Re: [CentOS] Converting to maildir
On Tue, Jan 04, 2011 at 08:52:23AM -0500, Adam Tauno Williams wrote: On Mon, 2011-01-03 at 20:17 -0500, Jason Pyeron wrote: Looking for a guide on converting to Maildir. Here are our relevant specs. sendmail-8.12.11-4.RHEL3.6 (we may not be able to upgrade this due to too many modifications) imap-2002d-14 procmail-3.22-10.el3.centos.0 To a maildir setup... rant I was in a panic today at work because the backup server is filling up too quickly, backing up peoples email. Further it is not backing up often enough. I just lost all of today's email. I hate mbox and imap and outlook... /rant All the maildir stuff I can find is postfix oriented. Because sendmail is rapidly fading into history? From what I can read in procmail man pages, it supports maildir and sendmail uses procmail as the LDA, hence sendmail supports it. There are numerous IMAP servers that support maildir, and scripts to import MBOX files - that is how I would approach it. [But then I wouldn't use Maildir; I mean, really, who cares what format your messages are in - use IMAP and network access your message store. Cyrus IMAPd will index and filter all your messages for you]. Many people care about storage format. Mbox is much more slower during operations on it. It's because it's operate on single file, not several of files. Maildir is only slower while opening it. But it depends on number of messages in such a box which is equal to number of descriptors system must open while reading a box. -- Dominik Zyla pgpQuMj7eh9Xa.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Converting to maildir
On Tue, Jan 04, 2011 at 09:14:57AM -0500, Adam Tauno Williams wrote: On Tue, 2011-01-04 at 15:06 +0100, Dominik Zyla wrote: On Tue, Jan 04, 2011 at 08:52:23AM -0500, Adam Tauno Williams wrote: On Mon, 2011-01-03 at 20:17 -0500, Jason Pyeron wrote: Looking for a guide on converting to Maildir. Here are our relevant specs. sendmail-8.12.11-4.RHEL3.6 (we may not be able to upgrade this due to too many modifications) imap-2002d-14 procmail-3.22-10.el3.centos.0 To a maildir setup... rant I was in a panic today at work because the backup server is filling up too quickly, backing up peoples email. Further it is not backing up often enough. I just lost all of today's email. I hate mbox and imap and outlook... /rant All the maildir stuff I can find is postfix oriented. Because sendmail is rapidly fading into history? From what I can read in procmail man pages, it supports maildir and sendmail uses procmail as the LDA, hence sendmail supports it. There are numerous IMAP servers that support maildir, and scripts to import MBOX files - that is how I would approach it. [But then I wouldn't use Maildir; I mean, really, who cares what format your messages are in - use IMAP and network access your message store. Cyrus IMAPd will index and filter all your messages for you]. Many people care about storage format. And they are misguided in doing so. Details of message storage is an internal [server's] problem. Mbox is much more slower during operations on it. It's because it's operate on single file, Correct, but who cares? If the server provides high-performance to the mailbox... why care? Message format storage wars are silly. I agree it's silly. But try to run dozens of maildirs and the same number of mailboxes on the same kind of server. Mboxes would be bottleneck of the entire mail system. -- Dominik Zyla pgpEN1320vKDp.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Converting to maildir
On Tue, Jan 04, 2011 at 09:38:47AM -0600, Jeff wrote: On Mon, Jan 3, 2011 at 7:17 PM, Jason Pyeron jpye...@pdinc.us wrote: Looking for a guide on converting to Maildir. Here are our relevant specs. sendmail-8.12.11-4.RHEL3.6 (we may not be able to upgrade this due to too many modifications) imap-2002d-14 procmail-3.22-10.el3.centos.0 To a maildir setup... rant I was in a panic today at work because the backup server is filling up too quickly, backing up peoples email. Further it is not backing up often enough. I just lost all of today's email. I hate mbox and imap and outlook... /rant All the maildir stuff I can find is postfix oriented. From what I can read in procmail man pages, it supports maildir and sendmail uses procmail as the LDA, hence sendmail supports it. -Jason And with regard to backup space, it might be time to suck it up and tell your users that you need to implement mail quotas. How much are you backing up from Sent and Trash because nobody maintains their mail folders? A quota can be a great tool for teaching basic mail folder housekeeping. I'll suggest to use journaled-quota. In case of some filesystem problems there'll be no need to do quotacheck(8) if you're using ext3. -- Dominik Zyla pgpCMEolSMRNb.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] recursively find duplicate filenames
On Wed, Jan 05, 2011 at 03:15:03AM -0800, S Mathias wrote: find duplicate filenames in a folder find | perl -ne 's!([^/]+)$!lc $1!e; print if 1 == $seen{$_}++' find duplicate filenames in a folder recursively ? how? What do you mean - duplicate? Duplicate by what? Name? Content? -- Dominik Zyla pgp9xrIiPSzRB.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] way to replace DELL PERC 6/E card???
On Wed, Jan 05, 2011 at 10:47:09PM +0800, mcclnx mcc wrote: we have several R900 servers with PERC 6/E card in it. Recently it we getting some message on /var/log/message say change to write back and change back to write through. We figure out it is PERC 6/E card battery weak. My questions are: 1. some battery only use one year (some even shorter) and already this problem. 2. How come PERC 5/E does not have this issue? 3. where is DISK array information store for PERC 6/E? I did NOT see NVRAM on PERC 6/E card. 4. when replace PERC 6/E card and power on server sometime it will ask you import configuration ans some time it won't. Why? 5. When replace PERC 6/E card and power on. Server ask import configuration should I answer yes? Yes, it'll import your raid configuration without data coruption. It would also work with disks taken from older version of Perc. 6. where can I find documentation which mention import configuration? -- Dominik Zyla pgpTOLkqwSRmE.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cron jobs fail to run
On Wed, Jan 05, 2011 at 10:29:52AM -0500, Mike Burger wrote: hey centos long time no hear! :) I'm having a small issue where the backup jobs that I set to run in the crontab of the backup user do not appear to be running. Here's how I set it up (with crontab -e as the backup user): run amanda every night (check at 2:45 and backup at 3) 45 2 * * * /usr/sbin/amcheck /var/log/amanda/crontab/amcheck.log * 3 * * * /usr/sbin/amdump /var/log/amanda/crontab/amdump.log The executables are where they are supposed to be and run if you type them in on the command line: [amandabac...@amanda ~]$ ls -l /usr/sbin/amcheck -rwsr-x--- 1 root disk 68624 Dec 29 14:08 /usr/sbin/amcheck [amandabac...@amanda ~]$ ls -l /usr/sbin/amdump -rwxr-xr-x 1 amandabackup disk 9637 Dec 29 14:08 /usr/sbin/amdump Although I'm not sure what the 's' indicates in the permissions of amcheck. And here's a tail of the cron logs [r...@amanda init.d]# tail /var/log/cron Jan 5 07:01:01 newamanda crond[13612]: (root) CMD (run-parts /etc/cron.hourly) Jan 5 07:17:09 newamanda crontab[13652]: (amandabackup) BEGIN EDIT (amandabackup) Jan 5 07:18:00 newamanda crontab[13652]: (amandabackup) REPLACE (amandabackup) Jan 5 07:18:00 newamanda crontab[13652]: (amandabackup) END EDIT (amandabackup) Jan 5 07:18:01 newamanda crond[1448]: (amandabackup) RELOAD (cron/amandabackup) Jan 5 07:18:39 newamanda crond[13686]: (CRON) STARTUP (V5.0) Jan 5 07:23:01 newamanda crontab[13699]: (amandabackup) BEGIN EDIT (amandabackup) Jan 5 07:23:47 newamanda crontab[13699]: (amandabackup) END EDIT (amandabackup) Jan 5 07:25:38 newamanda crontab[13751]: (amandabackup) BEGIN EDIT (amandabackup) Jan 5 07:25:53 newamanda crontab[13751]: (amandabackup) END EDIT (amandabackup) thanks in advance! Not using Amanda, myself, it appears to me that the syntax of the commands in your crontab is incorrect. Assuming that the last parameter on each line is a log into which you wish to redirect the output of cron'd commands, you need to add or (if you wish to append) between the command and the path to the log file. Otherwise, cron would be trying to run the amanda commands with the last item (the log file?) as a command line parameter. As I don't run Amanda, I don't know whether you're trying to pass those log files as command line parameters to the amcheck and amdump commands or wish the output of those commands to be sent to those files. Try to run that commands by your hand, and check what is the problem. -- Dominik Zyla pgp9avG90RhGN.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] write-back cache question
On Wed, Feb 16, 2011 at 08:31:05AM -0500, James Chase wrote: Can anyone with write-back cache working just confirm that they see some sort of indication of write-back in dmesg? As I mentioned I talked with Dell and they claim it is working, however I spoke with VMWare and they said if it isn't indicated in dmesg, then it isn't working. It would just be good to know it is indicated as functional in this way for others so I can have something to go on with Dell. You can verify your cache policy with MegaCLI tool. Check your output from `MegaCli -CfgDsply -a0' command. -- Dominik Zyla pgpkuHcJPsQs5.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Detecting harddrive problem
On Fri, Feb 25, 2011 at 07:12:59AM +0200, yonatan pingle wrote: On Fri, Feb 25, 2011 at 4:11 AM, Fajar Priyanto fajar...@arinet.org wrote: Hi all, Recently I realize the filesystem became Read-only and there is media error message in the system log. It has passed several days without notice. I'm thinking of setting up a script to grep that media error and send email. Is there more elegant way of doing this? Thank you. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Actions needed to be done: Buy new disk Remove old disk Install OS on new disk Migrate data from old disk done. elegant way? but two new disks. configure mdadm to mail you if the array fails. It's better to configure smartd. With it you can get mails informing you about relocations, errors, etc from a single disk. Probably it would be lot of such mails before array corruption. So you'll have some time for schedule downtime and swap faulty disk. -- Dominik Zyla pgpgp0qdZ9wfF.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dell PERC H800 commandline RAID monitoring tools
On Mon, Mar 07, 2011 at 12:43:03PM -0800, Dr. Ed Morbius wrote: OMSA conflicts with mega-cli, though we may find that the latter is the more useful package. Both are pretty byzantine, the Dell stuff simply doesn't have docs (in particular: docs on how to interpret the omconfig log output). We're using megacli wrapped by perl to provide information about Perc events. It works quite well as far. -- Dominik Zyla pgp8bhjUch9zV.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to control sftp's user file folder
On Mon, Feb 28, 2011 at 05:53:34PM +0200, Eero Volotinen wrote: 2011/2/28 Yang Yang dapiy...@gmail.com: hi,i have a question want to ask if i add a user like: useradd test groupadd test -g www and how to control user test only can see and write only folder(like /home/htdocs/test,he can not see /home/htdocs or other folder) for example using chrooted scponly or tweaking filesystem acls and selinux settings. scponly chrooted is the easiest way. I agree. Using scponly and some mount-binds would do the trick. The best way to do this, is to set scponly directory somewhere outside the /home/htdocs, and mount-bind only those directories from /home/htdocs, that that user can write to. -- Dominik Zyla pgpMkPmDN1LR2.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dell PERC H800 commandline RAID monitoring tools
On Thu, Mar 10, 2011 at 06:47:09PM +0100, Kai Schaetzl wrote: Dominik Zyla wrote on Thu, 10 Mar 2011 09:10:37 +0100: We're using megacli wrapped by perl to provide information about Perc events. It works quite well as far. Do you have a megacli rpm that works with the CentOS-provided drivers, which is MPT 3.something? I googled about this some time ago and there's an rpm mentioned here and there that contains only the megacli utility, but it's not downloadable anymore from anywhere. I got hold of a package that cotnains the 4 version, but that doesn't work with the CentOS drivers. LSI themselves provide only the complete MegaRAID driver/package for download and it's not clear if the singe megacli utility is included or if installing it may overwrite the built-in driver. It's some single binary version, compiled statically. -- Dominik Zyla pgp8OGyzxf3Vs.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rack configurator?
On Thu, Feb 25, 2010 at 10:44:07PM -0600, Ricardo Carrillo wrote: Have a look http://flux.org.uk/projects/rackmonkey/ too.. You can also check this: http://www.dokuwiki.org/plugin:rack it's good, because you can track your rack stuff under your wiki. -- Dominik Zyla pgpXiQ7uoiL9U.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Email Problem
On Fri, Feb 26, 2010 at 01:32:46PM +0100, Kai Schaetzl wrote: Susan Day wrote on Fri, 26 Feb 2010 08:21:01 -0400: [root qmail-send]# tail current Hello, I would appreciate if you could stop to send all your software problems to this list. Most of your problems seem to be qmail-related, please go to a qmail list for these. Thanks. Kai And please, stop send mails with html encoding. -- Dominik Zyla pgpwNJMOd9FbJ.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Temperature sensor
On Fri, Feb 26, 2010 at 11:00:21AM -0500, Bowie Bailey wrote: Does anyone know of a cheap temperature sensor that will work with Linux? I don't need a fancy monitoring appliance, I just want a simple sensor that I can connect to one of my monitoring servers to let me know if the server room is getting hot. Hi, Any RS-232 temperature sensor should do the job. -- Dominik Zyla pgpJDE4krJ76c.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Temperature sensor
On Fri, Feb 26, 2010 at 08:13:56AM -0800, Benjamin Franz wrote: Bowie Bailey wrote: Does anyone know of a cheap temperature sensor that will work with Linux? I don't need a fancy monitoring appliance, I just want a simple sensor that I can connect to one of my monitoring servers to let me know if the server room is getting hot There is a good chance that lm-sensors supports your servers with no additional hardware needed. To configure lm-sensors, run 'sensors-detect' as root. If your cpu/motherboard is supported you will be able to read system temps directly either using SNMP or by scraping 'sensors' output. But it'll not give information about temperature in server room. -- Dominik Zyla pgpSznIZBqpB3.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Temperature sensor
On Fri, Feb 26, 2010 at 09:57:52AM -0800, John R Pierce wrote: Dominik Zyla wrote: But it'll not give information about temperature in server room. actually, it sorta can. find the lowest reading sensor on the system, probably one on the mainboard...use a manual thermometer to read the intake air temp and calculate the delta. i think you'll find under normal operating conditions that delta is pretty constant if the server is under a reasonably consistent workload. True.. We're also doing like this in some of server rooms. But sometimes we had strange values. So this sort of stuff can be not good enough. :) -- Dominik Zyla pgpsF7z7wpzS5.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Temperature sensor
On Fri, Feb 26, 2010 at 12:27:59PM -0600, Les Mikesell wrote: On 2/26/2010 12:11 PM, Dominik Zyla wrote: On Fri, Feb 26, 2010 at 09:57:52AM -0800, John R Pierce wrote: Dominik Zyla wrote: But it'll not give information about temperature in server room. actually, it sorta can. find the lowest reading sensor on the system, probably one on the mainboard...use a manual thermometer to read the intake air temp and calculate the delta. i think you'll find under normal operating conditions that delta is pretty constant if the server is under a reasonably consistent workload. True.. We're also doing like this in some of server rooms. But sometimes we had strange values. So this sort of stuff can be not good enough. :) If you can get graphs from two different pieces of equipment on the same page you can pretty much see the trend. A single device might have a fan go bad or something - but that should probably be fixed anyway. On servers that have variable CPU power you might see temperature variations depending on the load. You have right. While you checking sensors from few machines, you can see the trend. Gotta think about changing the way of temperature monitoring here. -- Dominik Zyla pgpCceq3Rmbfu.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Temperature sensor
On Fri, Feb 26, 2010 at 01:41:00PM -0500, m.r...@5-cent.us wrote: Dominik wrote: On Fri, Feb 26, 2010 at 12:27:59PM -0600, Les Mikesell wrote: On 2/26/2010 12:11 PM, Dominik Zyla wrote: On Fri, Feb 26, 2010 at 09:57:52AM -0800, John R Pierce wrote: Dominik Zyla wrote: But it'll not give information about temperature in server room. actually, it sorta can. find the lowest reading sensor on the system, probably one on the mainboard...use a manual thermometer to read the intake air temp and calculate the delta. snip If you can get graphs from two different pieces of equipment on the same page you can pretty much see the trend. A single device might have a fan go bad or something - but that should probably be fixed anyway. On servers that have variable CPU power you might see temperature variations depending on the load. You have right. While you checking sensors from few machines, you can see the trend. Gotta think about changing the way of temperature monitoring here. Here's a question back: does the HVAC in the room allow monitoring? It could be some problems with ventilation, I guess. -- Dominik Zyla pgpoJG0V5nTtA.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problem.
On Tue, Mar 02, 2010 at 05:08:22PM +0300, Damas Ally wrote: Greetings all, I am using Centos-5.3 in my server which is running dns, apache and mail. When the power went off and back then all of my services are not be able to run, i visited log files esp for httpd it says read-only and httpd cant start, this cause all of my services to stop. i tried to fix by fsck but still i cant be able to log in my mails via web access because httpd is not running, in short all services stopped. I need help, what to do so that to change the read-only mode, i cant even delete any file. After running fsck and reboot now it reached:- (none) login: and if i type root gives incorrect. Please help me so that to get back my mail server online (mails are in this server). Hi, Did you checked appriopriate (/var) partition with fsck? -- Dominik Zyla pgpP0kuPlbmLF.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kexec for CentOS 4?
On Tue, Mar 02, 2010 at 03:04:06PM +, Tony Mountifield wrote: In article 4b8d1650.1060...@mcclatchyinteractive.com, Tom Georgoulias t...@mcclatchyinteractive.com wrote: On 03/02/2010 05:10 AM, Tony Mountifield wrote: I have a remote CentOS 4 machine on a network where I can't put a DHCP or PXE server, and I want to do a complete reinstall. So what I want to do is, from the currently-running system, to invoke an installation kernel and initrd in just the same way that GRUB would, giving it a boot command line that specifies a remote kickstart file, installation tree, and other required info. If not, are there any other ways to achieve what I've described? I would use cobbler and koan for this. Once you have a cobbler server setup for the kickstart (which is super easy to do), you can use koan with the --replace-self and -k options and do exactly what you want. Can this be done even if I can't put the cobbler server on the same network as the box I want to re-install? The information I found on cobbler suggested to me that it was a tying together of DHCP, PXE, kickstart and install tree. As I understand it, the DHCP and PXE/TFTP servers have to be local, and also I have to have the box able to perform a PXE boot. So if the box in question is remote and on a network that I don't control or have any other boxes on, I suspect cobbler and koan wouldn't work. I could well have misunderstood - I found very little detail about koan apart from the command line options. Hi, Yes, It must be the same network/vlan. -- Dominik Zyla pgpmQMYO7b7qH.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6 beta manuals online
On Wed, Apr 21, 2010 at 08:57:12AM -0400, Robert P. J. Day wrote: On Wed, 21 Apr 2010, Kwan Lowe wrote: On Wed, Apr 21, 2010 at 8:18 AM, Robert P. J. Day rpj...@crashcourse.ca wrote: still a few bugs in the system or something. from here: https://inquiries.redhat.com/go/redhat/rhel-6-beta if you choose to skip registration, you get: 550 Failed to change directory. or am i missing something? It's up there now... I haven't started a download but I can navigate the tree fine. yes, it's working now. Anyone knows which kernel version will RHEL-6 use? -- Dominik Zyla pgpuFziEvBrKA.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6 beta manuals online
On Thu, Apr 22, 2010 at 10:59:38PM +0100, Lucian wrote: 2010/4/22 Dominik Zyla gavro...@gavroche.pl: On Wed, Apr 21, 2010 at 08:57:12AM -0400, Robert P. J. Day wrote: On Wed, 21 Apr 2010, Kwan Lowe wrote: On Wed, Apr 21, 2010 at 8:18 AM, Robert P. J. Day rpj...@crashcourse.ca wrote: still a few bugs in the system or something. from here: https://inquiries.redhat.com/go/redhat/rhel-6-beta if you choose to skip registration, you get: 550 Failed to change directory. or am i missing something? It's up there now... I haven't started a download but I can navigate the tree fine. yes, it's working now. Anyone knows which kernel version will RHEL-6 use? -- Dominik Zyla ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos uname -a Linux localhost.localdomain 2.6.32-19.el6.x86_64 #1 SMP Tue Mar 9 17:48:46 EST 2010 x86_64 x86_64 x86_64 GNU/Linux I'd say 2.6.32 will stay unchanged until stable release. Nice, new stuff (but I think 2.6.18 is the most stable:). -- Dominik Zyla pgpem4YAZBYQE.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Fwd: Re: iptables]
On Fri, Apr 23, 2010 at 06:08:45PM -0400, Robert Spangler wrote: On Friday 23 April 2010 15:20, cahit Eyigünlü wrote: how or why i have redesigned it to this and it seems like worked : See big problems in your future. :INPUT ACCEPT [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] Anyone with a little bit of security awareness would never set the default policy to ACCEPT and the reason is below. You would think RH would know better. -A INPUT -j RH-Firewall-1-INPUT -A FORWARD -j RH-Firewall-1-INPUT -A RH-Firewall-1-INPUT -i lo -j ACCEPT -A RH-Firewall-1-INPUT -i eth0 -j ACCEPT With this rule above you just opened up you complete system to what ever it is connected to. That is why it is working. I am hoping this box doesn't have Internet access. -A RH-Firewall-1-INPUT -p icmp --icmp-type any -j ACCEPT -A RH-Firewall-1-INPUT -p 50 -j ACCEPT -A RH-Firewall-1-INPUT -p 51 -j ACCEPT -A RH-Firewall-1-INPUT -p udp --dport 5353 -d 224.0.0.251 -j ACCEPT -A RH-Firewall-1-INPUT -p udp -m udp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -p tcp -m tcp --dport 631 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 8443 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 25 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A RH-Firewall-1-INPUT -m state --state NEW -m tcp -p tcp --dport 21 -j ACCEPT /etc/sysconfig/iptables 40L, 1617C Even if you didn't have the line with '-i eth0 -j ACCEPT' you system was still open to everyone because at this point if none of the rules apply and the firewall falls back to the policy setting to decide what to do with a packet. Since all your policies are set to ACCEPT the packet is accepted and the hacker is in. For this reason one would think RH would do a little more and set the default policies to DROP. It is so easy to miss the reject or drop statements at the end and the policy would catch them for you. I know some will argue that RH did what they needed to do, but they could go that extra step don't you think. Absolutely agree with you. It would save us from threads like that because people would need to read about iptables and stop to ask silly questions. -- Dominik Zyla pgpzWRvOYHuPS.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vim and backup files
On Fri, Apr 30, 2010 at 02:34:11PM -0700, el...@spinics.net wrote: On Fri, 30 Apr 2010 14:22:13 -0700, Kwan Lowe kwan.l...@gmail.com wrote: Check filesystems for space? Temp dir? Maybe try cleaning out your .vimrc to see if some cruft in it? Also check /etc/vimrc for changes.. Maybe even re-install or check to see if the packages have been corrupted? Check inode availability as well. If you're out of inodes, you won't be able to create a file. You can also look at your `limit' output. Maybe one of those limits (most possible `filesize' or `descriptors') exceeded. -- Dominik Zyla pgp0L7s1Vqy1i.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] heartbeat package in extras trouble with 5.4
On Wed, May 05, 2010 at 07:59:16AM -0500, Baird, Josh wrote: SELINUX is disabled, and I have also tried reinstalling the heartbeat related packages. No luck so far. heartbeat[8818]: 2010/05/04_22:23:37 ERROR: Cannot shmget for process status: Invalid argument This seems to be the issue. Any other ideas? Try to strace heartbeat process and check errno from shmget() and compare it against shmget(2) `ERRORS' section. Maybe you need to set some sysctls. -- Dominik Zyla pgpFC2zqEzCh2.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Benchmark Disk IO
On Wed, May 05, 2010 at 05:17:53PM +0100, Matt Keating wrote: What is the best way to benchmark disk IO? I'm looking to move one of my servers, which is rather IO intense. But not without first benchmarking the current and new disk array, To make sure this isn't a full waste of time. Try to run the same IO operations as your production server is running. Bonnie++ could be good application for benchmarking. Also run some parallel rsync, rm, find, etc proccesses. It's good habbit to monitor machines with cacti or something like that. After benchmarks, you can compare cacti graphs. -- Dominik Zyla pgpuyN4xngrr5.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] setup firewall with 3 nic cards
On Sat, May 08, 2010 at 02:46:17PM -0400, Jerry Geis wrote: Thanks for the -t nat suggetion. How does someone debug iptables? Seems like the local eth0 is working , eth2 is working but connections on eth1 dont seem to go anywhere. How can I tell what is happening for eth1 and iptables? Use iproute2 with fwmark rules. Then mix it with iptables `-j MARK' or use `-j ROUTE' instead of fwmark and `-j MARK'. -- Dominik Zyla pgpbXEZCOGgM5.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] setup firewall with 3 nic cards
On Mon, May 10, 2010 at 06:10:02PM -0400, Jerry Geis wrote: I have a centos box with 3 nics. eth0 is internal, eth1 is T1 data and eth2 is cable data. Everything is working on eth2 cable. External NAT is working just fine for eth2. However external address 74.x.x.x on eth1 is not working. Below is my iptables information. I setup eth1 same as eth2 just a different IP address of course. What did I miss that eth1 and NAT is not working? Just looking for both public IP's incoming to NAT to the correct IP address. Only 1 is working at this time. Thanks, Jerry --- Chain INPUT (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- 0.0.0.0/00.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination RH-Firewall-1-INPUT all -- 0.0.0.0/00.0.0.0/0 Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- 0.0.0.0/00.0.0.0/0 ACCEPT all -- 0.0.0.0/00.0.0.0/0 ACCEPT all -- 0.0.0.0/00.0.0.0/0 ACCEPT icmp -- 0.0.0.0/00.0.0.0/0 icmp type 255 ACCEPT esp -- 0.0.0.0/00.0.0.0/0 ACCEPT ah -- 0.0.0.0/00.0.0.0/0 ACCEPT udp -- 0.0.0.0/0224.0.0.251 udp dpt:5353 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 udp dpt:631 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:631 ACCEPT all -- 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:25 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:80 REJECT all -- 0.0.0.0/00.0.0.0/0 reject-with icmp-host-prohibited Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- 0.0.0.0/024.123.23.170 tcp dpt:22 to:192.168.1.209:22 DNAT tcp -- 0.0.0.0/024.123.23.170 tcp dpt:25 to:192.168.1.209:25 DNAT tcp -- 0.0.0.0/024.123.23.170 tcp dpt:80 to:192.168.1.209:80 DNAT tcp -- 0.0.0.0/074.223.8.179tcp dpt:22 to:192.168.1.58:22 DNAT tcp -- 0.0.0.0/074.223.8.179tcp dpt:25 to:192.168.1.58:25 DNAT tcp -- 0.0.0.0/074.223.8.179tcp dpt:80 to:192.168.1.58:80 Chain POSTROUTING (policy ACCEPT) target prot opt source destination SNAT all -- 192.168.1.0/24 0.0.0.0/0 to:24.123.23.170 SNAT all -- 0.0.0.0/0192.168.1.209 to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.209 to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.209 to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.209 to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.209 to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.209 to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.58to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.58to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.58to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.58to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.58to:192.168.1.1 SNAT all -- 0.0.0.0/0192.168.1.58to:192.168.1.1 Chain OUTPUT (policy ACCEPT) target prot opt source destination Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 24.123.23.168 0.0.0.0 255.255.255.248 U 0 00 eth2 74.223.8.1760.0.0.0 255.255.255.240 U 0 00 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 00 eth2 0.0.0.0 24.123.23.169 0.0.0.0 UG0 00 eth2 You need to make source routing on 74.223.8.176 and eth1. Please, read this: http://linux-ip.net/html/adv-multi-internet.html -- Dominik Zyla pgpmI0vhmsXbo.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] setup firewall with 3 nic cards
On Tue, May 11, 2010 at 09:24:53AM -0400, Jerry Geis wrote: You need to make source routing on 74.223.8.176 and eth1. Please, read this: http://linux-ip.net/html/adv-multi-internet.html -- Dominik Zyla I read through the document. I dont see what I have done wrong still. Do my routing rules not look correct from my previous post? Sorry I am not catching on. Thanks for your assistance. Try to add iproute2 rules for eth1. You only paste iptables rules. -- Dominik Zyla pgpvArtoEbxYr.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Text file manipulation in CentOS?
On Tue, May 11, 2010 at 08:25:43AM +, sheraz...@yahoo.com wrote: To be more specific, I need to find how many distinct records are there in say column#1? awk '{print $1}' filename | sort -u | wc -l This will show how many unique entries are present in column one (use awk -F to change delimiter e.g awk -F : for : delimiter) How can I filter out the distinct records with number of occurances less than a pre-determined threshold? I don't quite understand this part. awk '{print $1}' filename | sort | uniq -c | sort -rn Will give you a number of occurrences (reverse numerically sorted) of uniq data from column one. Now I think you want to put that through a loop and only show those that are less than threshold? If I understand correctly, you can pipe your output to: `awk '{a=$1} {if (a 3) print a}''. `a' is awk variable. `$1' is first column of awk input so you probably need to change it. -- Dominik Zyla pgp8kTia5mitm.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ldconfig: /usr/lib64/libfreebl3.so is not a symbolic link
On Tue, May 11, 2010 at 07:22:05PM -0400, a arias wrote: I have been getting the following error when trying to run ldconfig: ldconfig: /usr/lib64/libfreebl3.so is not a symbolic link # ll /usr/lib64/libfreebl3.so -rwxr-xr-x 1 root root 312336 Mar 28 11:13 /usr/lib64/libfreebl3.so I've used yum whatprovides /usr/lib64/libfreeb13.so to determine that this file belongs to nss. I have tried to reinstall nss but that does not fix the problem. Any ideas? How can I fix this? Try to reinstall glibc. -- Dominik Zyla pgpHgs5t2nQnE.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ldconfig: /usr/lib64/libfreebl3.so is not a symbolic link
On Tue, May 11, 2010 at 07:50:05PM -0400, a arias wrote: That did not work. It fact, i got the following message during the yum reinstall process: /sbin/ldconfig: /usr/lib64/libfreebl3.so is not a symbolic link According to `yum deplist glibc-2.5-42.el5_4.3.x86_64' you may also try with reinstalling `libgcc' and `glibc-common'. -- Dominik Zyla pgp8Lhq5QAvMd.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Text file manipulation in CentOS?
On Wed, May 12, 2010 at 05:20:58AM +0100, hadi motamedi wrote: If I understand correctly, you can pipe your output to: `awk '{a=$1} {if (a 3) print a}''. `a' is awk variable. `$1' is first column of awk input so you probably need to change it. Thank you for your message . Yes , you are right . I really need to filter out that CallId with number of occurances say less than three. But your command is not getting through on my centos . Please correct me. So, read `man awk', `man sed' etc, as John R. Dennison wrote. Also perl would be excelent for this kind of stuff. -- Dominik Zyla pgpcybW6rhXhs.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Text file manipulation in CentOS?
On Thu, May 13, 2010 at 04:59:06AM +0100, hadi motamedi wrote: For mangling text??!! I think your example is way off topic for this Thank you for your reply. I thought to write C code to accomplish this but next I found very powerful centos tools for this application from the help of you Gentlemen. Those tools are not centos only. -- Dominik Zyla pgpyLamwneTsd.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] route question
On Fri, May 14, 2010 at 03:02:04PM -0400, Jerry Geis wrote: GATEWAY=74.223.8.177 on /etc/sysconfig/network file ? Actually I have that in the ifcfg-eth1 and ifcfg-eth2. And this is hte route I get. DEVICE=eth1 ONBOOT=YES BOOTPROTO=static IPADDR=74.223.8.179 NETMASK=255.255.255.240 GATEWAY=74.223.8.177 DEVICE=eth2 ONBOOT=Yes BOOTPROTO=static IPADDR=24.123.23.170 NETMASK=255.255.255.248 GATEWAY=24.123.23.169 route -n Kernel IP routing table Destination Gateway Genmask Flags Metric RefUse Iface 24.123.23.168 0.0.0.0 255.255.255.248 U 0 00 eth2 74.223.8.1760.0.0.0 255.255.255.240 U 0 00 eth1 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 eth0 169.254.0.0 0.0.0.0 255.255.0.0 U 0 00 eth2 0.0.0.0 24.123.23.169 0.0.0.0 UG0 00 eth2 I dont want 74.X traffic going out 24.X network. I want it going back out the 74.X network. How do I setup the ifcfg-eth files so the GW above will route back out the correct gw? It won't work. You can't have two default gateways. Init scripts first set your gateway via eth1, then parse ifcfg-eth2 (alphabetical) and overwrites previous settings. -- Dominik Zyla pgp7ZVJWzhHSn.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] help with sendmail closing relay
On Fri, Jun 04, 2010 at 03:37:59PM -0400, Jerry Geis wrote: I have removed everything in the access file - re-ran the abuse test site and it passed at this time with no relays. So Something in the access file was messing things up. Thanks for the suggestions. Why don't you use postfix or some other exim? -- Dominik Zyla pgpynyABDnId0.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] redundant ldap - client config
On Fri, Jun 04, 2010 at 10:22:51AM -0700, aurfal...@gmail.com wrote: Hi all, I have a few ldap servers slaved to a primary via syncrepl, all is well. I've set my clients to auth against a few and there /etc/ldap.conf looks like so; uri ldap://primary.domain.com ldap://secondary.domain.com However when either primary or slaves go down, while the clients can log in, access is very slow, ls of any dir is painful. The /var/log/messages shows several failed attempts to conect to the slaves ldap servers. Try to set haproxy locally and configure round-robin redirection for all your replicas. When one'll down, it would not redirect any trafic there. -- Dominik Zyla pgpUIuieTZHhk.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] GRUB, and how do I loathe thee
On Fri, Jun 04, 2010 at 02:10:31PM -0400, m.r...@5-cent.us wrote: I just adore the install. Esp. of GRUB. Does *anyone* who works on GRUB actually work in the real world, and not only on brand new machines? I just had happen at work what happened last fall on my home system: then, I had /dev/hda, and was trying a clean install on a new SATA drive; right now, I'm installing on a replacement disk on a server that has no CD/DVD drive from a USB key. My options: on my home system, it was MRR on /dev/hda (which was being replaced, and was to become my backup drive), and here, in the MBR of the USB key; in both cases, *only* in the first sector of a partition on the new drive. I am NEVER OFFERED THE OPTION of the MBR of the drive I'm installing to. *snarl* mark no grub, then linux rescue, then chcon, then grub install... I hope Try `grub-install --root-directory=/path/to/your/new/system /dev/hda' (if there is on hda). -- Dominik Zyla pgps6c8TqTkfA.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] GRUB, and how do I loathe thee
On Fri, Jun 04, 2010 at 04:41:13PM -0400, m.r...@5-cent.us wrote: On Fri, Jun 04, 2010 at 02:10:31PM -0400, m.r...@5-cent.us wrote: I just adore the install. Esp. of GRUB. snip Try `grub-install --root-directory=/path/to/your/new/system /dev/hda' (if there is on hda). Now, is that root directory /, or /boot? Root directory. -- Dominik Zyla pgpKaEseFTVkc.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] GRUB, and how do I loathe thee
On Fri, Jun 04, 2010 at 03:06:30PM -0700, Gary Greene wrote: On 6/4/10 2:59 PM, m.r...@5-cent.us m.r...@5-cent.us wrote: Thanks, all, and with the help of the other admin, the system is up. What I had to do was linux rescue, the chroot /mnt/sysimage, grub-install /dev/sda What I didn't get until later was it also needed /boot/grub/grub.conf, and then ln -s /boot/grub/grub.conf /boot/grub/menu.lst ln -s /boot/grub/grub.conf /etc/grub.conf and it now boots. As I said, *so* much easier than editing /etc/lilo.conf, and rerunning lilo mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Mark, you might dislike Grub, but overall, it's saved me a lot of grief since lilo cannot start a shell so the poor sod can coerce the system to start another kernel if needed. (Yes, this has happened more than on one occasion with many the distro for me when dealing with rolling my own kernel.) That and lilo is completely useless on newer hardware (EFI and GPT labels anyone?) since it only understands BIOS addresses, whereas GRUB2 understands both. As stated in an earlier email in this thread, this is mostly caused by Anaconda and some of the GUI tools doing the wrong thing, not GRUB. Lilo is good choice once you're running software raid. It can write MBR on all disks and kernel can boot only from one disk with no intervation. Grub's writing MBR only at the first disk. -- Dominik Zyla pgpYG4DItp3PM.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to specify the default route?
On Mon, Jun 21, 2010 at 07:57:13PM -0400, Rick Thomas wrote: I have a machine with two net interfaces. it seems to always pick the wrong one (eth1) as the default route. I can change it with route del default route add default eth0 after it's up (or in rc.local, of course), but I'd like to figure out what I need to do this the CentOS way (e.g. edit some configuration file? Run some config utility, what?) once and for all. Can somebody point me to the canonical documentation on the subject? I've searched /usr/share/doc and the man pages, but I can't find anything useful. Googling for default route centos gives some interesting stuff, but nothing definitive. route add default gw ${GATEWAYS_IP} -- Dominik Zyla pgpIXllHZ4OI0.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] question on modprobe.conf
On Tue, Jul 06, 2010 at 10:25:36PM +0300, cornel panceac wrote: Similar content is now broken up into separate .conf files in directory /etc/modprobe.d so that individual packages can now have sole ownership of a file rather than trying to pack all their parameters into a single, hard to maintain file. in what order are the files processed? -- Among the maxims on Lord Naoshige's wall, there was this one: Matters of great concern should be treated lightly. Master Ittei commented, Matters of small concern should be treated seriously. (Ghost Dog : The Way of The Samurai) In alphabetical order. -- Dominik Zyla pgplYrqtsgDlr.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNS or firewall problem
On Tue, Jul 06, 2010 at 09:19:41PM +0100, Timothy Murphy wrote: cliff here wrote: Well if you want the kernel to route IPV4 traffic, then yes it has to be 1 net.ipv4.conf.ip_forward = 0 ?? change to = 1 ?? yea that needs to be a 1 That cannot be mandatory, as I have a 0 there and do not have the OP's problem. You've changed the question. The OP did not say he wanted to route IPV4 traffic. He said he could not access his server from local machines. Are you saying you must have the setting you mention in /etc/sysctl.conf ? That cannot be true, as I can access my server and I don't have your entry. Check your iptables rules. Maybe there are no INPUT rules to access your gateway via internal nic. -- Dominik Zyla pgp6TVMSDzTp4.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] slow down dd - how?
On Thu, Jul 08, 2010 at 05:51:12PM +0200, Jozsi Avadkan wrote: Does ionice work properly? It works fine. -- Dominik Zyla pgpsTpENjp4im.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Xen cpu requirements
On Wed, Jul 14, 2010 at 12:32:12PM -0500, David Dyer-Bennet wrote: I'm installing Centos 5.5 on a new Dell R301 server. I wanted to run Xen and have the full virtualization possibilities (this is our development support server, so it runs a few real services and is available for playing with things; putting the playing with things functions into virtual servers would protect the few real services, and make it easier to clean up afterwards). I have enabled virtualization support in the BIOS. /proc/cpuinfo says I have model name : Intel(R) Xeon(R) CPU X3450 @ 2.67GHz and flags : fpu tsc msr pae cx8 apic mtrr cmov pat clflush acpi mmx fxsr sse sse2 ss ht syscall nx lm constant_tsc ida pni est ssse3 cx16 sse4_1 sse4_2 popcnt lahf_lm The vmx flag doesn't appear to be set. (I'm working from http://www.centos.org/docs/5/html/Virtualization-en-US/ch-op-sys-support.html, by the way; I note that document is from 2007 or maybe even 2006, so perhaps some things aren't fully up-to-date.) So, does that mean my Xeon-based server doesn't have hardware virtualization assistance? It loks like X3450 has no VMX instructions. -- Dominik Zyla pgpcB5DEFNjb9.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] install on raid1
On Fri, Jul 23, 2010 at 10:12:13AM +0200, Wessel | Postoffice wrote: Hi All, I'm currently trying to install centos 5.4 x86-64bit on a raid 1, so if one the 2 disks fails the server will still be available. i installed grub on /dev/sda using the advanced grub configuration option during the install. after the install is done i boot in linux rescue mode , chroot the filesystem and copy grub to both drives using: grubroot (hd0,0) grubsetup (hd0) grubroot (hd1,0 grubsetup (hd1) grubquit then reboot, but is still get the error : disk boot faillure, insert linux install disk. does anyone now what i'm doing wrong? here is a copy of my partition scheme. Disk /dev/sda: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 38 305203+ fd Linux raid autodetect /dev/sda2 39 675 5116702+ fd Linux raid autodetect /dev/sda3 676 30515 239689800 fd Linux raid autodetect Disk /dev/sdb: 251.0 GB, 251000193024 bytes 255 heads, 63 sectors/track, 30515 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sdb1 * 1 38 305203+ fd Linux raid autodetect /dev/sdb2 39 675 5116702+ fd Linux raid autodetect /dev/sdb3 676 30515 239689800 fd Linux raid autodetect Disk /dev/md1: 5239 MB, 5239406592 bytes 2 heads, 4 sectors/track, 1279152 cylinders Units = cylinders of 8 * 512 = 4096 bytes Disk /dev/md0: 312 MB, 312410112 bytes 2 heads, 4 sectors/track, 76272 cylinders Units = cylinders of 8 * 512 = 4096 bytes Disk /dev/md2: 245.4 GB, 245442281472 bytes 2 heads, 4 sectors/track, 59922432 cylinders Units = cylinders of 8 * 512 = 4096 bytes Try something like this: Grubdevice (hd0) /dev/sdb Grubroot (hd0,0) Grubsetup (hd0) -- Dominik Zyla pgp6NOJEO6jBD.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] too many open files
On Thu, Aug 19, 2010 at 02:08:44PM -0400, Jerry Geis wrote: The error was from my programs not anything core to centos. run ulimit -n $value befor start your programs. -- Dominik Zyla pgp4i9CgnCPi1.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LARTC and CentOS question
On Wed, Sep 08, 2010 at 11:26:21AM +0200, Coert Waagmeester wrote: Hello all, Got myself the Linux Advanced Routing Traffic control book http://lartc.org/howto/ All the commands in the guide do not survive reboots. Could someone point me in the right direction, where I can find CentOS/Redhat specific documentation on the whole /etc/sysconfig/network* setup? For static routes use /etc/sysconfig/network-scripts/route-ethN. The format is: for `ip r a 1.2.3.4 dev ethN.N' the route-ethN would be: `1.2.3.4 dev ethN.N'. For routing rules, use /etc/sysconfig/network-scripts/rule-ethN in simmilar way as above. -- Dominik Zyla pgpKRVvr5hebu.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] network interface up but no data
On Fri, Oct 22, 2010 at 10:58:34AM +1100, Nat N wrote: On Thu, Oct 21, 2010 at 9:52 PM, Nat N pheni...@gmail.com wrote: Hi List, I am running a x86_64 Centos server, after a reboot the network has decided to not work.. this particular machine has 8 eth ports eth0-7. eth0 and eth3 were bonded (mode 1 ) after reboot the bond did not work. It came up OK but no data was passing through it. all other interfaces on the machine were working. I decided to remove the bond, so after removing the bond i was left with eth0 using the same IP as the bond used. however it still does the same thing, it starts up with no errors but i cannot even ping the default gateway, tcpdump shows nothing on the interface. I have made sure of the following * no iptables installed * kernel modules for the NIC are loaded with no errors * the bond kernel module is not installed / all bond configs have been removed Below is some info on the interface, it should be noted that all others are OK the only 2 that were having the issue are eth0 and eth3 (the ex-bonded ones) server1:/etc/sysconfig/network-scripts# ip route | grep 172.18 172.18.16.0/24 dev eth0 proto kernel scope link src 172.18.16.1 default via 172.18.16.254 dev eth0 # ifconfig eth0 eth0 Link encap:Ethernet HWaddr 00:24:49:C8:66:98 inet addr:172.18.16.1 Bcast:172.18.16.255 Mask:255.255.255.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:7223 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 b) TX bytes:463918 (453.0 KiB) Interrupt:226 Memory:dc00-dc012800 If you look closely TX and RX are massively different, but I am not seeing anything on tcpdump even there is a large number of TX packets. Just some more information on this issue. I have tried different kernels and the same issue is still occurring. # ethtool eth0 Settings for eth0: Supported ports: [ TP ] Supported link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Supports auto-negotiation: Yes Advertised link modes: 10baseT/Half 10baseT/Full 100baseT/Half 100baseT/Full 1000baseT/Full Advertised auto-negotiation: Yes Speed: 1000Mb/s Duplex: Full Port: Twisted Pair PHYAD: 1 Transceiver: internal Auto-negotiation: on Supports Wake-on: g Wake-on: d Link detected: yes #mii-tool -v eth0 eth0: negotiated, link ok product info: vendor 00:08:18, model 54 rev 6 basic mode: autonegotiation enabled basic status: autonegotiation complete, link ok capabilities: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD advertising: 100baseTx-FD 100baseTx-HD 10baseT-FD 10baseT-HD flow-control I am still racking my brains on what is causing this Maybe you have problem with switch configuration instead of system one. -- Dominik Zyla pgpO0GfCOw1Sn.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos