Re: need modprobe.d syntax help

[Todd And Margo Chester]

On 07/15/2011 10:13 PM, Tom H wrote:

On Sat, Jul 16, 2011 at 12:05 AM, Todd And Margo Chester
  wrote:

On 07/15/2011 08:14 PM, Katherine Lim wrote:
On Sat, Jul 16, 2011 at 1:09 PM, Todd And Margo Chester
  wrote:

On 07/15/2011 07:31 PM, William Scott wrote:

On 16 July 2011 11:50, Todd And Margo Chester
  wrote:

Hi All,

Not having a good time researching this in Google, unless
I want to do it in Ubuntu.

I am trying to make the following command permanent:
   modprobe   ip_nat_ftp

Have a look in /etc/sysconfig/iptables-config


I should have said I am running SL6 x64.

It is there.  But, running /etc/rc.d/init.d/iptables throws an
error on ip_nat_ftp if I do not previously load ip_nat_ftp
with modprobe.

What I am after is to load ip_nat_ftp at boot time with
modprobe.d.

A tape and gum approach would be to load ip_nat_ftp
in /etc/rc.d/init.d/iptables before it did anything with
/etc/sysconfig/iptables-config, but I really would like
to learn the right way to do it in modprobe.d.

Hmm.  Maybe I am going at this wrong.  In Slack12, they
use a /etc/rc.d/rc.modules file and just put the module to
load into it.

> From a colleague working on our RHEL 6 deployment (similar to F14/F15):

root # vi /etc/sysconfig/modules/ip_nat_ftp.modules
#!/bin/sh
exec /sbin/modprobe ip_nat_ftp
root # chmod +x /etc/sysconfig/modules/ip_nat_ftp.modules

Perhaps you should also start using the new name, nf_nat_ftp (although
its alias, ip_nat_ftp, the previous name, still works).


Awsome.  Thank you!

I took a look over in my CentOS 5.6 server and found
/etc/sysconfig/modules/udev-stw.modules:

#!/bin/sh
MODULES="nvram floppy parport lp snd-powermac"
[ -f /etc/sysconfig/udev-stw ] && . /etc/sysconfig/udev-stw
for i in $MODULES ; do
modprobe $i >/dev/null 2>&1
done

Which confirms your recommendation.  I will use the new name
as you suggested.

I will be able to get at the SL6 machine on Tuesday.  I am
very confident your recommendation will work.

-T

Re: need modprobe.d syntax help

[Tom H]

On Sat, Jul 16, 2011 at 1:13 AM, Tom H  wrote:
> On Sat, Jul 16, 2011 at 12:05 AM, Todd And Margo Chester
>  wrote:
>> On 07/15/2011 08:14 PM, Katherine Lim wrote:
>> On Sat, Jul 16, 2011 at 1:09 PM, Todd And Margo Chester
>>  wrote:
>>>
>>> On 07/15/2011 07:31 PM, William Scott wrote:

 On 16 July 2011 11:50, Todd And Margo Chester
  wrote:
>
> Hi All,
>
> Not having a good time researching this in Google, unless
> I want to do it in Ubuntu.
>
> I am trying to make the following command permanent:
>       modprobe   ip_nat_ftp

 Have a look in /etc/sysconfig/iptables-config

>>> I should have said I am running SL6 x64.
>>>
>>> It is there.  But, running /etc/rc.d/init.d/iptables throws an
>>> error on ip_nat_ftp if I do not previously load ip_nat_ftp
>>> with modprobe.
>>>
>>> What I am after is to load ip_nat_ftp at boot time with
>>> modprobe.d.
>>>
>>> A tape and gum approach would be to load ip_nat_ftp
>>> in /etc/rc.d/init.d/iptables before it did anything with
>>> /etc/sysconfig/iptables-config, but I really would like
>>> to learn the right way to do it in modprobe.d.
>>
>> Hmm.  Maybe I am going at this wrong.  In Slack12, they
>> use a /etc/rc.d/rc.modules file and just put the module to
>> load into it.
>
> From a colleague working on our RHEL 6 deployment (similar to F14/F15):
>
> root # vi /etc/sysconfig/modules/ip_nat_ftp.modules
> #!/bin/sh
> exec /sbin/modprobe ip_nat_ftp
> root # chmod +x /etc/sysconfig/modules/ip_nat_ftp.modules
>
> Perhaps you should also start using the new name, nf_nat_ftp (although
> its alias, ip_nat_ftp, the previous name, still works).

Although iptables modules should be loaded, as others have been
pointing out, through "/etc/sysconfig/iptables-config".

Re: need modprobe.d syntax help

[Tom H]

On Sat, Jul 16, 2011 at 12:05 AM, Todd And Margo Chester
 wrote:
> On 07/15/2011 08:14 PM, Katherine Lim wrote:
> On Sat, Jul 16, 2011 at 1:09 PM, Todd And Margo Chester
>  wrote:
>>
>> On 07/15/2011 07:31 PM, William Scott wrote:
>>>
>>> On 16 July 2011 11:50, Todd And Margo Chester
>>>  wrote:

 Hi All,

 Not having a good time researching this in Google, unless
 I want to do it in Ubuntu.

 I am trying to make the following command permanent:
       modprobe   ip_nat_ftp
>>>
>>> Have a look in /etc/sysconfig/iptables-config
>>>
>> I should have said I am running SL6 x64.
>>
>> It is there.  But, running /etc/rc.d/init.d/iptables throws an
>> error on ip_nat_ftp if I do not previously load ip_nat_ftp
>> with modprobe.
>>
>> What I am after is to load ip_nat_ftp at boot time with
>> modprobe.d.
>>
>> A tape and gum approach would be to load ip_nat_ftp
>> in /etc/rc.d/init.d/iptables before it did anything with
>> /etc/sysconfig/iptables-config, but I really would like
>> to learn the right way to do it in modprobe.d.
>
> Hmm.  Maybe I am going at this wrong.  In Slack12, they
> use a /etc/rc.d/rc.modules file and just put the module to
> load into it.

>From a colleague working on our RHEL 6 deployment (similar to F14/F15):

root # vi /etc/sysconfig/modules/ip_nat_ftp.modules
#!/bin/sh
exec /sbin/modprobe ip_nat_ftp
root # chmod +x /etc/sysconfig/modules/ip_nat_ftp.modules

Perhaps you should also start using the new name, nf_nat_ftp (although
its alias, ip_nat_ftp, the previous name, still works).

Re: need modprobe.d syntax help

[William Scott]

On 16 July 2011 14:53, Todd And Margo Chester  wrote:

> Not finding a difference.  The only way I can get rid of the
> error is to do a "modprobe ip_nat_ftp".  I can not figure
> out how to do this a boot time.  :'(

Did you remove all your alterations prior to editing the
IPTABLES_MODULES line in /etc/sysconfig/iptables-config to:
IPTABLES_MODULES="ip_nat_ftp"?


>
> Thank you for the help,
> -T
>

Re: need modprobe.d syntax help

[Todd And Margo Chester]

On 07/15/2011 09:35 PM, William Scott wrote:

On 16 July 2011 13:46, Todd And Margo Chester  wrote:


Hi William,

   The only way what you are doing is working is 1) ip_nat_ftp is compiled
into your kernel or 2) it is somewhere in /etc/modprobe.d.  Unfortunately,
I have neither.


For comparison...

[root@server1 modprobe.d]# uname -r
2.6.32-71.el6.x86_64
[root@server1 modprobe.d]# pwd
/etc/modprobe.d
[root@server1 modprobe.d]# grep ip_nat_ftp *
[root@server1 modprobe.d]#


Not finding a difference.  The only way I can get rid of the
error is to do a "modprobe ip_nat_ftp".  I can not figure
out how to do this a boot time.  :'(

Thank you for the help,
-T

Re: need modprobe.d syntax help

[William Scott]

On 16 July 2011 13:46, Todd And Margo Chester  wrote:

> Hi William,
>
>   The only way what you are doing is working is 1) ip_nat_ftp is compiled
> into your kernel or 2) it is somewhere in /etc/modprobe.d.  Unfortunately,
> I have neither.
>

For comparison...

[root@server1 modprobe.d]# uname -r
2.6.32-71.el6.x86_64
[root@server1 modprobe.d]# pwd
/etc/modprobe.d
[root@server1 modprobe.d]# grep ip_nat_ftp *
[root@server1 modprobe.d]#


>
>  Thank you for the help,
> -T
>

Re: need modprobe.d syntax help

[Todd And Margo Chester]

  
  
On 07/15/2011 08:14 PM, Katherine Lim wrote:

  
  On Sat, Jul 16, 2011 at 1:09 PM, Todd And
Margo Chester 
wrote:

  On 07/15/2011 07:31 PM, William Scott wrote:
  
On 16 July 2011 11:50, Todd And Margo Chester
 wrote:

  Hi All,
  
  Not having a good time researching this in Google, unless
  I want to do it in Ubuntu.
  
  I am trying to make the following command permanent:
        modprobe   ip_nat_ftp


Have a look in /etc/sysconfig/iptables-config

  
  I should have said I am running SL6 x64.
  
  It is there.  But, running /etc/rc.d/init.d/iptables throws an
  error on ip_nat_ftp if I do not previously load ip_nat_ftp
  with modprobe.
  
  What I am after is to load ip_nat_ftp at boot time with
  modprobe.d.
  
  A tape and gum approach would be to load ip_nat_ftp
  in /etc/rc.d/init.d/iptables before it did anything with
  /etc/sysconfig/iptables-config, but I really would like
  to learn the right way to do it in modprobe.d.
  

-T
  
  
  


Hmm.  Maybe I am going at this wrong.  In Slack12, they
use a /etc/rc.d/rc.modules file and just put the module to 
load into it.

Reference:
http://www.linuxquestions.org/questions/slackware-14/using-modprobe-d-to-load-modules-at-startup-616612/
  

Re: need modprobe.d syntax help

[Todd And Margo Chester]

  
  
On 07/15/2011 08:14 PM, Katherine Lim wrote:

  
  On Sat, Jul 16, 2011 at 1:09 PM, Todd And
Margo Chester 
wrote:

  On 07/15/2011 07:31 PM, William Scott wrote:
  
On 16 July 2011 11:50, Todd And Margo Chester
 wrote:

  Hi All,
  
  Not having a good time researching this in Google, unless
  I want to do it in Ubuntu.
  
  I am trying to make the following command permanent:
        modprobe   ip_nat_ftp


Have a look in /etc/sysconfig/iptables-config

  
  I should have said I am running SL6 x64.
  
  It is there.  But, running /etc/rc.d/init.d/iptables throws an
  error on ip_nat_ftp if I do not previously load ip_nat_ftp
  with modprobe.
  
  What I am after is to load ip_nat_ftp at boot time with
  modprobe.d.
  
  A tape and gum approach would be to load ip_nat_ftp
  in /etc/rc.d/init.d/iptables before it did anything with
  /etc/sysconfig/iptables-config, but I really would like
  to learn the right way to do it in modprobe.d.
  

-T
  
  
  
  
  
  Did you get any errors after editing the IPTABLES_MODULES
line in /etc/sysconfig/iptables-config to:
  IPTABLES_MODULES="ip_nat_ftp"
  
  


Actually, I am having trouble communicating that the above line is 
what causes the error I am trying to fix.  Comment out the above
and /etc/rc.d/init.d/iptables is quiet.  Uncomment it and
..init.d/iptables
bitches about not being able to find ip_nat_ftp.  Run "modprobe
ip_nat_ftp" and ..init.d/iptables is quiet again.

What I need it the proper syntax for my
/etc/modprobe.d/customstuff.conf.
I am trying to clean up this error:

WARNING: /etc/modprobe.d/customstuff.conf line 1: ignoring bad line
starting with 'ip_nat_ftp'

I need the proper syntax to put ip_nat_ftp into my
/etc/modprobe.d/customstuff.conf.

Many thanks,
-T




  

Re: need modprobe.d syntax help

[William Scott]

> I should have said I am running SL6 x64.

So am I.

Quick paste of my console before and after changes.

[root@server1 modprobe.d]# lsmod | grep nf_
nf_conntrack_ipv4   9440  2
nf_defrag_ipv4  1449  1 nf_conntrack_ipv4
nf_conntrack   79643  2 nf_conntrack_ipv4,xt_state

[root@server1 modprobe.d]# vi /etc/sysconfig/iptables-config

[root@server1 modprobe.d]# service iptables restart
iptables: Flushing firewall rules: [  OK  ]
iptables: Setting chains to policy ACCEPT: filter  [  OK  ]
iptables: Unloading modules:   [  OK  ]
iptables: Applying firewall rules: [  OK  ]
iptables: Loading additional modules: ip_nat_ftp   [  OK  ]

[root@server1 modprobe.d]# lsmod | grep nf_
nf_nat_ftp  3473  0
nf_nat 22788  1 nf_nat_ftp
nf_conntrack_ftp   12911  1 nf_nat_ftp
nf_conntrack_ipv4   9440  4 nf_nat
nf_defrag_ipv4  1449  1 nf_conntrack_ipv4
nf_conntrack   79643  5
nf_nat_ftp,nf_nat,nf_conntrack_ftp,nf_conntrack_ipv4,xt_state



>
> It is there.  But, running /etc/rc.d/init.d/iptables throws an
> error on ip_nat_ftp if I do not previously load ip_nat_ftp
> with modprobe.
>
> What I am after is to load ip_nat_ftp at boot time with
> modprobe.d.
>
> A tape and gum approach would be to load ip_nat_ftp
> in /etc/rc.d/init.d/iptables before it did anything with
> /etc/sysconfig/iptables-config, but I really would like
> to learn the right way to do it in modprobe.d.
>
> -T
>

Re: need modprobe.d syntax help

[Katherine Lim]

On Sat, Jul 16, 2011 at 1:09 PM, Todd And Margo Chester <
toddandma...@gmail.com> wrote:

> On 07/15/2011 07:31 PM, William Scott wrote:
>
>> On 16 July 2011 11:50, Todd And Margo Chester
>>  wrote:
>>
>>> Hi All,
>>>
>>> Not having a good time researching this in Google, unless
>>> I want to do it in Ubuntu.
>>>
>>> I am trying to make the following command permanent:
>>>   modprobe   ip_nat_ftp
>>>
>>
>> Have a look in /etc/sysconfig/iptables-config
>>
>>  I should have said I am running SL6 x64.
>
> It is there.  But, running /etc/rc.d/init.d/iptables throws an
> error on ip_nat_ftp if I do not previously load ip_nat_ftp
> with modprobe.
>
> What I am after is to load ip_nat_ftp at boot time with
> modprobe.d.
>
> A tape and gum approach would be to load ip_nat_ftp
> in /etc/rc.d/init.d/iptables before it did anything with
> /etc/sysconfig/iptables-**config, but I really would like
> to learn the right way to do it in modprobe.d.
>
> -T
>


Did you get any errors after editing the IPTABLES_MODULES line in
/etc/sysconfig/iptables-config to:
IPTABLES_MODULES="ip_nat_ftp"

Re: need modprobe.d syntax help

[Todd And Margo Chester]

On 07/15/2011 07:31 PM, William Scott wrote:

On 16 July 2011 11:50, Todd And Margo Chester  wrote:

Hi All,

Not having a good time researching this in Google, unless
I want to do it in Ubuntu.

I am trying to make the following command permanent:
   modprobe   ip_nat_ftp


Have a look in /etc/sysconfig/iptables-config


I should have said I am running SL6 x64.

It is there.  But, running /etc/rc.d/init.d/iptables throws an
error on ip_nat_ftp if I do not previously load ip_nat_ftp
with modprobe.

What I am after is to load ip_nat_ftp at boot time with
modprobe.d.

A tape and gum approach would be to load ip_nat_ftp
in /etc/rc.d/init.d/iptables before it did anything with
/etc/sysconfig/iptables-config, but I really would like
to learn the right way to do it in modprobe.d.

-T

Re: question about ssh packages in SL5 Contrib

[Nico Kadel-Garcia]

On Fri, Jul 15, 2011 at 4:16 PM, Troy Dawson  wrote:
> On 07/15/2011 02:25 PM, Steve Gaarder wrote:
>>
>> I notice that there are alternative SSH packages in the contrib
>> repository for SL 5.  In what way do these differ from the standard
>> packages?
>>
>> thanks,
>>
>
> Those were contributed by Fermilab.
> The client is patched so that it does both gssapi and gssapi-with-mic ...
> and a couple other authentication methods as well that I can't remember.
>
> Troy

The missing GSSAPI in the old OpenSSH 4.x releases in RHEL 5 are an
ongoing security issue. The GSSAPI modules allow genuine
"single-sign-on" behavior with an appropriate Kerberos or upstream
Active Directory setup (which is partly based on Kerberos).

Coupled with the Putty 0.61 release that came out a few days ago, It
makes single sign on in mixed environments a lot safer and easier to
manage, and helps avoid the security problems of ill-managed SSH keys
and people's refusal to properly protect, or even password protect,
the private keys they wander around with.

It's well worth the effort to switch to such better manageable,
revokable, and updatable authentication.

Re: RPM: file versions

[Nico Kadel-Garcia]

On Fri, Jul 15, 2011 at 2:51 PM, Phil Perry  wrote:
> On 15/07/11 19:28, Andrew Z wrote:
>>
>> Hello,
>>  i just got curios (google is not helping me @ the moment)...
>> What is the right way to handle versions of the files during
>> installation and removal of the rpm?
>> Example:
>> ls -l ./
>> 
>>
>> rpm -uhv   lib_andrew-123.rpm:
>>  lib_andrew.so ->  lib_andrew.so.123
>>
>> rpm -uhv   lib_andrew-456.rpm:
>>   lib_andrew.so ->  lib_andrew.so.456
>>
>> ls -l ./
>>  lib_andrew.so ->  lib_andrew.so.456
>> lib_andrew.so.123
>>
>> now, what if i want to remove version 123 ???
>>
>> Andrew
>>
>
> You need to have your SPEC file create the symlinks in the buildroot so that
> they are a part of the package, i.e, the symlinks are owned by the rpm
> package. Then when you uninstall or update the package rpm will
> remove/update the symlinks for you rather than leave them dangling as per
> your example above.

This is normally handled by "autoconf" based installations installing
the software into the RPM build environments "buildroot", and RPM
collecting up a list of the files, based on the SPEC file settings.
RPM is also good about reporting discrepancies.

I've done amazing amounts of turning sloppy, hard coded build
structures into autoconf and RPM compatible structures.

> Take a look in any relevant package SPEC file from the distro for examples
> of how this should be handled.
>

Re: need modprobe.d syntax help

[William Scott]

On 16 July 2011 11:50, Todd And Margo Chester  wrote:
> Hi All,
>
> Not having a good time researching this in Google, unless
> I want to do it in Ubuntu.
>
> I am trying to make the following command permanent:
>       modprobe   ip_nat_ftp


Have a look in /etc/sysconfig/iptables-config

need modprobe.d syntax help

[Todd And Margo Chester]

Hi All,

Not having a good time researching this in Google, unless
I want to do it in Ubuntu.

I am trying to make the following command permanent:
   modprobe   ip_nat_ftp

So I have created:
  $ more /etc/modprobe.d/customstuff.conf
  ip_nat_ftp

Problem: in /var/log/boot.log, I get:

  Entering non-interactive startup
  Applying Intel CPU microcode update:
  WARNING: /etc/modprobe.d/customstuff.conf line 1:
  ignoring bad line starting with 'ip_nat_ftp'

Okay, I give up, what is the correct syntax?  I have run
the stinkin' "man modprobe.d" over and over with no joy.
Tried "install ip_nat_ftp" and boy did it bitch at that!

What am I doing wrong?

Many thanks,
-T

Re: virtual network

[Todd And Margo Chester]

On 07/13/2011 11:08 AM, Todd And Margo Chester wrote:

On 07/12/2011 06:36 PM, Yasha Karant wrote:

I attempted to add the virtual network interface you suggested with
simply the ifcfg-eth0.5 script you provided; however, the system would
not generate it. I then found a reference to a command vconfig that I
used (please see below) that did work and created a eth0.5 after ifup
using your script. However, this caused the machine not be visible on
the physical network -- netstat -r did not find default. I tried ping,
etc. A reboot with the ifcfg-eth0.5 script moved to my home directory
(so that it would not be used but not lost) resulted in a working
Internet connection, but no eth0.5 .

Any further suggestion?

Thanks,

Yasha Karant

[root@jb344 network-scripts]# vconfig add eth0 5
WARNING: Could not open /proc/net/vlan/config. Maybe you need to load
the 8021q module, or maybe you are not using PROCFS??
Added VLAN with VID == 5 to IF -:eth0:-
[root@jb344 network-scripts]# ./ifup eth0.5
[root@jb344 network-scripts]# ifconfig -a
eth0 Link encap:Ethernet HWaddr 6C:62:6D:B3:EB:04
inet addr:139.182.151.44 Bcast:139.182.255.255 Mask:255.255.255.0
inet6 addr: fe80::6e62:6dff:feb3:eb04/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7740 errors:0 dropped:15 overruns:0 frame:0
TX packets:7745 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:5712610 (5.4 MiB) TX bytes:1292931 (1.2 MiB)
Interrupt:50 Base address:0x6000

eth0.5 Link encap:Ethernet HWaddr 6C:62:6D:B3:EB:04
inet addr:192.168.254.10 Bcast:192.168.254.255 Mask:255.255.255.0
inet6 addr: fe80::6e62:6dff:feb3:eb04/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:79 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)


ifcfg-eth0.5

DEVICE=eth0.5
BOOTPROTO=none
BROADCAST=192.168.254.255
IPADDR=192.168.254.10
NETMASK=255.255.255.0
NETWORK=192.168.254.0
GATEWAY=192.168.254.10
ONBOOT=yes
USERCTL=yes
IPV6INIT=no
PEERDNS=no
PROMISC=yes
# TYPE=Ethernet
VLAN=YES
NAME=vbox-bridged







Yasha,

This is the article I originally used to create my VLANs:
http://www.cyberciti.biz/tips/howto-configure-linux-virtual-local-area-network-vlan.html 




I am not find anything I missed. But, it is much better written
than my stuff, so it should be worth reviewing. If you find something
I missed, please let me know.

-T




On 07/12/2011 06:36 PM, Yasha Karant wrote:
I attempted to add the virtual network interface you suggested with 
simply the ifcfg-eth0.5 script you provided; however, the system would 
not generate it.  I then found a reference to a command vconfig that I 
used (please see below) that did work and created a eth0.5 after ifup 
using your script.  However, this caused the machine not be visible on 
the physical network -- netstat -r did not find default.  I tried 
ping, etc.  A reboot with the ifcfg-eth0.5 script moved to my home 
directory (so that it would not be used but not lost) resulted in a 
working Internet connection, but no eth0.5 .


Any further suggestion?

Thanks,

Yasha Karant



On 07/13/2011 11:56 AM, Yasha Karant wrote:
I need to do some further digging -- the problem may be with the LAN 
at my university.


I used the same article as a reference.

At my university, although we have a Class B IPv4 address space, we 
internally use CIDR and all IEEE 802.3 connections (nominally 100 
BaseT and gigabit) require hard IPv4 addresses (eventually, there will 
be internal IPv6 support).  The university also supports 802.11 with 
DHCP.  Moreover, there is 802.3 MAC layer address monitoring; if a 
802.3 connection is authorized for only one MAC layer addresses and 
more than one appears, the 802.3 connection is disabled.  Thus, we 
cannot use simple 802.3 repeaters or even switches to increase the 
number of 802.3 NICs connected.   The only exception is in our 
research laboratories over which we have control of the MAC address 
space as well as our own DNS (in /24 size blocks) and can (and do) run 
our own MAC and IP layer switches and routers. But our Faculty and 
administrative offices (such as the office with my faculty 
workstation) and our instructional laboratories have the restrictions 
I mentioned above.The only workaround that we have found, as used 
by one of my colleagues, is to install two NICs (in his case 802.3) in 
one machine -- one NIC is visible to the campus LAN, and the other 
provides via a relay hidden from the campus LAN (software on the dual 
NIC workstation) a connection for all other wired LAN units that he 
uses.  I suspect that somehow the virtual NIC that was created by the 
process listed below became "visible" to the campus LAN resulting in 
loss of the default route gateway, although the 802.3 MAC layer was 
still operational.


Yasha Karant


Hi Yasha,

I am confused as to what is going on.  Here is my exact configuration.
Maybe you will

Re: RPM: file versions

[Phil Perry]

On 15/07/11 21:59, Mark Stodola wrote:

If I'm not mistaken, you should not need to manually link libraries.
ldconfig should be taking care of this for you, so all you would need is
the %post entry to run ldconfig with the proper flags after
install/upgrade/removal. Assuming it ends up in a standard path,
otherwise the ld.so.conf entries are needed as well.

-Mark



Correct. Running ldconfig in %post will create the symlinks from the 
SONAME, assuming they are present in the lib. But you must still ensure 
the symlinks are owned by the package otherwise they get left behind 
when the package is removed. A wildcard entry in %files might be all 
that's needed (e.g, %{_libdir}/lib_andrew.so*)


You can query the SONAME with objdump:

objdump -p /usr/lib/lib_andrew.so.1.2.3 | grep SONAME

Re: TESTING - sl-indexhtml update for SL6.1

[Akemi Yagi]

On Fri, Jul 15, 2011 at 2:16 PM, Troy Dawson  wrote:
> Hello,
> With SL 6.1 we now have some text in our default browser startup page.
> We had some problems with the index page not correctly going to the correct
> language.
> We believe we have this figured out, but I'd feel much better if we tried it
> out on a few more languages.  Could people try out the new sl-indexhtml and
> let me know if it works for their language.
> We currently have translated de-DE, en-US, fr-FR, ja-JP and sv-SE.
> Those not translated will see either the SL logo instead of text, or the
> english version.
>
> To test or update
>
> SL6
> ---
>
>   yum --enablerepo=sl-testing update sl-indexhtml
>
> or you can download rpm's by hand at
>
> http://ftp.scientificlinux.org/linux/scientific/6rolling/testing/i386/indexhtml/
> http://ftp.scientificlinux.org/linux/scientific/6rolling/testing/x86_64/indexhtml/
>
> sl-indexhtml-6-2.sl6.4
>
> Thanks
> Troy Dawson

I can confirm the updated version fixes the issue (tried with the .ja version).

Akemi

TESTING - sl-indexhtml update for SL6.1

[Troy Dawson]

Hello,
With SL 6.1 we now have some text in our default browser startup page.
We had some problems with the index page not correctly going to the 
correct language.
We believe we have this figured out, but I'd feel much better if we 
tried it out on a few more languages.  Could people try out the new 
sl-indexhtml and let me know if it works for their language.

We currently have translated de-DE, en-US, fr-FR, ja-JP and sv-SE.
Those not translated will see either the SL logo instead of text, or the 
english version.


To test or update

SL6
---

   yum --enablerepo=sl-testing update sl-indexhtml

or you can download rpm's by hand at

http://ftp.scientificlinux.org/linux/scientific/6rolling/testing/i386/indexhtml/
http://ftp.scientificlinux.org/linux/scientific/6rolling/testing/x86_64/indexhtml/

sl-indexhtml-6-2.sl6.4

Thanks
Troy Dawson
--
__
Troy Dawson  daw...@fnal.gov  (630)840-6468
Fermilab  ComputingDivision/LCSI/CSI DSS Group
__

Re: RPM: file versions

[Mark Stodola]

Andrew Z wrote:
On Fri, Jul 15, 2011 at 3:41 PM, Phil Perry > wrote:


On 15/07/11 19:54, Andrew Z wrote:

On Fri, Jul 15, 2011 at 2:42 PM, Phil Perrymailto:p...@pendre.co.uk>>  wrote:

On 15/07/11 19:28, Andrew Z wrote:




You need to have your SPEC file create the symlinks in the
buildroot so that
they are a part of the package, i.e, the symlinks are
owned by the rpm
package. Then when you uninstall or update the package rpm
will
remove/update the symlinks for you rather than leave them
dangling as per
your example above.

Take a look in any relevant package SPEC file from the
distro for examples
of how this should be handled.


Phil,
 thank you. That's what i thought and i took a look @
glibc-2.3.4-2.54.src.rpm. I didn't notice any of the
functionality you
mentioned, which prompted me to write the email.

another question is :
 do i explicitly add the file.version to the %files section
 or just
mention the link ?

Thank you
Andrew


To summarize,  lib_andrew-123.rpm installs the file
lib_andrew.so.123 and creates a symlink to it called lib_andrew.so

Here is how I would handle it:

# make the libdir directory in the buildroot
%{__mkdir_p} %{buildroot}/path/to/libdir/

# then install the lib
%{__install} -p -m 0755 lib_andrew.so.123 %{buildroot}/path/to/libdir/

# then create the symlink(s) as necessary
%{__ln_s} lib_andrew.so.123 %{buildroot}/path/to/libdir/lib_andrew.so


You must also make sure /path/to/libdir is on the ldconfig path if
you have installed to a non-standard path - if not, add it like so:

%{__mkdir_p} %{buildroot}%{_sysconfdir}/ld.so.conf.d/
echo /path/to/libdir >
%{buildroot}%{_sysconfdir}/ld.so.conf.d/lib_andrew.conf

but if you can, it's far easier to just install to /usr/lib(64)

Finally, in %post run /sbin/ldconfig

Your %files section then needs to include all of the above.

Hope that helps


Phil this is very helpful indeed. But the links are created by "make" 
not by mr (rpm).  So how should we go around this?
 
Andrew


If I'm not mistaken, you should not need to manually link libraries.  
ldconfig should be taking care of this for you, so all you would need is 
the %post entry to run ldconfig with the proper flags after 
install/upgrade/removal.  Assuming it ends up in a standard path, 
otherwise the ld.so.conf entries are needed as well.


-Mark

--
Mr. Mark V. Stodola
Digital Systems Engineer

National Electrostatics Corp.
P.O. Box 620310
Middleton, WI 53562-0310 USA
Phone: (608) 831-7600
Fax: (608) 831-9591

Re: question about ssh packages in SL5 Contrib

[Troy Dawson]

On 07/15/2011 02:25 PM, Steve Gaarder wrote:

I notice that there are alternative SSH packages in the contrib
repository for SL 5.  In what way do these differ from the standard
packages?

thanks,



Those were contributed by Fermilab.
The client is patched so that it does both gssapi and gssapi-with-mic 
... and a couple other authentication methods as well that I can't remember.


Troy
--
__
Troy Dawson  daw...@fnal.gov  (630)840-6468
Fermilab  ComputingDivision/SCF/FEF/SLSMS Group
__

Re: RPM: file versions

[Andrew Z]

On Fri, Jul 15, 2011 at 3:41 PM, Phil Perry  wrote:

> On 15/07/11 19:54, Andrew Z wrote:
>
>> On Fri, Jul 15, 2011 at 2:42 PM, Phil Perry  wrote:
>>
>>> On 15/07/11 19:28, Andrew Z wrote:
>>>
>>
>> 
>>
>>> You need to have your SPEC file create the symlinks in the buildroot so
>>> that
>>> they are a part of the package, i.e, the symlinks are owned by the rpm
>>> package. Then when you uninstall or update the package rpm will
>>> remove/update the symlinks for you rather than leave them dangling as per
>>> your example above.
>>>
>>> Take a look in any relevant package SPEC file from the distro for
>>> examples
>>> of how this should be handled.
>>>
>>
>> Phil,
>>  thank you. That's what i thought and i took a look @
>> glibc-2.3.4-2.54.src.rpm. I didn't notice any of the functionality you
>> mentioned, which prompted me to write the email.
>>
>> another question is :
>>  do i explicitly add the file.version to the %files section  or just
>> mention the link ?
>>
>> Thank you
>> Andrew
>>
>>
> To summarize,  lib_andrew-123.rpm installs the file lib_andrew.so.123 and
> creates a symlink to it called lib_andrew.so
>
> Here is how I would handle it:
>
> # make the libdir directory in the buildroot
> %{__mkdir_p} %{buildroot}/path/to/libdir/
>
> # then install the lib
> %{__install} -p -m 0755 lib_andrew.so.123 %{buildroot}/path/to/libdir/
>
> # then create the symlink(s) as necessary
> %{__ln_s} lib_andrew.so.123 %{buildroot}/path/to/libdir/**lib_andrew.so
>
>
> You must also make sure /path/to/libdir is on the ldconfig path if you have
> installed to a non-standard path - if not, add it like so:
>
> %{__mkdir_p} %{buildroot}%{_sysconfdir}/ld.**so.conf.d/
> echo /path/to/libdir > %{buildroot}%{_sysconfdir}/ld.**
> so.conf.d/lib_andrew.conf
>
> but if you can, it's far easier to just install to /usr/lib(64)
>
> Finally, in %post run /sbin/ldconfig
>
> Your %files section then needs to include all of the above.
>
> Hope that helps
>

Phil this is very helpful indeed. But the links are created by "make" not by
mr (rpm).  So how should we go around this?

Andrew

Re: RPM: file versions

[Phil Perry]

On 15/07/11 19:54, Andrew Z wrote:

On Fri, Jul 15, 2011 at 2:42 PM, Phil Perry  wrote:

On 15/07/11 19:28, Andrew Z wrote:




You need to have your SPEC file create the symlinks in the buildroot so that
they are a part of the package, i.e, the symlinks are owned by the rpm
package. Then when you uninstall or update the package rpm will
remove/update the symlinks for you rather than leave them dangling as per
your example above.

Take a look in any relevant package SPEC file from the distro for examples
of how this should be handled.


Phil,
  thank you. That's what i thought and i took a look @
glibc-2.3.4-2.54.src.rpm. I didn't notice any of the functionality you
mentioned, which prompted me to write the email.

another question is :
  do i explicitly add the file.version to the %files section  or just
mention the link ?

Thank you
Andrew



To summarize,  lib_andrew-123.rpm installs the file lib_andrew.so.123 
and creates a symlink to it called lib_andrew.so


Here is how I would handle it:

# make the libdir directory in the buildroot
%{__mkdir_p} %{buildroot}/path/to/libdir/

# then install the lib
%{__install} -p -m 0755 lib_andrew.so.123 %{buildroot}/path/to/libdir/

# then create the symlink(s) as necessary
%{__ln_s} lib_andrew.so.123 %{buildroot}/path/to/libdir/lib_andrew.so


You must also make sure /path/to/libdir is on the ldconfig path if you 
have installed to a non-standard path - if not, add it like so:


%{__mkdir_p} %{buildroot}%{_sysconfdir}/ld.so.conf.d/
echo /path/to/libdir > 
%{buildroot}%{_sysconfdir}/ld.so.conf.d/lib_andrew.conf


but if you can, it's far easier to just install to /usr/lib(64)

Finally, in %post run /sbin/ldconfig

Your %files section then needs to include all of the above.

Hope that helps

question about ssh packages in SL5 Contrib

[Steve Gaarder]

I notice that there are alternative SSH packages in the contrib 
repository for SL 5.  In what way do these differ from the standard 
packages?


thanks,

--
Steve Gaarder
System Administrator, Dept of Mathematics
Cornell University, Ithaca, NY, USA
gaar...@math.cornell.edu

Re: RPM: file versions

[Andrew Z]

On Fri, Jul 15, 2011 at 2:54 PM, Andrew Z  wrote:
> On Fri, Jul 15, 2011 at 2:42 PM, Phil Perry  wrote:
>> On 15/07/11 19:28, Andrew Z wrote:
>
> 
>> You need to have your SPEC file create the symlinks in the buildroot so
that
>> they are a part of the package, i.e, the symlinks are owned by the rpm
>> package. Then when you uninstall or update the package rpm will
>> remove/update the symlinks for you rather than leave them dangling as per
>> your example above.
>>
>> Take a look in any relevant package SPEC file from the distro for
examples
>> of how this should be handled.
>
> Phil,
>  thank you. That's what i thought and i took a look @
> glibc-2.3.4-2.54.src.rpm. I didn't notice any of the functionality you
> mentioned, which prompted me to write the email.
>
> another question is :
>  do i explicitly add the file.version to the %files section  or just
> mention the link ?
>
> Thank you
> Andrew
>

according to this
document
it seemed that _all_ files should be included

Re: RPM: file versions

[Andrew Z]

On Fri, Jul 15, 2011 at 2:42 PM, Phil Perry  wrote:
> On 15/07/11 19:28, Andrew Z wrote:


> You need to have your SPEC file create the symlinks in the buildroot so that
> they are a part of the package, i.e, the symlinks are owned by the rpm
> package. Then when you uninstall or update the package rpm will
> remove/update the symlinks for you rather than leave them dangling as per
> your example above.
>
> Take a look in any relevant package SPEC file from the distro for examples
> of how this should be handled.

Phil,
 thank you. That's what i thought and i took a look @
glibc-2.3.4-2.54.src.rpm. I didn't notice any of the functionality you
mentioned, which prompted me to write the email.

another question is :
 do i explicitly add the file.version to the %files section  or just
mention the link ?

Thank you
Andrew

Re: RPM: file versions

[Phil Perry]

On 15/07/11 19:28, Andrew Z wrote:

Hello,
  i just got curios (google is not helping me @ the moment)...
What is the right way to handle versions of the files during
installation and removal of the rpm?
Example:
ls -l ./


rpm -uhv   lib_andrew-123.rpm:
  lib_andrew.so ->  lib_andrew.so.123

rpm -uhv   lib_andrew-456.rpm:
   lib_andrew.so ->  lib_andrew.so.456

ls -l ./
  lib_andrew.so ->  lib_andrew.so.456
lib_andrew.so.123

now, what if i want to remove version 123 ???

Andrew



You need to have your SPEC file create the symlinks in the buildroot so 
that they are a part of the package, i.e, the symlinks are owned by the 
rpm package. Then when you uninstall or update the package rpm will 
remove/update the symlinks for you rather than leave them dangling as 
per your example above.


Take a look in any relevant package SPEC file from the distro for 
examples of how this should be handled.

RPM: file versions

[Andrew Z]

Hello,
 i just got curios (google is not helping me @ the moment)...
What is the right way to handle versions of the files during
installation and removal of the rpm?
Example:
ls -l ./


rpm -uhv   lib_andrew-123.rpm:
 lib_andrew.so -> lib_andrew.so.123

rpm -uhv   lib_andrew-456.rpm:
  lib_andrew.so -> lib_andrew.so.456

ls -l ./
 lib_andrew.so -> lib_andrew.so.456
lib_andrew.so.123

now, what if i want to remove version 123 ???

Andrew

Re: How to turn off screen saver and DPMS

[Mark Stodola]

Michael Jones wrote:

On 07/14/2011 01:41 PM, Dag Wieers wrote:

On Thu, 14 Jul 2011, Michael Jones wrote:

   Despite this radically overkill approach, the screen still turns 
off after around half an hour. I suspect that the reason is the 
monitors built in power saving features, which I believe should be 
prevented by the "xset -dpms" command, but doesn't appear to be.


   Does anyone have any ideas? Is there something that can be added 
to the xorg configuration to prevent the screen from turning off, 
perhaps?


We have been investigating this somewhere in 2008 for a conference 
(FrOSCon) with the aim of providing 2 large conference screens 
directing people to various talks at the entrance (a bit like as you 
can see at airports), but also for the various presentation computers 
in the various rooms.


Obviously, the first year having to provide input every hour to make 
sure they didn't blank was not very much appeciated. (But hey, 
CentOS+ELRepo actually worked on the hardware, in contract to latest 
Fedora and Ubuntu) So our LiveUSB solution that was not designed for 
it, was not tested for this kind of use.


The next year I came up with the following configuration (tested on 
CentOS 5), which worked:


 ### Disable screensaver start
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
bool  /apps/gnome_settings_daemon/screensaver/start_screensaver false

 ### Disable screensaver locking
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
bool /apps/gnome-screensaver/lock_enabled false

 ### Disable screensaver altogether
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
bool /apps/gnome-screensaver/idle_activation_enabled false

 ### Increase screensaver idle time (max 2h, we set to 10h)
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
bool /apps/gnome-screensaver/idle_delay 600

 ### Disable DPMS screen blank on AC and battery
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
string /apps/gnome-power-manager/ac_dpms_sleep_method off
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
string /apps/gnome-power-manager/battery_dpms_sleep_method off

 ### Disable Computer sleep when on AC and battery
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/ac_sleep_computer 0
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/battery_sleep_computer 0

 ### Disable Display sleep when on AC and battery
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/ac_sleep_display 0
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/battery_sleep_display 0

 ### Disable Dim-on-Idle
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
bool /apps/gnome-power-manager/dim_on_idle false


 ### Other noblank features
 cat 

Re: How to turn off screen saver and DPMS

[Michael Jones]

On 07/14/2011 01:41 PM, Dag Wieers wrote:

On Thu, 14 Jul 2011, Michael Jones wrote:

   Despite this radically overkill approach, the screen still turns 
off after around half an hour. I suspect that the reason is the 
monitors built in power saving features, which I believe should be 
prevented by the "xset -dpms" command, but doesn't appear to be.


   Does anyone have any ideas? Is there something that can be added 
to the xorg configuration to prevent the screen from turning off, 
perhaps?


We have been investigating this somewhere in 2008 for a conference 
(FrOSCon) with the aim of providing 2 large conference screens 
directing people to various talks at the entrance (a bit like as you 
can see at airports), but also for the various presentation computers 
in the various rooms.


Obviously, the first year having to provide input every hour to make 
sure they didn't blank was not very much appeciated. (But hey, 
CentOS+ELRepo actually worked on the hardware, in contract to latest 
Fedora and Ubuntu) So our LiveUSB solution that was not designed for 
it, was not tested for this kind of use.


The next year I came up with the following configuration (tested on 
CentOS 5), which worked:


 ### Disable screensaver start
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
bool  /apps/gnome_settings_daemon/screensaver/start_screensaver false

 ### Disable screensaver locking
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool 
/apps/gnome-screensaver/lock_enabled false

 ### Disable screensaver altogether
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool 
/apps/gnome-screensaver/idle_activation_enabled false

 ### Increase screensaver idle time (max 2h, we set to 10h)
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool 
/apps/gnome-screensaver/idle_delay 600

 ### Disable DPMS screen blank on AC and battery
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
string /apps/gnome-power-manager/ac_dpms_sleep_method off
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
string /apps/gnome-power-manager/battery_dpms_sleep_method off

 ### Disable Computer sleep when on AC and battery
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/ac_sleep_computer 0
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/battery_sleep_computer 0

 ### Disable Display sleep when on AC and battery
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/ac_sleep_display 0
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t 
integer /apps/gnome-power-manager/battery_sleep_display 0

 ### Disable Dim-on-Idle
 gconftool-2 --direct 
--config-source=xml:readwrite:/etc/gconf/gconf.xml.defaults -s -t bool 
/apps/gnome-power-manager/dim_on_idle false


 ### Other noblank features
 cat 

Re: error: package guile not signed

[Troy Dawson]

On 07/14/2011 11:37 PM, Alexander Hunt wrote:

Hi Troy and Connie,
I was just updating from the sl-fastbugs repo and got this message about
guile:

Error in yum Transaction : Package guile-1.8.7-5.el6.x86_64.rpm is not
signed

I wasn't able to check if guile-devel is signed because of the dep on
guile, of course.
Could one of you check into this please?
Thank you both very much, and Best regards,
Alex


Hi Alex,
The whole guile suite in fastbugs was missing the signature.  I 
apologize for that.  I just fixed it.


You will probrubly have to do a
  yum clean all
or
  yum --enablerepo=sl-fastbugs clean all
before you see the change.

The fastbugs for SL6.1 are taking a different workflow path than on 
previous SL dot releases (such as SL 5.5 and SL 4.8), and it looks like 
we are missing the signature check in the workflow.  We will get that fixed.


Troy
--
__
Troy Dawson  daw...@fnal.gov  (630)840-6468
Fermilab  ComputingDivision/SCF/FEF/SLSMS Group
__