[CentOS] CnetOS 7, hostname, and rsyslogd

[m . roth]

A current system, but this has been happening since I built this box last
fall: the system gets its name via DHCP, not from a hostname file. On
reboot, such as after a yum update, it *appears* as though rsyslogd is
started before the network is up, and so it doesn't have its hostname
yet... so /var/log/messages shows the hostname as localhost. If I restart
rsyslogd, and everything's fine.

Has anyone else seen this behaviour?

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Copying a live system

[m . roth]

Chris Murphy wrote:
> Anaconda live installs use this:
>
> rsync -pogAXtlHrDx --exclude /dev/ --exclude /proc/ --exclude /sys/
> --exclude /run/ --exclude /boot/*rescue* --exclude /etc/machine-id
> /run/install/source/ /mnt/sysimage
>
Oh. Yeah. DEFINITELY --exclude /var/log/lastlog

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Inconsistancy in RAID documentation

[m . roth]

On the wiki page for creating a mirrored root drive, at
, it first
tells you, in the install, to chose manual partitioning, and to leave at
least 1M at the end of the drive and then it tells you to create the
RAID 1 using /dev/sda and /dev/sdb - the *whole* raw drives.

 mark, currently creating a RAID 1 using just the raw drives, no
partitions

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 Firefox 45.1 segmentation faults

[m . roth]

Akemi Yagi wrote:
> On Tue, May 3, 2016 at 9:34 AM,   wrote:
>> Akemi Yagi wrote:
>
>>> To add to your fun, let me present my wish list:
>>>
>>> mplayer-gui and libquicktime (latest version from PUIAS) and
>>> mlt >= 0.9.4
>>>
>> Ummm, NO. NOT the latter, under any circumstance... or hadn't you missed
>> the huge announcements that Apple would no longer support quicktime, and
>> every organization, at least here in the States, and all the trade
>> press, are saying uninstall quicktime yesterday!!!
>
> I hope this is your misunderstanding, Mark. I am talking about
> libquicktime from:
>
> http://libquicktime.sourceforge.net/
>
> Not Apple's quicktime.
>
> As seen in http://libquicktime.sourceforge.net/introduction.html,
> "libquicktime is in no way related to the original quicktime software,
> which can be found here (http://quicktime.apple.com/)".
>
I understood that it's not Apples (I wouldn't expect them to release an
rpm for us); however, I don't know that the team building libquicktime is
going to continue to upgrade and enhance, now that Apple's ended all
support for it, and everyone's being pushed, at least in all
organizations, to get rid of it, or if they might wind down the project;
that is why I was emphatic about not wanting it.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 Firefox 45.1 segmentation faults

[m . roth]

Akemi Yagi wrote:
> On Tue, May 3, 2016 at 12:11 AM, Nux!  wrote:
>
>> - Original Message -
>>> From: "Akemi Yagi" 
>>> To: "CentOS mailing list" 
>>> Sent: Tuesday, 3 May, 2016 01:32:55
>>> Subject: Re: [CentOS] C6 Firefox 45.1 segmentation faults
>>
>>> On Mon, May 2, 2016 at 5:07 PM, Akemi Yagi  wrote:
>
 Indeed, it worked. Now need to test this thing ...
>>>
>>> With my short test, so far, so good. No crash with the site that used
>>> to bomb out.
>>>
>>> I needed the latest version of soxr(-devel) and xvidcore(-devel) from
>>> PUIAS to run (build) ffmpeg-2.1.1-1.sdl6. All other dependencies were
>>> available from EPEL and nux.
>>>
>>> Akemi
>
>> Morning,
>>
>> Thanks for testing Akemi, I'll work towards upgrading ffmpeg then and
>> the deps. Will be fun. :-)
>>
>> Nux!
>> www.nux.ro
>
> To add to your fun, let me present my wish list:
>
> mplayer-gui and libquicktime (latest version from PUIAS) and
> mlt >= 0.9.4
>
Ummm, NO. NOT the latter, under any circumstance... or hadn't you missed
the huge announcements that Apple would no longer support quicktime, and
every organization, at least here in the States, and all the trade press,
are saying uninstall quicktime yesterday!!!

And yes, we have been told to make it go away here at work... and I work
for a US federal gov't agency (civilian sector).

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Copying a live system

[m . roth]

Timothy Murphy wrote:
> I want to backup my current CentOS-7.2 system to another drive.
> Is it safe to copy the system while it is running?
> Eg by
> mount /dev/sdb5 /mnt
> rsync -HPaxvz /. /mnt/
> I've found contradictory advice on the web.

Oh, I hit  before I added several more things:

First, correct the MAC address in
/etc/udev/rules.d/70-persistant-net.rules (or it might be 60), and in
/etc/sysconfig/network-scripts for ifcfg-

Second, you'll need a new /etc/ssh/sshd-host-*

If you're getting your name & IP (and IPv6) from DHCP, don't forget to
update the DHPCD server.


Finally, this works if the system is identical hardware. If not, before
you try to boot, boot from linux rescue, then you need to
chroot /mnt/sysimage

cd /lib/modules

VER=$(ls -rt1 | tail -1)
echo $VER

mkinitrd X $VER
mv X /boot/initrd-$VER.img

At that point, you should be good to go.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Copying a live system

[m . roth]

Timothy Murphy wrote:
> I want to backup my current CentOS-7.2 system to another drive.
> Is it safe to copy the system while it is running?
> Eg by
> mount /dev/sdb5 /mnt
> rsync -HPaxvz /. /mnt/
> I've found contradictory advice on the web.

Yes. When we're cloning a system, such as a compute node in a cluster, or
rsync upgrading, we
rsync -HPavxz /. newmachine:/new/.
rsync -HPavxz /boot/. newmachine:/boot//new/.

As long as you're not copying /sys or /proc

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6 Firefox 45.1 segmentation faults

[m . roth]

Nux! wrote:
> This consistently crashes it, for testing:
> http://dl.nux.ro/video/Organshiftpregnancy.mp4
>
Datum: CentOS 6.7, under firefox, 38, it opened movie player, and it
played. I just updated firefox, I'm on 45.1.0, and streaming media is
working as before, and I clicked on the link, and once I told noscript to
allow it, it played the video in a tab.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Semi-OT: awk

[m . roth]

This is odd, and annoying. CentOS 6, current. Here's my awk script:

{
   room = substr($0, 48, 10);
   arr[$2,room,$1] = $0;
}
END {
  for ( i in arr ) {
 for ( j in arr[i] ) {
for ( k in arr[i][j] ) {
print arr[i][j][k];
}
 }
   }
}

And when I run it, it complains
 awk -f awksort proplist7
awk: awksort:7:  for ( j in arr[i] ) {
awk: awksort:7:^ syntax error
awk: awksort:8: for ( k in arr[i,j] ) {
awk: awksort:8:   ^ syntax error
awk: awksort:9: print arr[i][j][k];
awk: awksort:9: ^ syntax error

which makes no sense - I've done this a million times. Am I missing
something, or is this a bug?

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] OT, security: if you're in the US, and like your dentist, call them, *now*

[m . roth]

If you like your dentist, *call* them, today.
,
and the URL says it all - they mailed a card with a USB key... and some of
them have malware, and Krebs says not all virus scanners can detect it

   mark "got off the phone with my dentists' office a few minutes ago


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] About mysql upgrade

[m . roth]

Lamar Owen wrote:
> On 04/28/2016 08:45 AM, Sergio Belkin wrote:
>> I've found some issues upgrading mysql, some people recommends run
>> mysql_upgrade. I wonder why such a script is not run from scriptlet of
>> mysql-server rpm.
> Back in the Dark Ages of the PostgreSQL RPMset (PostgreSQL 6.5), early
> in my time as RPM maintainer for the community PostgreSQL.org RPMset, I
> asked a very similar question of some folks, and I got a canonical
> answer from Mr. RPM himself, Jeff Johnson.
>
> The answer is not very complex, but it was spread across a several
> message private e-mail thread.  The gist of it is that the RPM
> scriptlets are very very limited in what they can do.  Trying to do
> something clever inside an RPM scriptlet is almost never wise.  The key
> thing to remember is that the scriptlet has to be able to be run during
> the OS install phase (back when upgrades were actually supported by the
> OS installer that is now known as anaconda). Quoting this introductory
> section:


We have an answer we really like: yum-post-transaction-actions. Great
plugin... and it will do whatever you want... like, say: sed -i
s/sbin\/shutdown/bin\/false/ /etc/apcupsd/apccontrol

 mark "and are there three, or six, servers plugged ino the rackmount
UPS? Yes."

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos hold me back from work - sshd ...bull

[m . roth]

Valeri Galtsev wrote:
>
> On Thu, April 28, 2016 8:56 am, mdubend...@gmail.com wrote:
>> The problem is not with your installation of CentOS, it is with the
>> computer you are connecting from. Read the error log you pasted earlier,
>> it tells you exactly what the problem is and how to remedy it:
>>>
>>> Add correct host key in /Users/andy/.ssh/known_hosts to get rid of this
>>> message. Offending ECDSA key in /Users/andy/.ssh/known_hosts:22
>>
>> Open up the file /Users/andy/.ssh/known_hosts and delete line 22.

> Usually host key (of remote machine) could change for the following
> reasons:
>
> 1. benign reasons: remote machine system was reinstalled and/or ssh server
> keys were re-generated, or some machine was retired and different machine
> re-used its IP, or for some other reason, like changes in DNS, you are
> connecting to _different_ system that has same IP as the one you were
> connecting to in the past
>
> In this case it is indeed safe to delete old known keys resembling this
> host (there may be more that one), then ssh to it and accept new key
>
> 2. Bad reasons: remote machine is hijacked and host keys have changed. Or,
> as ssh error message says, it may be "man in the middle" attack. If some
> intermediate malicious machine is able to intercept your traffic, it can

Just as a side note, here: when we rebuild a machine - say, when we were
doing CentOS 5 to 6, or when we build a new machine for someone, 6->7, we
*remove /etc/ssh/ssh_host*, and rsync in the *old* /etc/ssh/ssh_host* from
backup.

Not doing this does have a tendency to freak out the users

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache/PHP Installation - opinions

[m . roth]

Valeri Galtsev wrote:
> On Wed, April 27, 2016 10:29 am, m.r...@5-cent.us wrote:
>> Alice Wonder wrote:
>>> On 04/27/2016 01:21 AM, Brandon Vincent wrote:
 On Wed, Apr 27, 2016 at 1:10 AM, Rob Kampen
 
>> wrote:
> Sounds good, but how many domain MX servers have set up these
> fingerprint keys - 1%, maybe 2%, so how do you code for that? I guess
>> I'm thinking
> it uses it if available. So even if you do post it on your DNS, how
> many clients out there are using DANE on their set up? By the time it
> becomes more than a tiny % and generally useful, it will be in
CentOS 8.
> It also requires certificates to be implemented more ubiquitously than
> at  present - although we do now have affordable solutions, so this
> one may resolve more quickly.

>>> Security and Privacy on the Internet are both severely broken.
>>>
>>> If you read the white papers from when the Internet was first being
>>> designed, security was rarely even mentioned.

>> Just as a point of information, when those RFCs were written, the
>> Internet was *only* for US gov't, and selected research and educational
>> organizations, and NO ONE else. The open 'Net only came in in the
>> nineties - so security wasn't broken and insecure, back then there was
physical
>> security and careful selection as to who was allowed on, at all.
>
> That is true, they had in mind resilience of communication net to portions
> of it brought down (implying some nasty thing like nuclear exchange). Real
> security though is not in restriction of those who can access something
> (like government only). Security experts often say: if a secret in known
> to two people it likely is not a secret anymore ;-(

Yup, which drives some governments and companies *nuts*... but the
original specs included the idea that "if you can find ANY way for your
packets to get through, even if three-quarters of all the computers
between me and you are now radioactive dust, you will get those packets
through".

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache/PHP Installation - opinions

[m . roth]

Alice Wonder wrote:
> On 04/27/2016 01:21 AM, Brandon Vincent wrote:
>> On Wed, Apr 27, 2016 at 1:10 AM, Rob Kampen 
wrote:
>>> Sounds good, but how many domain MX servers have set up these
>>> fingerprint keys - 1%, maybe 2%, so how do you code for that? I guess
I'm thinking
>>> it uses it if available. So even if you do post it on your DNS, how
many clients out there are using DANE on their set up? By the time it
becomes more than a tiny % and generally useful, it will be in CentOS 8.
It
>>> also requires certificates to be implemented more ubiquitously than at
present - although we do now have affordable solutions, so this one may
resolve
>>> more quickly.
>>
> Security and Privacy on the Internet are both severely broken.
>
> If you read the white papers from when the Internet was first being
designed, security was rarely even mentioned.

Just as a point of information, when those RFCs were written, the Internet
was *only* for US gov't, and selected research and educational
organizations, and NO ONE else. The open 'Net only came in in the nineties
- so security wasn't broken and insecure, back then there was physical
security and careful selection as to who was allowed on, at all.

   mark








___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bourne shell deprecated?

[m . roth]

Scott Robbins wrote:
> On Tue, Apr 26, 2016 at 07:27:26PM -0700, Alice Wonder wrote:
>>
>> Some of the BSDs use to have a bourne shell and maybe some do, I don't
know.
>>
> Yup.
>
>> bash is mostly compatible with bourne (can run most bourne scripts)
which is why /bin/sh is a symlink to /bin/bash on GNU and most other
*nix systems.
>
> Bash can run Bourne, but not necessarily vice versa, which can be
problematic if, say, moving a Linux script to a BSD or AIX box.   I
remember something I'd done which used, IIRC, $UID, without realizing it
was a bashism, instead of using id -u.

I'll also note that all *production* scripts were once required to be
bourne, but by the mid-ninties, management was starting to mandate that
they be Korn shell, instead, for many reasons - capabilities, etc. Bash -
I don't think I saw that till I started running RH 5.1, I think it was,
about 18 years ago

  mark



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Semi-OT: very weird vi behaviour

[m . roth]

m.r...@5-cent.us wrote:
> Richard wrote:
>>> Date: Wednesday, April 27, 2016 13:43:00 +
>>> From: "Vanhorn, Mike" 
>>> On 4/27/16, 9:39 AM, "centos-boun...@centos.org on behalf of
>>> m.r...@5-cent.us" >> m.r...@5-cent.us> wrote:
>>>
 And now, I just
 ssh'd in from another windows, same way... and the weirdness isn't
 there.

 Anyone have any clues as to what's going on with that one session?

>>> It sounds as if, for some reason, in that one session, vi doesn’t
>>> know what your terminal settings are, so it’s in line editing
>>> mode (like ed or ex). I don’t have an explanation as to why it
>>> would only happen with that one session, though.
>>
>> Or your "colors" could be set oddly in that terminal window/vi
>> session.
>>
>> Unfortunately you are giving almost no details - OSs (original and
>> target machine), shells, terminal settings, etc., so it's hard to do
>> more than jump to potentially rash conclusions.
>
> Sorry, original machine that I sudo'd to root is CentOS 6; the machine
> where it was acting weird was CentOS7. Terminal is rxvt, and my colors are
> set everywhere to be the color Ghod (and IBM) meant them to be, green on
> black. 
>
> I'd been googling, and tried reset, and tried , and none of it
> helped. I renamed /root/.viminfo, and tried vi -V, which showed it only
> going after /etc/virc and /etc/vimrc, and neither modified. I also tried
> vi --noplugin.
>
Sorry, one more detail: file under "anal", and, as a buddy, a sr. sysadmin
many years ago used to say, "professionally paid to be paranoid" - I log
out of *everything*, including my workstation, when I leave for the night,
so new session every day.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Semi-OT: very weird vi behaviour

[m . roth]

Richard wrote:
>> Date: Wednesday, April 27, 2016 13:43:00 +
>> From: "Vanhorn, Mike" 
>> On 4/27/16, 9:39 AM, "centos-boun...@centos.org on behalf of
>> m.r...@5-cent.us" > m.r...@5-cent.us> wrote:
>>
>>> And now, I just
>>> ssh'd in from another windows, same way... and the weirdness isn't
>>> there.
>>>
>>> Anyone have any clues as to what's going on with that one session?
>>>
>> It sounds as if, for some reason, in that one session, vi doesn’t
>> know what your terminal settings are, so it’s in line editing
>> mode (like ed or ex). I don’t have an explanation as to why it
>> would only happen with that one session, though.
>
> Or your "colors" could be set oddly in that terminal window/vi
> session.
>
> Unfortunately you are giving almost no details - OSs (original and
> target machine), shells, terminal settings, etc., so it's hard to do
> more than jump to potentially rash conclusions.

Sorry, original machine that I sudo'd to root is CentOS 6; the machine
where it was acting weird was CentOS7. Terminal is rxvt, and my colors are
set everywhere to be the color Ghod (and IBM) meant them to be, green on
black. 

I'd been googling, and tried reset, and tried , and none of it
helped. I renamed /root/.viminfo, and tried vi -V, which showed it only
going after /etc/virc and /etc/vimrc, and neither modified. I also tried
vi --noplugin.

  mark


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Semi-OT: very weird vi behaviour

[m . roth]

This is weird. As in, *deeply* weird.

I ssh as root from one box to another (there are keys involved), and I go
to vi a file, such as
# line 1 #
# line 2 #
# line 3
# line 4

And what I see in vi is
# line 3
# line 4

BUT, if I scroll the cursor over each line with the arrow key... I see all
four lines. I've also looked at another file, and same thing. Just checked
it out on the server I ssh'd in from, and no problem.  And now, I just
ssh'd in from another windows, same way... and the weirdness isn't there.

Anyone have any clues as to what's going on with that one session?

 mark

file

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] username.pem

[m . roth]

Hi, folks,

   Our system gets/creates /var/lib/ssh-x509-auth/,pem, then
deletes it when the log out. selinux (in permissive mode) complains.
First, I changed the context to cert_t, and *now* it complains that
ksh93 wants write, etc access on the directory. grep ssh-x509-auth
/var/log/audit/audit.log | audit2allow offers me this:
#= sshd_t ==
allow sshd_t cert_t:dir write;
allow sshd_t var_lib_t:file { write getattr create open ioctl };

So: first, is this an expected behavior; second, is that the correct
fcontext, and, finally, is it safe for me to create this as a local
policy?

Thanks in advance.

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] disk utility showing message "the partition is misaligned by"

[m . roth]

Leon Fauster wrote:
> Am 22.04.2016 um 12:40 schrieb g :
>> centos 6.7 [current]
>> 'disk utility' has started showing message;
>>
>>  WARNING: The partition is misaligned by 2560 bytes. This may
>>  result in very poor performance. Repartitioning is suggested.
>> for sdc5 - /home partition.
>>
>>  /dev/sdc5  302243312 156348604 130534968  55% /home
>>  /dev/sdc7   80854912 57088  76683952   1% /hdd/c/07

>> gparted was used to partition drive. is pmagic live a better choice,
>> or should i return fdisk because;

1. fsck won't do anything at the lower level of partitioning.
2. A few years ago I personally tested this, and yes, an aligned partition
*does* make a significant difference in access time.
3. I've only used gparted once or twice. In user-surly parted, you want to
run it as
  $ parted -a opt /dev/sdc
then, when mkpart, be sure to use start and end as something like
x.0GB, +x.0GB,
and parted will do the alignment correctly. (As opposed to only
telling you
that the alignment is not optimal, rather than *telling* you what you
should be
doing to make it optimal.)

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Dual boot C7 with Window 10

[m . roth]

Jerry Geis wrote:
> Thanks...
> I added the "insmod ntfs" re-ran config no boot...
> I change the hd1 to hd3 re-ran config no boot...
> This is what my partition table looks like.
> # Start  EndSize  TypeName
>  1 2048   534527260M  EFI System  EFI system
partition 2   534528   567295 16M  Microsoft reser
Microsoft reserved
> partition
>  3   567296525326335  250.2G  Microsoft basic Basic data
partition 4998166528   1000214527   1000M  Windows recover Basic data
partition 5525326336525330431  2M  BIOS boot parti
>  6525330432965732351210G  Microsoft basic
>  7965732352982509567  8G  Linux swap
> Thoughts?

I haven't been following this, and perhaps I'm being dense... but I see
BIOS boot partition, and I see 8G of Linux swap... where's the Linux /boot
and / partitions?

 mark

PS: *FSCK* ix.manitu










___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how do I use only black ink? success

[m . roth]

Michael Hennebry wrote:
> On Sun, 17 Apr 2016, Michael Hennebry wrote:
>
>> On Sun, 17 Apr 2016, Michael Hennebry wrote:
>>
>>> I have an HP Photosmart C3180 All-in-one.
>>> As I haven't had any need for color lately,
>>> when I last replaced ink, I only replaced the black cartridge.
>>> It didn't work, even when printing grayscale-only images,
>>> even when telling print-set-up grayscale-only.
>>
>> To be precise: Black lines were black,
>> but pale gray areas were an even paler yellow.
>> I've just discoverd that the printer does
>> the right thing with text from a pdf.
>> The black ink cartridge is getting used,
>> just not enough.
>
> Much to my surprise, the color option black only grayscale
> does what I want when printing from a GUI.

Have you gone to the CUPS page (http://localhost:631), to the printer, and
see if there's an option for grayscale only?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Free Redhat Linux (rhel) version 7.2

[m . roth]

Peter Q. wrote:
> it's sounds good!
>
> What about price?
> On Apr 12, 2016 2:56 PM, "Lamar Owen"  wrote:
>
>> You can get RHEL on Dell Precision mobile workstations.  Laptops, just
>> higher end.

They're not outrageous, for business-class machines; they're more than
consumer-grade, but that is, generally, crappy.

The nice one I was looking at last year, before the turkey with Them told
me "sorry, it was too late to get that, here, take this, it's good...",
was in the $2k-$2700 range, an actual workstation, 7?00 model, NVidia
video card, reasonable memory.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Free Redhat Linux (rhel) version 7.2

[m . roth]

Valeri Galtsev wrote:
>
> On Tue, April 12, 2016 1:43 pm, Always Learning wrote:
> 
> In US you can buy some laptops without MS Windows OS (read: with Linux,
> most likely Ubuntu) from some small manufacturers... I believe, one


I *think* you can buy Dell laptops with no o/s.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Slow authentication on C7

[m . roth]

James Hogarth wrote:
> On 12 Apr 2016 16:29, "Scott Robbins"  wrote:
>> On Tue, Apr 12, 2016 at 09:45:17AM +0200, Marcin Trendota wrote:
>> > W dniu 11.04.2016 o 20:07, Scott Robbins pisze:

> After various testing I ended up going with the Apache LDAP cache module
> and doing the auth at the Apache level, not system.
>
> Was far better in performance with the SVN server being hit
> fairly hard. I can try and dig out an example configuration if
> you would like.
>
> The bonus here as well is that svn users are separated cleanly
>  from system users... No reason for a dev to have a shell account
> on there ;)

I'd be *very* interested in that configuration, if you post it here, or
offlist, to me.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, selinux issue

[m . roth]

I'm seeing a lot of noise in the logs, to the effect of:
setroubleshoot: SELinux is preventing /bin/ksh93 from write access on the
directory /var/lib/ssh-x509-auth

as well as others related to find, cat, etc on .pem's in that directory.
Is this a policy bug, or just no policy covering this?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7 annoyances

[m . roth]

So, tell me folks, when you've got a system that isn't coming all the way
up, and you get to the grub2? dracut? shell, and you tell it to reboot,
and it responds by telling you I'm sorry, Dave, I can't do that, "target
is destructive", what are you *expected* to do, other than power cycle the
damn thing?

   mark



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, rsync problem

[m . roth]

Oddity: rsync *should* be recursing, and dealing with very large number of
files. It works, going from box a to box b. But when I try to back b up to
c, it fails, 100%, complaining of "out of hashtable space [sender]". I've
tried adding -r, and changing --delete to --delete-delay, and no joy.

All boxes are current, or fairly current, CentOS 7.

Anyone got any thoughts on the matter?

mark

-- 
I *hate* nixspam



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-announce Digest, Vol 133, Issue 12

[m . roth]

Johnny Hughes wrote:
> On 03/25/2016 08:39 AM, m.r...@5-cent.us wrote:
>> centos-announce-requ...@centos.org wrote:
>> 
>>>
>>> Today's Topics:
>>>
>>>1. CESA-2016:0511 Critical CentOS 6  java-1.7.0-openjdk Security
>>>   Update (Johnny Hughes)
>>>2. CESA-2016:0514 Important CentOS 6 java-1.8.0-openjdk Security
>>>   Update (Johnny Hughes)
>> 
>>
>> Hey, Johnny,
>>
>>Are there two updates for openjdk, or just one?
>>
> There is one for java-1.7.0-openjdk and one for java-1.8.o-oepnjdk for
> both CentOS-6 and CentOS-7 .. as both are being maintained.  You may or
> may not have both installed.

Thanks, guy. I shouldn't have posted without a) having the caffeine hit
the bloodstream first

mark


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd behavior of a CentOS 7 box after repair of an external RAID

[m . roth]

Valeri Galtsev wrote:
> On Fri, March 25, 2016 10:45 am, m.r...@5-cent.us wrote:
>> Valeri Galtsev wrote:
>>> On Fri, March 25, 2016 9:55 am, m.r...@5-cent.us wrote:
 I don't think I've seen this with CentOS 6 or 5, but I had to repair
 an external RAID box this morning. The server, running CentOS 7, has an
 LSI HBA card in it, and it's presented to the system as /dev/sdb.
 I shut off the RAID controller, powered it off,

>> No - I've never done that. With hot-swap drive bays, the system sees it
>> going out, and says so, and then the drive goes away, or becomes
>> inactive... but when I shove one back in, it sees it, though it may make
>> it as /dev/sd[letter+1] (that is, if it had been /dev/sdb, it's now
>> /dev/sdc).
>
> Then we will need real expert to chime in on this...

Yeah, I was wondering about, what, dbus? dracut?

>> As I said, I expected the scsi-rescan-bus to clear it up, but though it
>> saw it, nothing changed.
>
> Did you do scsi-rescan-bus after you disconnected the device, and then
> again after you connected it back? I'm just shooting in a dark, but the

No. I didn't think of doing that, because I thought that once I'd shut the
RAID controller down, and powered it off, the system would have noticed.

> first one probably will remove the device that disappeared, and the second
> will add the device back. And it may do nothing about devices that exist

That might have worked; certainly, it's a thought to keep in mind for the
future (he says, pushing it onto the stack).

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd behavior of a CentOS 7 box after repair of an external RAID

[m . roth]

Valeri Galtsev wrote:
>
> On Fri, March 25, 2016 9:55 am, m.r...@5-cent.us wrote:
>> I don't think I've seen this with CentOS 6 or 5, but I had to repair an
>> external RAID box this morning. The server, running CentOS 7, has an
>> LSI HBA card in it, and it's presented to the system as /dev/sdb.
>> I shut off the RAID controller, powered it off,
>
> You did unmount filesystem on the machine before that, right?

Of course!
>
>> did the repair, then plugged everything back in (that includes the two
>> fiber cables and the ethernet), and brought the RAID back up. I even
>> used its web page to restart the controller (in the RAID box.
>>
>> I couldn't remount the drive until I rebooted the server.
>
> Before powering off/disconnecting RAID box, did you remove resembling SCSI
> device? this is done if my memory doesn't fail me by doing this:
>
> echo 1 > /sys/class/scsi_device/6:0:0:0/device/delete

No - I've never done that. With hot-swap drive bays, the system sees it
going out, and says so, and then the drive goes away, or becomes
inactive... but when I shove one back in, it sees it, though it may make
it as /dev/sd[letter+1] (that is, if it had been /dev/sdb, it's now
/dev/sdc).
>
> (replace "6:0:0:0" with your device's address). If you didn't remove the
> device before powering it off, I'm not surprised. If you did remove the
> device before powering it off, I'm puzzled ;-)

As I said, I expected the scsi-rescan-bus to clear it up, but though it
saw it, nothing changed.

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Odd behavior of a CentOS 7 box after repair of an external RAID

[m . roth]

I don't think I've seen this with CentOS 6 or 5, but I had to repair an
external RAID box this morning. The server, running CentOS 7, has an  LSI
HBA card in it, and it's presented to the system as /dev/sdb. I shut off
the RAID controller, powered it off, did the repair, then plugged
everything back in (that includes the two fiber cables and the ethernet),
and brought the RAID back up. I even used its web page to restart the
controller (in the RAID box.

I couldn't remount the drive until I rebooted the server.

I tried scsi-rescan-bus, and nothing. In the logs, I saw it try to mount
it, then unmount it, and complain that the drive wasn't active.

I was expecting it to act like a hot-swap device. Any clues as to why,
rather than see it removed, it continued to see it as "inactive"?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS-announce Digest, Vol 133, Issue 12

[m . roth]

centos-announce-requ...@centos.org wrote:

>
> Today's Topics:
>
>1. CESA-2016:0511 Critical CentOS 6java-1.7.0-openjdk Security
>   Update (Johnny Hughes)
>2. CESA-2016:0514 Important CentOS 6   java-1.8.0-openjdk Security
>   Update (Johnny Hughes)


Hey, Johnny,

   Are there two updates for openjdk, or just one?

   mark



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C5 MySQL injection attack ("Union Select")

[m . roth]

John,

John R Pierce wrote:
> On 3/24/2016 7:48 AM, m.r...@5-cent.us wrote:
>> We seem to be moving to postgresql. I find I do not like it - it's much
>> more of a pain to work with than mysql is. Do you have any opinions
>> about meria d/b? Are there improvements over the flaws you're aware
>> of with mysql?
>
> and I find mysql a real pain to work with.
>
> the biggest difference is, postgresql is much stricter about data
> types.   it will not, for example, allow you to store 2015-02-30 as a
> date.   also, postgres is very strict about the atomicity of
> transactions, its all or nothing.

And I have serious issues trying to figure out the structure of, say, the
barios d/b. But I did NOT ask for a comparison to postgresql, or care to
have any kind of argument about it at all. I was asking about mariadb vs.
mysql.

Oh, and the link I posted, to MySQL gotchas, that was last updated in '14?
I tried emailing them, at the link they gave, and my email bounced.

mark
   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C5 MySQL injection attack ("Union Select")

[m . roth]

Valeri Galtsev wrote:
>
> On Thu, March 24, 2016 10:32 am, Alice Wonder wrote:
>> On 03/24/2016 08:28 AM, m.r...@5-cent.us wrote:

> Ok, do you have a link or two to info about that?

 Mark, you seemed to snip away the link to presentation on youtube :

 https://www.youtube.com/watch?v=1PoFIohBSM4

Ok, now I *really* dislike videos. Since I'm not at home, and not putting
the video on a 42" TV, I *CANNOT* read most of what they're typing, and
the system responses not at all.

However, if, just before the video goes from the lead page announcing
"postgresql" to the video of them typing, for about a 3 sec pause, you
freeze the video, it says "this is from


Great, so here's the text. And I start reading
Excerpt:
he MySQL database server is being continually improved. Some gotchas
described here are no longer relevant for the latest versions; in these
cases the version numbers affected are noted at the top of each section.
As a rule gotchas have been tested against the most recent stable versions
from the 3.23.x, 4.0.x and 4.1.x series.
--- end excerpt ---

It says, at the bottom, that it was last updated in 2014.

When did mysql 5.0 come out - five years ago? more? Oh, sorry, I google
mysql 5.0 release, and I find release notes for 5.0.24... from TEN YEARS
AGO.

I don't really feel like testing out some of the site's gotcha in the
mysql we have running here... but everything here is from the std. base
repo, and for CentOS 6, is 5.1.73-5.

 mark

So, I don't have a lot of confidence in the gotchas, until I test it, or
find someone who's tested them in the last 10 years against the main
branch.

 mark


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C5 MySQL injection attack ("Union Select")

[m . roth]

Valeri Galtsev wrote:
>
> On Thu, March 24, 2016 9:48 am, m.r...@5-cent.us wrote:
>> Valeri Galtsev wrote:
>>> On Wed, March 23, 2016 10:21 pm, Always Learning wrote:
 mysql  Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (x86_64) using
 readline 5.1
>> >
>>> Indeed. There are several flaws in how mysql handles data. This is why
>>
>> Ok, do you have a link or two to info about that?
>
> Mark, you seemed to snip away the link to presentation on youtube :
>
> https://www.youtube.com/watch?v=1PoFIohBSM4
>
Oh. I really dislike videos of people explaining something I could read,
if they'd just typed it up (I mean the author, not you). But I suppose
I'll watch it.

>> We seem to be moving to postgresql.
>
> Great!
>
>> I find I do not like it - it's much
>> more of a pain to work with than mysql is. Do you have any opinions
>> about meria d/b? Are there improvements over the flaws you're aware
>> of with mysql?
>
> Mariadb being a fork of mysql likely inherited mysql's "inconsistencies".
> Not that I would say mysql (and mariadb surely) folks are not working on
> improvements. E.g., the default installation of latest mysql does not have
> any accounts with empty password (I was weeding these away for years with
> every new installation of mysql. Oh, well, maybe I'm wrong, as this I just
> had seen fixed on FreeBSD, so it is possible that package maintainer did
> this nice cleaning). I'm not the one who can have any opinion on something
>  (mariadb) which he doesn't use, still...

Well, remember that it was forked after the Evil Empire took over mysql. I
just wonder if Oracle is *not* fixing some security issues... because they
obviously want you to "fix" that problem by simply buying Oracle. With
that train of thought, that's why I'm wondering if the mariad/b team *is*
fixing the issues.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C5 MySQL injection attack ("Union Select")

[m . roth]

Valeri Galtsev wrote:
> On Wed, March 23, 2016 10:21 pm, Always Learning wrote:
>> mysql  Ver 14.12 Distrib 5.0.95, for redhat-linux-gnu (x86_64) using
>> readline 5.1
>
> Indeed. There are several flaws in how mysql handles data. This is why to

Ok, do you have a link or two to info about that?

> the best of my ability I am trying to avoid mysql, and use postgresql if
> whatever chunk of software I need is designed to work also with
> postgresql. And I recommend developers I work with/for the same (to use

We seem to be moving to postgresql. I find I do not like it - it's much
more of a pain to work with than mysql is. Do you have any opinions about
meria d/b? Are there improvements over the flaws you're aware of with
mysql?


mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Very odd issue w/ a CentOS 6 system

[m . roth]

Phil Wyett wrote:
> On Wed, 2016-03-23 at 15:16 -0400, m.r...@5-cent.us wrote:
>> Phil Wyett wrote:
>> > On Wed, 2016-03-23 at 10:26 -0400, m.r...@5-cent.us wrote:
>> 
>> >> >
>> >> > What is the make/model of the card?
>> >> lspci says:
>> >> Brooktree Corporation Bt878 Audio Capture (rev 11)
>> >> >
>> >> > Are you supplying options when loading the bttv module?
>> >>
>> >> On and off, I've been googling to find if there's something I can
>> tell
>> >> it,or the kernel on boot. Currently, I have, in /etc/modprobe.d/bttv:
>> >> options i2c-algo-bit bit_test=1
>> >> options bttv gbuffers=16 card=98,98,98,98,98,98,98,98
>> >> radio=0,0,0,0,0,0,0,0 tuner=4,4,4,4,4,4,4,4 chroma_agc=1 combfilter=2
>> >> full_luma_range=1 coring=1
>> >
>> > The options line 1 is used widely and only worth changing if all else
>> > fails.
>> >
>> > The second options line option of combfilter by docs indicate there is
>> > no 2 option and is enabled by default, so you can remove that option
>> to
>> > test.
>> >
>> > I would enable two possible compatibility options and see if that
>> helps.
>> >
>> > triton1=0/1 - for Triton1 (+others) compatibility.
>> >
>> > vsfx=0/1 - yet another chipset bug compatibility bit
>> >
>> > The triton1 insmod option sets the EN_TBFX bit in the control
>> register.
>> > The vsfx insmod option does the same for EN_VSFX bit. If you have
>> > stability problems you can try if one of these options makes your box
>> > work solid.
>> >
>> > Source:
>> http://xawdecode.sourceforge.net/aideUS/htmlpage/BTTV-param.htm
>> >
>>
>> Ok, I've been doing some research, partly refreshing my memory, since we
>> bought these 2-3 years ago. As you note, above, it *says* it's an iTuner
>> Spectra8; *however*, when I look at bttv-cards.c, what I see is that
>> *it*
>> thinks that such a card has *one* video and one audio. In fact, this is
>> a
>> Bt878, and it has *four* inputs for each, with four chips on the card,
>> one
>> for each channel. The nearest thing to it *appears* to be a Provideo
>> PV150, card=98 (which is why I have that card= line in the bttv.conf).
>>
>> Now that I'm thinking about it, and while googling, I looked for the
>> provideo 150, and what *should* have been the link took me to one for a
>> provideo 950, with *16* inputs. Does anyone have opinions on:
>>   1. should I change the card-, radio=, and tuner= to only have four,
>> instead of 8, values? I realize that it multiplexes for 8, but
>>   2. What is "coring"?
>>
>>mark
>
> Hi Mark,
>
> It did specify spectra 8 in your lspci output. Below is product page.
>
> http://www.ituner.com/spectra.htm
>
> In my research I did find this related page.
>
> http://www.linuxconsulting.ro/spectra8/
>
> This does state that with latest internal driver, it is detected and
> works as the ProVision 150. The card=98,... is correct.
>
> The matter of reducing all the settings to 4 rather than 8 may help.
>
> coring is a luma setting. See:
>
> https://www.linuxtv.org/wiki/index.php/Bttv#insmod_Options
>
> Not sure and someone else maybe can shed better light on the setting. By
> default it is disabled and I would tend to think it can be removed.
>
Any thoughts on the number of buffers?

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Very odd issue w/ a CentOS 6 system

[m . roth]

Phil Wyett wrote:
> On Wed, 2016-03-23 at 10:26 -0400, m.r...@5-cent.us wrote:

>> >
>> > What is the make/model of the card?
>> lspci says:
>> Brooktree Corporation Bt878 Audio Capture (rev 11)
>> >
>> > Are you supplying options when loading the bttv module?
>>
>> On and off, I've been googling to find if there's something I can tell
>> it,or the kernel on boot. Currently, I have, in /etc/modprobe.d/bttv:
>> options i2c-algo-bit bit_test=1
>> options bttv gbuffers=16 card=98,98,98,98,98,98,98,98
>> radio=0,0,0,0,0,0,0,0 tuner=4,4,4,4,4,4,4,4 chroma_agc=1 combfilter=2
>> full_luma_range=1 coring=1
>
> The options line 1 is used widely and only worth changing if all else
> fails.
>
> The second options line option of combfilter by docs indicate there is
> no 2 option and is enabled by default, so you can remove that option to
> test.
>
> I would enable two possible compatibility options and see if that helps.
>
> triton1=0/1 - for Triton1 (+others) compatibility.
>
> vsfx=0/1 - yet another chipset bug compatibility bit
>
> The triton1 insmod option sets the EN_TBFX bit in the control register.
> The vsfx insmod option does the same for EN_VSFX bit. If you have
> stability problems you can try if one of these options makes your box
> work solid.
>
> Source: http://xawdecode.sourceforge.net/aideUS/htmlpage/BTTV-param.htm
>

Ok, I've been doing some research, partly refreshing my memory, since we
bought these 2-3 years ago. As you note, above, it *says* it's an iTuner
Spectra8; *however*, when I look at bttv-cards.c, what I see is that *it*
thinks that such a card has *one* video and one audio. In fact, this is a
Bt878, and it has *four* inputs for each, with four chips on the card, one
for each channel. The nearest thing to it *appears* to be a Provideo
PV150, card=98 (which is why I have that card= line in the bttv.conf).

Now that I'm thinking about it, and while googling, I looked for the
provideo 150, and what *should* have been the link took me to one for a
provideo 950, with *16* inputs. Does anyone have opinions on:
  1. should I change the card-, radio=, and tuner= to only have four,
instead of 8, values? I realize that it multiplexes for 8, but
  2. What is "coring"?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Very odd issue w/ a CentOS 6 system

[m . roth]

Hi, Phil,

Phil Wyett wrote:
> On Wed, 2016-03-23 at 10:26 -0400, m.r...@5-cent.us wrote:
>> Phil Wyett wrote:
>> > On Wed, 2016-03-23 at 09:20 -0400, m.r...@5-cent.us wrote:
>> >> Now, this is one we have an issue with: it's got a bttv card, and
>> >> motion running on it. It's a Dell PE R720. For some reason, it has
>> >> never liked the card: 20 min after reboot, it says fatal bus
>> >>  error... but nothing's wrong, and it runs just fine. Well, except
>> >> that we need to keep it on the 2.6.32-431.20.3 kernel,
>> >>  because *everything* later, it randomly starts rebooting, several
>> >> times a day.
>> 
>> >
>> > What is the make/model of the card?
>> lspci says:
>> Brooktree Corporation Bt878 Audio Capture (rev 11)

Let me add to that: lspci -s  -vv gives me this
05:00.0 Multimedia video controller: Brooktree Corporation Bt878 Video
Capture (rev 11)
Subsystem: iTuner Spectra8 CardA Input0
Control: I/O- Mem+ BusMaster+ SpecCycle- MemWINV- VGASnoop-
ParErr+ Stepping- SERR+ FastB2B- DisINTx-
Status: Cap+ 66MHz- UDF- FastB2B+ ParErr- DEVSEL=medium >TAbort-
SERR- > >
>> > Are you supplying options when loading the bttv module?
>>
>> On and off, I've been googling to find if there's something I can tell
>> it,
>> or the kernel on boot. Currently, I have, in /etc/modprobe.d/bttv:
>> options i2c-algo-bit bit_test=1
>> options bttv gbuffers=16 card=98,98,98,98,98,98,98,98
>> radio=0,0,0,0,0,0,0,0 tuner=4,4,4,4,4,4,4,4 chroma_agc=1 combfilter=2
>> full_luma_range=1 coring=1

>
> The options line 1 is used widely and only worth changing if all else
> fails.

Ok, thanks.
>
> The second options line option of combfilter by docs indicate there is
> no 2 option and is enabled by default, so you can remove that option to
> test.
>
> I would enable two possible compatibility options and see if that helps.
>
> triton1=0/1 - for Triton1 (+others) compatibility.
>
> vsfx=0/1 - yet another chipset bug compatibility bit
>
> The triton1 insmod option sets the EN_TBFX bit in the control register.
> The vsfx insmod option does the same for EN_VSFX bit. If you have
> stability problems you can try if one of these options makes your box
> work solid.
>
> Source: http://xawdecode.sourceforge.net/aideUS/htmlpage/BTTV-param.htm

Thanks very much. I'll try those as I have the chance; unfortunately, it's
not something I can do frequently, as the server's in use, and exporting
project directories to users... oh, and it is actually running motion for
surveillance of the room...

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Very odd issue w/ a CentOS 6 system

[m . roth]

Phil Wyett wrote:
> On Wed, 2016-03-23 at 09:20 -0400, m.r...@5-cent.us wrote:
>> Now, this is one we have an issue with: it's got a bttv card, and motion
>> running on it. It's a Dell PE R720. For some reason, it has never liked
>> the card: 20 min after reboot, it says fatal bus error... but nothing's
>> wrong, and it runs just fine. Well, expect that we need to keep it on
>> the 2.6.32-431.20.3 kernel, because *everything* later, it randomly starts
>> rebooting, several times a day.

>
> What is the make/model of the card?
lspci says:
Brooktree Corporation Bt878 Audio Capture (rev 11)
>
> Are you supplying options when loading the bttv module?

On and off, I've been googling to find if there's something I can tell it,
or the kernel on boot. Currently, I have, in /etc/modprobe.d/bttv:
options i2c-algo-bit bit_test=1
options bttv gbuffers=16 card=98,98,98,98,98,98,98,98
radio=0,0,0,0,0,0,0,0 tuner=4,4,4,4,4,4,4,4 chroma_agc=1 combfilter=2
full_luma_range=1 coring=1

which is something I got from googling as to how to get it working. Think
there's something in that - the first line? that is not a good thing?

  mark

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Very odd issue w/ a CentOS 6 system

[m . roth]

Now, this is one we have an issue with: it's got a bttv card, and motion
running on it. It's a Dell PE R720. For some reason, it has never liked
the card: 20 min after reboot, it says fatal bus error... but nothing's
wrong, and it runs just fine. Well, expect that we need to keep it on the
2.6.32-431.20.3 kernel, because *everything* later, it randomly starts
rebooting, several times a day.

But we've never had anything like this, and I've never seen anything like
this: the bttv module was throwing a ton of IRQ lockup errors. Restarting
motion didn't help. So I was wondering if the issue was with the bttv
kernel module, so I rmmoded that, then modprobe bttv... and that was all
she wrote. The system lost network connectivity.

Ok, I go over to the rack, and plug in the monitor-on-a-stick, and that's
where it got very strange, and I've never seen anything like this: I turn
up the monitor... and see it announcing it had seen a new USB device (the
keyboard)... and no login, it kept printing
copying data  [%]
When it hit 100%, it rebooted.

So - has anyone ever seen this behavior? Anyone have an idea what it was
copying?

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] rpmbuild annoyance

[m . roth]

I'm building a package (rasmol, if you must know) from an srpm. It's an
FC20 pkg, nothing older, but the software itself hasn't changed. So... I
try the build, and it fails, telling me:
gcc: %__global_ldflags: No such file or directory
make: *** [rasmol] Error 1

Now, this isn't a brand-new package, so I'm puzzled by the error. Is there
supposed to be something I need to add to the rpmbuild command line,
or...?

Clues for the poor.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, systemd, nmcli, wifi, oh, my...

[m . roth]

John R Pierce wrote:
> On 3/21/2016 1:36 PM, m.r...@5-cent.us wrote:
>> I've been googling, but haven't come up with a satisfactory answer to
>> the question of how I permanently turn off wifi on a workstation or
>> server (which are*all*  hardwired).
>>
>> I see I can turn wifi off... but I don't know that it's permanent.
>
> wifi on a server?!?never ever seen such a thing.
>
> and any wifi on a desktop workstation that I've ever seen has been on a
> pci-e card.

No, not that *any* of them have it on, it's that NM is factory-set to try
to bring it up. Which is obviously annoying. Having to turn off
avahi-daemon is another of my annoyances.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, systemd, nmcli, wifi, oh, my...

[m . roth]

I've been googling, but haven't come up with a satisfactory answer to the
question of how I permanently turn off wifi on a workstation or server
(which are *all* hardwired).

I see I can turn wifi off... but I don't know that it's permanent.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPSec multiple VPN setups

[m . roth]

Glenn Pierce wrote:
> Yes reinstall. I get you have to purchase a new instance for a time to
> move over.

I'd figure that they just move you to an instance that's already running a
newer version of the o/s, giving you time to test for breakage. I really
don't see them charging, except, possibly, for running in parallel during
testing.

   mark
>
> -Original Message-
> From: "Eero Volotinen" 
> Sent: ‎21/‎03/‎2016 18:38
> To: "CentOS mailing list" 
> Subject: Re: [CentOS] IPSec multiple VPN setups
>
> err. upgrades?
>
> You mean reinstall? As upgrading between major releases are not supported
> in any way on centos / rhel and clones..
>
> --
> Eero
>
> 2016-03-21 20:33 GMT+02:00 :
>
>> Glenn Pierce wrote:
>> > I asked about upgrading once and got no reply. Does anyone have
>> experience
>> > of having a hosted centos upgraded on a virtual server. Would you
>> usually
>> > have to pay for a transition instance ?
>> >
>> I pay for my own hosting (5-cent.us) at hostmonster. They've done
>> upgrades, and they announced it to *me*, and no, I didn't pay anything.
>> And I'm just a "consumer grade" - something like $6US/month.
>>
>> I would expect *far* more for commercial hosting.
>>
>>   mark
>>
>> > -Original Message-
>> > From: "Eero Volotinen" 
>> > Sent: ‎21/‎03/‎2016 18:11
>> > To: "CentOS mailing list" 
>> > Subject: Re: [CentOS] IPSec multiple VPN setups
>> >
>> > Memset.com ? In real world, rhel 5/centos 5 gets only critical
>> security
>> > patches.
>> >
>> > Eero
>> > 21.3.2016 7.54 ip.  kirjoitti:
>> >
>> >> Glenn Pierce wrote:
>> >> > Will ask my boss :) We are hosted on memset so not so easy to
>> update
>> >> >
>> >> > Thanks
>> >>
>> >> Um, wait a minute: you're hosted? And they haven't pushed you to 6
>> years
>> >> ago? They haven't sent warnings that 5 was hitting eol?
>> >>
>> >> Who are they, please? I want to make sure that if someone asks me
>> about
>> >> hosting, I can add that to places they should avoid.
>> >>
>> >> mark
>> >>
>> >> ___
>> >> CentOS mailing list
>> >> CentOS@centos.org
>> >> https://lists.centos.org/mailman/listinfo/centos
>> >>
>> > ___
>> > CentOS mailing list
>> > CentOS@centos.org
>> > https://lists.centos.org/mailman/listinfo/centos
>> > ___
>> > CentOS mailing list
>> > CentOS@centos.org
>> > https://lists.centos.org/mailman/listinfo/centos
>> >
>>
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPSec multiple VPN setups

[m . roth]

Eero Volotinen wrote:
> err. upgrades?
>
> You mean reinstall? As upgrading between major releases are not supported
> in any way on centos / rhel and clones..
>
Of course. Now, I haven't looked recently, but I do vaguely remember them
telling me they were moving me to an upgraded system; my website runs perl
CGI, and that's about it, the rest is *all* straight HTML, so I doubt I
would have noticed much.

  mark
> --
> Eero
>
> 2016-03-21 20:33 GMT+02:00 :
>
>> Glenn Pierce wrote:
>> > I asked about upgrading once and got no reply. Does anyone have
>> experience
>> > of having a hosted centos upgraded on a virtual server. Would you
>> usually
>> > have to pay for a transition instance ?
>> >
>> I pay for my own hosting (5-cent.us) at hostmonster. They've done
>> upgrades, and they announced it to *me*, and no, I didn't pay anything.
>> And I'm just a "consumer grade" - something like $6US/month.
>>
>> I would expect *far* more for commercial hosting.
>>
>>   mark
>>
>> > -Original Message-
>> > From: "Eero Volotinen" 
>> > Sent: ‎21/‎03/‎2016 18:11
>> > To: "CentOS mailing list" 
>> > Subject: Re: [CentOS] IPSec multiple VPN setups
>> >
>> > Memset.com ? In real world, rhel 5/centos 5 gets only critical
>> security
>> > patches.
>> >
>> > Eero
>> > 21.3.2016 7.54 ip.  kirjoitti:
>> >
>> >> Glenn Pierce wrote:
>> >> > Will ask my boss :) We are hosted on memset so not so easy to
>> update
>> >> >
>> >> > Thanks
>> >>
>> >> Um, wait a minute: you're hosted? And they haven't pushed you to 6
>> years
>> >> ago? They haven't sent warnings that 5 was hitting eol?
>> >>
>> >> Who are they, please? I want to make sure that if someone asks me
>> about
>> >> hosting, I can add that to places they should avoid.
>> >>
>> >> mark
>> >>
>> >> ___
>> >> CentOS mailing list
>> >> CentOS@centos.org
>> >> https://lists.centos.org/mailman/listinfo/centos
>> >>
>> > ___
>> > CentOS mailing list
>> > CentOS@centos.org
>> > https://lists.centos.org/mailman/listinfo/centos
>> > ___
>> > CentOS mailing list
>> > CentOS@centos.org
>> > https://lists.centos.org/mailman/listinfo/centos
>> >
>>
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPSec multiple VPN setups

[m . roth]

Glenn Pierce wrote:
> I asked about upgrading once and got no reply. Does anyone have experience
> of having a hosted centos upgraded on a virtual server. Would you usually
> have to pay for a transition instance ?
>
I pay for my own hosting (5-cent.us) at hostmonster. They've done
upgrades, and they announced it to *me*, and no, I didn't pay anything.
And I'm just a "consumer grade" - something like $6US/month.

I would expect *far* more for commercial hosting.

  mark

> -Original Message-
> From: "Eero Volotinen" 
> Sent: ‎21/‎03/‎2016 18:11
> To: "CentOS mailing list" 
> Subject: Re: [CentOS] IPSec multiple VPN setups
>
> Memset.com ? In real world, rhel 5/centos 5 gets only critical security
> patches.
>
> Eero
> 21.3.2016 7.54 ip.  kirjoitti:
>
>> Glenn Pierce wrote:
>> > Will ask my boss :) We are hosted on memset so not so easy to update
>> >
>> > Thanks
>>
>> Um, wait a minute: you're hosted? And they haven't pushed you to 6 years
>> ago? They haven't sent warnings that 5 was hitting eol?
>>
>> Who are they, please? I want to make sure that if someone asks me about
>> hosting, I can add that to places they should avoid.
>>
>> mark
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] IPSec multiple VPN setups

[m . roth]

Glenn Pierce wrote:
> To be fair its not highly sensitive info we are dealing with.
>
That doesn't matter. Do you drive a car that's leaking oil, and the engine
check light has been on for months, and just put gas in, and not worry
about adding more oil, or going to a mechanic?

   mark

> -Original Message-
> From: "Eero Volotinen" 
> Sent: ‎21/‎03/‎2016 17:51
> To: "CentOS mailing list" 
> Subject: Re: [CentOS] IPSec multiple VPN setups
>
> Err. Sounds like security nightmare.
> 21.3.2016 7.47 ip. "Glenn Pierce"  kirjoitti:
>
>> Will ask my boss :) We are hosted on memset so not so easy to update
>>
>> Thanks
>>
>> On 21 March 2016 at 17:36, Eero Volotinen  wrote:
>> > Centos 5 is still soon end of life. Using it as ipsec gateway is ..
>> >
>> > Eero
>> > 21.3.2016 7.25 ip. "Mike - st257"  kirjoitti:
>> >
>> >> On Mon, Mar 21, 2016 at 1:17 PM, Mike - st257
>> 
>> >> wrote:
>> >>
>> >> > I second Eero's comment, use a new IPSec daemon.
>> >> >
>> >> > Openswan was forked and became Libreswan. Paul, now a RH employee,
>> was a
>> >> > main developer for the Openswan project before he and others
>> created
>> the
>> >> > Libreswan fork.
>> >> > https://libreswan.org/
>> >> >
>> >> > EL6 has Openswan
>> >> > EL7 has Libreswan
>> >> >
>> >> > Racoon isn't all that fun to work with.
>> >> > If you have the option, ditch it and EL5 and move to a newer
>> platform
>> >> > (preferably EL7 with Libreswan).
>> >> >
>> >>
>> >> There's an RPM spec file (though I've not used it) for building
>> Openswan
>> >> for EL5.
>> >> https://github.com/xelerance/Openswan/tree/master/packaging/centos5
>> >>
>> >> Additionally, here's some info but I advise against the Racoon IPSec
>> >> daemon.
>> >>
>> >>
>> https://www.centos.org/docs/5/html/5.2/Deployment_Guide/sec-racoon-conf.html
>> >> https://wiki.debian.org/IPsec
>> >>
>> >>
>> >> >
>> >> >
>> >> > On Mon, Mar 21, 2016 at 1:08 PM, Eero Volotinen <
>> eero.voloti...@iki.fi>
>> >> > wrote:
>> >> >
>> >> >> Yes you can. Please use newer version of centos and
>> strong/openswan.
>> >> >>
>> >> >> Eero
>> >> >> 21.3.2016 7.05 ip. "Glenn Pierce" 
>> kirjoitti:
>> >> >>
>> >> >> > Hi I hope someone can answer something I'm sure is quite basic.
>> >> >> >
>> >> >> > I am following the instructions at
>> >> >> >
>> https://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-vpn.html
>> >> >> > On setting up a VPN
>> >> >> >
>> >> >> > The part I am having trouble with is when it show the
>> >> >> > /etc/racoon/racoon.conf file.
>> >> >> > But it doesn't say whay you have to do with this file.
>> >> >> >
>> >> >> > When I bring up my connection
>> >> >> >
>> >> >> > ifup bicester
>> >> >> >
>> >> >> > I get
>> >> >> > RTNETLINK answers: No such device
>> >> >> >
>> >> >> > looking at /var/messages I see
>> >> >> >
>> >> >> > ERROR: failed to bind to address 127.0.0.1[500] (Address already
>> in
>> >> >> use).
>> >> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
>> *.*.*.*[500]
>> >> >> > (Address already in use).
>> >> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
>> *.*.*.*[500]
>> >> >> > (Address already in use).
>> >> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
>> *.*.*.*[500]
>> >> >> > (Address already in use).
>> >> >> > Mar 21 17:01:05  racoon: ERROR: failed to bind to address
>> ::1[500]
>> >> >> > (Address already in use).
>> >> >> > Mar 21 17:01:05  racoon: INFO:
>> fe80::bcef:4fff:fe66:82ec%eth0[500]
>> >> >> > used as isakmp port (fd=25)
>> >> >> >
>> >> >> > There was an existing setup done long ago.
>> >> >> >
>> >> >> > How can I setup more than one vpn connection (manually as this
>> is a
>> >> >> > headless server)
>> >> >> > or is that not possible ?
>> >> >> >
>> >> >> > Thanks for any pointers
>> >> >> > ___
>> >> >> > CentOS mailing list
>> >> >> > CentOS@centos.org
>> >> >> > https://lists.centos.org/mailman/listinfo/centos
>> >> >> >
>> >> >> ___
>> >> >> CentOS mailing list
>> >> >> CentOS@centos.org
>> >> >> https://lists.centos.org/mailman/listinfo/centos
>> >> >>
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > ---~~.~~---
>> >> > Mike
>> >> > //  SilverTip257  //
>> >> >
>> >>
>> >>
>> >>
>> >> --
>> >> ---~~.~~---
>> >> Mike
>> >> //  SilverTip257  //
>> >> ___
>> >> CentOS mailing list
>> >> CentOS@centos.org
>> >> https://lists.centos.org/mailman/listinfo/centos
>> >>
>> > ___
>> > CentOS mailing list
>> > CentOS@centos.org
>> > https://lists.centos.org/mailman/listinfo/centos
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
> 

Re: [CentOS] IPSec multiple VPN setups

[m . roth]

Glenn Pierce wrote:
> Will ask my boss :) We are hosted on memset so not so easy to update
>
> Thanks

Um, wait a minute: you're hosted? And they haven't pushed you to 6 years
ago? They haven't sent warnings that 5 was hitting eol?

Who are they, please? I want to make sure that if someone asks me about
hosting, I can add that to places they should avoid.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos and automatic update on server

[m . roth]

Sorry,  accidentally got hit before I finished.

m.r...@5-cent.us wrote:
> Alessandro Baggi wrote:
>> Hi list, I know that there are automatic update with yum-cron but never
>> tried.
>> In my experiences I never did automatic backup because if update was
>> broken
>> my installation will be broken and I wait some time before apply update.
>> Today seems to be that automatic update are used more than before.
>> What do you think about automatic update? It is a good practice on a
>> server? What is your experiences?
>
> 1. Under *NO* *CIRCUMSTANCES* would I *ever* have that running on
> a production machine. That's what test boxes are for.
> 2. If it was my own machine at home, thanks, but I want to wake up,
> or come home, to a guaranteed working system. I'll update, so
> I can always undo.

  3. Systems like backup servers, etc, sure. They're not critical.
  4. We don't do it on users' systems unless we're *sure* that
it won't break something.

Finally, on systems where there is a concern that something might break,
like video drivers, we put excludes in /etc/yum.conf, and disable them
under controlled conditions (i.e., one of us is sitting there doing it.)

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos and automatic update on server

[m . roth]

Alessandro Baggi wrote:
> Hi list, I know that there are automatic update with yum-cron but never
> tried.
> In my experiences I never did automatic backup because if update was
> broken
> my installation will be broken and I wait some time before apply update.
> Today seems to be that automatic update are used more than before.
> What do you think about automatic update? It is a good practice on a
> server? What is your experiences?
>

1. Under *NO* *CIRCUMSTANCES* would I *ever* have that running on
a production machine. That's what test boxes are for.
2. If it was my own machine at home, thanks, but I want to wake up,
or come home, to a guaranteed working system. I'll update, so
I can always undo.

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 and display managers

[m . roth]

Valeri Galtsev wrote:
> On Fri, March 11, 2016 10:46 am, m.r...@5-cent.us wrote:
>> Richard wrote:
 Date: Friday, March 11, 2016 11:33:57 -0500
 From: m.r...@5-cent.us

 So, now that I've gotten that out, the KDE display manager, on the
 login screen, easily lets you choose window managers. Gnome utterly
 refuses to consider such an idea.

 I've just yum groupinstall "KDE Plasma Workspaces" on one of my
 user's new system... and I cannot figure out, not in googling, and
 there's nothing vaguely obvious anywhere, how to change to KDE from
 gnome.
>>>
>>> With gnome there is a "gear wheel" on the password entry page -- on
>>> the right below the password box, next to the "sign in" label. If I
>>> select it I can switch between gnome and mate. Does KDE show there as
>>> an option?
>>
>> Fascinating. Not in ours. It displays our issue, and in the upper left,
>> some icons that let you deal with sound, I think, connection, maybe, and
>> I forget what else.
>
> In my case the gear which when clicked of gives you drop down choices of
> Desktop Environments (DE) installed appears only after I click on
> particular user. In other words, when user has password field, he also has
> a gear to click on to choose DE.
>
> I hope, this helps.

Ah, that was it, it's not on the screen where you put in your username,
it's on the password screen. On the other hand, the easier solution was to
just create /etc/sysconfig/desktop, which did not exist, and add the two
lines to it.

Thanks, folks.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 and display managers

[m . roth]

Richard wrote:
>
>
>> Date: Friday, March 11, 2016 11:33:57 -0500
>> From: m.r...@5-cent.us
>>
>> So, now that I've gotten that out, the KDE display manager, on the
>> login screen, easily lets you choose window managers. Gnome utterly
>> refuses to consider such an idea.
>>
>> I've just yum groupinstall "KDE Plasma Workspaces" on one of my
>> user's new system... and I cannot figure out, not in googling, and
>> there's nothing vaguely obvious anywhere, how to change to KDE from
>> gnome.
>
> With gnome there is a "gear wheel" on the password entry page -- on
> the right below the password box, next to the "sign in" label. If I
> select it I can switch between gnome and mate. Does KDE show there as
> an option?

Fascinating. Not in ours. It displays our issue, and in the upper left,
some icons that let you deal with sound, I think, connection, maybe, and I
forget what else.

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7 and display managers

[m . roth]

Dear gnome developers - could you *possibly* be more anti-Unix? I mean,
thanks *so* much for trying to turn Linux into Windows or Macs


So, now that I've gotten that out, the KDE display manager, on the login
screen, easily lets you choose window managers. Gnome utterly refuses to
consider such an idea.

I've just yum groupinstall "KDE Plasma Workspaces" on one of my user's new
system... and I cannot figure out, not in googling, and there's nothing
vaguely obvious anywhere, how to change to KDE from gnome.

Anyone got a pointer?

mark, frustrated

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, ctrl-alt-bksp

[m . roth]

Fred Smith wrote:
> On Mon, Mar 07, 2016 at 11:25:30AM -0500, m.r...@5-cent.us wrote:
>> I've been googling, and looking at the CentOS wiki - which, btw, when I
>> do a full search on "control-alt-backspace", gives me three pages... in
>> Japanese, I think.
>>
>> How do I re-enable userspace restart X?
>>
> on the top panel, click SYSTEM / PREFERENCES/ HARDWARE / KEYBOARD
> from there, click the LAYOUT tab, then click the Options button.
> On my system, the eighth item from the top, on that screen, reads
> "Key sequence to kill the X server".
> Select that item, then check the resulting checkbox, click the Close
> button, and voila! you're done!
>
Is there any way I can configure it from a command line?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, ctrl-alt-bksp

[m . roth]

I've been googling, and looking at the CentOS wiki - which, btw, when I do
a full search on "control-alt-backspace", gives me three pages... in
Japanese, I think.

How do I re-enable userspace restart X?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] kernel parm question: MPS? pcie_bus_safe

[m . roth]

I'm fighting a long-standing problem: we've got a Dell PE R720 with a
BT878 card in it, running four surveillance cameras (it's a secure room).
Since I put the card in, within 20-30 min, the box's little LCD screen
goes orange, and complains "bus error" on the slot the card's in; I've
moved it to different slot, no joy. Note that the same card in an older
Penguin (rebranded Supermicro) has no issues.

Where it's been serious is for the last six or so months, if we use the
2.6.32-431.20.3.el6.x86_64 kernel, it pretty much stays up; every single
newer kernel, and it will start rebooting, a number of times per day.

So, I'm hoping to find a runtime kernel parm I can set, or it might be
something I can set using ipmitool. However, in googling, I found one or
two folks setting pcie_bus_safe to resolve what I see with ipmitool sel
list.

What I cannot find is what MPS is an acronym off... I've seen references
to metal performance shaders, and to an LSI fusion driver. Can someone set
me straight on this?

Any suggestions would also be very appreciated.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSL Update - not a security update???

[m . roth]

One more voice on this: we actually run the yum security plugin, several
times a week, and it does report things... and almost all our systems are
CentOS.

When I see something in there, just as when I see an announcement where
there are updates marked important, and esp. critical, we roll them out,
by themselves if possible, within days, as opposed to waiting until the
maintenance window, which could be 3.5 weeks away.

We only do the full updates during the maintenance window (or via
negotiation with a workstation owner)

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Any experiences with newer WD Red drives?

[m . roth]

Emmanuel Noobadmin wrote:
> Might be slightly OT as it isn't necessarily a CentOS related issue.
>
> I've been using WD Reds as mdraid components which worked pretty well
> for non-IOPS intensive workloads.
>
> However, the latest C7 server I built, ran into problems with them on
> on a Intel C236 board (SuperMicro X11SSH) with tons of "ata bus error
> write fpdma queued". Googling on it threw up old suggestions to limit
> SATA link speed to 1.5Gbps using libata.force boot options and/or
> noncq. Lowering the link speed helped to reduce the frequency of the
> errors (from not getting a smartctl output to getting a complete
> listing within 2 tries).

Sorry, we don't seem to have any Supermicros with that m/b, but with the
ones we have (all X9* m/bs), as well as our many Dells, old Penguins
(rebranded Supermicro), and HPs, we've had no trouble at all with them,
other than the occasional one that dies.

 mark


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Problems with CentOS 7 and X w/ nvidia

[m . roth]

Ok, here's a bit more on the issues: I see in Xorg.0.log that it appears
to have loaded the NVidia drivers I built from proprietary. But, and this
may, or may not be significant, the user's home directory is, of course,
NFS mounted.

And his old machine that dies was running CentOS 5.

Is it possible that some of the gnome settings are breaking things with
CentOS 7's default gnome? If so, what kinds of things should I be looking
for?

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Odd selinux complaints on new, fully updated CentOS 7

[m . roth]

Just installed 7.2, and I'm seeing this - is this a bug in the policy?

**
SELinux is preventing systemd-readahe from add_name access on the
directory .readahead.new.

*  Plugin catchall_labels (83.8 confidence) suggests  
***

If you want to allow systemd-readahe to have add_name access on the
.readahead.new directory
Then you need to change the label on .readahead.new
Do
# semanage fcontext -a -t FILE_TYPE '.readahead.new'
where FILE_TYPE is one of the following: device_t, init_var_run_t,
readahead_var_lib_t, readahead_var_run_t, root_t, var_run_t.
Then execute:
restorecon -v '.readahead.new'


*  Plugin catchall (17.1 confidence) suggests  
**

If you believe that systemd-readahe should be allowed add_name access on
the .readahead.new directory by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep systemd-readahe /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp


Additional Information:
Source Contextsystem_u:system_r:readahead_t:s0
Target Contextsystem_u:object_r:mnt_t:s0
Target Objects.readahead.new [ dir ]
Sourcesystemd-readahe
Source Path   systemd-readahe
Port  
Host  
Source RPM Packages
Target RPM Packages
Policy RPMselinux-policy-3.13.1-60.el7_2.3.noarch
Selinux Enabled   True
Policy Type   targeted
Enforcing ModePermissive
Host Name 
Platform  Linux  3.10.0-327.10.1.el7.x86_64
  #1 SMP Tue Feb 16 17:03:50 UTC 2016 x86_64
x86_64
Alert Count   4
First Seen2016-02-29 10:06:27 EST
Last Seen 2016-02-29 16:50:22 EST
Local ID  0ba32e6a-e502-45be-a2dc-cda4c380a2bb

Raw Audit Messages
type=AVC msg=audit(1456782622.230:435): avc:  denied  { add_name } for 
pid=410 comm="systemd-readahe" name=".readahead.new"
scontext=system_u:system_r:readahead_t:s0
tcontext=system_u:object_r:mnt_t:s0 tclass=dir

Hash: systemd-readahe,readahead_t,mnt_t,dir,add_name
*

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7.2, nouveau won't go away

[m . roth]

John Hodrien wrote:
> On Mon, 29 Feb 2016, m.r...@5-cent.us wrote:
>>
>>   Fully updated 7.2 system. I installed the correct proprietary NVidia
>> driver (the user's expensive proprietary visualization software won't
>> run with nouveau), I've put nouveau.modeset=0
>> rd.driver.blacklist=nouveau on the kernel line for grub2, and even yum
>> removed the nouveau driver and built a new initrd... which won't boot,
>> it seems to start and than does nothing, with a black screen, and this
>> is just while booting, before it goes to graphical mode.
>>
>>   If I boot the as-built current initramfs, it loads nouveau, though one
>> of the modules listed if I do lsmod | grep nou shows nvidia, in
>> addition to nouveau.
>>
>>   So, in 7, what do I have to do to make nouveau go away? Is it as
>> simple
>> as creating an /etc/X11/xorg.conf, or...?
>
> Do you have a sound reason for not using elrepo's packaged nvidia driver?
>
Because I was looking late Friday afternoon, and had a vague memory that
they'd dropped support for this card (the "newer" machine is only six or
seven years old, as opposed to the 10-yr-old one tht died: this is your
tax dollars at work, US citizens... and, btw, I see among the things this
researcher's working on is modelling the Zika virus).

I was busting butt to get him running; as it was, he couldn't work over
the weekend, and it took me until lunchtime to get him up and running for
now (I *adore* NAC on the switches).

Now that he's running, I just looked, and I see that the legacy 304
kmod-nvidia driver should support it, so, next time he's out for a day,
I'll try installing that.

Thanks for the reminder.

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7.2, nouveau won't go away

[m . roth]

Hi, folks,

   Fully updated 7.2 system. I installed the correct proprietary NVidia
driver (the user's expensive proprietary visualization software won't
run with nouveau), I've put nouveau.modeset=0
rd.driver.blacklist=nouveau on the kernel line for grub2, and even yum
removed the nouveau driver and built a new initrd... which won't boot,
it seems to start and than does nothing, with a black screen, and this
is just while booting, before it goes to graphical mode.

   If I boot the as-built current initramfs, it loads nouveau, though one
of the modules listed if I do lsmod | grep nou shows nvidia, in
addition to nouveau.

   So, in 7, what do I have to do to make nouveau go away? Is it as simple
as creating an /etc/X11/xorg.conf, or...?

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bitcoin for CentOS 7

[m . roth]

Alice Wonder wrote:
> On 02/24/2016 06:06 AM, Alice Wonder wrote:
>> On 02/24/2016 06:04 AM, m.r...@5-cent.us wrote:
>>> Alice Wonder wrote:
 For those interested I have a working spec file for Bitcoin 0.12.0

 https://github.com/AliceWonderMiscreations/bitcoin/blob/master/contrib/rpm/bitcoin.spec

 I believe the only BuildRequires that isn't in CentOS/EPEL is
 miniupnpc-devel but that's trivial to build as well.

 With Bitcoin 0.12.0 the ECC stuff that Red Hat ripped out of OpenSSL
 doesn't matter anymore.

>>> 
>>> Thanks, but unless I need to generate some to pay ransomware, say, for
>>> a hospital, I think I'll pass.
>>
>> Yeah, because other currencies and paypal etc. are never used for
>> criminal activities, I see your highly logical point.
>
> Meanwhile banks like Chase charge poor people $12.00 a month just have
> checking and push debit card paychecks on low income jobs where they
> charge just for the poor to check how much they have on it.

Tell me about it. I think we're in agreement on that kind of crap.
>
> That's not criminal though, it's taking from the poor so the rich can
> buy new cars and cruises but it's not criminal so there is no reason why
> we should scoff at that.

I know someone on another list whose attitude is "you should invest in the
market, but if you don't know what you're doing, and do it as well as I
do, I'll be glad to take your money".

But we're way afield, and OT. My original cmt was just a one-off. If you
want to continue, let's take this offlist.

 mark "moi? have opinions?"

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bitcoin for CentOS 7

[m . roth]

Alice Wonder wrote:
> On 02/24/2016 06:04 AM, m.r...@5-cent.us wrote:
>> Alice Wonder wrote:
>>> For those interested I have a working spec file for Bitcoin 0.12.0
>>>
>>> https://github.com/AliceWonderMiscreations/bitcoin/blob/master/contrib/rpm/bitcoin.spec
>>>
>>> I believe the only BuildRequires that isn't in CentOS/EPEL is
>>> miniupnpc-devel but that's trivial to build as well.
>>>
>>> With Bitcoin 0.12.0 the ECC stuff that Red Hat ripped out of OpenSSL
>>> doesn't matter anymore.
>>>
>> 
>> Thanks, but unless I need to generate some to pay ransomware, say, for a
>> hospital, I think I'll pass.
>>
>
> Yeah, because other currencies and paypal etc. are never used for
> criminal activities, I see your highly logical point.

No, I was thinking more of Mt. Gox, etc.

mark
>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bitcoin for CentOS 7

[m . roth]

Alice Wonder wrote:
> For those interested I have a working spec file for Bitcoin 0.12.0
>
> https://github.com/AliceWonderMiscreations/bitcoin/blob/master/contrib/rpm/bitcoin.spec
>
> I believe the only BuildRequires that isn't in CentOS/EPEL is
> miniupnpc-devel but that's trivial to build as well.
>
> With Bitcoin 0.12.0 the ECC stuff that Red Hat ripped out of OpenSSL
> doesn't matter anymore.
>

Thanks, but unless I need to generate some to pay ransomware, say, for a
hospital, I think I'll pass.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, odd message from nfsdcltrack

[m . roth]

Is this normal, or a bug, perhaps a mismatch in two pieces (and this
server was just updated late yesterday afternoon, and rebooted this
morning):
  nfsdcltrack[12128]: sqlite_insert_client: insert
statement prepare failed: table clients has 2 columns but 3 values were
supplied

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS install disable USB keyboard on Acer AXC 603G UW13

[m . roth]

Juan De Mola wrote:
>>From: John Hodrien 
>>On Tue, 23 Feb 2016, Juan De Mola wrote:
>>
>>> CentOS 6 has problems printing when the Internet goes down. And 7 is
>>> still untested for the software we are running on Linux.
>>
>>Not being funny, but where did you get that idea from?
>
> I have upgraded a client's main server, everything worked well until the
> Internet got an outage. Printers stoped working without explanation. I
> have not tested 7, but 6 is off table because of that incident.

That's very odd. We have well over 170 servers and workstations, the vast
majority on CentOS 6, as is my own workstation at home, and both here at
work, and at home, we/I have occasionally had connection to the outside
world issue (admittedly, not for very long), and no printer problems at
all.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS install disable USB keyboard on Acer AXC 603G UW13

[m . roth]

Juan De Mola wrote:
> Hi. I am triying to set up CentOS 5 on an Acer AXC 603G UW13. The install
> turn off my USB keyboard between /sbin/loader and the media check prompt
> screen.
>
> What I can do to get the install working with the USB keyboard?
>
Simple question #1: why on earth are you installing CentOS 5 - it's about
to run out of support. Why not 6, at least, if not 7?

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, Xeon CPUs, not booting, [SOLVED], bug filed

[m . roth]

> What I did:
> 1. in /etc/fstab, I changed LABEL= to /dev/sda*
> 2. I did rebuild the initramfs with that.
> That still didn't do it.
>
> Finally, I did this: from the grub2 boot menu, I edited the kernel line so
> that instead of reading ... root=LABEL=/, it read root=/dev/sda3, and it
> booted with zero issues.
>
> There is, therefore, a bug in grub2? the handoff to systemd? where it does
> not handle LABEL correctly.
>

One more bit of information, which I added to the bug report: using
e2label, I relabeled /boot and / to boot and root, and edited /etc/fstab
and /etc/grub2.cfg to reflect that... and it booted with no trouble. I
believe that a month ago, I neglected to edit grub2.cfg.

Note that /dev/sdd1 and /dev/sde1, which both have labels that begin with
a leading slash, mounted correctly. This, to me, indicates the bug is with
grub2's handling of LABEL=.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, Xeon CPUs, not booting, [SOLVED], bug filed

[m . roth]

Paul Heinlein wrote:
> On Thu, 18 Feb 2016, m.r...@5-cent.us wrote:
>
>> This is happening on anything other than plain vanilla Dell servers. One
>> R730, with dual Tesla cards, one R420, with a fibre card for a RAID
>> device, it never switches root. All these systems have Xeons, not AMD
>> CPUs.
>>
>> We've had this with every one of the 327 kernels. In addition, it seems
>> to happen also with the 229.20.1; the 229.14.1 has no such problem.
>>
>> From the rdsosreport:
>> starting at line 126:
>> /dev/disk/by-label:
>> total 0
>> lrwxrwxrwx 1 root 0 10 Jan 27 19:03 SWAP -> ../../sda2
>> lrwxrwxrwx 1 root 0 10 Jan 27 19:03 \x2f -> ../../sda3
>> lrwxrwxrwx 1 root 0 10 Jan 27 19:03 \x2fboot -> ../../sda1
>>
>> Then, starting at line 1283:
>> [3.317027]  systemd[1]: Found device ST500NM0003-9ZM172
>> /.
>> [3.317974]  systemd[1]: Starting File System Check on
>> /dev/disk/by-label/\x2f...
>> [3.320089]  systemd-fsck[590]: Failed to detect device
>> /dev/disk/by-label//
>> [3.320567]  systemd[1]: systemd-fsck-root.service: main
>> process exited, code=exited, status=1/FAILURE
>> [3.320972]  systemd[1]: Failed to start File System
>> Check
>> on /dev/disk/by-label/\x2f.
>>
>> Does *ANYONE* have any clues as to what's going on?
>>
>> Meanwhile, on a plain vanilla Dell R420, I see:
>> ll /dev/disk/by-label/
>> total 0
>> lrwxrwxrwx. 1 root root 10 Feb 17 10:06 SWAP -> ../../sda2
>> lrwxrwxrwx. 1 root root 10 Feb 17 10:06 boot -> ../../sda1
>> lrwxrwxrwx. 1 root root 10 Feb 17 10:06 root -> ../../sda3
>>
>> So, what is this by-label with the x2f, and why can't it find the
>> drives?
>>
>> Or do I have to file a bug report? This is a true show-stopper.
>
> Here are a few related thoughts:
>
> The 'x2f' looks to me very similar to me to %2F, the URL encoding for
> the forward slash (/).
>
> If you look in /usr/lib/udev/rules.d, you'll see rules like
>
> ENV{ID_FS_USAGE}=="filesystem|other", ENV{ID_FS_LABEL_ENC}=="?*",
> SYMLINK+="disk/by-label/$env{ID_FS_LABEL_ENC}"
>
> where, if ID_FS_LABEL_ENC were equal to "/", then the rule would be
> disk/by-label// -- with two trailing slashes, which (perhaps) gets
> interpreted not as one slash (like cd might do) by as "/x2f".
>
> That's the end of random thought #1.
>
> The second is like it:
>
> A local C7 machine has this root entry in /etc/fstab:
>
>/dev/mapper/vg00-rootdev  /  xfs  defaults  0  0
>
> When I search my system logs for messages like the ones in your
> original post, I see
>
>systemd: Found device /dev/mapper/vg00-rootdev.
>systemd: Starting File System Check on /dev/mapper/vg00-rootdev...
>
> It's only after that's complete that I get device-specific messages
> like
>
>systemd: Found device ST9600204SS.
>
> So I'm interested to know the content of your /etc/fstab file.
>
> End of thought #2.

I just successfully brought up one that consistently failed. And filed a
bug report, 0010398.

What I did:
1. in /etc/fstab, I changed LABEL= to /dev/sda*
2. I did rebuild the initramfs with that.
That still didn't do it.

Finally, I did this: from the grub2 boot menu, I edited the kernel line so
that instead of reading ... root=LABEL=/, it read root=/dev/sda3, and it
booted with zero issues.

There is, therefore, a bug in grub2? the handoff to systemd? where it does
not handle LABEL correctly.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, Xeon CPUs, not booting

[m . roth]

This is happening on anything other than plain vanilla Dell servers. One 
R730, with dual Tesla cards, one R420, with a fibre card for a RAID
device, it never switches root. All these systems have Xeons, not AMD
CPUs.

We've had this with every one of the 327 kernels. In addition, it seems to
happen also with the 229.20.1; the 229.14.1 has no such problem.

>From the rdsosreport:
starting at line 126:
/dev/disk/by-label:
total 0
lrwxrwxrwx 1 root 0 10 Jan 27 19:03 SWAP -> ../../sda2
lrwxrwxrwx 1 root 0 10 Jan 27 19:03 \x2f -> ../../sda3
lrwxrwxrwx 1 root 0 10 Jan 27 19:03 \x2fboot -> ../../sda1

Then, starting at line 1283:
[3.317027]  systemd[1]: Found device ST500NM0003-9ZM172 /.
[3.317974]  systemd[1]: Starting File System Check on
/dev/disk/by-label/\x2f...
[3.320089]  systemd-fsck[590]: Failed to detect device
/dev/disk/by-label//
[3.320567]  systemd[1]: systemd-fsck-root.service: main
process exited, code=exited, status=1/FAILURE
[3.320972]  systemd[1]: Failed to start File System Check
on /dev/disk/by-label/\x2f.

Does *ANYONE* have any clues as to what's going on?

Meanwhile, on a plain vanilla Dell R420, I see:
ll /dev/disk/by-label/
total 0
lrwxrwxrwx. 1 root root 10 Feb 17 10:06 SWAP -> ../../sda2
lrwxrwxrwx. 1 root root 10 Feb 17 10:06 boot -> ../../sda1
lrwxrwxrwx. 1 root root 10 Feb 17 10:06 root -> ../../sda3

So, what is this by-label with the x2f, and why can't it find the drives?

Or do I have to file a bug report? This is a true show-stopper.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] slightly off-topic, RAID program for on-board SAS 2308-4i ?

[m . roth]

John R Pierce wrote:
> On 2/16/2016 3:23 PM, Zube wrote:
>> Does anyone know what program can be used to query the RAID status
>> from the OS for an on-board LSI SAS 2308-4i?
>
> the 2308 isn't actually a megaraid, its a simple SAS HBA that has an
> optional raid mode IF its flashed with IR firmware... this only supports
> raid 0/1/10.  I always(!) flash these with the IT firmware that
> turns them back into a plain SAS HBA, and then use operating system
> native raid (mdraid for centos).
>
> the megaraid management software does support these chips in IR mode,
> but megacli is an awful thing to use.   i found it so awful that I
> located and tweaked a couple python scripts to make it easier to use on
> a LSI MegaRAID 9261-8i (which doesn't /have/ any IT mode)

Yes - he's *absolutely* right. This software is user-surly, except when
it's outright user-hostile. I found the same script, and use it.

   mark
>
> # lsi-raidinfo
> -- Controllers --
> -- ID | Model
> c0 | LSI MegaRAID SAS 9261-8i
>
> -- Volumes --
> -- ID | Type | Size | Status | InProgress
> volume c0u0 | RAID10 1x2 | 2727G | Optimal | None
> volume c0u1 | RAID60 1x8 | 16370G | Optimal | None
> volume c0u2 | RAID60 1x8 | 16370G | Optimal | None
>
> -- Disks --
> -- Encl:Slot | vol-span-unit | Model | Status
> disk 8:0 | 0-0-0 | Z291VTS5ST33000650NS 0003 | Online, Spun Up
> disk 8:1 | 0-0-1 | Z291VTRPST33000650NS 0003 | Online, Spun Up
> disk 8:2 | 1-0-0 | Z291VTKWST33000650NS 0003 | Online, Spun Up
> disk 8:3 | 1-0-1 | Z291VT9YST33000650NS 0003 | Online, Spun Up
> disk 8:4 | 1-0-2 | Z291VTT6ST33000650NS 0003 | Online, Spun Up
> disk 8:5 | 1-0-3 | Z291VT6CST33000650NS 0003 | Online, Spun Up
> disk 8:6 | 1-0-4 | Z291VTLAST33000650NS 0003 | Online, Spun Up
> disk 8:7 | 1-0-5 | Z291VTK1ST33000650NS 0003 | Online, Spun Up
> disk 8:8 | 1-0-6 | Z291VTNGST33000650NS 0003 | Online, Spun Up
> disk 8:9 | 1-0-7 | Z291VTRAST33000650NS 0003 | Online, Spun Up
> disk 8:10 | 2-0-0 | Z291VV05ST33000650NS 0003 | Online, Spun Up
> disk 8:11 | 2-0-1 | Z291VTW1ST33000650NS 0003 | Online, Spun Up
> disk 8:12 | 2-0-2 | Z291VTRLST33000650NS 0003 | Online, Spun Up
> disk 8:13 | 2-0-3 | Z291VTRXST33000650NS 0003 | Online, Spun Up
> disk 8:14 | 2-0-4 | Z291VSZGST33000650NS 0003 | Online, Spun Up
> disk 8:15 | 2-0-5 | Z291VSW1ST33000650NS 0003 | Online, Spun Up
> disk 8:16 | 2-0-6 | Z291VTB5ST33000650NS 0003 | Online, Spun Up
> disk 8:17 | 2-0-7 | Z291VSX8ST33000650NS 0003 | Online, Spun Up
> disk 8:18 | x-x-x | Z291VTS7ST33000650NS 0003 | Hotspare, Spun down
> disk 8:19 | x-x-x | Z291VT3HST33000650NS 0003 | Hotspare, Spun down
>
> the script that does this is here...
>
>
> # more bin/lsi-raidinfo
> #!/usr/bin/python
>
> # megaclisas-status 0.6
> # renamed lsi-raidinfo
> #
> # This program is free software; you can redistribute it and/or modify
> # it under the terms of the GNU General Public License as published by
> # the Free Software Foundation; either version 2 of the License, or
> # (at your option) any later version.
> #
> # This program is distributed in the hope that it will be useful,
> # but WITHOUT ANY WARRANTY; without even the implied warranty of
> # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
> # GNU General Public License for more details.
> #
> # You should have received a copy of the GNU General Public License
> # along with Pulse 2; if not, write to the Free Software
> # Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
> # MA 02110-1301, USA.
> #
> # Copyright (C) 2007-2009 Adam Cecile (Le_Vert)
>
> ## modified by johnpus...@gmail.com 08/14/11
> # fixed for LSI 9285-8e on Openfiler
>
> ## modified by pie...@hogranch.com 2012-01-05
> # fixed for newer version of megacli output on RHEL6/CentOS6
> # output format extended to show raid span-unit and rebuild % complete
>
> import os
> import re
> import sys
>
> if len(sys.argv) > 2:
>  print 'Usage: lsi-raidinfo [-d]'
>  sys.exit(1)
>
> # if argument -d, only print disk info
> printarray = True
> printcontroller = True
> if len(sys.argv) > 1:
>  if sys.argv[1] == '-d':
>  printarray = False
>  printcontroller = False
>  else:
>  print 'Usage: lsi-raidinfo [-d]'
>  sys.exit(1)
>
> # Get command output
> def getOutput(cmd):
>  output = os.popen(cmd)
>  lines = []
>  for line in output:
>  if not re.match(r'^$',line.strip()):
>  lines.append(line.strip())
>  return lines
>
> def returnControllerNumber(output):
>  for line in output:
>  if re.match(r'^Controller Count.*$',line.strip()):
>  return int(line.split(':')[1].strip().strip('.'))
>
> def returnControllerModel(output):
>  for line in output:
>  if re.match(r'^Product Name.*$',line.strip()):
>  return line.split(':')[1].strip()
>
> def returnArrayNumber(output):
>  i = 0
>  for line in output:
>  if re.match(r'^Virtual (Drive|Disk).*$',line.strip()):
>  i += 1
>   

[CentOS] CentOS 7 workstation, mutter CRITICAL...

[m . roth]

A fully updated, just built last month, CentOS 7 workstation. The system
has 16G of ram, and the real work is done on servers.

I'm seeing a ton of complaints in the logs.
Feb 10 18:06:00  gnome-session: (gnome-shell:3248):
mutter-CRITICAL **: meta_window_raise: assertion
'!window->override_redirect' failed

I found a bug report from last summer, but as I said, all updates are done.

Also, is there a bug in the firefox package?
Feb 10 17:07:51  : IcedTea-Web java error manual log:
Feb 10 17:07:51  : Application title was not found in
manifest. Check with application vendor

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] heads up: /boot space on kernel upgrade

[m . roth]

Chris Murphy wrote:
> Default boot volume on Fedora is 500M, with a kernel installonly_limit
> of 3. So far this seems sufficient, even accounting for the "rescue
> kernel" (which is really a nohostonly initramfs, which is quite a bit
> larger than the standard hostonly initramfs used for numbered
> kernels).

IIRC, we saw discussions elsewhere, and ... I think it's called fedup
(great name, great marketing!) that updated a full release, and it
*really* needed > 500M, as it was dumping a *lot* in /boot. And, as they
say, disk space is cheap, esp. when we buy multiterabyte disks, even for
the root drive. (Ok, most of them are 1TB).

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] heads up: /boot space on kernel upgrade

[m . roth]

Devin Reade wrote:
> I have a CentOS 6 machine that was initially installed as CentOS 6.4
> in May of 2013.  It's /boot filesystem is 200M which, IIRC, was the
> default /boot size at the time.
>
> The most recent kernel update (2.6.32-573.18.1.el6) fails because of
> lack of space in /boot. The workaround is edit /etc/yum.conf, reduce
> installonly_limit from 5 to something lower (I used 3), remove the
> oldest kernel via 'rpm -e', and then re-apply the update.  In this case,
> it was necessary to use the 'yum update' command line vs the Update Applet
> due to an incomplete transaction from the failed update.
>
Right. Around that time, fedora wanted a gig, and so, seeing the future,
we've been assigning a gig to /boot for a few years now. I would
*strongly* recommend that for new or rebuilt systems.

On the other hand, don't really see the need to save five previous kernels.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Utility to zero unused blocks on disk

[m . roth]

John R Pierce wrote:
> On 2/8/2016 2:14 PM, Chris Murphy wrote:
>> DBAN is obsolete. NIST 800-88 for some time now says to use secure erase
>> or
>> enhanced security erase or crypto erase if supported.
>>
>> Other options do not erase data in remapped sectors.
>
> the only truly safe way to destroy data on magnetic media is to grind
> the media up into filings or melt it down in a furnace.
>
Well, no. DeGaussing works, also. Plus, with current storage techniques,
I've heard that one pass of whatever will make it unreadable. That was why
I jokingly referred to DoD 5220.22-M as overkill, since it does 7 passes.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Utility to zero unused blocks on disk

[m . roth]

Wes James wrote:
> Is there a utility to zero unused blocks on a disk?
>
> CentOS 6.7/Ext4
>
> I saw zerofree, but I’m not sure it would work on Ext4 or even work on
> this version of CentOS.
>
I don't understand the point of doing this. If you want to sanitize the
disk, use dban , which surely approaches industry standard for
the open source answer.

Just zeroing random blocks? Why? If you want to wipe a specific file,
there's shred.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Utility to zero unused blocks on disk

[m . roth]

Chris Murphy wrote:
> DBAN is obsolete. NIST 800-88 for some time now says to use secure erase
> or enhanced security erase or crypto erase if supported.
>
> Other options do not erase data in remapped sectors.

dban doesn't? What F/OSS does "secure erase"? And does it do what dban's
DoD 5220.22-M does?

   mark, overkill

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Strange performance issue on CentOS 6.7 server

[m . roth]

Alfred von Campe wrote:
> On Feb 3, 2016, at 16:13, Warren Young wrote:
>
>> A dying hard disk can do it.  HDDs try to silently paper over I/O
>> errors, but what they can’t hide is the time it takes to do this.  If
>> your HDD is constantly correcting errors at the oxide layer, it will be
>> reallly sow.
>>
>> You can try running SMART tests on it, though that’s not guaranteed to
>> show the problem.
>
> Well, it’s not “a” disk: it’s a HW RAID of about dozen (server grade)
> drives, with a VG/LV on top of that.  Are there any log files I can check
> that test the underlying VG/LV health status?
>
You don't mention what kind of h/w RAID. LSI-based controller, and
HP-based ones, both have utilities to check out the drives (MegaRAID and
hpacli, respectively); AC JetStors have a web interface.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest version of kate editor

[m . roth]

James B. Byrne wrote:
> On Tue, February 2, 2016 12:02, H wrote:
>>
>> What do people use as a programming editor on CentOS 6? My first
>> impression of kate was favorable, not only did it support the usual
>> programming and scripting languages but also markdown which I have
>> recently discovered...
>
> I use vim/gvim together with numerous add-ons from Tim Pope.

Y'all now have me looking for one that does Brief emulation (the best text
editor ever)

  mark "or should we move this thread to alt.religion.editors?"

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, NSF, "feature" [SOLVED]

[m . roth]

Warren Young wrote:
> On Feb 3, 2016, at 8:57 AM, m.r...@5-cent.us wrote:
>>
>> I also don't understand why you'd set as an out-of-the-box default
>> that it should fail to come up if it can't resolve any export host,
>> rather than default to coming up.
>
> You do it for the same reason you’d fail when mounting any other
> filesystem.  It may be critical to operation, as with shared /usr.

Beg pardon? The NFS server is offering it out, not requiring the f/s in.
How could it be considered critical, as mounting / is? I can see it if
*networking's* not up, but when it's only members of a list to whom it is
available?

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] nfs stuck, don't know what processes to kill

[m . roth]

Dave Burns wrote:
> On Tue, Feb 2, 2016 at 9:23 AM,  wrote:
>
>> Dave Burns wrote:
>> > My NFS server is up and other clients can access x. One particular
>> client
>> > can't. I tried to unmount the NFS share:
>> >
>> > [root@nfsclient ~]#  umount -f /disk/x
>> > umount2: Device or resource busy
>> > umount.nfs: /disk/x: device is busy
>> > umount2: Device or resource busy
>> > umount.nfs: /disk/x: device is busy
>> >
>> > If I use df or lsof to try to figure out what process to kill, they
>> > hang.I am reluctant to just reboot, as many other users are getting
>> > stuff done. dmesg doesn't show anything useful.
>> >
>> > How to get unstuck?
>>
>> *IF* I understand what you're saying, on that one client, you're trying
>> to umount the nfs share. Is that the case?
>>
>> IF that is the case... is autofs running? If so, service autofs stop,
>> and you should be able to umount it.
>>
>> # service autofs stop results in fail. Maybe need #rm
>> /var/run/autofs.pid?

Ok, ps -ef | grep auto, and see if it's running; or are you saying it
*said* shutting it down failed? Oh, and is this CentOS 6 or 6 (service, or
systemctl)?

If it's already shut off, and lsof doesn't help, does doing a df help?
Perhaps it might show someone's workspace, or home directory mounted, so
you know who to kill?

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] delete directories with find and exclude other directories

[m . roth]

Tim Dunphy wrote:
> Hi all,
>
> I'm attempting to delete some directories and I want to be able to exclude
> a directory called 'logs' from being deleted.
>
> This is my basic find operation (without the exclusion)
>
> # find . -type d  |tail -10
> ./d20160124-1120-df8mfb/deployments
> ./d20160124-1120-df8mfb/releases
> ./d20160131-16993-vazqg5
> ./d20160131-16993-vazqg5/metadata
> ./d20160131-16993-vazqg5/deployments
> ./d20160131-16993-vazqg5/releases
> ./logs
> ./d20160203-27735-1tqbjh6
> ./d20160125-1120-1yccr9p
> ./d20160131-16993-1yf9lnc
>
> I'm just tailing the output so that you have an idea of what's going on
> without taking up the whole page. :)
>
> If I try to exlclude the logs directory with the prune command I get back
> no results.
>
> root@ops-manager:/tmp/tmp# find . -type d  -prune -o -name 'logs' -print
> root@ops-manager:/tmp#
>
> What am I doing wrong?
>
find . -type d ! -name logs -prune (and -print has been a default for a
long time).

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, NSF, "feature" [SOLVED]

[m . roth]

The issue: NFS fails to start in CentOS 7 if it cannot resolve any of a
list of hosts.

Well, my manager had to google to find the *truly* obscure solution that
uses a deeply oddball syntax.

In /usr/lib/systemd/system/nfs-server.service, you edit the following line
so that it looks like this:
 ExecStartPre=-/usr/sbin/exportfs -r

Notice the *deeply* weird syntax of "=-". This apparently tells it
that "a nonzero exit code" should be ignored and considered "success".

And, I read in the manpage for systemd.service that if you precede it with
an @, it will pass arguments. Why it does not use the used-everywhere-else
of *post*fixing those parms, I have no data.

And, speaking specifically about nfs-server.service, I also don't
understand why you'd set as an out-of-the-box default that it should fail
to come up if it can't resolve any export host, rather than default to
coming up.

   mark, discovering new reasons to dislike systemd

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] delete directories with find and exclude other directories

[m . roth]

Gordon Messmer wrote:
> On 02/03/2016 10:11 AM, m.r...@5-cent.us wrote:
>> find . -type d ! -name logs -prune
>
> That will prune all of the directories whose name is not "logs",
> starting with "."
>
> So... not terribly useful.

Right, but a) I think I tried using prune 20 years ago... and b) I thought
the o/p wanted to not deal with any directory whose name was logs. leaving
off prune would get everything, which is perhaps a bit more useful.

 mark



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7, NSF, "feature"

[m . roth]

In the last month, we've discovered a new, a, "feature" in the version
of the version of NFS with CentOS 7: on startup, if it cannot resolve a
given host, it dies. It does not continue on up, with all the other hosts
it's exporting to, and just log a message.

Is there a workaround, or a configuration, to change this "fail on
unresolved host" behaviour?

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] nfs stuck, don't know what processes to kill

[m . roth]

Dave Burns wrote:
> My NFS server is up and other clients can access x. One particular client
> can't. I tried to unmount the NFS share:
>
> [root@nfsclient ~]#  umount -f /disk/x
> umount2: Device or resource busy
> umount.nfs: /disk/x: device is busy
> umount2: Device or resource busy
> umount.nfs: /disk/x: device is busy
>
> If I use df or lsof to try to figure out what process to kill, they hang.
> I
> am reluctant to just reboot, as many other users are getting stuff done.
> dmesg doesn't show anything useful.
>
> How to get unstuck?

*IF* I understand what you're saying, on that one client, you're trying to
umount the nfs share. Is that the case?

IF that is the case... is autofs running? If so, service autofs stop, and
you should be able to umount it.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, NSF, "feature"

[m . roth]

Ricardo J. Barberis wrote:
> El Martes 02/02/2016, m.r...@5-cent.us escribió:
>> In the last month, we've discovered a new, a, "feature" in the
>> version of the version of NFS with CentOS 7: on startup, if it
>> cannot resolve a given host, it dies. It does not continue on up,
>> with all the other hosts it's exporting to, and just log a message.
>>
>> Is there a workaround, or a configuration, to change this "fail on
>> unresolved host" behaviour?
>
> Maybe NFS should wait for the network to be up?

Good thought, but no - this was an issue where the servers names were
changed, or moved - I disremember which. And it came up originally,
because we have one server that's accessed all over campus, at other
Institutes, and some people leave, and their machines go away, repurposed
or surplused, but they're still listed on our exports file.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] NICs order

[m . roth]

Gordon Messmer wrote:
> On 02/01/2016 07:00 AM, Leroy Tennison wrote:
>> The issue here may be systemd
> ...
>> Web documentation at freedesktop.org says net.ifnames needs to be set
to zero, I found just the opposite but if it doesn't work for you try
both before giving up.
>
> Just to clarify: net.ifnames=0 disables the systemd/udev interface
renaming feature.  biosdevname=0 disables the biosdevname interface
renaming feature, which is completely separate.  If you want the
traditional, non-deterministic Linux interface naming, you must specify
both.

You call it "deterministic". I will note that it is, in fact, straight
from Sun - 20 years ago, that was the naming on the Sparc Server that I
first picked up sysadmin work. Which was fine... FOR SUN HARDWARE. For
admins and users, it's *really* NOT a great idea, given that the system
could have a m/b from any OEM, and even trying to set up a std. kickstart
is a pain with that, much less anything more arcane. Why ethx, with the
option of adding the firmware MAC address, is such a bad idea, I have no
clue.
>
> Also, if you add rules to /etc/udev/rules.d, you should rebuild your
initrd.

?!?!?!?! THAT I had never considered, nor done, and I'm sure that in
CentOS 6, I've changed things there, and just rebooted. Oh, great, I'm
getting flashes of WinDoze.

Thanks for that info, though. I need to remember that.

  mark



___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7 and network printers: FYI

[m . roth]

Valeri Galtsev wrote:
>
> On Mon, February 1, 2016 9:17 am, m.r...@5-cent.us wrote:
>> I got an email from a user that I'd just handed a new CentOS 7
>> workstation to, wondering where all the printers were.
>>
>> It took some investigation to find /etc/cups/cups-browsed.conf, and see,
>> in it, at the very bottom of the file:
>>
>> # NOTE: This file is not part of CUPS. You need to start & enable
>> cups-browsed service.
>>
>> Which appears to be brand new with 7, and I have not seen any mention of
>> it.
>>
>> Enabled and started, and the network printers are visible on the cups
>> localhost web page->printers.
>
> Unrelated to the topic, but may be helpful for somebody who uses cups
> browsing option. I usually turn off cups browsing. Here is why: someone
> brings laptop to our network, and may have one of his/her printers
> "shared". Somebody else finds, sets it up, and happily uses it. Till the
> first person goes away. Then second person comes to me telling my printer
> doesn't work. Which is not my printer, in a sense I can do nothing about
> what the second person had done about that printer...
>
You're in a different environment. I guarantee no one's wandering in with
a printer here. Plus, on our VLAN, we are the ones giving out IP
addresses, and *only* to MAC addresses we know. We don't know 'em, they
don't get on the network.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] In A UEFI World, "rm -rf /" Can Brick Your System

[m . roth]

Excerpt:
Running rm -rf / on any UEFI Linux distribution can potentially
perma-brick your system.

As a public service announcement, recursively removing all of your files
from / is no longer recommended. On UEFI distributions by default where
EFI variables are accessible via /sys, this can now mean trashing your
UEFI implementation.

There is this systemd bug report requesting that UEFI variables be mounted
as read-only by default. Lennart Poettering had initially responded and
simply said, "Well, there are tools that actually want to write it. We
also expose /dev/sda accessible for root, even though it can be used to
hose your system. The ability to hose a system is certainly reason enought
to make sure it's well protected and only writable to root. But beyond
that: root can do anything really." He then closed the ticket.
--- end excerpt ---



"And they closed the ticket"? That tuxedo on the cockroach is so elegent!

Ok, *now* tell me why we shouldn't hate systemd?

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] In A UEFI World, "rm -rf /" Can Brick Your System

[m . roth]

John R Pierce wrote:
> On 2/1/2016 2:07 PM, m.r...@5-cent.us wrote:
>> John R Pierce wrote:
>>> >wait.   would deleting the inode/sys/(whatever)  actually modify UEFI
>>> >memory?sure, writing to those inodes could do all sorts of harm,
>>> but deleting the inodes in the /sys filesystem, I'm not so sure this
>>> isn't a >tempest in a teapot so to speak.

>> It's going to get /boot. And under there, it'll get /boot/EFI.
>
> so it will delete inodes there...does that damage the EFI
> hardware?I would think you'd have to open files and write data to
> actually modify the EFI stuff.
>
> my only C7 systems right now are VMs which don't have uefi, so I can't
> look and see what all this stuff actually is.

Yeah, I don't think we really know, until someone's willing to brick a
many-thousand-dollar server

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] In A UEFI World, "rm -rf /" Can Brick Your System

[m . roth]

John R Pierce wrote:
> wait.   would deleting the inode /sys/(whatever)  actually modify UEFI
> memory?sure, writing to those inodes could do all sorts of harm, but
> deleting the inodes in the /sys filesystem, I'm not so sure this isn't a
> tempest in a teapot so to speak.

It's going to get /boot. And under there, it'll get /boot/EFI.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 7 and network printers: FYI

[m . roth]

I got an email from a user that I'd just handed a new CentOS 7 workstation
to, wondering where all the printers were.

It took some investigation to find /etc/cups/cups-browsed.conf, and see,
in it, at the very bottom of the file:

# NOTE: This file is not part of CUPS. You need to start & enable
cups-browsed service.

Which appears to be brand new with 7, and I have not seen any mention of it.

Enabled and started, and the network printers are visible on the cups
localhost web page->printers.

  mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, 327 kernel still crashing

[m . roth]

Denniston, Todd A CIV NAVSURFWARCENDIV Crane wrote:
>> From: Wes James [mailto:compte...@me.com]
>> > On Jan 27, 2016, at 1:47 PM, m.r...@5-cent.us wrote:
>> >
>> > I've just added the following to the CentOS bugtracker for CentOS-7
>> > 0009860. I admit to not being sure if it's the same issue, or a
>> > separate one, but this and other Dell servers - I *think* they're
>> > all R420's, but I could be wrong, just all do the same thing on boot.
>> > *
>> > I've just updated a CentOS 7 server to the latest kernel,
>> > vmlinuz-3.10.0-327.4.5.el7.x86_64, and the server fails to boot. It
>> > has failed on every 327 kernel.
>> >
>> > Server: Dell R420, 2 Xeons, 124G RAM.
>>
>> I have the same issue on a 2011 iMac.  Usually a it takes one or two
>> rounds of kernels more and it starts working, but I have to stay on
>> 3.10.0-229.20.1 right now.  All the 327’s crash on boot.
>>
>
> The `rpm -q --changelog ` of the 327 kernel looks like they only made
> three 'important' changes, and I think gives pointers to kernel.org
> changes you could use find the offending patches.
> Have you folks considered grabbing the srpm, backing out the each of the
> (three) changes between the pre 327 and 327 and building it yourself to
> figure out which thing broke your systems?

Sorry, I really don't have the time.

HOWEVER, here's an additional datum: I just updated some servers, and one
failed to reboot, also dropping into the rdshell The thing is, this was
vmlinuz-3.10.0-229.20.1.el7.x86_64, *not* a 327. When I went back to
vmlinuz-3.10.0-229.14.1.el7.x86_64, I had no trouble.

Note: in the rdshell, both with any 327 kernel, or with the 229-20, I had
zero issues when I made a mountpoint and mounted /boot or /.

I saved the rdshell from this morning, and have the ok to look more
closely. I will note this: I'm now starting to wonder if this is possibly
a systemd issue... or a grub2 issue.

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, 327 kernel still crashing

[m . roth]

Ok, more info. I've just looked at the rdsosreport from a 327 kernel, and
the one from this morning, from the 229-20 kernel, and I see where they
croak:
[3.045600] lym.cit.nih.gov systemd[1]: Found device ST500NM0003-9ZM172 /.
[3.045950] lym.cit.nih.gov systemd[1]: Starting File System Check on
/dev/disk/by-label/\x2f...
[3.047209] lym.cit.nih.gov systemd-fsck[575]: Failed to detect device
/dev/disk/by-label//
[3.047337] lym.cit.nih.gov systemd[1]: systemd-fsck-root.service: main
process exited, code=exited, status=1/FAILURE
[3.047449] lym.cit.nih.gov systemd[1]: Failed to start File System
Check on /dev/disk/by-label/\x2f.
[3.047559] lym.cit.nih.gov systemd[1]: Dependency failed for /sysroot.

and yet. starting at line 75 of 1281, I see
+ ls -l /dev/disk/by-id /dev/disk/by-label /dev/disk/by-path
/dev/disk/by-uuid
<...>
/dev/disk/by-label:
total 0
lrwxrwxrwx 1 root 0 10 Jan 29 14:27 SWAP-sda2 -> ../../sda2
lrwxrwxrwx 1 root 0 10 Jan 29 14:27 \x2f -> ../../sda3
lrwxrwxrwx 1 root 0 10 Jan 29 14:27 \x2fboot -> ../../sda1

So, at some point, it seems to have lost the visibility to
/dev/disk/by-label.

Any thoughts, here?

 mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, man

[m . roth]

Robert Nichols wrote:
> On 01/27/2016 10:31 AM, m.r...@5-cent.us
> wrote:
>> This is... odd.
>>
>>  From my workstation, where I'm directly logged in, if I ssh to any
>> CentOS 7 box, as myself, and try to run man, it fails.
>> Example 1:
>>   man dd
>> man:
>> cannot write to /var/cache/man/cat1/dd.1.gz in catman mode
>> dd.
>>
>> Example 2:
>>   man dd
>> man: can't chmod (null): Bad address
>> man: can't unlink (null): Bad address
>> dd.
>>
>> In all cases, if I sudo -s to root, I have no trouble reading the
>> manpage. In all cases I've tried, selinux is in permissive mode.

> I've had NOCACHE set in /etc/man.config for a long time. On a modern
> machine there's not that much overhead generating the text page on
> demand, and eliminating that avoids issues with pages formatted for
> one window size being viewed on another.

Thanks for the suggestion. The thing that bothers me is why this should
happen at all

   mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] pmount

[m . roth]

Gordon Messmer wrote:
> On 01/27/2016 08:11 AM, m.r...@5-cent.us wrote:
>> my manager has me using
>> pmount/pumount to mount the hard drives I'm putting in the eSATA drive
>> bay for offline backups. Formerly, I used mount/umount, and when I
>> umounted it, and walked downstairs, mostly, esp the green drives,
>> were spun down. I pumount... and*nothing*  spins down.
>
> I think you're seeing a simple correlation of events that are
> indeterminate.  Un-mounting a filesystem doesn't cause the drive to spin
> down (though "eject" should, IIRC).  WD Green drives have a short
> spin-down period, and are more likely to spin down while not being
> accessed.
>
> pmount is just a SUID wrapper around mount.  That is, it calls mount and
> umount.  Whatever is keeping your drives from spinning down is almost
> certainly unrelated to using pmount.
>
> I'd suggest that you make the users who need to handle these disks
> members of the "disk" group.  With that membership, they should be able
> to run "eject" to safely remove the drives and cause them to spin down.

Um, us sysadmins, the only ones using pmount, can do that already.

Thanks.

mark

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos