[Stephen John Smoogen]

On Fri, 19 Feb 2021 at 09:47, Simon Matter  wrote:

> > On Fri, 19 Feb 2021, Mathieu Baudier wrote:
> >
> >> Hello,
> >>
> >> On a remote server (in an IPv6-only infrastructure) I am getting the
> >> following error when trying to update CentOS 8 Streams x86_64:
> >>
> >> $ sudo dnf upgrade --refresh
> >> Failed to set locale, defaulting to C.UTF-8
> >> CentOS Stream 8 - AppStream
> >>
> >>   0.0  B/s |   0  B 00:16
> >> Errors during downloading metadata for repository 'appstream':
> >>  - Curl error (7): Couldn't connect to server for
> >>
> http://mirrorlist.centos.org/?release=8-stream=x86_64=AppStream=stock
> >> [Failed to connect to mirrorlist.centos.org port 80: Permission denied]
> >> Error: Failed to download metadata for repo 'appstream': Cannot prepare
> >> internal mirrorlist: Curl error (7): Couldn't connect to server for
> >>
> http://mirrorlist.centos.org/?release=8-stream=x86_64=AppStream=stock
> >> [Failed to connect to mirrorlist.centos.org port 80: Permission denied]
> >
> > Try using an https:// URL.
>
> Are you sure? At least from here over IPv4, http works well but https
> doesn't work at all. Sounds strange if http would work only over IPv4 and
> https would work only over IPv6.
>
>
It wouldn't work anyway because CentOS mirrors do not have https. I tried
this from my home system
```
[ssmoogen@localhost ~]$ for i in "2001:4178:5:200::10"
"2600:1f16:c1:5e01:4180:6610:5482:c1c0" "2604:1380:2001:d00::3"
"2604:1580:fe02:2::10" "2604:1380:1001:6c00::1"; do curl -v6
"https://[${i}]/?release=8-stream=x86_64=AppStream=stock;;
done
*   Trying 2001:4178:5:200::10:443...
* connect to 2001:4178:5:200::10 port 443 failed: Permission denied
* Failed to connect to 2001:4178:5:200::10 port 443: Permission denied
* Closing connection 0
curl: (7) Failed to connect to 2001:4178:5:200::10 port 443: Permission
denied
*   Trying 2600:1f16:c1:5e01:4180:6610:5482:c1c0:443...
* connect to 2600:1f16:c1:5e01:4180:6610:5482:c1c0 port 443 failed:
Permission denied
* Failed to connect to 2600:1f16:c1:5e01:4180:6610:5482:c1c0 port 443:
Permission denied
* Closing connection 0
curl: (7) Failed to connect to 2600:1f16:c1:5e01:4180:6610:5482:c1c0 port
443: Permission denied
*   Trying 2604:1380:2001:d00::3:443...
* connect to 2604:1380:2001:d00::3 port 443 failed: Permission denied
* Failed to connect to 2604:1380:2001:d00::3 port 443: Permission denied
* Closing connection 0
curl: (7) Failed to connect to 2604:1380:2001:d00::3 port 443: Permission
denied
*   Trying 2604:1580:fe02:2::10:443...
* connect to 2604:1580:fe02:2::10 port 443 failed: Permission denied
* Failed to connect to 2604:1580:fe02:2::10 port 443: Permission denied
* Closing connection 0
curl: (7) Failed to connect to 2604:1580:fe02:2::10 port 443: Permission
denied
*   Trying 2604:1380:1001:6c00::1:443...
* connect to 2604:1380:1001:6c00::1 port 443 failed: Permission denied
* Failed to connect to 2604:1380:1001:6c00::1 port 443: Permission denied
* Closing connection 0
curl: (7) Failed to connect to 2604:1380:1001:6c00::1 port 443: Permission
denied
```

removing the -v gives the following error:
```
[ssmoogen@localhost ~]$ for i in "2001:4178:5:200::10"
"2600:1f16:c1:5e01:4180:6610:5482:c1c0" "2604:1380:2001:d00::3"
"2604:1580:fe02:2::10" "2604:1380:1001:6c00::1"; do curl -6
"https://[${i}]/?release=8-stream=x86_64=AppStream=stock;;
done
curl: (7) Failed to connect to 2001:4178:5:200::10 port 443: Permission
denied
curl: (7) Failed to connect to 2600:1f16:c1:5e01:4180:6610:5482:c1c0 port
443: Permission denied
curl: (7) Failed to connect to 2604:1380:2001:d00::3 port 443: Permission
denied
curl: (7) Failed to connect to 2604:1580:fe02:2::10 port 443: Permission
denied
curl: (7) Failed to connect to 2604:1380:1001:6c00::1 port 443: Permission
denied
```

Notice that the permission denied is different from what was reported in
the original email. I am not sure why that is.

If I change that from https: to http all of the IP addresses work. So my
guess is that something is blocking the originator IP to those mirror
servers but it isn't clear what.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 18 Feb 2021 at 12:04, Simon Matter  wrote:

> > On Thu, 18 Feb 2021 at 04:47, Simon Matter 
> wrote:
> >
> >> >
> >> > Smooge, you know I feel your pain, but becoming a maintainer in EPEL
> >> has
> >> > a pretty high bar (lots of new tools and methods to work with, amongst
> >> > other things) -- as it SHOULD, given that it's intended as an addon to
> >> > EL and needs to be very tightly controlled.  It's just more difficult
> >> to
> >> > get started these days relative to when anyone could build an rpm as
> >> > long as they had a copy of Maximum RPM and knew how to drive 'rpm -ba'
> >> >  back when building as root in a non-reproducible buildroot wasn't
> >> a
> >> > cardinal sin.
> >> >
> >>
> >> I've just started reading https://fedoraproject.org/wiki/EPEL/FAQ and
> >> realized this became a problem which hurts EPEL much more than Fedora.
> >>
> >> IMHO it simply got too difficult to maintain packages for quite a number
> >> of software tools. It explains why there are so many missing, outdated
> >> or
> >> dead packages in Fedora and more so in EPEL.
> >>
> >> What worries me even more is that things have changed to be worse with
> >> every release than becoming better.
> >>
> >>
> > To put it bluntly, is that there are multiple issues going on:
> >
> > 1. We have a large number of people who have gotten used to someone else
> > doing the work for them and not having to care about the software
> > themselves. In doing so they have this idea that building the software is
> > exactly like it was when they got into computers. [* This isn't a new
> > phenomena]
> > 2. Software gets more complicated and more interdependent to do the many
> > things software consumers expect it to accomplish.
> > 3. Software changes more rapidly because more people are able to work on
> > code and people have this odd thing of deciding that whoever wrote the
> > code
> > last was a complete idiot and this new method/language is much better.
> > [The
> > only time it is funny is the once a week where a git blame shows you that
> > the last idiot was you.]
> > 4. With millions of software consumers, there are millions of 'opinions'
> > of
> > what they need and Linux being a system which allows you to shoot your
> > foot
> > in a billion ways tries to accomplish all of them.
> >
> > * When I was getting into software in the 1990's there were a lot of
> > people
> > who had been using Unix systems from the 1970's who found 'modern'
> > software
> > to be too complicated to build and coders were out of their minds for
> > adding in such complexity when no one needed an editor more than ed. At
> > the
> > time I thought they were 'joking' but when I went to work at various
> > places
> > I found they were dead serious. The change is that where in the 1990's
> > there were only hundreds of people like that, now there are maybe a low
> > million.
> >
> > Trying to build large amounts of divergent code and make it stay working
> > is
> > very hard. As much as modules are a bane of my existence, something like
> > them is absolutely necessary for many complicated stacks from desktop
> > software to web applications. Writing basic rpms is even more complicated
> > than in 1999 because there are so many corner cases which have to be
> dealt
> > with. Writing modules is adding more layers of indirection on top of that
> > because it is trying to keep the Rube Goldberg machine of each
> individuals
> > 'choices' going.
> >
> > Frankly unless someone can figure out a way to make the packaging
> > janitorial work sexy enough to have people interested in it.. or people
> > who
> > need this stuff actually pay people to do it.. this is all going to fall
> > apart like all infrastructure which was 'someone else's problem'.
>
> Well, unfortunately yes, EPEL is on a good way to go where DAG, ATrpms,
> NUX, freshrpms and all the others already are.
>
>
Many of those ran out of steam because software got more and more
complicated, and consumers demanded MORE of it but put less into it. "There
is no such thing as a free lunch" but it doesn't seem to stop people
assuming there has to be.



> Ironically, CentOS was the reason for other clones like Scientific Linux
> to vanish, now CentOS Linux vanishes itself. The same goes with EPEL, it
>

CentOS was not the primary reason Scientific Linux (and some other
rebuilds) vanished, it was the convenient excuse. The staff who were
working on Scientific Linux had continual budget cuts over a decade while
also an increase in what people wanted from it. There were several 'your
team has been told to retire' before they combined with CentOS. It is a
problem that the other past clones ran into and I expect the future ones
will also have to grapple. It takes a lot of resources to build an OS even
if it is recompiling the source code others made available to you. Without
a constant renewal and growth of those resources, the people volunteering
(or even being paid) to do the work run out of 

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 18 Feb 2021 at 04:47, Simon Matter  wrote:

> >
> > Smooge, you know I feel your pain, but becoming a maintainer in EPEL has
> > a pretty high bar (lots of new tools and methods to work with, amongst
> > other things) -- as it SHOULD, given that it's intended as an addon to
> > EL and needs to be very tightly controlled.  It's just more difficult to
> > get started these days relative to when anyone could build an rpm as
> > long as they had a copy of Maximum RPM and knew how to drive 'rpm -ba'
> >  back when building as root in a non-reproducible buildroot wasn't a
> > cardinal sin.
> >
>
> I've just started reading https://fedoraproject.org/wiki/EPEL/FAQ and
> realized this became a problem which hurts EPEL much more than Fedora.
>
> IMHO it simply got too difficult to maintain packages for quite a number
> of software tools. It explains why there are so many missing, outdated or
> dead packages in Fedora and more so in EPEL.
>
> What worries me even more is that things have changed to be worse with
> every release than becoming better.
>
>
To put it bluntly, is that there are multiple issues going on:

1. We have a large number of people who have gotten used to someone else
doing the work for them and not having to care about the software
themselves. In doing so they have this idea that building the software is
exactly like it was when they got into computers. [* This isn't a new
phenomena]
2. Software gets more complicated and more interdependent to do the many
things software consumers expect it to accomplish.
3. Software changes more rapidly because more people are able to work on
code and people have this odd thing of deciding that whoever wrote the code
last was a complete idiot and this new method/language is much better. [The
only time it is funny is the once a week where a git blame shows you that
the last idiot was you.]
4. With millions of software consumers, there are millions of 'opinions' of
what they need and Linux being a system which allows you to shoot your foot
in a billion ways tries to accomplish all of them.

* When I was getting into software in the 1990's there were a lot of people
who had been using Unix systems from the 1970's who found 'modern' software
to be too complicated to build and coders were out of their minds for
adding in such complexity when no one needed an editor more than ed. At the
time I thought they were 'joking' but when I went to work at various places
I found they were dead serious. The change is that where in the 1990's
there were only hundreds of people like that, now there are maybe a low
million.

Trying to build large amounts of divergent code and make it stay working is
very hard. As much as modules are a bane of my existence, something like
them is absolutely necessary for many complicated stacks from desktop
software to web applications. Writing basic rpms is even more complicated
than in 1999 because there are so many corner cases which have to be dealt
with. Writing modules is adding more layers of indirection on top of that
because it is trying to keep the Rube Goldberg machine of each individuals
'choices' going.

Frankly unless someone can figure out a way to make the packaging
janitorial work sexy enough to have people interested in it.. or people who
need this stuff actually pay people to do it.. this is all going to fall
apart like all infrastructure which was 'someone else's problem'.


> Regards,
> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 11 Feb 2021 at 13:39, Simon Matter  wrote:

> > On Thu, 11 Feb 2021 at 12:31, Simon Matter 
> wrote:
> >
> >> > Le 11/02/2021 à 17:08, Simon Matter a écrit :
> >> >> But, I'm a bit shocked to find EPEL 8 in such a bad shape of
> >> brokenness
> >> >> and incompleteness
> >> >
> >> > I've come to the same conclusion.
> >> >
> >> > For the past couple years, my solution has been to use RHEL clones
> >> (CentOS
> >> > and
> >> > Oracle Linux) on servers only (multi-user.target).
> >> >
> >> > I've moved all my graphical installations (workstation, laptops,
> >> desktop
> >> > clients) to OpenSUSE Leap + KDE.
> >>
> >> In our situation it's not so easy to say server or client. We're running
> >> remote desktops over nx-libs, so, a server is also a client at the same
> >> time.
> >>
> >> I always new EPEL is not perfect but it was usable to some degree and
> >> that's why Red Hat told their customers about it and how to use it. But
> >> the current state of EPEL is sad.
> >>
> >>
> > EPEL is a volunteer driven repository and not many volunteers have been
> > available for EL8. Many of the past volunteers have retired or been
> > promoted out of positions they actually have time to do the work anymore.
> > Asking for replacements is not easy because most people who are
> interested
> > in EPEL just want the packages built. They have no want or clue to do the
> > work themselves and want someone else to do the work for them. This leads
> > to a lot of people expecting packages without anyone doing the work.
>
> I know what you mean but my case is a bit different. For ~ two decades I'm
> using Red Hat based distributions and built a large number of packages.
> There are even packages in RHEL which they took over from me with my
> permission. I'm maintaining quite a number of packages which sometimes
> also exist in EPEL but I always keep them up to date and available with
> the same version on all Red Hat based distributions of the past, even
> after EOL. Many of the packages are available as SRPMs to those
> interested. Usually we didn't use any critical package from EPEL because
> of the state of support it has. But it was handy to consume some slowly
> changing things like XFCE from EPEL. To find out now that even such things
> are now in a bad state is a bit sad.
>
>
My apologies, you did not deserve the rant, but the word 'sad' seems to
make me see red. I have been told things were 'sad' for EPEL from May of
2019 until now over and over again. Unlike you, most of the people are ones
who never volunteered a package but thought it was a 'given' that EPEL
would have all their packages for them. After more than a year of it.. it
is a tick and I should count to 100 before replying versus 50.

In the end, it is a bad state of affairs, but I also think that it is how
things are going. There are a LOT of people who seem to expect that this is
all for them FREE and that they can make as many demands as they want. That
tires out volunteers and eventually you end up with what happened to all
the previous 3rd party repositories.. the volunteers stop showing up to
help out. So without a reason for people to volunteer or someone paying the
4+ people needed to do the work day in and day out, the repositories end up
in a bad state.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to install XFCE on CentOS 8?

[Stephen John Smoogen]

On Thu, 11 Feb 2021 at 12:31, Simon Matter  wrote:

> > Le 11/02/2021 à 17:08, Simon Matter a écrit :
> >> But, I'm a bit shocked to find EPEL 8 in such a bad shape of brokenness
> >> and incompleteness
> >
> > I've come to the same conclusion.
> >
> > For the past couple years, my solution has been to use RHEL clones
> (CentOS
> > and
> > Oracle Linux) on servers only (multi-user.target).
> >
> > I've moved all my graphical installations (workstation, laptops, desktop
> > clients) to OpenSUSE Leap + KDE.
>
> In our situation it's not so easy to say server or client. We're running
> remote desktops over nx-libs, so, a server is also a client at the same
> time.
>
> I always new EPEL is not perfect but it was usable to some degree and
> that's why Red Hat told their customers about it and how to use it. But
> the current state of EPEL is sad.
>
>
EPEL is a volunteer driven repository and not many volunteers have been
available for EL8. Many of the past volunteers have retired or been
promoted out of positions they actually have time to do the work anymore.
Asking for replacements is not easy because most people who are interested
in EPEL just want the packages built. They have no want or clue to do the
work themselves and want someone else to do the work for them. This leads
to a lot of people expecting packages without anyone doing the work.

That rant aside, if people are interested in helping out, there is a weekly
EPEL IRC SIG meeting (irc.freenode.net #fedora-meeting 22:00 UTC Friday).
THere is the #epel mailing list and there are several people who are trying
to get volunteers to work on packages and such.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Challenging times in trying to access oracle Linux documentation

[Stephen John Smoogen]

On Sat, 6 Feb 2021 at 18:39, Stephen John Smoogen  wrote:

>
>
> On Sat, 6 Feb 2021 at 15:57, Frank Cox  wrote:
>
>> On Sat, 6 Feb 2021 15:22:21 -0500
>> Jonathan Billings wrote:
>>
>> 1.) you assume people will clearly label their off topic threads
>>
>> I think that in most cases that will happen, yes, since people with a
>> technical background understand that clarity and precision are important
>> when posting a question or observation or asking for advice.
>>
>>  2.) as we’ve seen, those off topic threads often weave in and out of
>> on-topic threads until a moderator tells you to take it to another venue.
>>
>> Which of course never happens now with threads that start off discussing
>> some aspect of Centos?
>> >
>> >  You’ll dilute the usefulness of this list to the point that it will be
>> > worthless for people who are interested in CentOS topics.
>>
>> In your opinion.  On average, this is not a high-traffic mailing list and
>> I'd be really surprised if the traffic actually increased in any
>> significant way since a question that might today be asked about Centos
>> will be asked tomorrow about Rocky; either way, there's no net increase in
>> the traffic, just a change in the subject line.
>>
>>
> I have now administered mailing lists for 25+ years and I have found that
> what happens is that off-topic traffic basically causes an echo chamber
> effect over time. The people having the side conversations get louder and
> louder over time not because the list gets larger but because they have
> 'driven' off the people who were here for a specific focus. The people
> remaining become more and more of an echo chamber moving the 'topic' to
> being wha
>
> I realize that this has been a traumatic split in the culture for a lot of
> people (myself included), but there is a point where the list main topic of
> discussion will be on how to use/administer/fix CentOS Stream and CentOS-7
> versus Oracle/FreeBSD/Rocky/Alma/Debian/Slackware/etc.
>
> I can ask for a generic-enterprise-nix (genix?) list on the CentOS mailman
> and see if that can take up the traffic for the people who feel that they
> want and need to talk about alternatives. If that is acceptable then people
> can subscribe there and talk in detail about other operating systems
> choices.  I do believe these conversations do need to happen but not
> everyone wants to hear the 4 Yorkshiremen skit every day as we 'old-timers'
> deal with our past.
>
>
>
https://pagure.io/centos-infra/issue/214

The list may not make sense to be on the CentOS mail servers so I may need
to look at either Fedora or a different site.



> --
> Stephen J Smoogen.
>
>

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Challenging times in trying to access oracle Linux documentation

[Stephen John Smoogen]

On Sat, 6 Feb 2021 at 15:57, Frank Cox  wrote:

> On Sat, 6 Feb 2021 15:22:21 -0500
> Jonathan Billings wrote:
>
> 1.) you assume people will clearly label their off topic threads
>
> I think that in most cases that will happen, yes, since people with a
> technical background understand that clarity and precision are important
> when posting a question or observation or asking for advice.
>
>  2.) as we’ve seen, those off topic threads often weave in and out of
> on-topic threads until a moderator tells you to take it to another venue.
>
> Which of course never happens now with threads that start off discussing
> some aspect of Centos?
> >
> >  You’ll dilute the usefulness of this list to the point that it will be
> > worthless for people who are interested in CentOS topics.
>
> In your opinion.  On average, this is not a high-traffic mailing list and
> I'd be really surprised if the traffic actually increased in any
> significant way since a question that might today be asked about Centos
> will be asked tomorrow about Rocky; either way, there's no net increase in
> the traffic, just a change in the subject line.
>
>
I have now administered mailing lists for 25+ years and I have found that
what happens is that off-topic traffic basically causes an echo chamber
effect over time. The people having the side conversations get louder and
louder over time not because the list gets larger but because they have
'driven' off the people who were here for a specific focus. The people
remaining become more and more of an echo chamber moving the 'topic' to
being wha

I realize that this has been a traumatic split in the culture for a lot of
people (myself included), but there is a point where the list main topic of
discussion will be on how to use/administer/fix CentOS Stream and CentOS-7
versus Oracle/FreeBSD/Rocky/Alma/Debian/Slackware/etc.

I can ask for a generic-enterprise-nix (genix?) list on the CentOS mailman
and see if that can take up the traffic for the people who feel that they
want and need to talk about alternatives. If that is acceptable then people
can subscribe there and talk in detail about other operating systems
choices.  I do believe these conversations do need to happen but not
everyone wants to hear the 4 Yorkshiremen skit every day as we 'old-timers'
deal with our past.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Intel/64 CentOS VM running on a Mac M1?

[Stephen John Smoogen]

On Thu, 28 Jan 2021 at 20:12, Lists  wrote:

> My Dell Precision M3800 running Fedora works great but is really starting
> to
> show its age, and I'm thinking about getting a new Mac M1-based laptop as
> it
> would really be useful for Video production.
>
> But I really need to have a IA64 CentOS 7/8 VMs running locally for
> development as I'm often on the road and flaky Internet makes it a
> necessity to
> keep productivity up. I've been unable to officially confirm that VMWare/
> Parallels/VirtualBox intend to support IA64 based OS's and it *needs* to
> be an
> exact (VM) copy of production so I can trial environments and builds prior
> to
> roll out.
>
>
1. The Apple M1 uses a variant of the aarch64 (ARM 64 bit) CPU, and the
hardware architecture is different from aarch64 server class hardware in
multiple ways.
2. Currently the work to get Linux to run on the M1 works great in
emulation and somewhat with a lot of work in native mode.
3. IA64 is the Itanium server which Intel stopped making a while ago and
Red Hat quit supporting in 2017.
4. x86_64 (or amd64 ) is the native processor name for the Intel/AMD 64 bit
architecture. It is what your older system runs.
5. The only way to run x86_64 on an M1 is via 'double' emulation. First you
would have to run a virtual machine on the M1 and that virtual machine
would have to emulate the x86_64. It would be extremely slow, inefficient
and probably could not emulate all the hardware needed.

If you are needing to update your hardware, you need to keep Linux running
native on the system, and that system needs to be x86_64, you will either
need to get an earlier generation Mac or a current system from Dell, HP,
ASUS, etc.


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OPIE w/ OpenSSH Account Enumeration The remote host is susceptible to an information disclosure attack.

[Stephen John Smoogen]

On Thu, 28 Jan 2021 at 11:40, Kaushal Shriyan 
wrote:

> Hi,
>
> I am running the openssh-server-7.4p1-21.el7.x86_64 on CentOS Linux release
> 7.9.2009 (Core).
>
> #cat /etc/redhat-release
> CentOS Linux release 7.9.2009 (Core)
> # rpm -qa |grep ssh
> openssh-server-7.4p1-21.el7.x86_64
> libssh2-1.8.0-4.el7.x86_64
> openssh-7.4p1-21.el7.x86_64
> openssh-clients-7.4p1-21.el7.x86_64
>
> While invoking the Vulnerability Assessment and Penetration Testing (VAPT)
> scan, we are encountering the below vulnerability.
>
> OPIE w/ OpenSSH Account Enumeration The remote host is susceptible to an
> > information disclosure attack. CVE-2007-2768 A patch currently does not
> > exist for this issue. As a workaround, ensure that OPIE for PAM is not
> > installed.
> > Version source: SSH-2.0-OpenSSH_7.4
> > Installed version : 7.4
> > https://seclists.org/fulldisclosure/2007/Apr/634
>
>
> Any help will be highly appreciated. Thanks in Advance. Please let me know
> if you need any additional information.
>
>
This vulnerability is a 'useless' one to test against unless you are either
going to 'exploit' OPIE to confirm it is installed or have local access to
the system to check. For the systems which show up like this you will need
to see if OPIE has been installed on the systems.  OPIE is not shipped with
CentOS as far as I know but it could be installed aftermarket.

if it was done with rpms'
rpm -qa | grep -i opie

otherwise you will need to look in /etc/pam.d

grep -i open /etc/pam.d/*

If it is installed, then this isn't a CentOS issue as OPIE is not shipped
but would be whoever added this to the systems problem.


> Best Regards,
>
> Kaushal
> -
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to query which yum package groups a particular package is member of

[Stephen John Smoogen]

On Wed, 27 Jan 2021 at 15:27, Stephen John Smoogen  wrote:

>
>
> On Wed, 27 Jan 2021 at 15:23, Kenneth Porter 
> wrote:
>
>> --On Wednesday, January 27, 2021 8:07 PM + J Martin Rushton via
>> CentOS
>>  wrote:
>>
>> > Here's how to find the package for a particular file:
>>
>> That one's easy and I use this all the time:
>>
>> rpm -qf full-file-name
>>
>> I'm looking for how to get the yum group for a package. (I'm guessing a
>> package might even be in more than one group?) That would help explain
>> how
>> the dnsmasq package got installed on my system. (It was never enabled by
>> systemd and isn't required by any other package. So I went ahead and
>> erased
>> it to free the space and reduce my attack surface.)
>>
>>
>>
> yum group list
>
> then look at the groups installed
>
> yum group info 
>
> as in
>
> yum group info base
>
>
or one can look for the comps file in /var/cache/yum

network-tools has dnsmasq listed as a package

repoquery says the following on my rhel box
NetworkManager-1:1.4.0-20.el7_3.x86_64
libvirt-daemon-driver-network-0:4.5.0-36.el7_9.3.x86_64



>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
> --
> Stephen J Smoogen.
>
>

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to query which yum package groups a particular package is member of

[Stephen John Smoogen]

On Wed, 27 Jan 2021 at 15:23, Kenneth Porter  wrote:

> --On Wednesday, January 27, 2021 8:07 PM + J Martin Rushton via CentOS
>  wrote:
>
> > Here's how to find the package for a particular file:
>
> That one's easy and I use this all the time:
>
> rpm -qf full-file-name
>
> I'm looking for how to get the yum group for a package. (I'm guessing a
> package might even be in more than one group?) That would help explain how
> the dnsmasq package got installed on my system. (It was never enabled by
> systemd and isn't required by any other package. So I went ahead and
> erased
> it to free the space and reduce my attack surface.)
>
>
>
yum group list

then look at the groups installed

yum group info 

as in

yum group info base


> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to query which yum package groups a particular package is member of

[Stephen John Smoogen]

On Wed, 27 Jan 2021 at 15:01, Kenneth Porter  wrote:

> I'm trying to find out how dnsmasq got on my CentOS 7 system, since I use
> BIND for DNS. I'm guessing it was part of a base group that Anaconda
> installs for all systems.
>
>
probably from virtualization if it is there.. but a way to check is

repoquery --whatrequires dnsmasq



Red Hat has this answered on this page but the answer is only available to
> subscribers. I'm guessing this kind of content will be available to us
> once
> the new free subscription thing starts.
>
> 
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RHEL changes

[Stephen John Smoogen]

On Fri, 22 Jan 2021 at 08:32, Gionatan Danti  wrote:

> Il 2021-01-22 13:43 Nikolaos Milas ha scritto:
> > I think we can expect Rocky Linux to provide a real solution to CentOS
> > future. We shall know very soon, so let's just wait for a short while.
>
> Hi, there are any specific reasons to not use Spingdale Linux?
> As far I know, it already ships a RHEL 8.3 clone.
>
>
My guess is that no one wants to go to a new OS alone. They want to go with
all their mailing list buddies but they also want to make a STATEMENT to
stick it in the eye of Red Hat for doing this. Going to a staid and quiet
existing OS doesn't make that statement. Going to a competing company like
Oracle does have the stick in the eye, but it already has its own community
and ways of doing things in an Oracle way. A lot of grumpy old sysadmins
are a drop in the bucket. Now Rocky has no history, no existing community
and a bunch of old sysadmins could jump in and be just like they were
elsewhere. So try and get everyone you know to go there.. [it also doesn't
exist so if it doesn't work out you won't have moved your systems to it and
then found you had to move it something else.]


> Thanks.
>
> --
> Danti Gionatan
> Supporto Tecnico
> Assyoma S.r.l. - www.assyoma.it
> email: g.da...@assyoma.it - i...@assyoma.it
> GPG public key ID: FF5F32A8
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RHEL changes

[Stephen John Smoogen]

On Thu, 21 Jan 2021 at 17:15, Nicolas Kovacs  wrote:

> Le 21/01/2021 à 22:17, Valeri Galtsev a écrit :
> > I tried Oracle Linux. After installation it took forever to update yum
> > database, or do you yum search. Also: I didn't find mirrors... All this
> sort of
> > ruled it out for me.
>
> Works perfectly here:
>
> https://gitlab.com/kikinovak/oracle/-/blob/master/linux-setup.sh
>
> You might want to give it another spin.
>
>
I think from years of posting that FreeBSD is how Valeri's brain works best
and that is cool. Some people have certain OS paradigms where they function
best and are able to solve problems better than another system. For other
people it might be a completely 'brainjam' type thing [sort of like when
people try using my tools and find many of them are left-handed.. things
look the same but they don't work 'correctly' for some reason.] but if you
find the tool you work best in for an enterprise and your customers are
happy so be it.



> Cheers,
>
> Niki
>
> --
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Blog : https://blog.microlinux.fr
> Mail : i...@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kickstart "Error setting up base repository"

[Stephen John Smoogen]

On Tue, 19 Jan 2021 at 15:54, Alex Kirk  wrote:

> So adding on:
>
> repo --name="BaseOS"
> --baseurl=file:///run/install/sources/mount--cdrom/BaseOS
>
> ...didn't help at all. Neither did adding the symlink out of the BaseOS
> directory to the images subdirectory above it.
>
> I did notice this time, however, that when I click into the "Installation
> Source" button of the UI where the erorr is, if I click on the repos being
> read from my Kickstart file, there's a small error at the bottom of the
> page that says "Repository name conflicts with internal repository name".
> That seems weird, since again I'm basing this on a successful manual
> install - why would that write a conflicting repo name to the config?
>
>
so I think the error (or warning) is because according to the repo command
you can't name repositories the same as ones already defined in anaconda.
However somehow our working kickstarts have
# Use network install
url --url=http://10.0.0.1/repo/rhel/RHEL/8.2/x86_64/
repo --name=epel --baseurl=http://10.0.0.1/pub/epel/8/Everything/x86_64/
repo --name="BaseOS" --baseurl=
http://10.0.0.1/repo/rhel/rhel8/x86_64/rhel-8-for-x86_64-baseos-rpms/
repo --name="AppStream"  --baseurl=
http://10.0.0.1/repo/rhel/rhel8/x86_64/rhel-8-for-x86_64-appstream-rpms/
repo --name="PowerTools" --baseurl=
http://10.0.0.1/repo/rhel/rhel8/x86_64/codeready-builder-for-rhel-8-x86_64-rpms/

are you able to get to a console when this box is 'failing'? control-b 2 or
something to move to a shell? if you can there might be a way to see if the
cdrom is even mounted and in the directory listed. If it isn't
//run/install/sources/mount--cdrom then none of the repositories would
work. I don't have any systems with cdroms anymore so I am not sure how to
test to see myself.

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Kickstart "Error setting up base repository"

[Stephen John Smoogen]

On Tue, 19 Jan 2021 at 12:27, Alex Kirk  wrote:

> I recently built my first CentOS kickstart config on a CentOS 7 system; it
> runs well, but the OS and its tools are old enough that it's causing pain
> with the apps I want to run on top of said system, so I'm trying to port it
> to CentOS 8.
>
> I've taken the anaconda-ks.cfg file created from a successful manual
> install (of both regular 8 and Stream), placed it on my DVD ISO, and
> wrapped things back up like I was doing with CentOS 7. I'm successfully
> beginning the installation, but running into "Error setting up base
> repository" - despite having not touched either the filesystem structure of
> the ISO, or the generated kickstart file that points at my repos.
>
> Here is the relevant config:
>
> #version=RHEL8
> # Use graphical install
> graphical
>
> repo --name="AppStream"
> --baseurl=file:///run/install/sources/mount--cdrom/AppStream
>
>
I think you need to have a repo for every repository used including the
baseOS one.. like

repo --name="BaseOS"
--baseurl=file:///run/install/sources/mount--cdrom/BaseOS


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to do virtual IP on NetworkManager

[Stephen John Smoogen]

On Mon, 18 Jan 2021 at 12:51, Simon Matter  wrote:

> > On Mon, Jan 18, 2021 at 2:56 PM Jerry Geis  wrote:
> >
> >> Hi All,
> >>
> >> I use virtual IP from time to time on CentOS 7. just take something like
> >> eth0 and make eth0:1 put in there the IP and subnet and bring up the new
> >> IP
> >> and it works.
> >>
> >> How do I do that with NetworkManager on the command line (assuming all
> >> static IP information)
> >> I do something like this from nmcli to set the static address:
> >> nmcli connection modify eth0 ipv4.method manual ipv6.method ignore
> >> autoconnect yes ipv4.addr 192.168.1.8/24 gw4 192.168.1.1 ipv4.dns
> >> 8.8.8.8
> >>
> >> How then do I add a virtual IP?
> >>
> >> Thanks
> >>
> >> Jerry
> >
> >
> > With nmcli you should use:
> > nmcli con mod eth0 +ipv4.addresses 192.168.1.X/24
> >
> > This would modify your existing ifcfg-eth0 adding the lines:
> >
> > IPADDR1=192.168.1.X
> > PREFIX1=24
> >
> > To have the new setting applied and your new ip alias up and running you
> > can then use
> >
> > nmcli dev reapply eth0
> > (supposing the device name bound to the connection is eth0)
> >
> > You can also manually modify the file adding the two lines above and then
> > run:
> > nmcli con reload
> > nmcli dev reapply eth0
> >
> > I think you should not lose your connection, but always test on a non
> > production machine with the same os version... just for safety
> > HIH,
> > Gianluca
>
> Hi Gianluca,
>
> Am I right that what you describe doesn't add an alias device like eth0:1
> but adds the additional IP address to the eth0 device?
>
> Apart from that, when running with NetworkManager, can one still add a
> temporary eth0:1 alias (with ifconfig/ip), use it and remove it again, or
> does NM somehow prevent this?
>
>
There are several issues which get in the way, but the major one is with
the iproute command replacing net-tools (versus NetworkManager)

https://unix.stackexchange.com/questions/192908/how-do-you-create-an-ip-alias-using-iproute-utils
https://unix.stackexchange.com/questions/87829/difference-between-virtual-interfaces-with-ifconfig-and-iproute2

[The major issues I run into is that ethX is considered a kernel only
interface and may not always point to the same interface depending on the
day of the week.. that gets added onto how iproute wants to do 'aliases'
versus proper port configs and then NetworkManager sits on top and get the
blame :)]



> Regards,
> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to reset the USB subsystem?

[Stephen John Smoogen]

On Thu, 14 Jan 2021 at 12:19, Fred  wrote:

> from a non-expert (me):
>
> possibly figure out what happens when the device is plugged/unplugged and
> doing that by hand. if you can find the udev file(s) that manage the
> port(s) that get hung you may be able to figure out what those steps would
> be.
>
> or you could try, when hung, plugging it into a different USB port... some
> motherboards have multiple USB controllers, so even if one gets wedged
> tight, the other one(s) shouldn't be.
>
>
So what can happen is that the USB device is seeing a lot of noise from the
interface and shutdown the interface for a period of time. If you are
extremely lucky, it will even send some sort of message to the computer bus
it is doing this. In most other cases, the only fix is to reboot or
temporarily unplug the devices connected to that particular USB controller
(a computer may have multiple USB controllers since USB is a hubbed network
and collisions and conflicts are expected for short periods.). [It used to
be that you could cause a USB reset by removing the modules from the kernel
and add them but that was a long time ago when a PS/2 keyboard was a real
device and not an emulated PS/2 connected to the USB hub. ]





> Good Luck!
>
> Fred
>
> On Thu, Jan 14, 2021 at 11:22 AM Frank Bures  wrote:
>
> > Hi,
> >
> > my USB connected printer goes into deep space from time to time probably
> > due to a HW problem on the MoBo.
> >
> > Is there a way how to reset the USB subsystem the same way one can
> restart
> > networking or X without the necessity to reboot?
> >
> > Thanks
> > Frank
> >
> > --
> >
> > 
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LTS

[Stephen John Smoogen]

On Tue, 12 Jan 2021 at 01:32, Thomas Stephen Lee  wrote:

> Hi,
>
> CentOS Linux can continue as Fedora LTS or something similar with a
> five-year life cycle. After five years, users can opt for paid upgrades.
> We can also work with System manufacturers to pre-install the free LTS on
> their products, which will increase our user base.
>
>
1. There is no Fedora LTS and there are no plans for one. Many of the
developers who do the work in Fedora but do not work for Red Hat are not
interested in the project doing any sort of LTS work. Getting EPEL work is
a slog already there.
2. Both Fedora and CentOS are Red Hat 'sponsored' projects where Red Hat
owns the trademarks and legally owns the output of the projects. Use of
said trademarks for any product needs approval of Red Hat within specific
guidelines. If Red Hat is not interested in continued CentOS, then I do not
see any reason it would be interested in Fedora LTS.
3. "We can also work with.." requires legal agreements which needs Red Hat
lawyers to sign. There are a lot of legal items which have to be reviewed
and a lot of liability negotiations which have to be done.
4. Getting System manufacturers to pre-install is a multi year work. The
getting Fedora onto Lenovo started in the early 2010's and only got done in
2020. Each company that does this has multiple internal groups who are
advocating THEIR favourite Linux to be the one which usually means there is
all kinds of internal system manufacturer social negotiations going on. The
agreements also are usually tightly reigned in by the manufacturer so that
getting an LTS (if it existed) onto this hardware would be a multi-year
work to do starting from when you had a working LTS.

That said, the items above are all true if you remove Fedora from the
equation. Rocky Linux/Navy Linux/RedHawk Linux/Cloud Linux could all be the
places for that to happen.


> ---
> Lee,
> Community User.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Reboot/shutdown without login

[Stephen John Smoogen]

On Mon, 11 Jan 2021 at 14:14, Kenneth Porter  wrote:

> On 1/11/2021 10:32 AM, Frank Cox wrote:
> > How do you want the person to shut it down without logging in?  Some
> computers have a "smart" power switch pushbutton that you can program to do
> a shutdown or a reboot depending on how long you hold the button down.
> Otherwise you'll need at least a keyboard, or possibly something like a
> joystick or a mouse button?
>
> Keyboard. i don't have a mouse hooked up since it's currently running
> without a GUI.
>
> I wasn't sure if the power switch on the R720xd is monitored that way so
> that hitting the front panel button would shut the system down or maybe
> bring up the DRAC screen.
>
>
>
The simplest would be to have a person plug in a keyboard and do a three
finger salute (CNTRL-ALT-DEL) on the system. Doing it once should trigger a
shutdown and reboot. [That said. I have seen some systems ignore it and
others do an immediate power cycle so please test.]

When the hardware is booted, the DRAC screen can only be brought up on the
network.




> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Stream suitability as a production webserver

[Stephen John Smoogen]

On Wed, 6 Jan 2021 at 13:48, Gianluca Cecchi 
wrote:

> On Wed, Jan 6, 2021 at 7:43 PM Stephen John Smoogen 
> wrote:
>
> >
> > I honestly have no idea how much Tomcat is used anymore. The various
> places
> > that I worked previously or have contacts with have killed it off by
> moving
> > whatever used it to external cloud services versus JBOSS or anything
> else.
> > That is just an anecdata but it is all I have on the subject.
> >
> >
> Red Hat still has one of its offering based on Apache and Tomcat, named
> JBoss Web Server:
> https://www.redhat.com/en/technologies/jboss-middleware/web-server
>
> and the latest update available (5.4, based on upstream Tomcat 9) in
> November 2020, had the bits for RH EL 6, 7 and 8.
> See also docs entry page here:
> https://access.redhat.com/documentation/en-us/red_hat_jboss_web_server/5.4/
>
> So it is non considered a dead technology, even for business use cases
>
>
OK it looks like whatever I say is going to be taken to extremes so this
will be my last email on this.

I am not saying Tomcat is a dead technology. It is a technology which has
certain use cases and deployments which the people I knew who used it are
replacing with a different technology/service.

EOF




> Gianluca
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Stream suitability as a production webserver

[Stephen John Smoogen]

On Wed, 6 Jan 2021 at 12:42, Simon Matter  wrote:

> > On Wed, 6 Jan 2021 at 11:17, Simon Matter 
> wrote:
> >
> >> > On Wed, 6 Jan 2021 at 07:50, Simon Matter 
> >> wrote:
>
> > I didn't say or mean that. My answer is that it is complicated and more
> > meant that the software you expect requires more than the industry in
> > general is willing to pay to keep going. 10-20 years ago they were and so
> > the software was able to be 'mainstream'. As less people use it, and less
> > people are willing to pay for its maintenance the harder it is to keep
> > 'running safely'. Tomcat and Imagemagick have had a LOT of severe
> security
>
> I'd like to correct myself, ImageMagick was not simply removed but
> replaced by GraphicsMagick. From what I read it should be a usable
> solution as it's a fork from IM.
>
> For the Tomcat thing, I don't agree. Tomcat is widely used and I think the
> security concerns are not the real reason to remove it. It more likely
> that RedHat simply likes to sell more JBoss EAP. It's their right to do so
> but it's a removal of important functionality of the base RHEL package.
>
>
I honestly have no idea how much Tomcat is used anymore. The various places
that I worked previously or have contacts with have killed it off by moving
whatever used it to external cloud services versus JBOSS or anything else.
That is just an anecdata but it is all I have on the subject.



> Regards,
> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Stream suitability as a production webserver

[Stephen John Smoogen]

On Wed, 6 Jan 2021 at 11:17, Simon Matter  wrote:

> > On Wed, 6 Jan 2021 at 07:50, Simon Matter 
> wrote:
> >
> >> > Am 06.01.21 um 03:01 schrieb Scott Robbins:
> >> >> On Tue, Jan 05, 2021 at 11:31:34PM +, Jamie Burchell wrote:
> >> >>> Off topic for sure, but it's a shame this has to be a manual process
> >> of
> >> >>> destroying and rebuilding every X years. Even Microsoft has gone the
> >> >>> Apple
> >> >>> way and just perpetually updates Windows 10 now.
> >> >>
> >> >> I'm not sure how it will go. Fedora now has a very good upgrade tool
> >> >> that
> >> >> has worked for me through a few versions.  So, hopefully, RH, and
> >> CentOS
> >> >> will have one too, who knows, maybe in time to migrate to Stream-9.
> >> >>
> >> >
> >> > Fedora's package set is quite "stable". You can expect that a package
> >> is
> >> > in the next release. This is not so valid for EL. Deprecated packages
> >> > (ImageMagick in EL7 but not in EL8) make such upgrade path difficult
> >> ...
> >>
> >> It's anyway hard to understand how an enterprise grade Linux can be
> >> shipped without things like ImageMagick or Tomcat. For quite some time
> >> now
> >> it gives me the impression that we're not the targeted audience anymore.
> >>
> >>
> > The issue is that 'Enterprise' is an overloaded term without the nuance
> it
> > needs. In the 'small' enterprise you have a lot of use of ImageMagick and
> > TomCat. In the large enterprise of 100,000+ servers.. it isn't. As more
> of
> > the large enterprises moved into RHEL, the amount of usage for a lot of
> > 'leaf' programs became rounding errors without enough usage to justify
> the
> > bug-fixing needed when compared to the load of bugfixing/enhancements/etc
> > in the 100k customers.
>
> Thanks for confirming that RHEL is the wrong OS for SME businesses these
> days. It's not really good for SME servers and not really good for SME
> clients. Something between Fedora and RHEL could be it but it doesn't
> exist.
>
>
I didn't say or mean that. My answer is that it is complicated and more
meant that the software you expect requires more than the industry in
general is willing to pay to keep going. 10-20 years ago they were and so
the software was able to be 'mainstream'. As less people use it, and less
people are willing to pay for its maintenance the harder it is to keep
'running safely'. Tomcat and Imagemagick have had a LOT of severe security
problems over the years and the general way the software is written makes
anyone who does work on them say it will have it for years in the future.
As less of the industry uses that software, the cost to keep the software
running is going to cost more.

So please don't take my statement to confirm your preconceived notion.


> BTW, servers? Who needs servers in the days of clouds and serverless
> computing :-)
>
>
Simon
>
> >
> >
> >> That's really sad because the competitors still include such important
> >> software as first class citizens. Maybe our requirements are just too
> >> old
> >> school?
> >>
> >>
> > An additional problem is a generational one. We have a lot of programs
> > which do various things 'well' enough written 10-30 years ago, and we of
> a
> > certain age use them for the hammers to every nail problem. However, the
> > problems fleets of 100k systems have are more welding versus hammering.
> So
> > we are in a situation where we do need to retrain some of our hammers to
> > be
> > rivet guns. There is also a similar industry problem that anything older
> > than 2 years ago is not sexy anymore because VC and investors aren't
> going
> > to dump money into it. [You see a similar issue in the various 'popular
> > mechanics' press that all homes in the next generation will only be built
> > with metal and hammers and wood are a thing of the past. What you see
> > instead is a wave of it and then a realization that you end up needing to
> > do a little of each.]
> >
> >
> >
> >> Simon
> >>
> >> ___
> >> CentOS mailing list
> >> CentOS@centos.org
> >> https://lists.centos.org/mailman/listinfo/centos
> >>
> >
> >
> > --
> > Stephen J Smoogen.
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> >
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS Stream suitability as a production webserver

[Stephen John Smoogen]

On Wed, 6 Jan 2021 at 07:50, Simon Matter  wrote:

> > Am 06.01.21 um 03:01 schrieb Scott Robbins:
> >> On Tue, Jan 05, 2021 at 11:31:34PM +, Jamie Burchell wrote:
> >>> Off topic for sure, but it's a shame this has to be a manual process of
> >>> destroying and rebuilding every X years. Even Microsoft has gone the
> >>> Apple
> >>> way and just perpetually updates Windows 10 now.
> >>
> >> I'm not sure how it will go. Fedora now has a very good upgrade tool
> >> that
> >> has worked for me through a few versions.  So, hopefully, RH, and CentOS
> >> will have one too, who knows, maybe in time to migrate to Stream-9.
> >>
> >
> > Fedora's package set is quite "stable". You can expect that a package is
> > in the next release. This is not so valid for EL. Deprecated packages
> > (ImageMagick in EL7 but not in EL8) make such upgrade path difficult ...
>
> It's anyway hard to understand how an enterprise grade Linux can be
> shipped without things like ImageMagick or Tomcat. For quite some time now
> it gives me the impression that we're not the targeted audience anymore.
>
>
The issue is that 'Enterprise' is an overloaded term without the nuance it
needs. In the 'small' enterprise you have a lot of use of ImageMagick and
TomCat. In the large enterprise of 100,000+ servers.. it isn't. As more of
the large enterprises moved into RHEL, the amount of usage for a lot of
'leaf' programs became rounding errors without enough usage to justify the
bug-fixing needed when compared to the load of bugfixing/enhancements/etc
in the 100k customers.


> That's really sad because the competitors still include such important
> software as first class citizens. Maybe our requirements are just too old
> school?
>
>
An additional problem is a generational one. We have a lot of programs
which do various things 'well' enough written 10-30 years ago, and we of a
certain age use them for the hammers to every nail problem. However, the
problems fleets of 100k systems have are more welding versus hammering. So
we are in a situation where we do need to retrain some of our hammers to be
rivet guns. There is also a similar industry problem that anything older
than 2 years ago is not sexy anymore because VC and investors aren't going
to dump money into it. [You see a similar issue in the various 'popular
mechanics' press that all homes in the next generation will only be built
with metal and hammers and wood are a thing of the past. What you see
instead is a wave of it and then a realization that you end up needing to
do a little of each.]



> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is EPEL compatible with Stream?

[Stephen John Smoogen]

On Sun, 3 Jan 2021 at 23:05, Mark LaPierre  wrote:

> On 1/3/21 8:34 PM, Stephen John Smoogen wrote:
> > On Sun, 3 Jan 2021 at 18:20, Gordon Messmer 
> > wrote:
> >
> >> On 1/3/21 2:51 PM, Kay Schenk wrote:
> >>> is it still OK to set up EPEL as a repo?
> >>
> >>
> >> Yes.  CentOS Stream is expected to be backward-compatible with RHEL, for
> >> the same reason that each RHEL point release is backward-compatible with
> >> previous point releases.
> >>
> >>
> > Except in cases where packages in a RHEL point release are being rebased.
> > This is something which is happening with a lot more gusto than in any
> > previous releases so there may be points where say a QT or a
> > gnomelib provides in Stream is ahead of EPEL
> >
> >
>
> So how would one use this shiny bit of information?  Is there a way to
> discover if an EPEL application is going to clobber your system before
> you install it?
>
>
Unless you are doing something like 'rpm -ivh --force --nodeps', this
problem with EPEL is not going to clobber your system. What will happen is
that you can either 'not upgrade' to that package in EPEL because nothing
provides the needed dependencies in Stream. OR you won't be able to update
to whatever is newer in CentOS Stream because it would break your system
because it removes dependencies.

The solution will be that there will be an EPEL-Stream which can have
updated packages which will not have this dependency issue. I do not have
an ETA on when that will be available

-- 
>  _
> °v°
>/(_)\
> ^ ^
>   Mark LaPierre
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is EPEL compatible with Stream?

[Stephen John Smoogen]

On Sun, 3 Jan 2021 at 18:20, Gordon Messmer 
wrote:

> On 1/3/21 2:51 PM, Kay Schenk wrote:
> > is it still OK to set up EPEL as a repo?
>
>
> Yes.  CentOS Stream is expected to be backward-compatible with RHEL, for
> the same reason that each RHEL point release is backward-compatible with
> previous point releases.
>
>
Except in cases where packages in a RHEL point release are being rebased.
This is something which is happening with a lot more gusto than in any
previous releases so there may be points where say a QT or a
gnomelib provides in Stream is ahead of EPEL



> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Out of office: "CentOS Digest, Vol 191, Issue 26"

[Stephen John Smoogen]

On Sat, 26 Dec 2020 at 12:21, Nicolas Kovacs  wrote:

> Le 26/12/2020 à 18:14, Scott Robbins a écrit :
> > I'm sure all of us have done, if not this, something equally embarrassing
> > like posting a private reply to an email or doing dd with the wrong
> > destination, etc.
>
> Then let's make a little contest out of it: what's the most stupid thing
> you've
> done as a system administrator ?
>
> I'm a ten-finger-typer, and I rarely look at the keyboard. Which is a bad
> thing
> when your focus is on the wrong terminal. So a few years ago I happened to
> type
> "ssh r...@some-remote-server.com   ", vaguely
> sensed in the corner of my eye that something was wrong and discovered to
> my
> horror that I just posted it on a densely populated IRC channel.
>
> Your turn. :o)
>
>
2 am clean up of disk space to get email servers working again
discover a large tree of temp files from a shared service in /usr/ # remember before /home?
/bin/rm -rf . /*
^c
up-arrow
spew coffee and swearing
go get reinstall cdrom and backup tapes

-- 
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Blog : https://blog.microlinux.fr
> Mail : i...@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding which repository files provide required libraries

[Stephen John Smoogen]

On Sat, 19 Dec 2020 at 19:37, H  wrote:

> I came across the following Ubuntu script to identify which repository
> files provide libraries required by an app. Is there a rpm alternative to
> dpk-query that would allow this to run on CentOS/RH?
>
> ldd /bin/zoom | awk '/=>/{print $(NF-1)}' | while read n; do dpk-query -S
> $n; done | sed 's/^\([^:]\+\):.*$/\1/' | uniq
>
>
repoquery would what would be used instead. Its syntax is slightly
different
ldd /bin/ls | awk '/=>/{print $(NF-1)}' | while read n; do dnf repoquery
--whatprovides $n; done | uniq


> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Oracle Linux - oracle-epel vs epel - dnf priority

[Stephen John Smoogen]

On Mon, 14 Dec 2020 at 14:27, Nicolas Kovacs  wrote:

> Le 14/12/2020 à 19:41, Frank Cox a écrit :
> > For those of us who are considering moving to Oracle Linux (or at least
> > doing some experimenting with it), I just had an idea for dealing with
> the
> > fact that the oracle-el-epel apparently doesn't have all of the packages
> > that are in the fedora-el-epel that we all know and love.
>
> The Yum Priorities plugin (package yum-plugin-priorities) would be nice to
> have, but unfortunately it seems to have disappeared. I've used this quite
> extensively over the last decade. Whenever I have to use a third-party repo
> that's a potential threat to the official repos, I'm setting it up with
> priority=10 or something just to be on the safe side.
>
> This has always worked like a charm.
>
>
Like all system administration, there are a lot of corner cases which come
up when you have nearly the same repositories. It was nearly a daily
occurence in #epel and #centos-devel of someone, somewhere having a problem
with DAG and EPEL even with the appropriate priorities. The more overlap of
the package sets, the more likely something would break in a way you only
found 2 to 3 days after you updated.

There is also a level of system administration skill to make it work
seamlessly which we forget. Most of the people running into issues were
people who had followed someone else's advice in an irc or mailing list but
did not really understand what priorities or similar tools did. People who
do know tend to also have test systems and roll out methodologies which are
second nature versus 'yum -y update' cron jobs on a fleet of systems.






> Cheers,
>
> Niki
>
> --
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Blog : https://blog.microlinux.fr
> Mail : i...@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Oracle Linux - oracle-epel vs epel - dnf priority

[Stephen John Smoogen]

On Mon, 14 Dec 2020 at 13:41, Frank Cox  wrote:

> I'd like to run this by you guys and get your opinion.
>
> For those of us who are considering moving to Oracle Linux (or at least
> doing some experimenting with it), I just had an idea for dealing with the
> fact that the oracle-el-epel apparently doesn't have all of the packages
> that are in the fedora-el-epel that we all know and love.
>
> It makes sense to me to use the oracle epel with OL to the greatest extent
> possible simply because it's part of OL.
>
> To get around the missing package issue, what about setting up both
> oracle-epel and fedora-epel, and then using the dnf priorities to pick the
> stuff from oracle-epel first and if it's not there then grab it from
> fedora-epel.
>
>

Having done this for years.. choose one or the other. Do NOT mix the two.
You will end up with heartache and sleepless nights trying to figure out
why things are broken. If you are lucky it is something easy like an update
is broken because the missing EPEL package wants a library that the OEL has
an older version of. In other cases it is the same thing but the soname was
good enough to make rpm think it would work.

I say this as a former EPEL package leader.. either use Oracle EPEL and
figure out how to interact with them to get their rebuilds done faster or
do the same with Fedora EPEL. Priorities and similar filtering tools work
well enough if you have focused repositories where small sets may overlap
but you want X to take over from Y. In the case of nearly 1:1 repos, you
will end up with it working 95%-99% of the time and then burning down the
house.




-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Replacing SW RAID-1 with SSD RAID-1

[Stephen John Smoogen]

On Tue, 24 Nov 2020 at 02:20, Simon Matter  wrote:

> > On 23/11/2020 17:16, Ralf Prengel wrote:
> >> Backup
> >>
> >> Von meinem iPhone gesendet
> >
> > You do have a recent backup available anyway, haven't you? That is: Even
> > without planning to replace disks. And testing such strategies/sequences
> > using loopback devices is definitely a good idea to get used to the
> > machinery...
> >
> > On a side note: I have had a fair number of drives die on me during
> > RAID-rebuild so I would try to avoid (if at all possible) to
> > deliberately reduce redundancy just for a drive swap. I have never had a
> > problem (yet) due to a problem with the RAID-1 kernel code itself. And:
> > If you have to change a disk because it already has issues it may be
> > dangerous to do a backup - especially if you do a file based backups -
> > because the random access pattern may make things worse. Been there,
> > done that...
>
> Sure, and for large disks I even go further: don't put the whole disk into
> one RAID device but build multiple segments, like create 6 partitions of
> same size on each disk and build six RAID1s out of it. So, if there is an
> issue on one disk in one segment, you don't lose redundancy of the whole
> big disk. You can even keep spare segments on separate disks to help in
> case where you can not quickly replace a broken disk. The whole handling
> is still very easy with LVM on top.
>
>
I used to do something like this (but because there isn't enough detail in
the above I am not sure if we are talking the same thing). On older disks
having RAID split over 4 disks with / /var /usr /home allowed for longer
redundancy because drive 1 could have a 'failed' /usr but drive 0,2,3,4
were ok and the rest all worked n full mode because /, /var, /home/,  were
all good. This was because most of the data on /usr would be in a straight
run on each disk. The problem is that a lot of modern disks do not
guarantee that data for any partition will be really next to each other on
the disk. Even before SSD's did this for wear leveling a lot of disks did
this because it was easier to allow the full OS which runs in the Arm chip
on the drive do all the 'map this sector the user wants to this sector on
the disk' in whatever logic makes sense for the type of magnetic media
inside. There is also a lot of silent rewriting going on the disks with the
real capacity of a drive can be 10-20% bigger with those sectors slowly
used as failures in other areas happen. When you start seeing errors, it
means that the drive has no longer any safe sectors and probably has
written /usr all over the disk in order to try to keep it going as long as
it could.. the rest of the partitions will start failing very quickly
afterwards.

Not all disks do this but a good many of them do from commercial SAS to
commodity SATA.. and a lot of the 'Red' and 'Black' NAS drives are doing
this also..

While I still use partition segments to spread things out, I do not do so
for failure handling anymore. And if what I was doing isn't what the
original poster was meaning I look forward to learning it.





> Regards,
> Simon
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] run firefox via an ssh tunnel

[Stephen John Smoogen]

On Wed, 11 Nov 2020 at 17:45, R C  wrote:

> I do it all the time.
>
>
> make sure you forward X11,  on the  ssh server side,  and login with
> ssh -X me@myhost.whatever
>
> start firefox with:
>
> /usr/bin/firefox -no-remoteif you don't want the remote pages ending
> up in your local browser
>
> or if you don't care, just run firefox without -no-remote
>
>
Don't you have to make sure that the Firefox on the MacOS-X system is using
X11? It normally uses the native MacOS windowing system which is not X.



>
> or however you start firefox on a mac.
>
>
> Ron
>
>
> On 11/11/20 3:39 PM, S Bob wrote:
> > Hi all;
> >
> >
> > I'm trying to setup an ssh tunnel so I can run firefox on a remote
> > laptop and have the display locally.
> >
> >
> > I have 2 laptops
> >
> > local = CentOS 7
> >
> > remote = mac OSX 10.15.7
> >
> >
> > I want to create an ssh tunnel on the local CentOS 7 laptop, then run
> > firefox on the mac with the display showing up on the CentOS laptop.
> >
> > Is this doable?
> >
> >
> > Thanks in advance
> >
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > https://lists.centos.org/mailman/listinfo/centos
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Style Guide for ASCII Text Documents ?

[Stephen John Smoogen]

On Fri, 6 Nov 2020 at 01:38, Nicolas Kovacs  wrote:

> Hi,
>
> Can anyone on this list recommend a good style guide for formatting
> technical
> documentation (HOWTOs related to CentOS servers) using ASCII text only ?
>
> Markdown and/or AsciiDOC are *not* an option, since these documents should
> be
> easily readable in a text console.
>
>
At this point, there isn't going to be a good style guide, because both of
those formats are considered by various groups to be easy to read on a text
console. [Same with Python RST and anything listed on
https://en.wikipedia.org/wiki/Lightweight_markup_language ]. What I am
meaning is that a lot of formatting comes down to the eye of the beholder
and I have yet to find 12 people who agree on any layout as being pleasing.
[Which was why at one job we had 4 nroff filters for a set of reports back
even into the 2000's. Each one processed man  pages and other documents
into a format that meets various groups 'needs for proper documentation.'

In the end, I would say choose a layout language you need and work out a
filter for pandoc or nroff or  to process it into
what is aesthetically pleasing for your audience.



> Cheers from the sunny South of France,
>
> Niki
> --
> Microlinux - Solutions informatiques durables
> 7, place de l'église - 30730 Montpezat
> Site : https://www.microlinux.fr
> Blog : https://blog.microlinux.fr
> Mail : i...@microlinux.fr
> Tél. : 04 66 63 10 32
> Mob. : 06 51 80 12 12
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] GVIM annoyances

[Stephen John Smoogen]

On Fri, 6 Nov 2020 at 06:11, Gary Stainburn 
wrote:

> I've just upgraded from my old F9 box to C7, which of course means lots
> of changes.  However, the ones are are annoying me most are with VIM.
>
> No matter what I do I can't get  gvim to open in a reasonable size. I
> have a dual headed setup (laptop + external) and every time gvim opens
> it takes up both screens.
>
> I've tried a few suggestions including the one below without success.
> In fact this one causes X to crash when I start gvim.
>
> The second problem I have is the selection of the font.  My old box had
> "sans Regular 12" which was a lovely font to work with. However, when I
> choose the same font on the new box it's hideous. I don't know best how
> to request this, but basically how can I have my nice old font back?
>
>
sans Regular 12 is not a real font, but a 'link' to whatever was set as the
default Sans font of the system. I don't know if you ever changed it and
Fedora 9 is equivalent to something between ~CentOS-5 and CentOS-6. There
aren't a lot of fonts by default in 9 so a lot of systems would get extra
ones.. you will need to look at the backups of what you had on the system
to determine what was being used.  I am expecting it might have been dejavu
font but if you installed Windows TTF fonts as was common then it would be
those.

HOWEVER, a different issue is that you are still using those older fonts if
they were in your .fonts directory. The older fonts use a different
'hinting' system which when viewed on a newer X/Wayland makes the font look
horrible. Since I have been bitten by this with other people I would check
that also.



> |if has("gui_running") " GUI is running or is about to start. " Maximize
> gvim window. set lines=999 columns=999 else " This is console Vim. if
> exists("+lines") set lines=50 endif if exists("+columns") set
> columns=100 endif endif |
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] X defaults

[Stephen John Smoogen]

On Tue, 27 Oct 2020 at 15:51, Michael Hennebry <
henne...@web.cs.ndsu.nodak.edu> wrote:

> On Tue, 27 Oct 2020, Stephen John Smoogen wrote:
>
> > On Tue, 27 Oct 2020 at 13:20, Michael Hennebry <
> > henne...@web.cs.ndsu.nodak.edu> wrote:
> >
> >> I've been trying to move from Centos 7 to fedora.
> >> My monitor is 1440x900, but fedora only believes it's 640x480.
>
> > 1. What kind of video card is this?
> > 2.How is the video connected to the monitor? (DVI/HDMI/DisplayPort/VGA)
> > 3. What kind of monitor is it?
> > 4. What version of Fedora and is Fedora trying to do X or Wayland?
>
> 00:02.0 VGA compatible controller: Intel Corporation 82Q33 Express
> Integrated Graphics Controller (rev 02)
>
>
OK most of the references I see to this card are before 2014, so I am not
sure if this gets any testing in Fedora anymore. The resolution on the
monitor is 'odd' compared to what the various drivers are listed to support
(640x480, 1024x768, 1920x1080) so again I am not much help here.


> Acer V193w
>
> Fedora 32, X
>
> > Sometimes if Fedora can only go to generic 640x480 the video card is no
> > longer 'supported' by the various X11 drivers.. or the data that the
> > monitor is returning to say what it can support is coming back as
> 640x480.
> > Finally this may do better on a fedora mailing list (but they will ask
> the
> > same questions). For a CentOS viewpoint I would ask if it happens if you
> > run CentOS-8 (try via a live cd) on the box. If it does happen, then it
> is
> > a problem between Fedora-18 and Fedora-28. If it doesn't happen then it
> is
> > a problem between Fedora 28 and the version of Fedora you are trying.
>
> IIRC Centos 8 does not have a live version.
>

Fudge, I should know that. Sorry for a wild goose chase. I would see if the
CentOS8 installer goes into X with a larger than 640x480



> I expect Fedora-18 to 32 do.
>

Yes.. that might help figure out in a binary search method.. though
downloading archive isos might be a lot to ask.


>
> Just rediscoverd Xorg --configure .
> Do not remember how I used it.
> Not sure how I should.
>

I don't remember using it since 2004 so I'm not sure myself. I am sorry I
can't be of more help.


>
> --
> Michael   henne...@web.cs.ndsu.nodak.edu
> "Sorry but your password must contain an uppercase letter, a number,
> a haiku, a gang sign, a heiroglyph, and the blood of a virgin."
>   --
> someeecards
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] X defaults

[Stephen John Smoogen]

On Tue, 27 Oct 2020 at 13:20, Michael Hennebry <
henne...@web.cs.ndsu.nodak.edu> wrote:

>
> I've been trying to move from Centos 7 to fedora.
> My monitor is 1440x900, but fedora only believes it's 640x480.
> G.
> xrandr has not helped.
> I've been trying to write X configuration files to tell fedora 1440x900,
> but no joy.
> Is there a way to get X to tell me its current beliefs,
> very preferably in configuration file format?
>
>
1. What kind of video card is this?
2.How is the video connected to the monitor? (DVI/HDMI/DisplayPort/VGA)
3. What kind of monitor is it?
4. What version of Fedora and is Fedora trying to do X or Wayland?

Sometimes if Fedora can only go to generic 640x480 the video card is no
longer 'supported' by the various X11 drivers.. or the data that the
monitor is returning to say what it can support is coming back as 640x480.
Finally this may do better on a fedora mailing list (but they will ask the
same questions). For a CentOS viewpoint I would ask if it happens if you
run CentOS-8 (try via a live cd) on the box. If it does happen, then it is
a problem between Fedora-18 and Fedora-28. If it doesn't happen then it is
a problem between Fedora 28 and the version of Fedora you are trying.


According to the log file on Centos, everything was defaulted or probed.
> It contains no numbers.
> My guess is that fedora has different defaults and they are wrong for me.
>
> I've had problems like this before,
> so I'm unwilling to install until I know I can run a live version.
> That makes life clunky.
> I have to boot to non-graphics, do my editing and change the runlevel.
>
> --
> Michael   henne...@web.cs.ndsu.nodak.edu
> "Sorry but your password must contain an uppercase letter, a number,
> a haiku, a gang sign, a heiroglyph, and the blood of a virgin."
>   --
> someeecards
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Firefox 78 under CentOS 6 -- no sound?

[Stephen John Smoogen]

On Mon, 26 Oct 2020 at 11:29, James Pearson 
wrote:

> Jonathan Billings wrote:
> >
> > Amazingly it appears that Red Hat has released another Firefox:
>
> Red Hat just follow the Mozilla ESR stream release cycle, which is
> currently ESR 78 with point releases come out every 4 weeks or so
>
> Each ESR stream is supported by Mozilla for about a year, with each major
> release based on the standard 'rapid release' version at the time - i.e.
> the previous ESR version was 68, based on the Firefox rapid release version
> 68 and the current ESR version is 78, based on the Firefox rapid release
> version 78. The ESR point releases coincide with the rapid release major
> releases, although the ESR point releases are just for security bug fixes
> (occasionally contains other non-security bug fixes), whereas the rapid
> release new major versions may have new features, security and bug fixes
> plus other enhancements added etc
>
> Therefore the ESR release is more stable over a longer period - and so
> best suited for 'Enterprise' use
>
> The current ESR version is 78.4.0 - with 78.5.0 coming in November and
> 78.6.0 in December - so I'm guessing Red Hat might release 78.5.0 before
> EL6 reaches EOL at the end of November ?
>
> I have no idea if the latest 78.4.0 release from Red Hat will fix the
> sound issues on EL6
>
>

OK I got a VM installed with EL6 and ran firefox --debug. The errors seem
to be

[Child 3570, MediaDecoderStateMachine #1] WARNING: 7fffd72b46d0 OpenCubeb()
failed to init cubeb: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/AudioStream.cpp, line 331
[Child 3570, MediaDecoderStateMachine #1] WARNING: Decoder=7fffd72cb400
[OnMediaSinkAudioError]: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/MediaDecoderStateMachine.cpp,
line 3891
[Child 3570, MediaDecoderStateMachine #1] WARNING: Decoder=7fffd72cb400
Decode error: NS_ERROR_DOM_MEDIA_MEDIASINK_ERR (0x806e000b) -
OnMediaSinkAudioError: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/MediaDecoderStateMachine.cpp,
line 3470
[Child 3570, MediaDecoderStateMachine #1] WARNING: 7fffd72b4fc0 OpenCubeb()
failed to init cubeb: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/AudioStream.cpp, line 331
[Child 3570, MediaDecoderStateMachine #1] WARNING: Decoder=7fffd6edd400
[OnMediaSinkAudioError]: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/MediaDecoderStateMachine.cpp,
line 3891
[Child 3570, MediaDecoderStateMachine #1] WARNING: Decoder=7fffd6edd400
Decode error: NS_ERROR_DOM_MEDIA_MEDIASINK_ERR (0x806e000b) -
OnMediaSinkAudioError: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/MediaDecoderStateMachine.cpp,
line 3470
[Thread 0x7fffcdcf5700 (LWP 3638) exited]
[Child 3570, MediaDecoderStateMachine #1] WARNING: 7fffd72b5160 OpenCubeb()
failed to init cubeb: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/AudioStream.cpp, line 331
[Child 3570, MediaDecoderStateMachine #1] WARNING: Decoder=7fffd6edd400
[OnMediaSinkAudioError]: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/MediaDecoderStateMachine.cpp,
line 3891
[Child 3570, MediaDecoderStateMachine #1] WARNING: Decoder=7fffd6edd400
Decode error: NS_ERROR_DOM_MEDIA_MEDIASINK_ERR (0x806e000b) -
OnMediaSinkAudioError: file
/builddir/build/BUILD/firefox-78.3.0/dom/media/MediaDecoderStateMachine.cpp,
line 3470

when I try to play sounds from https://hpr.dogphilosophy.net/test/

I am doing this in my spare time outside of moving and some other items..
so I am not sure 'how fast' I can get to this. [My current guess is that
the Firefox requirement for pulseaudio in 78+ is looking for a different
version ABI that EL6 supports.]





> James Pearson
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Firefox 78 under CentOS 6 -- no sound?

[Stephen John Smoogen]

On Fri, 23 Oct 2020 at 05:19, James Pearson 
wrote:

> Peter wrote:
> >
> > What confuses me here is why would Red Hat rebase a package so close to
> > EOL.  Now that they have they're stuck with either leaving a severly
> > broken firefox or providing a fix less than 6 weeks before EOL.  I
> > honestly don't know which way they'll go here but it just seems to me
> > like it was a very poor decision to rebase firefox in RHEL6 so close to
> > EOL to begin with.
>
> I'm guessing that as Firefox ESR 68 is now a year 'out-of-date' (and no
> longer supported by Mozilla), that they wanted to provide a more up to date
> version for those that want to continue using EL6 after its EOL ?
>
> Just a thought, has anyone checked that the Redhat RHEL 6 build of ESR 78
> works or or not? i.e. could it be an issue just with the CentOS build ?
>
>
Someone reported up thread that the RHEL-6 version of ESR78 does not have
working sound either. The main issue is that it is hard to debug this just
from emails. I would need to get a RHEL-6 system with ESR68 running from
command line with debug turned on and look to see what it is talking to on
sound. I would then need to do the same with ESR78 to see what it tries to
talk to. My guesses is that the API/ABI that the application ESR78 expects
the kernel/glibc/etc sound system that GNOME/KDE/kernel etc moved to in the
3.x services and the older 2.6 was deprecated and removed. This would then
take someone going through the code changes between 68 and 78 to see what
and why it was removed and if it is possible to put back in.


> James Pearson
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Firefox 78 under CentOS 6 -- no sound?

[Stephen John Smoogen]

On Wed, 21 Oct 2020 at 14:03, Yves Bellefeuille  wrote:

> Leon Fauster via CentOS  wrote:
>
> >  ... or a general problem. Does some one tried the version from
> >  mozilla?
> >
> >  https://www.mozilla.org/en-US/firefox/all/#product-desktop-esr
> >
> >  Can't test it - I don't run EL6 workstations anymore ...
>
> [yves@home firefox]$ ./firefox
> ./firefox: /lib64/libc.so.6: version `GLIBC_2.17' not found (required
> by ./firefox)
> ./firefox: /lib64/libc.so.6: version `GLIBC_2.14' not found (required
> by ./firefox)
>
> CentOS 6 only goes up to glibc 2.12.
>
>
Basically that says that upstream no longer thinks that Firefox is runnable
on RHEL-6/CentOS-6 anymore. I think there was a similar problem at the end
of EL-5 when a 'YOU HAVE TO UPGRADE' fix from Mozilla was released and
while a lot of work was done by Red Hat to get it to work on RHEL-5, some
items (and I really think it was sound and plugins) did not work. At the
tail end of a release, most 'desktop' concerns are very hard to figure out
as 10 year old software API's are rarely kept working by the various
'upstreams'.

I want to be clear that I do understand this is causing major issues for
users. I think a lesson learned from EL-5 and EL-6 is that EL releases need
to be clearer on the difference between desktops and servers. There seems
to be a point where desktop utilities fixes are mainly going to be
'reasonable effort' versus 'guaranteed' to be 100%... usually in the last 6
months of a release. That way users can plan better that a certain amount
of work is going to be needed by them to continue it working.



> --
> Yves Bellefeuille
> 
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mail server troubles

[Stephen John Smoogen]

On Thu, 8 Oct 2020 at 17:50, Nicolas Kovacs  wrote:

> Hi,
>
> This is probably a bit OT, but here goes.
>
> I've been running our local school's mail server since 2013, with mail
> addresses for school staff and some teachers. The server is running CentOS
> 7
> with Postfix and Dovecot, and it's a nice no-bullshit configuration with
> SPF,
> DKIM and DMARC.
>
> The school sends quite a lot of email out to parents, and sometimes, mail
> gets
> rejected:
>
> --8<
> : host smtp-in.orange.fr[193.252.22.65] said: 550
> 5.2.0
> Mail rejete. Mail rejected. ofr_506 [506] (in reply to end of DATA
> command)
>
> : host smtp-in.orange.fr[193.252.22.65] said: 550
> 5.2.0
> Mail rejete. Mail rejected. ofr_506 [506] (in reply to end of DATA
> command)
> --8<
>
> This happens randomly with the usual suspects among crappy mail providers
> like
> Orange, Hotmail/Live, Yahoo and the rest.
>
>
So wanadoo and orange seem to send a ofr_506 because the scanned mail was
found to be SPAM. This is independent of DKIM, SPF, DMARC but from them
scanning the email in the DATA and saying nope. Usually that is because too
many people complained about a set of email and the weight of email with
that content is getting blocked. I don't know if the school moving to
another provider will fix that as this isn't because of the IP it was sent
from (they block before the DATA is sent in that case). [My guess is that
someone wants to move to something else and is using this as the Casus
Belli to do so. ]

I don't really have a suggestion or solution to either problem..


>

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Logitech C922 webcam

[Stephen John Smoogen]

On Tue, 29 Sep 2020 at 13:31, H  wrote:

> Just installed the above USB webcam but it is not recognized by dmesg |
> grep usb, nor does Zoom recognize it. I was under the understanding it
> should not require a driver, or?
>
> I am running CentOS 7.
>
>
Does anything show up when the device is plugged in. There should be info
in dmesg when a device is added or removed, even if the kernel does not
recognize it. If you do not have that, then the USB port or device is not
working. The lines will say something like "New USB device found,
idVendor=<>, idProduct=<>, bcdDevice=<>. That data is independent of your
drivers.

Also the command lsusb and /proc/bus/input/devices can give data.





> Thanks.
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Systemd service unit file needs to wait until a specific interface is up

[Stephen John Smoogen]

On Wed, 23 Sep 2020 at 23:39, Orion Poplawski  wrote:

> On 9/23/20 7:07 AM, Stephen John Smoogen wrote:
> > On Wed, 23 Sep 2020 at 04:33, Carlos Lopez  wrote:
> >
> >> Hi all,
> >>
> >>
> >> With SystemD, how can I make certain service dependent on certain
> network
> >> interfaces being up?
> >>
> >> For example, I have an 802.1ad bond interface I need to wait on for
> being
> >> up (this interface has no ip address assigned, it is used to capture
> >> networks packets with a tcpdump’s script). Every time this service fails
> >> because bond interface is not up.
> >>
> >>
> >>
> >> I have configured the service as:
> >>
> >>
> >> [Unit]
> >>
> >> Description=tcpdump capture script
> >>
> >> After=network.target
> >>
> >> Wants=network-online.target
> >>
> >>
> >>
> >> But it doesn’t work …. Any tip or trick?
> >>
> >>
> >>
> >
> > So the network just calls the scripts and exits so they can take a while
> to
> > get working. I think this website covers what you want to do
> >
> >
> https://unix.stackexchange.com/questions/257888/systemd-wait-for-network-interface-to-be-up-before-running-service
> >
> > systemctl list-units --no-pager | grep subsystem-net
> >
> > Then look for the device which matches the one you are listening to.
> Change
> > the After=network.target to
> >
> >
> > BindsTo=sys-devices-virtual-net-.device
> > After=sys-devices-virtual-net-.device
> >
> > where  is the interface you found (aka eth2, br9, bond0 etc)
>
> Hmm, there seems to be several layers here.
>
> I think sys-devices-.device is "started" when  appears
> in the kernel:
>
> Sep 23 19:37:25 kernel: virtio_net virtio0 ens3: renamed from eth0
>
> # systemctl status sys-subsystem-net-devices-ens3.device
> ● sys-subsystem-net-devices-ens3.device - Virtio network device
>   Loaded: loaded
>   Active: active (plugged) since Wed 2020-09-23 19:37:25 MDT
>
> This is not what most people would consider "up" - i.e. have an IP
> address.  ens3 doesn't get it's IP address until much later.
>
>

Oh good point. I didn't think about that.


> This works for Carlos though because he doesn't need an IP address -
> just the device existing.
>
>
It may or may not.. I just realized that the device may need to get
recognized by a switch etc which on a bond may take time.


> I have no idea how it worked for the stackexchange poster.  Apparently
> because "lan0" is a virtual device as well
> ("sys-devices-virtual-net-lan0") that they need, not a more "physical"
> device like "net-devices-ens3", and it gets an IP address at the same
> time as creation.
>
> I've been dealing with issues like this for a while - systems with
> multiple interfaces, some of which do not come up for quite a while, and
> I need to wait for all to be up before running certain tasks.  Still
> haven't found anything very satisfactory.
>
>
All good points. Thank you for that douse of reality.



> --
> Orion Poplawski
> Manager of NWRA Technical Systems  720-772-5637
> NWRA, Boulder/CoRA Office FAX: 303-415-9702
> 3380 Mitchell Lane   or...@nwra.com
> Boulder, CO 80301 https://www.nwra.com/
>
>

-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Systemd service unit file needs to wait until a specific interface is up

[Stephen John Smoogen]

On Wed, 23 Sep 2020 at 04:33, Carlos Lopez  wrote:

> Hi all,
>
>
> With SystemD, how can I make certain service dependent on certain network
> interfaces being up?
>
> For example, I have an 802.1ad bond interface I need to wait on for being
> up (this interface has no ip address assigned, it is used to capture
> networks packets with a tcpdump’s script). Every time this service fails
> because bond interface is not up.
>
>
>
> I have configured the service as:
>
>
> [Unit]
>
> Description=tcpdump capture script
>
> After=network.target
>
> Wants=network-online.target
>
>
>
> But it doesn’t work …. Any tip or trick?
>
>
>

So the network just calls the scripts and exits so they can take a while to
get working. I think this website covers what you want to do

https://unix.stackexchange.com/questions/257888/systemd-wait-for-network-interface-to-be-up-before-running-service

systemctl list-units --no-pager | grep subsystem-net

Then look for the device which matches the one you are listening to. Change
the After=network.target to


BindsTo=sys-devices-virtual-net-.device
After=sys-devices-virtual-net-.device

where  is the interface you found (aka eth2, br9, bond0 etc)



> My host is CentOS8 x86_64.
>
>
> Regards,
> C. L. Martinez
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] storage for mailserver

[Stephen John Smoogen]

On Wed, 16 Sep 2020 at 12:12, Michael Schumacher <
michael.schumac...@pamas.de> wrote:

> hi,
>
> I am planning to replace my old CentOS 6 mail server soon. Most details
> are quite obvious and do not need to be changed, but the old system
> was running on spinning discs and this is certainly not the best
> option for todays mail servers.
>
> With spinning discs, HW-RAID6 was the way to go to increase reliability
> and speed.
> Today, I get the feeling, that traditional RAID is not the best
> option for SSDs. I am reading that all RAID members in SSD-arrays age
> synchronously so that the risk of a massive failure of more than one
> disk is more likely than with HDDs. There are many other concerns like
> excessive write load compared to non-raid systems, etc.
>
> Is there any common sense what disk layout should be used these days?
>
> I have been looking for some kind of master-slave system, where the
> (one or many) SSD is taking all writes and reads, but the slave HDD
> runs in parallel as a backup system like in a RAID1 system. Is there
> any such system?
>
> I don't think so because the drives would always be out of sync but in a
restart it would be hard to know if the drive is out of sync for a good
reason or a bad one. For most of the SSD raids, I have seen people just
making sure to buy disks which are spec'd for more writes or similar
'smarter' enterprise trim. I have also read about the synchronicity problem
but I think this may be a theory vs reality problem. In theory they should
all fail at once, in reality at least for the arrays I have used for 3
years, they seem to fail in different times. that said, I only have 3
systems over 3 years with SSD drives running RAID6 so I only have anecdata
versus data.




> Any thoughts?
>
> best regards
> Michael Schumacher
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Thunderbird won't start after move to new box

[Stephen John Smoogen]

On Thu, 10 Sep 2020 at 12:09, Gary Stainburn 
wrote:

> I've tried moving my Thunderbird profile from one C7 box, a standard PC
> to another C7 box, a DELL server. I did this by rsync'ing ~/.thunderbird.
>
>
what options did you use to rsync the directories over? And does

restorecon -r -v /home

show any differences/changes. rsync does not copy over metadata or general
ACL's without additional options so if there are selinux or other acl items
on the files they are not copied

man rsync

rsync -AXSHPav .thunderbird/ :~/.thunderbird/

may also help.



> However, on the new box, Thunderbird only starts if I run it
> -safe-mode.  If I don't run it in safe mode I see the window flash up
> and instantly close.  No errors or notifications appear in the terminal
> window.,
>
> Anyone got suggestions on what could be wrong, or how I can diagnose
> it?  Google just seems to bring up hits for problems on Windows boxes.
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Conversion from Centos 5 to Centos 7 & mailx changes

[Stephen John Smoogen]

On Sat, 5 Sep 2020 at 10:19, Gregory P. Ennis  wrote:

>
> Stephen and Kenneth,
>
> Thank you very much for your help.
>
> I tried 'MAILRC=/dev/nul' which I put in /etc/mail.rc as
>
> 'set MAILRC=/dev/null'
>
>
No that is meant to be a shell environment variable so that it does not try
to read /etc/mail.rc.. if you have it in /etc/mail.rc its not going to help
any.


> But I did not identify that this changed any behavior.
>
> The link below was very helpful Stephen thank you for your kindness in
> digging this out for
> me.
>
> https://www.digitalocean.com/community/tutorials/how-to-send-e-mail-alerts-on-a-centos-vps-for-system-monitoring
>
> In the end the above link gave me a grammar and syntax that worked, but it
> is requiring a
> change in every line of code that the 'mail' command had been used.  the
> following syntax
> and grammer gave me what I needed.
>
> echo | mail -s "Subject" -r from@address -q /loc/to/body.txt email@address
>
> Thank you again for your help!!!
>
> Greg
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Conversion from Centos 5 to Centos 7 & mailx changes

[Stephen John Smoogen]

On Fri, 4 Sep 2020 at 16:00, Gregory P. Ennis  wrote:

> Everyone,
>
> I have just upgraded a Centos 5 server to a Centos 7 server and am
> having difficulty with a change of behavior of mailx with the use of a
> command line of :
>
> mail -s 'This is the subject' u...@domain.com < text_file.txt
>
> On Centos 5 when mailx was used by a program started by a cron job we
> were able to send a text file as an email message and the headers did
> not contain 'Content-Transfer-Encoding: base64'
>
>
The version of mailx in Red Hat Enterprise Linux 5 is based off the old BSD
mailx program (in Debian it looks like it is still available as bsd-mailx).
That version was 'bit' rotting and having problems with newer mail
servers.  For an afternoon read
http://heirloom.sourceforge.net/mailx_history.html and
https://www.redhat.com/archives/rhl-devel-list/2008-June/msg00628.html [It
looks like this was further forked into s-nail which Debian, Ubuntu, Arch,
etc seem to ship as the default for mailx now.]

Looking for why this change was done I found these:

https://www.redhat.com/archives/rhl-devel-list/2008-June/msg00632.html
https://www.redhat.com/archives/rhl-devel-list/2008-June/msg00641.html

which says one of two ways to hack around this problem:
1. Put in /etc/mail.rc the items needed
2. Try the MAILRC=/dev/null hack

and finally a google "heirloom mailx Content-Transfer-Encoding base64" got
me to

https://stackoverflow.com/questions/10343106/linux-mail-file-log-has-content-type-application-octet-stream-a-noname-attac


which seems to offer changing it to

cat -v {{file}} | mail -s "your subject" "your@recipient.internet"




> On Centos 7 the headers contain 'Content-Transfer-Encoding: base64' and
> when the client gets the e-mail they are unable to open it up.
>
> The interesting thing is that on Centos 7 when the command line is used
> by typing the above command 'Content-Transfer-Encoding: 7bit' is placed
> in the header and the client can see the e-mail without a problem.
>
> I have looked for a way to control the 'Content-Transfer-Encoding:'
> header to '7bit' when we use a cron job, but I have not been able to
> figure out how.
>
> Your suggestions would be appreciated.
>
> Thank you,
> --
> Greg Ennis
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


-- 
Stephen J Smoogen.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos