Re: [CentOS] How insecure is NIS ? Possible alternatives ?

2018-03-28 Thread Keith Keller 
On 2018-03-26, Leon Fauster  wrote:
>
> Quite time ago we had a stripped setup here working only with Openldap and 
> PAM modules. LDAP with replication for redundancy, centralized communication 
> with local CA and over TLS. It worked very well. The successor of such setup 
> is SSSD for EL7 but the above should be still a feasible solution.

Likely an even longer time ago, I did an even more stripped down version
of this, where I just set up an OpenLDAP server, used their tools to
import from our existing NIS to it, and ran it unencrypted (all the
hosts were either on the same switch or over VPN so having no encryption
on the network channel was less of a concern).  It was fairly
straightforward, and I imagine that nowadays, setting up TLS for slapd
and clients is probably fairly straightforward too.

I wonder how much support there is for NIS any more in recent distros.
Is it possible CentOS 7 doesn't support NIS, or does but is buggy?

--keith

-- 
kkel...@wombat.san-francisco.ca.us


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] tftpd server S not responding

2018-03-28 Thread Asif Iqbal 
On Wed, Mar 28, 2018 at 9:15 PM, Asif Iqbal  wrote:

>
>
> On Wed, Mar 28, 2018 at 6:25 PM, Steven Tardy  wrote:
>
>> On Wed, Mar 28, 2018 at 3:16 PM Asif Iqbal  wrote:
>>
>> > It is not respoding to A server which is sending the tftp read request
>> RRQ.
>> >
>> > I do see the RRQ packets coming from A to S, but S never responds back
>> from
>> > a different port Y to A
>> >
>> > So this part is working fine
>> >
>> >
>> >
>> > https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol
>> #/media/File:Tftp-rrq.svg
>> >
>> > But I do not see any attempts to even send a data packet back in my
>> packet
>> > capture running on S
>>
>>
>> Are A and S on different IP subnets?
>>
>
> Yes
>
>
>> Does S have a second IP on the SAME subnet as A?
>>
>
> No
>
>
>> Any ASA or other firewalls between the two?
>>
>
>
> Firewall is set to any any between the two. Also internal firewall is down
> Firewall is not seeing any return pkts
>
>
>
>> If so this is expected behavior.
>>
>>
> I was hoping S will at least try to reply to the RRQ pkt with a DATA pkt
> I do not see S is even bothering to try.
>
> A(x)  RRQ ---> S(69)   and then I am expecting this S(y) --- DAT 1 -->
> A(x)
>


BTW, If I reverse the role and have S try to send a tftp read request, A
reply back right away
and I do the see the file.



>
> >
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> https://lists.centos.org/mailman/listinfo/centos
>>
>
>
>
> --
> Asif Iqbal
> PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
> A: Because it messes up the order in which people normally read text.
> Q: Why is top-posting such a bad thing?
>
>


-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] tftpd server S not responding

2018-03-28 Thread Asif Iqbal 
On Wed, Mar 28, 2018 at 6:25 PM, Steven Tardy  wrote:

> On Wed, Mar 28, 2018 at 3:16 PM Asif Iqbal  wrote:
>
> > It is not respoding to A server which is sending the tftp read request
> RRQ.
> >
> > I do see the RRQ packets coming from A to S, but S never responds back
> from
> > a different port Y to A
> >
> > So this part is working fine
> >
> >
> >
> > https://en.wikipedia.org/wiki/Trivial_File_Transfer_
> Protocol#/media/File:Tftp-rrq.svg
> >
> > But I do not see any attempts to even send a data packet back in my
> packet
> > capture running on S
>
>
> Are A and S on different IP subnets?
>

Yes


> Does S have a second IP on the SAME subnet as A?
>

No


> Any ASA or other firewalls between the two?
>


Firewall is set to any any between the two. Also internal firewall is down
Firewall is not seeing any return pkts



> If so this is expected behavior.
>
>
I was hoping S will at least try to reply to the RRQ pkt with a DATA pkt
I do not see S is even bothering to try.

A(x)  RRQ ---> S(69)   and then I am expecting this S(y) --- DAT 1 -->
A(x)


>
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>



-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] tftpd server S not responding

2018-03-28 Thread Steven Tardy 
On Wed, Mar 28, 2018 at 3:16 PM Asif Iqbal  wrote:

> It is not respoding to A server which is sending the tftp read request RRQ.
>
> I do see the RRQ packets coming from A to S, but S never responds back from
> a different port Y to A
>
> So this part is working fine
>
>
>
> https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol#/media/File:Tftp-rrq.svg
>
> But I do not see any attempts to even send a data packet back in my packet
> capture running on S


Are A and S on different IP subnets?
Does S have a second IP on the SAME subnet as A?
Any ASA or other firewalls between the two?
If so this is expected behavior.

>
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] tftpd server S not responding

2018-03-28 Thread Asif Iqbal 
I have a tftpd server S running on centos 7 and managed by systemd

It is not respoding to A server which is sending the tftp read request RRQ.

I do see the RRQ packets coming from A to S, but S never responds back from
a different port Y to A

So this part is working fine


https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol#/media/File:Tftp-rrq.svg

But I do not see any attempts to even send a data packet back in my packet
capture running on S

So this event is not occuring, as if my tftpd server is dead. I have the
firewalld turned off on S to eliminate
the possibility that firewalld blocking those packets from reeaching to
tftpd daemon. I also turned off selinux to eliminate
any permission issue.


https://en.wikipedia.org/wiki/Trivial_File_Transfer_Protocol#/media/File:Tftp-dat1-dwn.svg

I do have tftpd running and managed by systemd

$ systemctl status -l tftp
● tftp.service - Tftp Server
   Loaded: loaded (/etc/systemd/system/tftp.service; indirect; vendor
preset: disabled)
   Active: active (running) since Wed 2018-03-28 18:57:42 UTC; 1min 44s ago
 Docs: man:in.tftpd
 Main PID: 1685 (in.tftpd)
   Memory: 136.0K
   CGroup: /system.slice/tftp.service
   └─1685 /usr/sbin/in.tftpd --verbose --verbosity 10 --secure
/tftpboot --port-range 4069:4169

Mar 28 18:57:42 S.example.net systemd[1]: Started Tftp Server.
Mar 28 18:57:42 S.example.net systemd[1]: Starting Tftp Server...

Any help is appreciated!


-- 
Asif Iqbal
PGP Key: 0xE62693C5 KeyServer: pgp.mit.edu
A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Install CentOS 7 over serial port on router board ?

2018-03-28 Thread Nicolas Kovacs 
Le 23/03/2018 à 16:52, Kay Schenk a écrit :
> Great! Would love to hear more about your experience!

Here's the happy end in detail.

https://blog.microlinux.fr/centos-pc-engines/

Works like a charm.

Cheers,

Niki

-- 
Microlinux - Solutions informatiques durables
7, place de l'église - 30730 Montpezat
Site : https://www.microlinux.fr
Blog : https://blog.microlinux.fr
Mail : i...@microlinux.fr
Tél. : 04 66 63 10 32
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 157, Issue 7

2018-03-28 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
https://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CEBA-2018:0597  CentOS 6 tzdata BugFix Update (Johnny Hughes)
   2. CEEA-2018:0579 CentOS 7 kmod-redhat-i40e  Enhancement Update
  (Johnny Hughes)
   3. CESA-2018:0592 Important CentOS 7 slf4j Security  Update
  (Johnny Hughes)
   4. CEBA-2018:0597  CentOS 7 tzdata BugFix Update (Johnny Hughes)


--

Message: 1
Date: Tue, 27 Mar 2018 19:26:54 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEBA-2018:0597  CentOS 6 tzdata BugFix
Update
Message-ID: <20180327192654.ga25...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2018:0597 

Upstream details at : https://access.redhat.com/errata/RHBA-2018:0597

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
b07bee4e9445dc2e7f28d46222cf487164102f06256a6aefcd65d52c0f7896fc  
tzdata-2018d-1.el6.noarch.rpm
81c03c9e3f00b0806b40797a9aaf9c3a2b0d3b6f8acc2dae63b0c3eaf299dbcd  
tzdata-java-2018d-1.el6.noarch.rpm

x86_64:
b07bee4e9445dc2e7f28d46222cf487164102f06256a6aefcd65d52c0f7896fc  
tzdata-2018d-1.el6.noarch.rpm
81c03c9e3f00b0806b40797a9aaf9c3a2b0d3b6f8acc2dae63b0c3eaf299dbcd  
tzdata-java-2018d-1.el6.noarch.rpm

Source:
905226831ac71f99f6f75d3089d070aaa531628dc506eede51255003ba6ceedc  
tzdata-2018d-1.el6.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Message: 2
Date: Tue, 27 Mar 2018 20:20:42 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEEA-2018:0579 CentOS 7 kmod-redhat-i40e
Enhancement Update
Message-ID: <20180327202042.ga25...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Enhancement Advisory 2018:0579 

Upstream details at : https://access.redhat.com/errata/RHEA-2018:0579

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
973726f539d915e4d6667bcd4a551f08403e56307c00ed85032ac916e5414982  
kmod-redhat-i40e-2.1.14_k_dup7.4-2.1.el7_4.x86_64.rpm
c5deeb12aef29bff75a15fbf3af2d09acfd97841f64ef5a8596c4bbf09712052  
kmod-redhat-i40evf-3.0.1_k_dup7.4-2.1.el7_4.x86_64.rpm

Source:
ef9a7cd89dea97c47b17796bb25546cb9cbc5dd11a28e74b70af8b3ec5f81a9e  
kmod-redhat-i40e-2.1.14_k_dup7.4-2.1.el7_4.src.rpm
9f5eb3e913cba0b1883d154f4af9b7f12936377e0977f8295b97273fab22376f  
kmod-redhat-i40evf-3.0.1_k_dup7.4-2.1.el7_4.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Message: 3
Date: Tue, 27 Mar 2018 20:22:24 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2018:0592 Important CentOS 7 slf4j
SecurityUpdate
Message-ID: <20180327202224.ga26...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2018:0592 Important

Upstream details at : https://access.redhat.com/errata/RHSA-2018:0592

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
733630907981b82d45bd40cf4d3f113ff2193a4fdf1e293818669a707b739189  
slf4j-1.7.4-4.el7_4.noarch.rpm
d145b3bc3337e418173681eade8a1666ad7624271a6e0b10cb41a39010c0fdef  
slf4j-javadoc-1.7.4-4.el7_4.noarch.rpm
58f4c9dd119e297fd38fcc638d1dc1d359fa281fb425d14eaaa6ec79f548c33f  
slf4j-manual-1.7.4-4.el7_4.noarch.rpm




-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
Twitter: @JohnnyCentOS



--

Message: 4
Date: Tue, 27 Mar 2018 20:23:11 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEBA-2018:0597  CentOS 7 tzdata BugFix
Update
Message-ID: <20180327202311.ga26...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2018:0597 

Upstream details at : https://access.redhat.com/errata/RHBA-2018:0597

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

x86_64:
ff9063828a3427711ac3054a7c887c06d716eb69a6717669834a4fe59b9be74f

Re: [CentOS] OT: Problems with NextCloud 13.0.1 under Centos7

2018-03-28 Thread Götz Reinicke 
Hi,

> Am 28.03.2018 um 11:36 schrieb C. L. Martinez :
> 
> Hi all,
> 
> I have a strange problem with a clean NextCloud 13.0.1 install under
> CentOS 7 (fully patched): when I try to login with admin user immediately
> after setup, returns to login page without returning any error.
> 
> An no errors in nginx or php log files ...
> 
> I am using the following components:
> 
> rh-php71
> rh-mariadb102
> nginx 1.12
> 
> Any idea?
> 

Any hints in the nextcloud log?


/Götz
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] OT: Problems with NextCloud 13.0.1 under Centos7

2018-03-28 Thread C. L. Martinez 
Hi all,

 I have a strange problem with a clean NextCloud 13.0.1 install under
CentOS 7 (fully patched): when I try to login with admin user immediately
after setup, returns to login page without returning any error.

 An no errors in nginx or php log files ...

 I am using the following components:

 rh-php71
 rh-mariadb102
 nginx 1.12

 Any idea?

Many thanks.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-docs] [Gitblit] arrfab pushed 1 commits => websites/centos.org.git

2018-03-28 Thread Gitblit 
https://git.centos.org/summary/websites!centos.org.git

>---
 master branch updated (1 commits)
>---

 Fabian Arrotin 
 Wednesday, March 28, 2018 08:19 +

 Added NFV and ConfigManagement SIGs keys

 
https://git.centos.org/commit/websites!centos.org.git/484a7975fcd0ed9a2680832950c5efc6023ab9c5
___
CentOS-docs mailing list
CentOS-docs@centos.org
https://lists.centos.org/mailman/listinfo/centos-docs