Re: [CentOS] CentOS 6.3 packages updates options without upgrading.

[cpolish]

On 2016-11-08 08:27, Dipal Bhatt wrote:
> Thanks really Leon very much w/ a very resourceful info. esp release notes
> helps across minor versions.  So, this is for a friend of mine, and I have
> been told that they will not currently consider updating their userland
> from 6.3 to 6.8 but only selected few packages.  The picture seems to be
> that their company runs a lot of apps on 6.3 userland and might have some
> specific dependencies, etc., but more importantly, this environment has
> been running in customers' environment for quite some time esp 1000s of
> customers, so updating system properly is not easily feasible for this
> scenario.  However, they can hand pick packages seem fit for update that
> can be pushed out using their internal code fixes and updates for end
> users. SO, this seems to be the problem of trying to hand pick certain
> packages to be updated, if feasible w/o much adverse effects.

Hi Dipal,

I compliment you on your unflagging politeness in the
continual attempt to steer you to another, safer course.

I've been faced with a similar situation, a vendor (Sungard)
who would only qualify Red Hat 4 and Sun Server 6, and wouldn't
budge. The setting was a US$100 million annual budget enterprise
with a CTO with very low risk tolerance. Our staff pushed the
"don't upgrade" strategy about as far as anyone could ever
hope to take it. We hand patched our way through "heartbleed",
for example.

In my case, wanting better outcomes, I accelerated the move to
automated deployment (Cobbler + Puppet), and was then able to
provide solid test environments that allowed developers to
quickly re-deploy applications on newer versions of the OS.
Initially the push-back was voiced as the whole idea being too
costly. The new approach actually reduced costs, freed up
developer time, and led to stable systems running in (mostly)
supported configurations. When the vendor demanded a bug be
demo'd on a Red Hat 4 system, we were able to spin one up. But
they almost never asked. Apparently most of their customers had
decided safety and convenience outranks stupidity on the part of
the vendor, and as a practical matter their help desk
strategically failed to notice the "unsupported" OS.

I believe the approach you've been requested to assist with
has an implicit wager that you're almost certain to lose:

   > they can hand pick packages seem fit for update
   > that can be pushed out using their internal code 
   > fixes and updates

Consider, this is what Red Hat pays staff to do. Update some
packages, test if anything breaks, act on reports from the 
field. When one makes a complete upgrade to 6 (current), one
rides on the coattails of all the work of the Red Hat team to
test and stabilize changes. 

On the other hand, if one omits the update to 6 (current), they
have the identical problem but are foresaking the vendor's sunk
costs in testing and debugging. The implicit wager is that the
few hand-picked packages will reduce exposure to changes,
and so reduce labor, and increase your chances for a stable
system. However, consider that glibc went through these changes

 CentOS 6.3 glibc-2.12-1.80 
 CentOS 6.4 glibc-2.12-1.107 
 CentOS 6.5 glibc-2.12-1.132 
 CentOS 6.6 glibc-2.12-1.149 
 CentOS 6.7 glibc-2.12-1.166 
 CentOS 6.8 glibc-2.12-1.192

and that just about everything links against glibc, and you
can see that upgrading piecemeal is a good recipe for running
into subtle problems. And that's _one_ package.

If you have a small set of specific breaking changes, better
to get the devs off their butts and fix things or find work
arounds than to take on the greater risks of piecing together
odds and ends... which never stops.

Apparently you're in for an unending, unprofitable slog through
the worst, most unsatisfying kind of sysadminery. Been there,
done that, moved on!

Best regards,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to start a script to complete configuration

[cpolish]

On 2016-11-07 14:35, Bernard Fay wrote:
> Hi,
> 
> We have a virtual environment based on XenServer. In this environment I
> defined a template for CentOS 7 servers.
> 
> I would like to start a script a boot time to complete the configuration of
> new VMs based on this template. How can I have a script started before any
> login prompt to ask question to the user to complete the configuration such
> as hostname, IP address, etc?

Hi Bernard,

My first impulse was "don't!", and that's probably the best
advise.  A popular model is that the "firstboot" package takes
care of this at the first user login, and *nix systems sort of
depend on this "logged in users do stuff" model.

Even better, use ansible, cfengine, chef, or puppet to automate
the task of setting things up. This is the _best_ solution and
you will eventually come back to it.

But, the darker, cynical part of my brain, the part that says
"what, you're cutting down on coffee?" part, said "sure you
can". Here's how it _could_ be done. 

DON'T DO THIS. TURN BACK NOW.

Replace /sbin/init with a shell script that does what you want.
It will be the first userland process started, have the console
for I/O, and run as root. At completion, restore the original
/sbin/init and reboot. Leave no traces behind. Do not document
your awful hack, others will use your words against you.

Best regards,
-- 
Chuck

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Install Mariadb on Centos 7 fails

[cpolish]

On 2016-09-22 18:07, david wrote:
> Folks
> 
> I'm having problems installing Mariadb in Centos 7.
> 
> 
> Here's what I did:
> 
> 0)  Become root
> 1)  Make sure that mariadb and mysql are NOT installed.
> 2)  Delete residual libs
>  rm -rf /var/lib/mysq*
> 3)  yum install -y mariadb-server
> installed mariadb-5.5.50-1.el7_2.x86_64 from the Centos 'updates'
> repository
> 4)  systemctl start mariadb
> 5)  systemctl status mariadb
> 
> All works well until step 5, where I get the result:
> 
> 
> 
> # systemctl status mariadb
> ? mariadb.service - MariaDB database server
>Loaded: loaded (/usr/lib/systemd/system/mariadb.service; enabled; vendor
> preset: disabled)
>Active: failed (Result: exit-code) since Thu 2016-09-22 17:46:38 PDT;
> 4min 3s ago
>  Main PID: 16261 (code=exited, status=1/FAILURE)
> 
> Sep 22 17:46:37 goat.xxx.com mysqld_safe[16261]: /usr/bin/mysqld_safe: line
> 139: /var/log/mysqld.log: Permission denied
> Sep 22 17:46:37 goat.xxx.com mysqld_safe[16261]: /usr/bin/mysqld_safe: line
> 183: /var/log/mysqld.log: Permission denied
> Sep 22 17:46:37 goat.xxx.com mysqld_safe[16261]: touch: cannot touch
> `/var/log/mysqld.log': Permission denied
> Sep 22 17:46:37 goat.xxx.com mysqld_safe[16261]: chown: cannot access
> `/var/log/mysqld.log': No such file or directory
> Sep 22 17:46:37 goat.xxx.com mysqld_safe[16261]: chmod: cannot access
> `/var/log/mysqld.log': No such file or directory
> Sep 22 17:46:37 goat.xxx.com systemd[1]: mariadb.service: main process
> exited, code=exited, status=1/FAILURE
> Sep 22 17:46:38 goat.xxx.com systemd[1]: mariadb.service: control process
> exited, code=exited status=1
> Sep 22 17:46:38 goat.xxx.com systemd[1]: Failed to start MariaDB database
> server.
> Sep 22 17:46:38 goat.xxx.com systemd[1]: Unit mariadb.service entered failed
> state.
> Sep 22 17:46:38 goat.xxx.com systemd[1]: mariadb.service failed.
> Hint: Some lines were ellipsized, use -l to show in full.
> [root@goat ~]#
> 
> My environment is a Centos 7 installation running as a VM inside Vmware, and
> is not a production system.  It is updated nightly.
> 
> When I examined the files alluded to,
> 
>   /var/log/mysqld.log
>  does not exist
> but
>   /var/log/mariadb/mariadb.log
>  exists and is empty.

Hi David,

What do these commands show?

ls -lF /var/log/mysqld.log
ls -lZ /var/log/mysqld.log
getenforce

Best regards,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Slow RAID Check/high %iowait during check after updgrade from CentOS 6.5 -> CentOS 7.2

[cpolish]

On 2016-06-01 20:07, Kelly Lesperance wrote:
> Software RAID 10.  Servers are HP DL380 Gen 8s, with 12x4 TB 7200 RPM drives.
> 
> On 2016-06-01, 3:52 PM, "centos-boun...@centos.org on behalf of 
> m.r...@5-cent.us"  
> wrote:
> 
> >Kelly Lesperance wrote:
> >> I did some additional testing - I stopped Kafka on the host, and kicked
> >> off a disk check, and it ran at the expected speed overnight. I started
> >> kafka this morning, and the raid check's speed immediately dropped down to
> >> ~2000K/Sec.
> >>
> >> I then enabled the write-back cache on the drives (hdparm -W1 /dev/sd*).
> >> The raid check is now running between 10K/Sec and 20K/Sec, and has
> >> been for several hours (it fluctuates, but seems to stay within that
> >> range). Write-back cache is NOT enabled for the drives on the hosts we
> >> haven't upgraded yet, but the speeds are similar (I kicked off a raid
> >> check on one of our CentOS 6 hosts as well, the window seems to be 15
> >> - 20K/Sec on that host).

Hi Kelly,

I hope this is relevant -- you might want to try the very most recent
kernel in git to see if your problem is fixed.

Best regards,
-- 
Charles Polisher

Date: Mon, 13 Jun 2016 15:51:19 +0200
From: Tomasz Majchrzak 
To: linux-r...@vger.kernel.org
Subject: [PATCH] raid1/raid10: slow down resync if there is non-resync activity 
pending

A performance drop of mkfs has been observed on RAID10 during resync
since commit 09314799e4f0 ("md: remove 'go_faster' option from
->sync_request()"). Resync sends so many IOs it slows down non-resync
IOs significantly (few times). Add a short delay to a resync. The
previous long sleep (1s) has proven unnecessary, even very short delay
brings performance right.

The change also applied to raid1. The problem has not been observed on
raid1, however it shares barriers code with raid10 so it might be an
issue for some setup too.

Suggested-by: NeilBrown 
Link: http://lkml.kernel.org/r/20160609134555.ga9...@proton.igk.intel.com
Signed-off-by: Tomasz Majchrzak 
---
 drivers/md/raid1.c  | 7 +++
 drivers/md/raid10.c | 7 +++
 2 files changed, 14 insertions(+)

diff --git a/drivers/md/raid1.c b/drivers/md/raid1.c
index 39fb21e..03c5349 100644
--- a/drivers/md/raid1.c
+++ b/drivers/md/raid1.c
@@ -2535,6 +2535,13 @@ static sector_t raid1_sync_request(struct mddev *mddev, 
sector_t sector_nr,
return sync_blocks;
}

+   /*
+   * If there is non-resync activity waiting for a turn,
+   * then let it though before starting on this new sync request.
+   */
+   if (conf->nr_waiting)
+   schedule_timeout_uninterruptible(1);
+
/* we are incrementing sector_nr below. To be safe, we check against
 * sector_nr + two times RESYNC_SECTORS
 */
diff --git a/drivers/md/raid10.c b/drivers/md/raid10.c
index e3fd725..8a4791e 100644
--- a/drivers/md/raid10.c
+++ b/drivers/md/raid10.c
@@ -2912,6 +2912,13 @@ static sector_t raid10_sync_request(struct mddev *mddev, 
sector_t sector_nr,
max_sector > (sector_nr | chunk_mask))
max_sector = (sector_nr | chunk_mask) + 1;

+   /*
+   * If there is non-resync activity waiting for a turn,
+   * then let it though before starting on this new sync request.
+   */
+   if (conf->nr_waiting)
+   schedule_timeout_uninterruptible(1);
+
/* Again, very different code for resync and recovery.
 * Both must result in an r10bio with a list of bios that
 * have bi_end_io, bi_sector, bi_bdev set,
--
1.8.3.1




___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] scp via another server

[cpolish]

On 2016-06-12 19:07, H wrote:
> On 06/12/2016 05:21 PM, J Martin Rushton wrote:
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> > 
> > $ scp svr2:/path/to/source svr1:/path/to/dest
> > 
> > You'll get twice the network traffic since the copy is running on your
> > workstattoin (or whatever).
> > 
> > On 12/06/16 15:40, H wrote:
> > > I normally use ssh to log into a remote server, change directory
> > > and then use scp from there to copy files from another remote
> > > server to the first one.
> > > 
> > > Now the first server has been hit by continuous error correction
> > > messages from the ECC controller, all of which are corrected, and I
> > > am unable to get a command line to issue the required commands to
> > > change directory and then run scp from the other server. I have no
> > > problems, however, getting into the first server - except for being
> > > drowned by the error correction messages and the server seems to be
> > > running "fine".
> > > 
> > > Until I am able to get to the server and investigate, is it
> > > possible to accomplish the above on a single command line, thus
> > > avoiding seeing the error messages? I should add that both the
> > > first and second server are set up to accept keys and not passwords
> > > so at least I don't have to worry about that.

Try changing kernel console log level to 0, possibly:

   echo '0 0 0 0' > /proc/sys/kernel/printk

should take effect instantly. You _might_ be able to do this
remotely via ssh. Also possibly can do via magic sysrq + 0.

(see: RHEL 6 Deployment Guide (rev 3.1 2011-05-19) Appendix C pp.537-538)

HTH, HAND,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6, gdb

[cpolish]

On 2016-06-07 17:21, m.r...@5-cent.us wrote:
> Got a user who claims he was running this program, then it broke recently.
> Almost no updates in a while, and none relevant. I'm guessing the
> program's compiled from fortran to c Anyway, the issue's on two
> servers. On one, I installed a couple of compat libs, and it runs. The
> other still fails (but it doesn't have some of the i686 libs. When it
> fails, it's immediate, and reports dying with a SIGKILL. ldd claims it's
> not a dynamic executable, but file tells me it's a 32 bit ELF Running
> it under strace gives me no more. So, as one last resort (Confess! You
> have three last resorts!), I'm trying to run it under gdb. On the system
> it runs on, I can b main, and it gets there when I tell it run. On the
> other... the address appears to be the same, it's in his NFS-mounted home
> directory - it never gets to main, it just reports the sigkill.
> 
> So, what I'd *really* like to do is not tell it run, but next, or step,
> but I can't.
> 
> Anyone heavy enough into gdb to be able to suggest where I can tell it to
> break during the program initialization phase, before it gets to main?

Possibly something still not right in the execution environment.
Try "export LD_DEBUG=all" then run the program. ("unset
LD_DEBUG" to reverse.) Did you edit ld.so.conf and run ldconfig
on the second machine?  Also check "sudo ausearch --success no
--interpret -ts today"

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] firewall-config not functional

[cpolish]

On 2016-06-07 10:03, Emmett Culley wrote:
> On 06/07/2016 05:05 AM, James Hogarth wrote:
> > On 7 Jun 2016 12:44, "Emmett Culley"  wrote:
> >>
> >> I have a number of machines (hardware and VMs) running CentOS 7.  I all
> > cases firewall-config is not functional.

Just a thought - CentOS7 _minimal_ install doesn't install 
a firewall. There were attempts to get Red Hat to reconsider
this, but they fixed it with documentation. 

If this is your problem, then "yum install firewall-config firewalld" 
might fix it.

HTH, HAND,
-- 
Charles Polisherr

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 7, nfsdcltrack

[cpolish]

On 2016-06-02 16:40, m.r...@5-cent.us wrote:
> Frank Cox wrote:
> > On Thu, 2 Jun 2016 16:17:28 -0400
> > m.r...@5-cent.us wrote:
> >
> >>   nfsdcltrack[39406]: sqlite_insert_client: insert
> >> statement prepare failed: table clients has 2 columns but 3 values were
> >> supplied
> >>
> >> Anyone got any ideas as to a) why this is happening, and b) what I can
> >> do about it?
> >
> > https://www.svennd.be/nfsdcltrack-sqlite_insert_client-insert-statement-prepare-failed-table-clients-has-2-columns-but-3-values-were-supplied/
> >
> Yeah, after I posted, I went googling, and found the same post. Thanks
> muchly, though.
> 
> Did they fire the regression testing dept?


Workaround:
https://www.svennd.be/nfsdcltrack-sqlite_insert_client-insert-statement-prepare-failed-table-clients-has-2-columns-but-3-values-were-supplied/
 

# sqlite3 /var/lib/nfs/nfsdcltrack/main.sqlite
clients parameters
sqlite> alter table clients add column has_session TINYINT;
sqlite> .exit


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] FYI: http

[cpolish]

On 2016-06-02 15:44, David Nelson wrote:
> On Jun 2, 2016, at 3:39 PM, Always Learning  wrote:
> > 
> > When the Internet is working, I never had a problem. So perhaps you are
> > correct, Firefox is sending local domain names and everything typed into
> > Firefox's URL slot to Google for people monitoring purposes ;-)
> > 
> > How can one disable this latest privacy abusing tactic ?
> 
> 
> Go to Settings > Search and uncheck “Provide search suggestions”.
> 
> Or alternately just make sure that “Show search suggestions in location bar 
> results” is turned off. (Not sure whether it is on by default...) 

Browse to about:config, filter on "http", see the long list of
sites Firefox needs to contact in order to better serve you. In
some cases I serve the sites locally, for others I replaced the
protocol string with hxxp. Don't need all the excess traffic and
extra eyes on my browsing habits, boring as they may be.

The greatest pain with Firefox came from trying to build from
source. They've got very strange ideas of how complex and
customized a build system needs to be. Apparently they couldn't
figure out autotools and make.

-- 
Charles

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] vnc on C7

[cpolish]

On 2016-06-02 09:42, Jonathan Billings wrote:
> On Thu, Jun 02, 2016 at 07:56:37AM -0400, Jerry Geis wrote:
> > Then when I use something like vncviewer from a windows laptop into the
> > linux desktop
> > I get the password prompt, but the next screen says "oh no, something went
> > wrong".
> 
> That sounds like the desktop environment (Gnome3) is failing, probably
> because its a compositing desktop environment and fails because it
> can't use GL.
> 
> You could try it with a desktop manager other than Gnome3.

Hi Jerry,

Hope that works. If not, I'm suspicious that the file copy
created a file with the wrong (default) SELinux context, which
you could confirm with "ls -lZ", and fix with restorecon.
Also you can run "ausearch --success no --interpret -ts today"
to check the audit log for permissions issues that silently
escape notice.

Hope that helps,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem with Firefox and SSH/browser

[cpolish]

On 2016-06-02 09:59, Sergio Belkin wrote:
> 2016-06-01 19:36 GMT-03:00 :
> > On 2016-06-01 09:53, Sergio Belkin wrote:
> > > I have a problem, shame on me I feel as newbie, I cannot open Firefox
> > > though ssh.
> > >
> > > ssh server is 7.2 and ssh client (running Xorg) is Fedora 23. Firefox
> > does
> > > not open. I've tried a lot of methods, even adding xauth cookie, and for
> > > example:
> > >
> > > firefox --no-remote --no-xshm
> > 
> >
> > Can you post the exact command used, for example:
> >ssh -Y remotehostname /usr/lib64/firefox/firefox
> 
> I've tried:
> 
> ssh -vvv -Y -X user@sshserver

... which doesn't invoke firefox? Maybe try:

localserver $ ssh -Y username@servername
sshserver $ xterm

to see if the problem is with firefox, or with the X connection.

Also check that package xorg-x11-xauth is installed (it
probably is). 

localserver $ ssh -Y username@servername
sshserver $ rpm -q xorg-x11-xauth
xorg-x11-xauth-1.0.9-1.el7.x86_64

If possible, log into a console session on the
ssh server and see if firefox launches locally there.

Also check the environment on the remote system (ssh server) 
is set correctly once you've ssh'd to it:

localserver $ ssh -Y username@servername 
sshserver $ echo $DISPLAY
localhost:10.0

Also check that the remote username is permitted access
to the local X server:

localserver $ xhost + 
localserver $ ssh -Y username@servername
sshserver $ firefox

Note that this leaves localserver X server -wide-open- 
from a security standpoint, so must be reversed after
testing:

localserver $ xhost -

Hope that helps,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem with Firefox and SSH/browser

[cpolish]

On 2016-06-01 09:53, Sergio Belkin wrote:
> Hi folks,
> 
> I have a problem, shame on me I feel as newbie, I cannot open Firefox
> though ssh.
> 
> ssh server is 7.2 and ssh client (running Xorg) is Fedora 23. Firefox does
> not open. I've tried a lot of methods, even adding xauth cookie, and for
> example:
> 
> firefox --no-remote --no-xshm


Hi Sergio,

Can you post the exact command used, for example:
   ssh -Y remotehostname /usr/lib64/firefox/firefox

Thanks,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Unable to boot CentOS 6 - Segmentation Erorr

[cpolish]

On 2016-05-29 10:42, John Cenile wrote:
> Also, the last message in /var/log/messages before the crash was:

> ^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@^@May
> 29 07:30:10 *hostname* kernel: imklog 5.8.10, log source = /proc/kmsg
> started
> 
> Which seems very concerning.

Hi John,

TL;DR: prevention.

I can't say what happened, but I've a long-standing dread of 
your situation. Here's some ways to prepare for (or prevent)
the next time this happens. Possibly you're already doing all 
this but a recitation here might help someone else too.

- Set up remote logging. I favor rsyslog, but you can also
  use syslog-ng. Have one central logging server. This way you 
  can look for signs of trouble that preceded the crash.
 
- Keep baselines from the guest VMs. You can run rpm --verify 
  and preserve the output off-host (last step in yum update).
  Disable the nightly pre-link behavior (was this ever a good 
  idea?) to make comparing results more meaningful. 
  Post-crash, mount the victim read-only and re-run the verify
  to pin-point what part of the filesystem was clobbered.
  Knowing what was clobbered (and when) can help. Not long ago
  an errant script in production cleared the wrong
  directory but only when transaction volume crested some
  threshold, wiping out a critical monitoring script.

- Treat your hosts like cattle, not pets. Automating creation
  and maintenance of hosts gives you more and better options 
  for recovery when hosts go insane.

- Test and re-test your storage system. There are bugs lurking
  in every storage code base and every HBA's firmware. The
  physical connectors in your data path are built on a mass
  of compromises and contradictory design goals and are just 
  waiting to fail. Flush bugs out before putting gear into
  production.

- Restores, not backups, are your friends.[1] I ran into a
  bug in Gnu tar (this year) that left me with silently
  corrupted archives but only for thin-provisioned virtual 
  filesystems >16GB that compressed to <8GB. Only a full 
  restore unearthed the ugly truth.

- Consider ECC RAM. Once you have a few tens of GB's  you've 
  essentially got your own cosmic ray detector. If you 
  figure your time at $50/hour and it takes ten hours to deal 
  with with one ephemeral mysterious incident then springing 
  for $500 worth of ECC RAM is a good bet. Figure in the cost 
  of downtime and it's a no brainer.

Best regards,
-- 
Charles Polisher

[1] 
http://web.archive.org/web/20070920215346/http://people.qualcomm.com/ggr/GoB.txt


___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Slow RAID Check/high %iowait during check after updgrade from CentOS 6.5 -> CentOS 7.2

[cpolish]

On 2016-05-25 19:13, Kelly Lesperance wrote:
> Hdparm didn’t get far:
> 
> [root@r1k1 ~] # hdparm -tT /dev/sda
> 
> /dev/sda:
>  Timing cached reads:   Alarm clock
> [root@r1k1 ~] #

Hi Kelly,

Try running 'iostat -xdmc 1'. Look for a single drive that has
substantially greater await than ~10msec. If all the drives 
except one are taking 6-8msec, but one is very much more, you've
got a drive that drags down the whole array's performance.

Ignore the very first output from the command - it's an
average of the disk subsystem since boot.

Post a representative output along with the contents /proc/mdstat.

Good luck,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Inconsistancy in RAID documentation

[cpolish]

On 2016-05-03 15:49, m.r...@5-cent.us wrote:
> On the wiki page for creating a mirrored root drive, at
> , it first
> tells you, in the install, to chose manual partitioning, and to leave at
> least 1M at the end of the drive and then it tells you to create the
> RAID 1 using /dev/sda and /dev/sdb - the *whole* raw drives.
> 
>  mark, currently creating a RAID 1 using just the raw drives, no
> partitions

Hi Mark,

The advice to subtract a certain amount from the drive size
is still sound. I subtract ~ 1GB (~ US$0.20), here's why.

A typical vendor disclaimer for drive capacity: "some of the
listed capacity is used for formatting and other functions, and
thus will not be available for data storage". "Other functions"
includes dynamic things like an inventory of spare sectors to
remap sectors that develop unrecoverable errors, replacing them
from a pre-existing inventory of spares. After a failure, a
new, replacement drive may be short of the capacity needed to
mirror all the sectors of the surviving RAID pair. AFAIK the
Linux RAID driver won't try to reason about the need to mirror
the final few blocks in the element, it just refuses to create a
mirror from a mismatched pair. Trimming some from the "actual"
size when creating a brand new mirror gives you some room to
finagle a replacement.

Probably should mention that in the last few years (?) the
position of the md superblock was repositioned from 128K from
the logical last block of the drive to 8K to 12K from the end of
the drive, see man 4 md.

HTH, HAND,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentosPlus

[cpolish]

On 2016-05-17 15:51, Mauricio Tavares wrote:
>   Why not leave all the extra repos disabled, say
> 
> sed -i -e 's/^enabled=1/enabled=0/' /etc/yum.repos.d/epel.repo
> 
> and manually enable it when you need to get a package from said repo:
> 
> yum install -y libmcrypt --enablerepo=epel

Hello Mauricio,

I understand. For systems with a few packages from Epel this is
my favored technique. Epel has a lot more packages that overlap
or interact with base repo packages, if I'm not mistaken. But
for my CentOSPlus repository use case, I leave the repo enabled
in the config file; forgetting to re-enable it could leave these
systems without neccessary drivers. As the repository contents
is desired _in total_ over the base packages, there's no down
side for this use.

-- 
Charles

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentosPlus

[cpolish]

On 2016-05-17 12:09, jd1008 wrote:
> Has anybody enabled this repo?
> I understand that it can really mess up updates and upgrades
> as the dependencies are rather different.

I've had the CentOSPlus repository enabled for CentOS6 for more
than a year with no problems. I don't recall reading anything on
this mailing list or IRC suggesting that enabling plus caused
issues with updates. 

The CentOS wiki warns "Enabling this repository makes CentOS 
different from upstream. You should understand the implications 
of this prior to enabling CentOSPlus". Essentially this is a
reminder that the CentOS community has no appetite for supporting
slightly non-standard configurations (a very reasonable stance).

If you need the extra hardware driver modules available with
Plus this shouldn't stop you from running a Plus kernel.
Just be prepared to reproduce any problems using a stock
kernel (which you can still select at boot) if you need to
resolve an OS issue with help from others.

The only vhanged packages in the CentOS Plus 6 repo are the
kernel (kernel, kernel-abi-whitelist, kernel-doc,
kernel-firmware, kernel-headers, kernel-devel), the kernel
performance utilities (perf, python-perf), and postfix.

For detailed differences of the "Plus" kernel see:
https://wiki.centos.org/AdditionalResources/Repositories/CentOSPlus?action=show=Repositories%2FCentOSPlus#head-a94637ae716c01023f633e8b5fb840f555f6d378

HTH, HAND,
-- 
Charles

___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS-docs] CentOSPlus kernel config differences

[cpolish]

Hello,

I've finally got some time to attend to documentation.
I've updated https://wiki.centos.org/AdditionalResources/Repositories/CentOSPlus
to include details on what is the difference between a
default CentOS kernel and the Plus kernel, in a general
way, with instructions on how to get specifics, and a
current example. I hope I've correctly followed protocol.

-- 
Charles Polisher

___
CentOS-docs mailing list
CentOS-docs@centos.org
http://lists.centos.org/mailman/listinfo/centos-docs

Re: [CentOS] backup script

[cpolish]

madu...@gmail.com wrote:
 Should I add to my tar the following option
  -p, --preserve-permissions
   extract all protection information
 tar -cvzfp ..
 
 Thanks
 
 On Tue, Jan 25, 2011 at 7:10 PM, John Doe jd...@yahoo.com wrote:
  From: madu...@gmail.com madu...@gmail.com
 
  I want to create bash script to have a zip copy from a website running
  on  linux /var/www/htdocs/* local on the same box on different
  directory
  I am  thinking to do a local backup using crontab (snapshot my web)
  tar -cvzf  /tmp/website-$(date +%Y%m%d-%H%M).tgz /var/www/htdocs/*
  This command will  create a file /tmp/website-20110101-1459.tgz
  I want it run on daily basis and  to keep the last 5days backup on the
  box and remove older version than  5days.
 
  A quick way to do it is to use the day of the week:
   website-$(date +%u).tgz
  It will automaticaly keep the last 7 days...
  Otherwise, you will have to use date calculations...

I hope I'm not duplicating something someone has already said --
/tmp may not be the best possible choice for backups. A reboot
could potentially help by cleansing that directory. Off-host
copies (eg, scp website-20110101-1459.tgz fred@otherhost:/home/fred/backups/)
would address a number of risks.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Recommendation for a Linux alternative to Centos - ATH9K disaster

[cpolish]

Nico Kadel-Garcia wrote:
snip
 One *does* have to remember the mlocate package's limitations. It
 doesn't browse network mounted directories, it doesn't browse /tmp or
 look for other excluded targets, and it runs with the nightly cron
 jobs. So if you're looking for files in /var/tmp/ or an NFS share, or
 files that were created an hour ago, well, it's back to find.
snip

It's not too hard to create auxilliary db's that index specific
directory trees, and to search them when you want eg, just recipies
from /home/food/recipies:

#! /bin/bash
export DBNAME=/usr/local/food/.locatedb
/bin/mv -v ${DBNAME} ${DBNAME}~
/usr/bin/updatedb --output=$DBNAME 
--prunepaths='/usr/local/food/recipies/failed-experiments'

or something like that.

Then, 

$ locate --database=/usr/local/food/.locatedb -i vanilla

Even better, in .bashrc add:

  alias drool=locate --database=/usr/local/food/.locatedb -i 

Then,

$ drool vanilla

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ext4 on CentOS 5.5 x64

[cpolish]

Sorin Srbu wrote:
snip
   Anyway, I get a bad block message when running fsck, and am not sure
 whether this is a interface problem between the chair and the monitor or
 something with the tech preview.
snip

Having just live through this issue, I recommend you run
the extended (long) SMART test on all your drives and check
the reports. The relevant package to install is smartmontools. 
It's worth investing a little time in setting up the package.
I ended up with this incantation in /etc/smartd.conf :

/dev/hda -T normal -p  -a -o on -S on -s (S/../.././02|L/../../6/03) -m 
root@localhost

To execute the extended tests (doesn't mess with your data):
# smartctl --test=long /dev/hda

To view the test results about 80 minutes later:
# smartctl --log=selftest /dev/hda

and so on.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] internet connection tester script

[cpolish]

Nico Kadel-Garcia wrote:
 
 Yup. That's why it's common to drop at external firewalls and blocked
 by NAT from reaching inside your network, to protect less thoroughly
 protected and critical hosts from distributed denial of service (DDOS)
  such as the now classic ping flood attack. There is generally no
 good reason to allow external ICMP packets into your local network,
 except maybe to allow an external monitoring system or VPN connection
 to verify the presence of a few exposed hosts.

This is a widely held opinion that I strongly disagree with.
Blocking all ICMP is not only not needed, but it is not 
conforming to Internet protocol requirements (RFC 1122, 3.2.2)
and makes headaches for sysadmins who have to troubleshoot
network issues. Wikipedia puts it succinctly:

Many network security devices block all ICMP messages for
perceived security benefits, including the errors that are
necessary for the proper operation of PMTUD. This can result in
connections that complete the TCP three-way handshake correctly,
but then hang when data is transferred. This state is referred
to as a black hole connection.

Some implementations of PMTUD attempt to prevent this problem by
inferring that large payload packets have been dropped due to
MTU rather than because of link congestion. However, in order
for the Transmission Control Protocol (TCP) to operate most
efficiently, ICMP Unreachable messages (type 3) should be
permitted. A robust method for PMTUD that relies on TCP or
another protocol to probe the path with progressively larger
packets has been standardized in RFC 4821.

http://en.wikipedia.org/wiki/Path_MTU_Discovery

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ext4 on CentOS 5.5 x64

[cpolish]

Les Mikesell wrote:

 Are there guidelines about what are reasonable results or will the 
 'Smart Health Status' tell you enough after the tests run?

In a recent study[1] of a large population of hard drives 
these assertions stood out:

  [A]fter their first scan error, drives are 39 times more 
  likely to fail within 60 days than drives with no such errors. 

  Drives with one or more reallocations do fail more of-
  ten than those with none. The average impact on AFR
  appears to be between a factor of 3-6x.

  After their first reallocation, drives are over 14 times
  more likely to fail within 60 days than drives without
  reallocation counts, making the critical threshold for this
  parameter also one.

  After the first offine reallocation, drives have over
  21 times higher chances of failure within 60 days than
  drives without offine reallocations...

  The critical threshold for probational counts is also one: 
  after the first event, drives are 16 times more likely to 
  fail within 60 days than drives with zero probational counts.

[1] Failure Trends in a Large Disk Drive Population
Eduardo Pinheiro, Wolf-Dietrich Weber and Luiz A. Barroso
Google Inc.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] unable to check in code to svn when files contain spaces or characters

[cpolish]

Nico Kadel-Garcia wrote:
 Agnello George wrote:
  i got a file like this and i need add it into my svn
 
  admin/upload_data/FINAL  leg  list  19_01_2010 to  agar  (Merged data in
  one).xls
 
 First: don't do this, seriously. You're begging for pain in your
 scripting to handle such files from now on.
 
 
  i as able to add other files with space using the following command :
 
   svn st |grep ? |cut -c8- |sed 's/ /\\ /g' |xargs svn add
 
 Second, stop playing with xargs in command line handling. It is not your 
 friend.

That seems harsh. Can you explain? It's been my experience
that using find mumble/ -print0 | xargs -0 mumble almost
always provides a way to process arbitrary file names. But
maybe this particular case can't be shoehorned into that
idiom?

Best regards,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Network bandwidth tools. (long)

[cpolish]

Barry Brimer wrote:
  I am wondering what tools are available
  in CentOS 5.5 that would allow me to measure incoming and
  outgoing network speeds? My new website seems to be getting a
  lot more traffic that I had anticipated off the bat and I would
  like to measure resource usage to ensure it is keeping up.

 Take a look at ntop .. there are packages available from rpmforge.

+1 ntop

At the risk of pissing off the list for such a long
post, here are 2 useful shell-scripts for monitoring Linux
system bandwidth. Although they were developed on another
distro I believe (untested) they will work fine with CentOS.

The first script gets installed as a cronjob, the second is run
when you want a histogram of your bandwidth. As commented in the
script, changing 1 line in the second script gives you TX bandwidth
instead of RX. Probably it should be an argument to the script.

logifx:
% cut here %---
#!/bin/bash
#   From: William Hunt w...@prv8.net
#   Newsgroups: alt.os.linux.slackware
#   Subject: Fun with Slackware: bandwidth monitor
#   Date: Wed, 23 Jan 2008 02:04:05 -0800
#   A script to periodically calculate the total number of bytes
#   sent and received on the given interface;
#   useful for running under cron, for example.
#   raw data is read from ifconfig(1); the script calculates its
#   output from the current reading and from data stored in a state
#   file by the previous run; the current values are then stored in
#   the state file for the next run, overwriting the previous state.
#   if the state file does not exist then no output is generated, but
#   the new STATEF file is still initialized with current data.
#--
#   this is a useful escape in case of trouble:
#--
function PANIC () { echo PANIC: $* ; exit ; }
#--
#   syntax: logifx interface
#--
[ $1 ==  ]  PANIC interface required.
IF=$1
#--
#   FILES  DIRECTORIES:
#--
export PATH=/usr/bin:/bin:/usr/sbin:/sbin
STATED=/var/run/logifx
[ -d ${STATED} ] || mkdir -p ${STATED} || PANIC bad ${STATED} ?
STATEF=${STATED}/ifxlog-${IF}.dat
OUTD=/var/log
OUTF=${OUTD}/ifx_${IF}
#--
#   read ifconfig and return RX and TX values:
#--
function readif() {
ifconfig ${IF} | while read LINE ; do
DATA=($(echo ${LINE} | grep 'RX bytes:'))
[ $? = 0 ]  echo ${DATA[1]/bytes:} ${DATA[5]/bytes:}
done
exit 0
}
#--
#   read the clock:
#--
STAMP=$( date '+%Y%m%d%H%M' )   # timestamp for logfile line
SEC=$( date '+%s' ) # time used for calculations
#--
#   read the data - note how an array is used to receive
#   two return values from the function call
#--
CURRENT=($( readif )) || PANIC reading ifconfig
CRX=${CURRENT[0]}
CTX=${CURRENT[1]}
#--
#   if state file exists, read prior values and calculate output.
#   negative results indicate a stale state file, so reset it.
#   (not absolutely correct, but best guess and close enough);
#   then append the output to the log file:
#--
if [ -e ${STATEF} ] ; then
read PSEC PRX PTX  ${STATEF}
SPAN=$(( ${SEC} - ${PSEC} ))
[ $SPAN -gt 0 ] || PANIC WTF? SPAN=${SPAN}
RX=$(( ${CRX} - ${PRX} ))
TX=$(( ${CTX} - ${PTX} ))
[ $RX -lt 0 ]  RX=${CRX}
[ $TX -lt 0 ]  TX=${CTX}
echo ${STAMP} ${SPAN} ${RX} ${TX}  ${OUTF} || PANIC ${OUTF}
fi
#--
#   update state file (overwrite)
#--
echo ${SEC} ${CRX} ${CTX}  ${STATEF} || PANIC updating ${STATEF}
#--
# the end.

#   Okay? Okay!   With that in /root/cron/logifx, now, the next step is
#   to stuff it into cron, using crontab -l of course.
#   
#   * * * * * /root/cron/logifx eth0 
#   * * * * * /root/cron/logifx eth1 
#   * * * * * /root/cron/logifx eth2
#   
#   Note that any errors running the script are written to stdout,
#   which cron will mail to the 

Re: [CentOS] Server reboots unexpectebly.

[cpolish]

Lisandro Grullon wrote:
 This is interesting...I wonder if my box is having and overheating issue.

Back in the day, we used h eat gun or even a hair dryer
to heat up a suspect system to induce an incipient 
failure to show up. 
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Tar so slow! Is there anything faster?

[cpolish]

On Thu, Jan 06, 2011 at 08:15:16PM +0100, Leonard den Ottolander wrote:
 Hello Dotan,
 
 On Thu, 2011-01-06 at 16:19 +0200, Dotan Cohen wrote:
  On Thu, Jan 6, 2011 at 16:08, Arun Khan knu...@gmail.com wrote:
   bzip2 will slow down the operation.  If you don't really need
   compressed than simply do tar cf  tar file  dir/file list
 
  Yup, that's what I'm doing now! Thanks.
 
 Gzip is pretty fast and still should give you decent compression. In
 most cases the highest compression will hardly give you better
 compression than the default level of 6, so just go with the default
 (tar cz). Use bzip2 only if space is a big concern.

pigz is a valuable tool for anyone needing gzip compression
and having  1 cpu. It runs multiple (parallel) gzip's for
a huge speedup. I've been using it for months - very stable.

To use with Gnu tar: --use-compress-program /usr/local/bin/pigz.

Download from:
http://pkgs.org/centos-5-rhel-5/rpmforge-i386/pigz-2.1.6-1.el5.rf.i386.rpm.html

Homepage: http://www.zlib.net/pigz/

Review: http://andrew.tumblr.com/post/344920968

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] check, that a script is in a folder

[cpolish]

Les Mikesell wrote:
 John R. Dennison wrote:
  S Mathias wrote:
  $ echo ${PWD##*/}
  somefolder
  $ if ${PWD##*/} -eq asdf  /dev/null; then echo this is the asdf 
  folder; else exit 1; fi
  bash: notthatfolder: command not found...
  this is the asdf folder
  $
 
 
  So i just want to check that i'm in an exact folder. e.g.: asdf
 
  What's wrong with my one-liner?
 
  What's wrong is you can't read man pages or research on your
  own.  man bash; your problem is covered there.
 
 It is there, but it's pretty obscure.  A hint is that 'if' wants to execute 
 something, and in the old days /bin/test and /bin/[ used to be links to the 
 same 
 executable.  These days the executables are in /usr/bin and not linked (don't 
 know the reason for either...) but they are also shell builtins.

The Usenet newsgroup comp.unix.shell is a great place to ask such questions.

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Anaconda hangs using 100% CPU

[cpolish]

 I have been struggling with my first PXEboot today, using a
 kickstart with packages served over http on the local network.
 
 The details:
 
 - Anaconda is using 100% CPU

snip

I got the PXE/kickstart going by sheer persistence.  It
eventually completed without hanging. Post-install the box
hung several times, generally with a kernel panic, sometimes
with only the flashing keyboard lights as a tell.

In an attempt to diagnose a hardware issue I've run: 

- memtest86 6.5+ hours, 0 errors, 0 hangs.  Both motherboard 
  cpu have ECC enabled.

- bonnie++  1+ hours, 0 errors, 0 hangs.

- sys_basher is running now, it tests the floating point unit,
  the integer unit, RAM, and disk.

I'd hate to let this server loose in production as-is.
Does anyone have suggestions for other things I can test?
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] perl code to remove newlines

[cpolish]

John Doe wrote:
 
 $ cat $FILE | tr \n   | sed 's/ */\n/g'

I was yearning for someone to chime with that!
sed is clearly the best  most straightforward way to do
this task.

I can't help myself - there's a useless use of cat:

$  $FILE tr \n   | sed 's/ */\n/g'

http://www.partmaps.org/era/unix/award.html#uucaletter
-- 
Pedantic, I? -- Alexei Sayle

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Anaconda hangs using 100% CPU

[cpolish]

Dear all,

I have been struggling with my first PXEboot today, using a
kickstart with packages served over http on the local network.

The details:

- Anaconda is using 100% CPU

- CentOS 5.5 i386 downloaded yesterday

- .iso md5sums checked out good

- 0 network errors showing (ifconfig)

- console 1 displays: Installing httpd-... Done [508/782]

- It appears to be trying to install samba for the last hour:
  the last 2 lines of the Apache access_log on the package
  server:

  GET /centos/5.5/os/i386/disc2//CentOS/
   httpd-2.2.3-43.el5.centos.i386.rpm HTTP/1.1 200 1277591
  GET /centos/5.5/os/i386/disc2//CentOS/
   samba-3.0.33-3.28.el5.i386.rpm HTTP/1.1 200 17016117

- The last line of /tmp/anaconda.log shows:
  DEBUG   : Adding Package opensp-1.5.2-4.i386 in mode u

- The last line of /mnt/sysimage/root/install.log.syslog shows:
  useradd[2304]: new user: name=apache, ...

- I have searched for similar issues at bugs.centos.org without success

- The system is still alive, console 2 is responsive 
  so I can (hopefully) debug this if someone will point
  me in the right direction

- kickstart file: http://pastebin.com/mQxx42wf

Help!
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Server unresponsive until reboot, memory exhausted

[cpolish]

On 12/28/2010 01:41 PM, james wrote:
 You may be right about the restart, but I would like to know WHAT is
 crashing my web server regardless. We are not running any shiftily
 coded sites or apps on this server that I'm aware of (obviously
 something is shifty!). Is anyone aware of any other methods for
 drilling into the problem?

You may be dealing with a request that crashes before any data
makes it into the logs.

Here's a trick I have used (posted Feb 10, 2008 by Phantom
in alt.apache.configuration):

ls -l `ps -C httpd h | sed -r s/^\s*([0-9]+) .+$/\/proc\/\\1\/cwd/`

which prints out the directory that each Apache worker thread is
accessing. If you can narrow it down to the pid, you can use lsof to
identify the particular file being being processed. Please keep us
posted!

-- 
Charles Polisher
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Network communication between hosts

[cpolish]

derleader __ wrote:
  The data is not so much - CPU utilization, RAM utilization, List of
  installed software, list of users and so on. The information is not
  so much. What are the options for this task is there a C++ library
  that I can use to convert the data and then to transfer if via
  network?

The information you want may already be available over the network via
snmp. The canonical invocation from the client host goes something like:

  snmpwalk -v2c -c public serverhostname

Once you've sorted through the output, you'll want to switch to more
targeted requests using snmpget or suchlike, change the community
string, consider whether or not to use snmpV3, etc.  You can invoke
these system utilities from C++. If snmpwalk is not installed on your
system try installing net-snmp on the remote (server) host,
net-snmp-utils and net-snmp-libs on the client host.
-- 
Charles Polisher
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ext4 on CentOS 5.5 64bit

[cpolish]

Matt wrote:
 Is ext4 stable on CentOS 5.5 64bit?  I have an email server with a
 great deal of disk i/o and was wandering if ext4 would be better then
 ext3 for it?

Before committing to ext4 on a production server, it
would be good to consider the comments made in 
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/317781/comments/45
which presumably still apply to current CentOS 5.5 64-bit kernels.
As I read it, Ts'o argues that the apparent loss of stability
compared to ext3 is a design issue in the realm of applications
that run atop it. I hope this is not a misreading.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] I/O size distribution?

[cpolish]

Antonello Piemonte wrote:
 Hello
 
 I have read that under Solaris one can use DTrace to get I/O request
 size distribution on a global scale (also on a per process/pid basis).
 See for example
 
 http://prefetch.net/articles/observeiodtk.html
 
 Can anyone recommend an alternative to get similar information under
 CentOS? I looked into dtrace for linux but it seems still work in
 progress, even putting aside CDDL issues ...
 
 http://www.crisp.demon.co.uk/tools.html

Maybe the average request size from
  iostat -x 
could supply part of the /global/ piece?
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] two cents or not two cents

[cpolish]

Les Mikesell wrote:

snip

 To overgeneralize, that's one of the big differences between free and
 commercial software.  Commercial software that has a customer base
 that they can't afford to lose will rarely break backwards
 compatibility, or if they do, they'll provide conversion tools to
 manage the migration.

snip

Either you never dealt with Apple abruptly terminating support
for your hardware - the CPU for instance - or the memory was so painful
that you blocked it out :). On the flip side, Apple fans seem to be 
unusually resiliant. I'm not bitter...
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] two cents or not two cents

[cpolish]

Lamar Owen wrote:
 Where do people get this?  On one of my up to date CentOS 5 VM's:
 [r...@zoneminder1 ~]# cat /etc/redhat-release
 CentOS release 5.5 (Final)
 [r...@zoneminder1 ~]# rpm -qi firefox
 Name: firefox  Relocations: (not relocatable)
 Version : 3.6.13Vendor: CentOS

snip

(Nod). Wish I had time to work on Scott Shawcroft's distrology
(http://www.oswatershed.org/) to add Red Hat and CentOS to the
evaluations. The ability to compare current metrics ranking
distribution package freshness is pretty cool.

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT: programming language for morons (newbie friendly language in Open Source world)

[cpolish]

cornel panceac wrote:
 my first language was pascal. if i'd had the opportunity, i'd start with c.
 herbert schildt's teach yourself c was great for me.

I think C is an excellent place to begin. But try K  R
(ISBN-10 0131103628) which is the classic introduction.

Schildt is reviled in the church of C. See
http://accu.org/index.php?module=bookreviewsfunc=searchrid=608
where he is roundly rebuked. He doesn't do well in any
of the numerous reviews of his books on the ACCU site.

He's even got an entry in the comp.lang.c FAQ:
Q: I need a random number generator.
A: Count errors in Herbert Schildt's C books. No one has detected any
   consistent pattern.

-- 
Charles Polisher
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] The Natives are Restless!

[cpolish]

Christopher Chan wrote:
 John Hinton wrote:
  Has anyone noticed over the years, that every time a major new CentOS
  release is just about to happen, suddenly there starts to be a few very
  long and drawn out threads?
 
 Really? Interesting.
 
 
 
  Has anyone ever considered that the core team is in fact monitoring this
  thread while trying to devote as much time as possible to actually
  getting the next release out the door? Could it possibly take longer for
  the next release to be launched due to the increase in volume on this list?
 
  So, when is CentOS 7 going to be released? ;)
 
  Sorry to add to the problem with this message, but I do find it really
  odd that this happened just before 4 and then again just before 5 and
  now just before 6.
 
 
 /me shrugs. I am not waiting for Centos 6. But I am miffed at certain 
 detractors of SELinux without any solid or compelling reasons other than 
 I don't want to learn it.

This brings to mind https://secure.wikimedia.org/wikipedia/en/wiki/Boosterism
Maybe set reply-to: /r/atheism (hm, technologically unsound. Darn.)
Anyway, there's an ism in it now for sure.
-- 
Charles Polisher
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] XFS or EXT3 ?

[cpolish]

On Fri, Dec 03, 2010 at 08:31:12AM -0500, Adam Tauno Williams wrote:
 On Fri, 2010-12-03 at 14:20 +0100, Peter Kjellström wrote: 
  On Friday 03 December 2010 13:55:28 Keith Roberts wrote:
   There was a similar thread about which is the best FS for
   Centos.
   I'm using ext3, and wondered if XFS would be more 'data
   safe' than ext3.
  'data safe' is certainly not something easy to define. 
 
 +1 
 
  Short answer: no XFS is not better than ext3 here. 
 
 +1  We'll all move to ext4 with CentOS 6.  ext4 is a big improvement
 over the options available in CentOS 5 
 
  In the end the only thing that'll keep your data safe are backups.
   I had a 100GiB ext3 partition, and it took up 1.75GiB for FS
   administration purposes. I reformatted it to XFS, and it
   only used 50.8MB!
  Oversimplified: XFS sets data structures up as you go, ext3 does it from 
  start. Also, the default for ext3 is to reserve space (see the -m option).
 
 +1
 
 Although equivalent issues can arise in XFS [vs. ext3].
 http://www.whitemiceconsulting.com/2010/09/xfs-inodes.html
 
   I now have a fresh new drive to install my root Centos
   system onto, and wondered about creating the partitions
   as XFS?
  ext3 is default = extremely well tested = good choice (IMHO)
 
 I'd stick with ext3 unless you have a compelling reason to use another
 FS.  
 
   What about the XFS admin tools - do these get installed when
   you format a partition as XFS from anaconda, or are they a
   seperate rpm package, installed later?
  They are in a separate rpm (xfsprogs, repository: extras).

Has anyone an update or status for issues raised in 
   http://lwn.net/Articles/322823/
or T'so's response to the issue
   https://bugs.edge.launchpad.net/ubuntu/+source/linux/+bug/317781/comments/45
have all the apps been adjusted, or is ext4 still more vulnerable
to data loss than ext3? Could link to a reference?

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SELinux - way of the future or good idea but !!!

[cpolish]

Lamar Owen wrote:

 With SELinux I can set files and whole hierachies to not allow Acrobat
 Reader access of various types, while still alllowing access to those
 areas it needs.  Voila!  Acrobat Reader vulnerabilities and the PDF's
 that exploit them no longer have any power to exploit my system.  Same
 with Flash, Java, and Firefox itself.  If firefox has no need to write
 into my Documents directory, then I can lock out my Documents
 directory to firefox (even when it's running with the right uid:gid
 that would defeat old-school uid:gid based perms) and not worry about
 a malicious website exploiting a firefox zero-day modifying any of my
 files in Documents.

Your enthusiasm for SELinux seems tied conceptually to a workstation
running the set of applications that come with the distribution.
Nothing wrong with that.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SELinux - way of the future or good idea but !!!

[cpolish]

Christopher Chan wrote:
 Les Mikesell wrote:
 
  All of the third-party software I run seems to run just fine, as long as 
  the right contexts are applied.
 
  Well, obviously it will work after someone takes the time to make it
  work.  Now it is your turn to quantify:  How much would you charge to
  teach someone to be able to make those changes and how long would it
  take?  This has to include the ability to quickly diagnose and fix any
  problem that might be caused by updates to the application or to the OS
  distribution.
 
 
 As was already mentioned in another post, run in permissive mode, for a 
 few days if you must, and go through all the things the software does 
 and voila! setroubleshoot and/or logs tell you what needs doing.

Very optimistic, that. In my shop, some things run annually.
A comprehensive system test = production, for a year. Just
this morning a 1099 (annual tax-form) script failed in test. 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SELinux - way of the future or good idea but !!!

[cpolish]

1,000 pardons for aggressively trimming this post,
sorry if I have harmed the flow by being selective.

Bob McConnell wrote:
 Marko Vojinovic wrote:
  Bob McConnell wrote:
  Marko Vojinovic wrote:
  Nico Kadel-Garcia wrote:

Hypothetical: one admins a vended suite of applications that comprise
an ERP. Many layers of management going all the way up to elected
Board members, and by implication the public, have spent $millions to
acquire, install, and augment it until it runs every aspect of the
business. A thousand staff members and 20,000 customers have
been trained to use the system. Major components (LDAP, email, database)
come from a Fortune 50 company that was assimilated by another Fortune 50
company. Not one piece of the ERP comes in RPM form.

  You have completely missed his point. Every update of the application
  *his company* is writing to run on those CentOS servers. This has
  nothing to do with RedHat, CentOS, or any other FLOSS package. It is a
  management problem within his employer's organization. If the managers

In this (hypothetical) situation, managers don't have the right kind of power.
They can't dictate policy to major corporations. They could attempt to
bring a couple of dozen in-house applications into compliance,
but does that make sense when the ERP is not in compliance thus SELinux
is not an option?

  Well, in that case he is dealing with a broken/badly coded app, and 
  irresponsible managers and developers. It's a problem, yes, but this isn't 
  a 

The ERP is (hypothetically of course) badly broken on many levels.
So, what can one constructively do? Complain at a Board meeting?
Write letters to the newspapers? Start a boycott against
the vendors? Open 1,000 service requests with the vendors? Buy the
myERPsucks domain name? It's a cumbersome, balky problem that AFAICT
has no easy answer. Some issues need attention at the governance level,
such as IT getting more involved in vendor selection.

  given to people on this list to turn off SELinux because some devs in some 
  company don't do their job right is also completely wrong.

Perhaps completely wrong but also thoroughly entrenched, as explained
above. 

 don't believe it can be considered a panacea either. Even with SE in 
 full protected mode, a simple SQL injection flaw can still expose much 
 of the sensitive data on your server.

An example: Crafty Person enters an account # as: 
   9000' OR true
and for the sake of argument, this retrieves 20,000 customer
records. Does SELinux do anything? I suspect the answer is no.
Tends to support the proceeding argument (it's not a panacea).

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] can't use godaddy SSL cert

[cpolish]

bluethundr wrote:
 I have setup the certificate chain in my slapd.conf like so:
 
 TLSCACertificateFile  /usr/local/etc/openldap/cacerts/sf_issuing.crt

I don't see where you say which directory these are stored in:

 -rw-r--r--  1 root  bluethundr  2604 Nov 25 11:37 ca_bundle.crt
 -r--r-  1 root  ldap4604 Nov 24 18:57 gd_bundle.crt
 -r--r-  1 root  ldap1537 Nov 25 02:00 sf_issuing.crt

 [r...@lcent01:/tmp/Foswiki-1.1.2]#openssl s_client -connect
 ldap.example.com:389 -showcerts -CAfile sf_issuing.crt
 13730:error:02001002:system library:fopen:No such file or
 directory:bss_file.c:122:fopen('sf_issuing.crt','r')

It looks like the expected directory is not the one being
used. Perhaps try use this invocation:

openssl s_client -connect ldap.example.com:389 -showcerts -CAfile 
/path/to/sf_issuing.crt

Best regards,
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CENTOS 5.5 X86 continue get out of memory error?????

[cpolish]

 On Nov 24, 2010, at 6:27 PM, mcclnx mcc wrote:
  This server used to run under CENTOS 3.9 X86 and No problem.  Due to 
  application can not use CENTOS 3.9 we need upgrade to CENTOS 4 or 5.
  
  If I re-install it and use CENTOS 4.8 X86, will problem gone or not?

You may find that CentOS 4.8 x86 with the hugemem kernel
will work for you. CentOS 5 no longer supports
the hugemem kernel.

From the release notes:

http://www.centos.org/docs/4/html/release-notes/as-x86/
Red Hat Enterprise Linux 4 includes a kernel known as the hugemem
kernel. This kernel supports a 4GB per-process user space (versus 3GB
for the other kernels), and a 4GB direct kernel space. Using this kernel
allows Red Hat Enterprise Linux to run on systems with up to 64GB of
main memory. The hugemem kernel is required in order to use all the
memory in system configurations containing more than 16GB of memory. The
hugemem kernel can also benefit configurations running with less memory
(if running an application that could benefit from the larger
per-process user space, for example.)

-- 
Charles Polisher
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] can't find ldapseaerch

[cpolish]

bluethundr wrote:
 If you feed the command line the full path to ldapsearch it works as
 intended. I was wondering if anyone had any idea why ldapsearch isn't
 being found?

Assuming bash -
Does hash -l show anything interesting
Does alias show anything interesting?

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update

[cpolish]

Here, unpolished, is a script I used to use to
determine what changes I had made to an rpm-based
system. It requires a least light editing
(line 45, 49, and 52 at a minimum)
to run on CentOS; probably won't hurt anything.


#! /bin/bash
# Charles Polisher 2003-10-05

#
# Summarize the key facts about the currently installed packages
# in a form useful for building a host with the same complement
# of packages. Creates 3 lists:
#   - the original install package list,
#   - packages that have been (upgraded/downgraded/added) 
# but are from the same distributor
#   - packages that have been added from another distribution
# or from free-standing rpm's

# TODO: identify packages built from tarballs, and either
#   - installed a new program not available in the distro, or
# avail from the distro but not sourced from it.
#   - installed a program that was available from the distro,
# but was (upgraded/downgraded/patched/built-from-source)
# nonetheless.
#   Maybe build a list of all libraries / executables in
#   /bin, /sbin, /usr/bin, /usr/sbin, /usr/local/bin,
#   /lib, /usr/lib, /usr/local/lib, (etc?), then run through
#   rpm's official list (rpm -qal) using it to delete from
#   the first list. Anything remaining is unaccounted for by
#   the rpmdb, and may represent an outboard package.
#   Note that the file versions/dates will need to be checked,
#   and the possibility of multiple versions of the same
#   program should be handled.

# DISTRO value ( matches key used in DISTRIBUTION field of RPMs)
export DISTRO=SuSE

# Package installed later than this are designated as upgrades,
# not part of the original installation. Format: -MM-DD 
export INSTALL_FINAL=2002-09-03

# Reports directory, omit trailing /
export OUTDIR=/home/chas/ADMIN/LOGS/rpm


export DATE=/bin/date
export GREP=/usr/bin/egrep
export SORT=/usr/bin/sort
export RPM=/bin/rpm
export TEE=/usr/bin/tee
export AWK=/usr/bin/awk
export CAT=/bin/cat
export RM=/bin/rm

# - no changes below this line ---

export L_DATE=`${DATE} +%Y-%m-%d-%H%M`
export EVENT=`date +%s --date=${INSTALL_FINAL}`
export TMPFILE=`mktemp /tmp/awkscript.XX`

#
# RPM formatted output fields are in this order: 
#
# Installtime  Cookie Name Epoch  Ver Fstate  Packager  Distribution
#  --  -- --- --  - 
# 1054517704   rags.suse 1018 rpm  none)  3.0 0   k...@suse.de SuSE Linux 8
#  --  -- --- --  - 
# Field 1  Field 3F 5  F7 F9  F11 Field 13  Field 15
#
export FORMAT='%-30{INSTALLTIME} %-30{COOKIE} %-30{NAME} %-5{EPOCH} 
%-30{VERSION}  %-30{FILESTATES} %-30{PACKAGER} %-30{DISTRIBUTION}\n'

cat  EOS  ${TMPFILE}
BEGIN { FIELDWIDTHS=30 1 30 1 30 1 5 1 30 1 30 1 30 1 30;   
}
{ 
# FIXME: SuSE - ${DISTRO}
a =  match($15, /SuSE /) == 0 ? 0 : 1
if ( a != filter ) {
printf(name: %-20s version: %-10s epoch: %-8s installed: %s 
packager: %-20s distro: %-15s\n, \
substr( $5,1,20),   
\
  substr( $9,1,10), 
\
substr( $7,1, 6),   \
  strftime(%Y-%m-%d %H:%M,$1),\
substr($13,1,20),   \
  substr($15,1,15)  \
);
}
}
EOS

${RPM}-qa --queryformat ${FORMAT} \
| ${AWK}  -f ${TMPFILE} filter=0\
| ${SORT}   \
 ${OUTDIR}/packages-installed-all-${DISTRO}-${L_DATE}.out

${RPM}-qa --queryformat ${FORMAT} \
| ${AWK}  -f ${TMPFILE} filter=1\
| ${SORT}   \
  ${OUTDIR}/packages-installed-non-${DISTRO}-${L_DATE}.out

${RM} ${TMPFILE}

cat  EOS  ${TMPFILE}
BEGIN { FIELDWIDTHS=30 1 30 1 30 1 5 1 30 1 30 1 30 1 30;   
print Packages installed after  eventdate : ;
}
{ 
if ( ( $1  eventdate )  ( match($15, /SuSE /)  0 ) ) {
printf(name: %-20s version: %-10s epoch: %-8s installed: %s 
packager: %-20s distro: %-15s\n, \
substr( $5,1,20),   
\
  substr( $9,1,10), 
\
substr( $7,1, 6),   \
  strftime(%Y-%m-%d %H:%M,$1),\
substr($13,1,20),   \
  substr($15,1,15)  \
);
}
}
EOS

${RPM}-qa --queryformat ${FORMAT} \
| ${AWK}  -f ${TMPFILE} eventdate=${EVENT}  \
| ${SORT}

Re: [CentOS] Pptp vpn server

[cpolish]

Mattias wrote:
 Yes but there is no good webmin module for openvpn?

Not to pour water on your tool, but Google for webmin exploit.
This software appears regularly on security lists I read,
but not in a good way.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Memtest86+ running time

[cpolish]

Bob McConnell wrote:
 Jake Shipton wrote:
  Akemi Yagi wrote:
  Keith Roberts wrote:
  I have run one full test and got no errors on the memory
  module. Is it worth keeping it running overnight, just to
  see if temperature changes will afect the test?
  I had a system that started crashing randomly. I ran memtest overnight
  (about 10 hrs) but it did not report any errors. Next time I extended
  the run to 18 hrs or so and finally saw errors.  Replacing the RAM
  solved the crash problem. So, I would recommend running memtest for
  one full day.
 
  I agree. Usually, when systems crash due to possibly memory related
  errors I let them run testing for 24 hours, or if they have lots of
  memory possibly longer (48 hours) to allow all memory to be fully
  tested. :-)
  
 
 And make sure you button the cabinet back up, with all covers in place 
 and put it back on the rack where it normally sits. Running this test 
 with the case open or sitting in free air is a waste of time unless that 
 is how the system usually operates. All memory testing has to be done 
 under normal working conditions to get the maximum benefit.

And, you're using reasonable precautions against ESD, right?
http://www.intel.com/design/packtech/ch_06.pdf
The sad thing is, most ESD problems don't show up right away.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Maybe OT : strange wildcard behaviour

[cpolish]

 If the app supports it (most good GNU like apps do) you need the double dash
 option which will end option processing (ls -l -- -my_stupid_file.foo-)

A script to rename files with unhelpful names:


#! /bin/bash
# Rename files by choosing from a menu C. Polisher 2003/04/21
ls -i
echo -n Enter inode of file to rename: 
read j
wasname=`find . -maxdepth 1 -inum ${j} -printf %p`
wasname=`echo ${wasname}|cat -vET`
echo -ne \nEnter new name for inode ${j}
echo -n ${wasname} : 
read newname
echo -ne \nrename ${wasname} to ${newname}  (y or n)? 
read yorn
while true
do
case ${yorn} in
Y|y|yes|YES|Yes|yES)
find . -maxdepth 1 -inum ${j} -exec mv \{\} ${newname} \;
break
;;
*)
break
;;
esac
done


-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mailman - searchable archive

[cpolish]

Jussi Hirvi wrote:
 Mailman works well for our mailing lists, but the archive is 
 unacceptable - the worst thing is lack of search function.
 
 I got one tip for this:
 
 1) emails converted to html format with mhonarc
 2) search can be done with htdig
 
 Opinions? Maybe there are better software solutions for this - I hope.
 
 - Jussi

Hello Jussi,

If searching on a local archive on your host consider grepmail.

-- 
Charles Polisher


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)

[cpolish]

On Fri, Sep 24, 2010 at 10:28:41PM +0200, Dotan Cohen wrote:
 On Fri, Sep 24, 2010 at 22:24, Alexander Dalloz ad+li...@uni-x.org wrote:
  http://www.zytrax.com/books/dns/
 
  That is a good source to read up about bind configuration.
 
  As a sidenote please be aware, that if someone directly queries your
  ns1.exampleA.com for exampleB.com zone records he will get proper
  answers. If you would need to prevent this for any reason you would need
  a extended bind config design using views.
 
  While the zytrax book has lessons about views you can too find a resource in
 
  http://www.cymru.com/Documents/secure-bind-template.html
 
 
 Wow, thank you! There is some good reading there, especially the
 security link. Lots of little holes to exploit!
 
 I will be up for the night!

For completeness: there is the BIND 9 Administrator Reference Manual,
known as the ARM, usually supplied under /usr/share/doc/.
And what many consider to be the standard reference, Liu and Albitz's
DNS and BIND published by O'Reilly. I believe it's up to the
5th edition now; an earlier edition used to be provided online.
If you're serious about learning DNS you ought to consider this book.
-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] should vsftpd be disabled in favour of sftp for security reasons?

[cpolish]

Robert P. J. Day wrote:
 On Fri, 17 Sep 2010, Michel van Deventer wrote:
 
  
 (another in an ongoing list of things i just want to clarify for the
   sake of future courses taught on centos.)
  
 from this RHEL doc page:
  
   http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Deployment_Guide/s1-openssh-server-config.html
  
   the reader is advised to, for the sake of security, remove/disable
  vsftpd, ostensibly in favour of sftp/sftp-server.  really?
  
 i can obviously see disallowing stuff like telnet and rsh and
   rlogin, that's a no-brainer.  but advising against vsftpd for the sake
  of security?  i'm not sure i see the logic in that.  thoughts?
 
  As FTP is a clear-text protocol, I would surely advise against
  leaving it on :) I only run a vsftpd server on one of my machines
  for the customers comfort, but that will change in the near future !
 
  I can easily image scenarios where unencrypted traffic with
  usernames/passwords is disallowed.
 
   but you can configure vsftpd to have secure connection:
 
 http://wiki.vpslink.com/Configuring_vsftpd_for_secure_connections_(TLS/SSL/SFTP)
 
 would that not address that issue?  i'm not arguing against secure
 communications, only that that manual page so cavalierly dismisses
 vsftpd when it seems clear that you *can* configure vsftpd to be
 secure.

Google for vsftpd + bugtraq. Be afraid.

-- 
Charles Polisher

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Automatically detecting LUNs without a reboot

[cpolish]

On Tue, Aug 31, 2010 at 04:48:01PM +0100, Gabriel Tabares wrote:
  From there, I went to
 http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/html/Online_Storage_Reconfiguration_Guide/rescan-scsi-bus.html
 
 Where it says :
 
 In order for |rescan-scsi-bus.sh| to work properly, |LUN0| must be the 
 first mapped logical unit. The |rescan-scsi-bus.sh| can only detect the 
 first mapped logical unit if it is |LUN0|. The |rescan-scsi-bus.sh| will 
 not be able to scan any other logical unit unless it detects the first 
 mapped logical unit even if you use the |--nooptscan| option. 
 
 So I went to the array interface, deleted the volumes and tried 
 re-creating a new volume with a LUN ID of 0, and I get the following error:
 Unable to create volume vd01_v001.
 LUN zero is reserved as the SCC/SES device on this host. (vd01_v001) - 
 The LUN specified (0) must be in the range of 1 - 511.
 
 I can't create a LUN with ID 0, which means that rescan-scsi-bus.sh will 
 not work, as per the above text.
 
 Any more suggestions?
 
 Thanks
 
 Gabriel

rescan-scsi-bus is a shell script. It accepts this argument:

--luns=LIST Scan only lun(s) in LIST

so it may work for you after all?

-- 
Charles Polisher
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos