Re: [CentOS] Can't move to Centos 8

[David C. Miller]

- Original Message -
> From: "david" 
> To: "CentOS mailing list" , centos@centos.org
> Sent: Wednesday, May 13, 2020 1:34:43 PM
> Subject: Re: [CentOS] Can't move to Centos 8

> At 01:25 PM 5/13/2020, James Szinger wrote:
>>On Tue, 12 May 2020 17:42:25 -0700 david  wrote:
>>
>> > Folks
>> >
>> > I've been trying to convert my systems to Centos 8, seeing the EOL on
>> > the horizon a few years away.  One of my systems is a Mac-Mini, and
>> > support for that has been discontinued.  I'm wondering what the
>> > community suggests among these alternatives:
>>
>>I can't be specific since you didn't say how you're using the
>>Mini. You don't even say if the Mini is PPC, i386, or x86_64.
>>
>> > 1)  Stay with Centos 7 even after EOL hoping market pressures will
>> > add Mac-Mini support
>>
>>My guess is that RH will focus on the server market.
>>
>> > 2)  Spend a few hundred dollars on a small, **quiet** replacement
>> > (ugh)
>>
>>2a) Stay on C7 until EOL (in 4 years).  Then re-evaluate your hardware
>>needs and availablilty.
>>
>> > 3) Convert to the Debian/Ubuntu distro.
>> >
>> > 4) Hope someone figures out a solution.
>>
>>Beware.  This might end up being very fragile.
>>
>>5) Switch to Fedora which has better hardware support and more software.
>>
>>Jim
>>___
> 
> 
> Jim
> Sorry that I omitted those details, so...
> Intended use:  Gateway to my in-house network, providing DNS
> (internal only), DHCP, Mail server, and web server, backup storage
> for some systems
> 
> As a web server, the load is low, so large USB-connected disk works just fine.
> As a backup device, I am using ZFS and it works well.
> As a mail server, it's my personal mail primarily, likely running
> sendmail or postfix.
> 
> Mac-mini is an x86_64.
> 
> For use as a gateway, I use the Ethernet connect as a link to a
> gigabyte switch and WiFi access point, and use a usb-connected dongle
> for the ethernet connect to the modem/internet.
> 
> David
> 

You can pickup a refurbished Dell optiplex small form factor PC with 3+Ghz core 
i5, 8GB RAM, and HDD, shipped for less than $100 on ebay. It even has slots for 
more half height pci-e cards. This is what I use for my router/NAS at home 
running CentOS 8 with ZFSonLinux.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] 10Gbps network interfaces under KVM

[David C. Miller]

- Original Message -
> From: "Carlos Lopez" 
> To: centos@centos.org
> Sent: Friday, January 25, 2019 11:57:37 AM
> Subject: [CentOS] 10Gbps network interfaces under KVM

> Hi all,
> 
> Anyone knows if exists some plan to support Intel 10Gbps nics like for 
> example
> 82575, 82576, 82580 or 82598EB Ethernet controllers under KVM for virtual 
> guest
> like it does with e1000 driver?
> 

Assuming you have a real 10Gbe NIC in the KVM virtual host system you can set 
virtio as the NIC on the guest. It should act like a 10Gbe NIC assuming you are 
running RHEL/CentOS as the guest or Windows with the virtio driver.

David.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C 7 installation annoyances

[David C. Miller]

- Original Message -
> From: "mark" 
> To: "CentOS mailing list" 
> Sent: Tuesday, October 16, 2018 2:36:38 PM
> Subject: Re: [CentOS] C 7 installation annoyances

> Gordon Messmer wrote:
>> On 10/16/18 1:24 PM, mark wrote:
>>
>>> Gordon Messmer wrote:
>>>
 As best I recall, there's no support in the UI for LVM volumes with
 RAID level.  (And I don't see any such option in the kickstart
 documentation, which also suggests that it won't be present in the
 UI.)
 The supported configuration is to create two partitions, create
 a RAID1 volume from those, make that volume an LVM physical volume,
 and then any logical volumes in that VG will be backed by a RAID1 set.

>>> Which is *stupid*. Why would you not want the LVM on a single RAID1?
>>
>> I don't think I follow you.  What I described creates a single RAID1
>> volume, and then creates logical volumes within it.
> 
> I don't seem to see your how-to-do-it today. All I know is that the GUI
> partitioner lets me *either* to lvm, *or* RAID, which results in two RAID
> partitions  (root and swap), not one LVM on top of a single RAID 1
> partition.
> 
> mark


LVM on a Linux software RAID1 is still easy to create. Here is a link to a 
tutorial someone made with screenshots.

https://www.tuxfixer.com/centos-7-installation-with-lvm-raid-1-mirroring/

Although I don't use LVM much I do use Linux software RAID1 on all my 
production systems. I have a few dozen systems that use it under CentOS 6 and 
7. It has always worked just fine and has saved me trouble from failing disks 
on quite a few occasions throughout the years.  

David Miller.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which is better? Microsoft Exchange 2016 or Linux-based SMTP Servers?

[David C. Miller]

- Original Message -
> From: "Johnny Hughes" 
> To: centos@centos.org
> Sent: Wednesday, July 25, 2018 8:18:18 AM
> Subject: Re: [CentOS] Which is better? Microsoft Exchange 2016 or Linux-based 
> SMTP Servers?

> On 07/19/2018 03:18 PM, David C. Miller wrote:
>> 
>> 
>> - Original Message -
>>> From: "Keith Keller" 
>>> To: centos@centos.org
>>> Sent: Thursday, July 19, 2018 11:33:17 AM
>>> Subject: Re: [CentOS] Which is better? Microsoft Exchange 2016 or 
>>> Linux-based
>>> SMTP Servers?
>> 
>>> On 2018-07-19, Mark Rousell  wrote:
>>>>
>>>> Well said. I feel that too many people today have forgotten (or, more
>>>> likely, never learned) these lessons from history. People give away
>>>> their personal and supposedly private information too easily and, I feel
>>>> certain, will come to regret it (some already have come to regret it).
>>>
>>> While I agree with the above, it doesn't really address Johnny's
>>> question, which is which open source calendaring projects can compete
>>> with Google calendar for users' ease of use?  If I give my users Zimbra,
>>> and they hate it, then what?  For simple email use, there are plenty of
>>> clients which can talk IMAP/SMTP to a linux server, but the options for
>>> calendaring (and ''groupware'' in general) are much sparser.
>>>
>>> It's a hard question, and each organization needs to weigh their privacy
>>> concerns against their users' requirements.
>>>
>>> --keith
>>>
>>> --
>>> kkel...@wombat.san-francisco.ca.us
>> 
>> Zimbra's calendaring component is also a CALDav compliant server. Users can 
>> also
>> share their calendars either via the zimbra web client(public, or restricted 
>> to
>> an email address with a password), or exporting the calendar to an ICS file.
>> CALDav compliant calendar clients like Apples calendar app on Mac and iOS can
>> subscribe or connect to the zimbra server using its 
>> https://zimbra.example.com
>> address. The Zimbra web client interface for using and managing calendars is
>> just as easy to use as googles calendars.
>> 
> 
> OK, what you say is true in theory.  However,  in Thunderbird on Linux
> and using Mac clients, etc  .. and certainly on Windows workstation
> clients using outlook .. zimbra does not work well.  It also does not
> work well on people's smart phone calendars. People want their phone to
> remind them of their appointments .. any solution that is iffy doing
> that is just unacceptable in this day and age.
> 

Yeah, I'm not saying it is perfect, nothing is. Zimbra standard also includes 
active sync so your iOS and android device can connect to it like if it was an 
exchange server. I have dozens of users doing that and the calendars work as 
intended. I also have a few dozen users connecting to our zimbra server via the 
Apple calendar program via CALDav protocol and although Apples program is not 
100% CALDav compliant it works fine for the things people actually use. They 
send invites and get reminders for events just fine. For our outlook users 
there is a connector that allows outlook to connect to our zimbra server as if 
it were an exchange server. I wasn't aware that thundebird had a calendar 
component but it works fine for IMAP and POP. I'm not saying it is perfect but 
if you have a mix of platforms like I do(Windows, Mac, Linux, android, iOS) and 
have to host the data yourself, I think Zimbra is a decent solution. That being 
said, I would prefer to use googles offerings. It would make m
 y job a lot easier. Being an email admin, dealing with spam/phishing/malware, 
maintaining security patches, OS updates, and hardware sucks.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which is better? Microsoft Exchange 2016 or Linux-based SMTP Servers?

[David C. Miller]

- Original Message -
> From: "Keith Keller" 
> To: centos@centos.org
> Sent: Thursday, July 19, 2018 11:33:17 AM
> Subject: Re: [CentOS] Which is better? Microsoft Exchange 2016 or Linux-based 
> SMTP Servers?

> On 2018-07-19, Mark Rousell  wrote:
>>
>> Well said. I feel that too many people today have forgotten (or, more
>> likely, never learned) these lessons from history. People give away
>> their personal and supposedly private information too easily and, I feel
>> certain, will come to regret it (some already have come to regret it).
> 
> While I agree with the above, it doesn't really address Johnny's
> question, which is which open source calendaring projects can compete
> with Google calendar for users' ease of use?  If I give my users Zimbra,
> and they hate it, then what?  For simple email use, there are plenty of
> clients which can talk IMAP/SMTP to a linux server, but the options for
> calendaring (and ''groupware'' in general) are much sparser.
> 
> It's a hard question, and each organization needs to weigh their privacy
> concerns against their users' requirements.
> 
> --keith
> 
> --
> kkel...@wombat.san-francisco.ca.us

Zimbra's calendaring component is also a CALDav compliant server. Users can 
also share their calendars either via the zimbra web client(public, or 
restricted to an email address with a password), or exporting the calendar to 
an ICS file. CALDav compliant calendar clients like Apples calendar app on Mac 
and iOS can subscribe or connect to the zimbra server using its 
https://zimbra.example.com address. The Zimbra web client interface for using 
and managing calendars is just as easy to use as googles calendars. 

David.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which is better? Microsoft Exchange 2016 or Linux-based SMTP Servers?

[David C. Miller]

I'm going to recommend going with a hosted solution if possible like google or 
office365. Assuming you have to host it I recommend Zimbra for a good Linux 
solution that is very much like exchange. Zimbra collaboration suite server can 
even act like an exchange server to android/ios devices and outlook for the 
paid for version. It is about as easy to setup/configure and maintain as 
exchange is. Note: I have maintained a 600 user Zimbra server for almost 10 
years now. I have maintained postfix, sendmail, devcot, spam assassin, etc in 
the past too so I kinda.. kinda know a little bit about this stuff. Rolling 
your own now days is not worth it in most cases.

David Miller.

- Original Message -
> From: "Turritopsis Dohrnii Teo En Ming" 
> To: centos@centos.org
> Sent: Wednesday, July 18, 2018 8:04:52 AM
> Subject: [CentOS] Which is better? Microsoft Exchange 2016 or Linux-based 
> SMTP Servers?

> Good evening from Singapore,
> 
> I am torn between deploying Microsoft Exchange 2016 and Linux-based
> SMTP servers like sendmail, postfix, qmail and exim.
> 
> Relative ease of installation and configuration is an important
> consideration factor.
> 
> Microsoft Exchange 2016, Domain Controller, and Active Directory are
> relatively easy to install and configure. Linux-based SMTP servers are
> extremely difficult to install and configure and of course, extremely
> time-consuming.
> 
> One of the features of Microsoft Exchange 2016 is that you can create
> additional folders on your Inbox in the server (server-side). Can
> Linux-based SMTP servers do that?
> 
> Does Exchange 2016 offer more user-friendly features or Linux-based
> SMTP servers?
> 
> Besides the above considerations, how about security? Traditionally,
> Linux is far more secure than Windows.
> 
> Judging by security, Linux-based SMTP servers ought to have a higher 
> percentage
> of the market share?
> 
> Finally, I can only use Windows Server 2016 Standard Evaluation Copy FREE for 
> a
> period of 3 years MAXIMUM. But I can use Linux servers and Mail Transport
> Agents (MTA) FREE perpetually.
> 
> Please advise.
> 
> Thank you very much.
> 
> 
> 
> ===BEGIN SIGNATURE===
> 
> Turritopsis Dohrnii Teo En Ming's Academic Qualifications as at 30 Oct 2017
> 
> [1] https://tdtemcerts.wordpress.com/
> 
>  [2] http://tdtemcerts.blogspot.sg/
> 
>  [3]
> https://www.scribd.com/user/270125049/Teo-En-Ming
> 
>  ===END SIGNATURE===
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Semi-OT: install python package in userspace

[David C. Miller]

David Miller.

- Original Message -
> From: "m roth" 
> To: "CentOS mailing list" 
> Sent: Friday, April 6, 2018 12:04:43 PM
> Subject: Re: [CentOS] Semi-OT: install python package in userspace

> Valeri Galtsev wrote:
> 
 On Fri, 6 Apr 2018 17:25 ,  wrote:

> CentOS 7 box. As there's no package in any of the repos, we're trying
> to install scikit-learn in the user's space. It refuses. My late try
> was,
> after d/l a .whl from last year, hoping that would work with the numpy
> package in the regular repos, I did a pip install --user
> scikit-learn..., and it still seems to want to write to system space:
>  OSError: [Errno 13] Permission denied:
> '/usr/lib64/python2.7/site-packages/numpy-1.7.1.dist-info
>
> Anyone got any pointers?
> 
>> Mark, python is a "sneaky snake" ;-) and some modules may require
>> particular version of dependencies, therefore they may ignore your
>> system wide numpy (even though it may just may be compatible with them),
>> and may demand latest version of numpy. Which will explain pip (or
>> other) attempting to pull dependencies which allegedly are available
>> system wide already.
>>
>> Just speculating, your own research on your particular issue may give
>> your better answer.
> 
> Well, my manager came back, and he's got me using virtenv. Having read
> about it, I like it.  Oh, and the issue with the system numpy in
> site-packages was that, for some reason, it was *not* world-readable.
> Fixed that.
> 
> So, I'm working on trying to install scipy in the virtenv... and for
> unknown reasons, it simply can't find the system libs. I did this before
> the last attempt to
> export LAPACK=/usr/lib64/liblapack.so.3
> export BLAS=/usr/lib64/libblas.so.3
> and just added export LD_LIBRARY_PATH=/usr/lib64
> Still can't find them.
> 
> Clues on this one?
> 
>mark

Mark,

You might also want to look at conda for managing a self contained python and 
all the crazy external dependencies. Being in a research environment means 
these people will probably come back with lots of requests for other modules 
and external dependencies like tensorflow, qt5, hdf5, etc.  Conda handles 
building the snowflake versions for all that junk.

David.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Possible bug with latest 7.3 installer, md RAID1, and SATADOM.

[David C. Miller]

>> On Fri, Apr 14, 2017 at 2:28 PM, David C. Miller <mille...@fusion.gat.com>
>> wrote:
>> 
>> I'm seeing a problem that I think maybe a bug with the mdraid software on
>> the latest CentOS installer. I have a couple of new supermicro servers and
>> each system has two innodisk 32GB SATADOM's that are experiencing the same
>> issue. I used the latest CentOS-7-x86_64-1611 to install to the two
>> SATADOM's a simple RAID1 for the root. The install goes just fine but when
>> I boot off the new install I see one of two behaviours. It either hangs at
>> boot, or boots fine but I start getting errors when using the system. For
>> example it will give me  the following error if I try to run yum update.
>>
>> error: rpmdb: damaged header #6 retrieved -- skipping.
>>
>> It will just hang giving that error over and over. I have to use a
>> different login session to kill it or reboot. It doesn't even log anything
>> to journelctl or /var/log/messages. At first I thought either the hardware
>> was the issue(sata port, controller, SATADOM, etc). However, I do not see
>> any issues if I don't try to raid the disks. Setting either of the
>> SATADOM's up as a single system drive works just fine. It does not matter
>> if I choose xfs or ext4 for the filesystem when I try to RAID them either.
>> Making an md RAID1 out of the two disks with 7.3 installer is the only
>> combination I see this issue with. If I use the previous 7.2
>> installer(CentOS-7-x86_64-1511) I don't see the problem at all. I can run
>> yum update, reboot, and everything is still ok. I should also point out
>> that I tested the CentOS 7.3 installer creating a md RAID1 system drive
>> using two regular spinning hard drives and that worked just fine. I was
>> wondering if anyone else has seen something similar or can confirm th
>>  is problem before I submit it as a real bug..
>>
>> TL/DR. Two different supermicro servers, both using innodisk 32GB
>> SATADOM's and latest CentOS 7.3 installer to create a RAID1 system results
>> in freezes and weird errors. Using the CentOS 7.2 installer works fine.
>>
>> David Miller.
>> ___

> From: "Cameron Smith" <came...@networkredux.com>
> To: "CentOS mailing list" <centos@centos.org>
> Sent: Friday, April 14, 2017 2:48:56 PM
> Subject: Re: [CentOS] Possible bug with latest 7.3 installer, md RAID1,   
> and SATADOM.

> Is there a reason you are not using the built in controller to RAID the
> SATADOMs?
> 
> As I remember on SuperMicro there are two controllers. One for the SATADOMs
> and another for the conventional disks.
> 
> Cameron

It requires additional software to monitor the hardware RAID. CentOS can 
monitor the health of the drives and the mdRAID. It is trivial to setup postfix 
to relay through my mail gateway so both smartd and md will send me an email as 
soon as it sees an issue. Relying on a hardware raid card is just one more 
point of failure. I only get HBA cards and let Linux handle it. On top of that 
I can move the drives to any other system and it will still work.

David Miller.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

[CentOS] Possible bug with latest 7.3 installer, md RAID1, and SATADOM.

[David C. Miller]

I'm seeing a problem that I think maybe a bug with the mdraid software on the 
latest CentOS installer. I have a couple of new supermicro servers and each 
system has two innodisk 32GB SATADOM's that are experiencing the same issue. I 
used the latest CentOS-7-x86_64-1611 to install to the two SATADOM's a simple 
RAID1 for the root. The install goes just fine but when I boot off the new 
install I see one of two behaviours. It either hangs at boot, or boots fine but 
I start getting errors when using the system. For example it will give me  the 
following error if I try to run yum update.

error: rpmdb: damaged header #6 retrieved -- skipping.

It will just hang giving that error over and over. I have to use a different 
login session to kill it or reboot. It doesn't even log anything to journelctl 
or /var/log/messages. At first I thought either the hardware was the issue(sata 
port, controller, SATADOM, etc). However, I do not see any issues if I don't 
try to raid the disks. Setting either of the SATADOM's up as a single system 
drive works just fine. It does not matter if I choose xfs or ext4 for the 
filesystem when I try to RAID them either. Making an md RAID1 out of the two 
disks with 7.3 installer is the only combination I see this issue with. If I 
use the previous 7.2 installer(CentOS-7-x86_64-1511) I don't see the problem at 
all. I can run yum update, reboot, and everything is still ok. I should also 
point out that I tested the CentOS 7.3 installer creating a md RAID1 system 
drive using two regular spinning hard drives and that worked just fine. I was 
wondering if anyone else has seen something similar or can confirm th
 is problem before I submit it as a real bug..

TL/DR. Two different supermicro servers, both using innodisk 32GB SATADOM's and 
latest CentOS 7.3 installer to create a RAID1 system results in freezes and 
weird errors. Using the CentOS 7.2 installer works fine.

David Miller.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ghostscript update breaks evince

[David C. Miller]

- Original Message -
> From: "Robert Nichols" 
> To: centos@centos.org
> Sent: Wednesday, January 4, 2017 12:21:48 PM
> Subject: [CentOS] ghostscript update breaks evince

> Today's ghostscript.x86_64 0:8.70-21.el6_8.1 update causes evince to refuse to
> display any postscript file. Running evince from a terminal session, I see the
> errors:
> 
> invalidaccess -7
> invalidaccess -7
> invalidaccess -7
> 
> ** (evince:1252): WARNING **: Error rendering thumbnail
> 
> Downgrading to ghostscript.x86_64 0:8.70-21.el6 corrects the problem.
> 
> Anyone else seeing this?
> 
> --
> Bob Nichols "NOSPAM" is really part of my email address.
> Do NOT delete it.
> 
> ___


I'm seeing this too. I just submitted a bug to RedHat.

David Miller.
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CVE-2015-0235 - glibc gethostbyname

[David C. Miller]

- Original Message -
 From: Simon Banton cen...@web.org.uk
 To: CentOS mailing list centos@centos.org
 Sent: Wednesday, January 28, 2015 6:10:34 AM
 Subject: Re: [CentOS] CVE-2015-0235 - glibc gethostbyname
 
 Hi,
 
 For reasons which are too tiresome to bore you all with, I have an
 obligation to look after a suite of legacy CentOS 4.x systems which
 cannot be migrated upwards.
 
 I note on https://access.redhat.com/articles/1332213 the following
 comment from a RHN person:
 
 We are currently working on and testing errata for RHEL 4, we will
 post an update for it as soon as it's ready. Thank you for your
 patience!
 
 Is there *any* prospect of updated glibc packages for CentOS 4.x
 being made available?
 
 Cheers
 S.

Although I hate Oracle with a fury, one good thing is that they put all the 
updates they rebuild for their RHEL clone in a publicly viewable site. I'm 
guessing they pay Redhat for extended support on end of life RHEL4 to get 
access to the source rpms. I learned about this from another list member back 
when the bash shell shock exploit hit. 

http://public-yum.oracle.com/repo/EnterpriseLinux/EL4/latest/

David Miller.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Set static IP

[David C. Miller]

- Original Message -
 From: Joseph Hesse joehe...@gmail.com
 To: centos@centos.org
 Sent: Thursday, May 15, 2014 12:41:09 PM
 Subject: [CentOS] Set static IP
 
 Hello,
 I want my CentOS 6.5 computer to have a static IP.  Currently I get
 the
 IP I want because I have my router assign it on the basis of mac
 address.
 I placed the following file as:
 /etc/sysconfig/networking-scripts/eth0
 
 DEVICE=eth0
 BOOTPROTO=static
 HWADDR=00:1F:D0:9E:AE:67
 ONBOOT=yes
 TYPE=Ethernet
 USERCTL=no
 IPV6INIT=no
 PEERDNS=yes
 NETMASK=255.255.255.0
 IPADDR=192.168.0.99
 GATEWAY=192.168.0.1
 NM_CONTROLLED=no
 
 I also disabled Network Manager with chkconfig.
 
 It didn't work.  When I rebooted I had no IP address for eth0. Should
 I
 leave all the other scripts in /etc/sysconfig/networking-scripts
 unchanged?
 
 Suggestions would be appreciated.
 
 Thank you,
 Joe


Did you also disable NetworkManager using service NetworkManager stop before 
making the change and rebooting. If you did not then those scripts were still 
under NetworkManager control and it would have removed your changes right away.

David Miller.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] gnutls bug

[David C. Miller]

- Original Message -
 From: Stephen Harris li...@spuddy.org
 To: CentOS mailing list centos@centos.org
 Sent: Wednesday, March 5, 2014 4:43:37 PM
 Subject: Re: [CentOS] gnutls bug
 
 On Wed, Mar 05, 2014 at 06:12:49PM -0600, Les Mikesell wrote:
  On Wed, Mar 5, 2014 at 6:00 PM, Michael Coffman
   updated.  I did not realize that once the OS was vaulted, there
   were no
   more updates.   Now I know so thanks...
  
  No, what everyone has said is that there _are_ updates, and yum
  knows
  how to get them, even selectively.
 
 More to the point, 6.4 and 6.5 are just markers in the sand for
 CentOS 6.  6.5 is basically just a rebasing of the packages to make
 it
 easier to install; it's an accumulation of updates for 6.4 in an easy
 to digest form.
 
 If you stop thinking of 6.4 and 6.5 as different OS's but as the
 same
 OS but at different parts of their patch lifecycle then it becomes a
 lot
 simpler.
 

Perhaps a good analogy is with old and crusty WindowsXP. You have the original 
release of WindowsXP(CentOS 6.0), then came WindowsXP service pack1(centOS 
6.1), then service pack2(centos 6.2), etc. The one big difference is that you 
can pick and choose exactly which packages that ship with CentOS get updated. 
So in your case all you would need to do is yum update gnutls and that would 
save you from having to compile from source. 

I have to ask though, How did you stand up an HPC cluster and individual CentOS 
nodes without learning how this works?

David C. Miller
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Read only nfsroot and diskless booting CentOS 6?

[David C. Miller]

Does anyone have any good how-to's or documentation on setting up read only 
root NFS for pxe booting diskless computers? A few months ago I stumbled upon 
an official Redhat doc through a google search(not hosted by redhat and I 
cannot find it anywhere on the Redhat site) written by Dave Kline named 
Configuring diskless clients with Red Hat Enterprise Linux from 2011. It 
seemed to be a work in progress but the steps in it did work for doing nfsroot 
for one diskless client only. It did not have any explanation for doing read 
only nfsroot or how to deal with /var for multiple systems. I know there is a 
file in /etc/sysconfig/readonly-root but I could not get it working correctly. 
I did kludge together something for /var where during the init process I 
created a tmpfs for /var and rsync'd a copy of /var from an nfs mount. This 
worked, but again I felt it was a kludge to a proper solution. 

Although I got this working for booting an old bios based Dell and a VM via PXE 
boot, I don't know if it will work for newer UEFI based computers. I'm just 
looking to boot about 20 or so small modern PC's into a stripped down gnome 
desktop with a few apps installed. I still have not decided on the diskless 
clients I want to use. I was thinking either something like the low end intel 
NUC or one of the small AMD APU based PC's.

David C Miller.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Memory leak - how to investigate

[David C. Miller]

- Original Message -
 From: Jussi Hirvi listmem...@greenspot.fi
 To: CentOS mailing list centos@centos.org
 Sent: Monday, February 3, 2014 5:43:16 AM
 Subject: [CentOS] Memory leak - how to investigate
 
 My web  name server runs out of memory from time to time, to the
 point
 where it's completely unresponsive to anything. At that point reset
 is
 the only alternative. (Or, as this is a virtual guest, I just say
 virsh
 destroy).
 
 But why this happens - I would like to know.




Check your apache access logs to see what is hitting the site so much. It could 
be a web crawler indexing the site, a script that is out of control, or DDOS. 

David C. Miller

 
 The host in question is a KVM guest, and runs CentOS 6.4.
 
  From top (situation now):
 Mem:   1361564k total,  1264324k used,97240k free, 8428k
 buffers
 Swap:  3014648k total,64852k used,  2949796k free,   358676k
 cached
 
 At or before the last crash I got a long error message on the
 console.
 Oom-killer was called repeatedly by httpd and named.
 
 I paste below the first error message, which is long. There were
 several
 long entries like this. I
 
 - Jussi
 
 [root@ns1 ~]# httpd invoked oom-killer: gfp_mask=0x280da, order=0,
 oom_adj=0, oom_score_adj=0
 httpd cpuset=/ mems_allowed=0
 Pid: 2962, comm: httpd Not tainted 2.6.32-358.23.2.el6.x86_64 #1
 Call Trace:
   [810cb641] ? cpuset_print_task_mems_allowed+0x91/0xb0
   [8111ce40] ? dump_header+0x90/0x1b0
   [810e930e] ? __delayacct_freepages_end+0x2e/0x30
   [8121d4ec] ? security_real_capable_noaudit+0x3c/0x70
   [8111d2c2] ? oom_kill_process+0x82/0x2a0
   [8111d201] ? select_bad_process+0xe1/0x120
   [8111d700] ? out_of_memory+0x220/0x3c0
   [8112c3dc] ? __alloc_pages_nodemask+0x8ac/0x8d0
   [81160d6a] ? alloc_pages_vma+0x9a/0x150
   [81143f0b] ? handle_pte_fault+0x76b/0xb50
   [a00c60f9] ? ext4_check_acl+0x29/0x90 [ext4]
   [81075887] ? current_fs_time+0x27/0x30
   [8114452a] ? handle_mm_fault+0x23a/0x310
   [810474e9] ? __do_page_fault+0x139/0x480
   [8114aaba] ? do_mmap_pgoff+0x33a/0x380
   [81513bfe] ? do_page_fault+0x3e/0xa0
   [81510fb5] ? page_fault+0x25/0x30
 Mem-Info:
 Node 0 DMA per-cpu:
 CPU0: hi:0, btch:   1 usd:   0
 Node 0 DMA32 per-cpu:
 CPU0: hi:  186, btch:  31 usd:  89
 active_anon:201535 inactive_anon:68173 isolated_anon:3424
   active_file:130 inactive_file:284 isolated_file:160
   unevictable:0 dirty:0 writeback:245 unstable:0
   free:14234 slab_reclaimable:2891 slab_unreclaimable:13218
   mapped:239 shmem:14 pagetables:28858 bounce:0
 Node 0 DMA free:8252kB min:340kB low:424kB high:508kB
 active_anon:2168kB
 inactive_anon:4624kB active_file:4kB inactive_file:144kB
 unevictable:0kB
 isolated(anon):0kB isolated(file):0kB present:15348kB mlocked:0kB
 dirty:0kB writeback:28kB mapped:8kB shmem:0kB slab_reclaimable:12kB
 slab_unreclaimable:128kB kernel_stack:8kB pagetables:376kB
 unstable:0kB
 bounce:0kB writeback_tmp:0kB pages_scanned:1424 all_unreclaimable? no
 lowmem_reserve[]: 0 1956 1956 1956
 Node 0 DMA32 free:48684kB min:44712kB low:55888kB high:67068kB
 active_anon:803972kB inactive_anon:268068kB active_file:516kB
 inactive_file:992kB unevictable:0kB isolated(anon):13696kB
 isolated(file):640kB present:2003828kB mlocked:0kB dirty:0kB
 writeback:888kB mapped:948kB shmem:56kB slab_reclaimable:11552kB
 slab_unreclaimable:52744kB kernel_stack:3344kB pagetables:115056kB
 unstable:0kB bounce:0kB writeback_tmp:0kB pages_scanned:7552
 all_unreclaimable? no
 lowmem_reserve[]: 0 0 0 0
 Node 0 DMA: 25*4kB 11*8kB 6*16kB 3*32kB 9*64kB 3*128kB 1*256kB
 3*512kB
 1*1024kB 2*2048kB 0*4096kB = 8252kB
 Node 0 DMA32: 977*4kB 401*8kB 320*16kB 179*32kB 58*64kB 63*128kB
 32*256kB 7*512kB 3*1024kB 0*2048kB 1*4096kB = 48684kB
 21463 total pagecache pages
 20882 pages in swap cache
 Swap cache stats: add 1523887, delete 1503005, find 201987/297332
 Free swap  = 0kB
 Total swap = 3014648kB
 511996 pages RAM
 43605 pages reserved
 66036 pages shared
 446256 pages non-shared
 [ pid ]   uid  tgid total_vm  rss cpu oom_adj oom_score_adj name
 [  449] 0   449 26750   0 -17 -1000 udevd
 [ 1080] 0  1080 69096   0 -17 -1000
 auditd
 [ 1105] 0  1105622711   0   0 0
 rsyslogd
 [ 1142]25  114240455  262   0   0 0 named
 [ 1184] 0  1184165630   0 -17 -1000 sshd
 [ 1195] 0  1195130360   0   0 0
 vsftpd
 [ 1231] 0  1231270411   0   0 0
 mysqld_safe
 [ 1333]27  1333   187111 4825   0   0 0
 mysqld
 [ 1430] 0  143020216   21   0   0 0
 master
 [ 1438]89  143820236   18   0   0 0
 pickup
 [ 1439]89  143920279   22   0   0 0 qmgr

Re: [CentOS] SSH login from user with empty password

[David C. Miller]

- Original Message -
 From: Michael Schultz m.schu...@srz.de
 To: centos@centos.org
 Sent: Thursday, October 10, 2013 6:44:36 AM
 Subject: [CentOS] SSH login from user with empty password
 
 Hello list,
 
 on a CentOS 6.4 machine I'm creating accounts with empty passwords.
 Each
 user's public key is located in user's home/.ssh/authorized_keys.
 
 When trying to ssh into that machine, following error message is
 displayed:
 Permission denied (publickey).
 
 In /etc/ssh/sshd_config I've set:
 PasswordAuthentication no
 UsePAM no
 
 If I set a password for the users, the public key auth works without
 any
 problems.
 
 Could anyone tell me what I'm missing here?
 
 
 Thanks
 Michael


SSH by default will use a key pair if found but then drops back to login 
password. It will also fall back to password if the keypair has a passphrase 
and you just hit retrun without type it in. SSH won't allow you to connect 
because the password in the shadow file is blank. Basically if you don't have a 
password it should not allow you to login regardless. From a security 
standpoint it makes sense to never allow blank passwords. Just give the account 
a long 25 character random password and then setup SSH key pairs.

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] SSH login from user with empty password

[David C. Miller]

- Original Message -
 From: Lists li...@benjamindsmith.com
 To: centos@centos.org
 Sent: Thursday, October 10, 2013 3:36:02 PM
 Subject: Re: [CentOS] SSH login from user with empty password
 
 On 10/10/2013 03:12 PM, David C. Miller wrote:
  SSH by default will use a key pair if found but then drops back to
  login password. It will also fall back to password if the keypair
  has
  a passphrase and you just hit retrun without type it in. SSH won't
  allow you to connect because the password in the shadow file is
  blank.
  Basically if you don't have a password it should not allow you to
  login regardless. From a security standpoint it makes sense to
  never
  allow blank passwords. Just give the account a long 25 character
  random password and then setup SSH key pairs.
 
  From what I read, it sounds like you are saying that you can't log
  in
 with keypairs unless a password has been set. If so, this appears to
 be
 incorrect, at least as of CentOS 6. To test this, I did the
 following:
 
 [root@norman ~]# adduser testnopw
 [root@norman ~]# su - testnopw
 [testnopw@norman ~]$ mkdir .ssh  chmod 600 .ssh;
 [testnopw@norman ~]$ nano .ssh/authorized_keys
  - pasted id_dsa.pub from another account -
 [testnopw@norman ~]$ chmod 600 .ssh/authorized_keys
 
 
 Now, as another account on the same server:
 
 [bens@norman] ssh testnopw@localhost
 Enter passphrase for key '/home/bens/.ssh/id_dsa':
 [testnopw@norman ~]$
 
 Never, in the above script, was a password set.


I just tested this myself and indeed it even works with a key pair that does 
not have a passphrase. I stand corrected. 

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] x2go (vs. freenx)?

[David C. Miller]

- Original Message -
 From: Les Mikesell lesmikes...@gmail.com
 To: CentOS mailing list centos@centos.org
 Sent: Tuesday, September 24, 2013 12:18:34 PM
 Subject: [CentOS] x2go (vs. freenx)?
 
 Is anyone using x2go on Centos - and if so, is there any reason to
 think about switching from freenx?   The old NX client for mac was a
 powerpc binary and is no longer supported under mountain lion - and
 their new alpha release crashed my mac after an OSX update so I'm
 curious if there is anything better around.   (And I didn't like the
 way the new mac version changed the screen scaling instead of
 resizing
 when you tried to change  the window size, but maybe I just didn't
 know how to do it).
 
 --
Les Mikesell
 lesmikes...@gmail.com


I'm using the latest beta2 NoMachine 4.0 client under Mac OS 10.8.5 to connect 
to two different NoMachine servers. One is an unlimited enterprise 
server(3.5.0) on RHEL 6.4 and the other is the free two concurrent user 3.5.0 
version running on CentOS 6.4 offered by NoMachine. It works very well on both. 
You can change the NoMachine window to either scale the image or adjust the 
resolution of the window to be 1:1 on the fly. 

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CVE-2013-2094 and CentOS 6.x

[David C. Miller]

For those who don't know yet here is the redhat bugzilla on this exploit.

https://bugzilla.redhat.com/show_bug.cgi?id=962792

Does anyone know if CentOS 6 have the debug packages available to apply the 
temp patch for this listed in the bugzilla link?

David.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RAID 6 - opinions

[David C. Miller]

- Original Message -
 From: Joseph Spenner joseph85...@yahoo.com
 To: CentOS mailing list centos@centos.org
 Sent: Thursday, April 11, 2013 1:36:29 PM
 Subject: Re: [CentOS] RAID 6 - opinions
 
 
 
 
 
  From: John R Pierce pie...@hogranch.com
 To: centos@centos.org
 Sent: Thursday, April 11, 2013 1:24 PM
 Subject: Re: [CentOS] RAID 6 - opinions
  
 
 On 4/11/2013 12:30 PM, m.r...@5-cent.us wrote:
  Ok, listening to all of this, I've also been in touch with a tech
  from the
  vendor*, who had a couple of suggestions: first, two RAID sets
  with two
  global hot spares.
 
 
 I would test how long a drive rebuild takes on a 20 disk RAID6.    I
 suspect, very long, like over 24 hours, assuming a fast controller
 and
 sufficient channel bandwidth.
 

Just for reference, I have a 24 x 2TB SATAIII using CentOS 6.4 Linux MD RAID6 
with two of those 24 disks as hotspares. The drives are in a Supermicro 
external SAS/SATA box connected to another Supermicro 1U computer with an 
i3-2125 CPU @ 3.30GHz and 16GB ram. The connection is via a 6Gbit mini SAS 
cable to an LSI 9200 HBA. Before I deployed it into production I tested how 
long it would take to rebuild the raid from one of the hot spares and it took a 
little over 9 hours. I have two 15TB LVM's on it formatted EXT4 with the rest 
used for LVM snapshot space if needed. Using dd to write a large file to one of 
the partitions I see about 480MB/s. If I rsync from one partition to another I 
get just under 200MB/s. 

dd if=/dev/zero of=/backup/5GB.img count=5000 bs=1M
5000+0 records in
5000+0 records out
524288 bytes (5.2 GB) copied, 10.8293 s, 484 MB/s

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RAID 6 - opinions

[David C. Miller]

- Original Message -
 From: Reindl Harald h.rei...@thelounge.net
 To: CentOS mailing list centos@centos.org
 Cc: David C. Miller mille...@fusion.gat.com
 Sent: Thursday, April 11, 2013 4:17:18 PM
 Subject: Re: [CentOS] RAID 6 - opinions
 
 
 
 Am 12.04.2013 01:13, schrieb David C. Miller:
  dd if=/dev/zero of=/backup/5GB.img count=5000 bs=1M
  5000+0 records in
  5000+0 records out
  524288 bytes (5.2 GB) copied, 10.8293 s, 484 MB/s
 
 aha, you have 16 GB RAM, write 5 GB to the disk which
 is easily buffered into RAM and think this measures
 anything?
 
 do the same with 32 GB instead 5 GB
 
 
Good call, I did not even think about that. Here is a 31GB file write. 

dd if=/dev/zero of=/backup/30GB.img count=3 bs=1M
3+0 records in
3+0 records out
3145728 bytes (31 GB) copied, 78.041 s, 403 MB/s

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RAID 6 - opinions

[David C. Miller]

- Original Message -
 From: Keith Keller kkel...@wombat.san-francisco.ca.us
 To: centos@centos.org
 Sent: Thursday, April 11, 2013 4:34:20 PM
 Subject: Re: [CentOS] RAID 6 - opinions
 
 On 2013-04-11, David C. Miller mille...@fusion.gat.com wrote:
 
  Just for reference, I have a 24 x 2TB SATAIII using CentOS 6.4
  Linux MD RAID6 with two of those 24 disks as hotspares. The drives
  are in a Supermicro external SAS/SATA box connected to another
  Supermicro 1U computer with an i3-2125 CPU @ 3.30GHz and 16GB ram.
  The connection is via a 6Gbit mini SAS cable to an LSI 9200 HBA.
  Before I deployed it into production I tested how long it would
  take to rebuild the raid from one of the hot spares and it took a
  little over 9 hours.
 
 I did a similar test on a 3ware controller.  Apparently those cards
 have
 a feature that allows the controller to remember which sectors on the
 disks it has written, so that on a rebuild it only reexamines those
 sectors.  This greatly reduces rebuild time on a mostly empty array,
 but
 it means that a good test would almost fill the array, then attempt a
 rebuild.  I definitely saw a difference in rebuild times as I filled
 the
 array.  (In 3ware/LSI world this is sometimes called rapid RAID
 recovery.)
 
 In checking my archives, it looks like a rebuild on an almost full
 50TB
 array (24 disks) took about 16 hours.  That's still pretty
 respectable.
 I didn't repeat the experiment, unfortunately.
 
 I don't know if your LSI controller has a similar feature, but it's
 worth investigating.
 
 --keith
 

The LSI 9200's I use are nothing more than a dumb $300 host bus adapter. No 
RAID levels or special features. I prefer to NOT use hardware RAID controllers 
when I can. With a generic HBA the hard drives are seen raw to the OS. You can 
use smartctl to poll and test the drives just like they were connected to a 
generic SATA bus on the motherboard. The tools built into Linux(smartd  md) 
are better suited and more flexible at reporting problems and handling every 
level of RAID. It also makes migrating the array to another system trivial. I 
don't have to worry about finding the exact same RAID controller. Just a no 
frills SAS/SATA HBA will do.

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Is glusterfs ready?

[David C. Miller]

- Original Message -
 From: John Doe jd...@yahoo.com
 To: Cent O Smailinglist centos@centos.org
 Sent: Tuesday, August 28, 2012 3:14:29 AM
 Subject: [CentOS] Is glusterfs ready?
 
 Hey,
 
 since RH took control of glusterfs, I've been looking to convert our
 old independent RAID storage servers to several non RAID glustered
 ones.
 
 The thing is that I, here and there, heard a few frightening stories
 from some users (even with latest release).
 Any one has experienced with it long enough to think one can blindly
 trust it or if it is almost there but not yet ready?
 
 Thx,
 JD


I'm using gluster 3.3.0-1 on two KVM host nodes. I have a 1TB logical volume 
used as a brick on each node to create a replicated volume. I store my VM's on 
this volume and have each node mount the gluster volume via localhost using the 
native FUSE gluster driver. I get about 75-105MB/s over 1Gb Ethernet. Been 
running this since 3.3 came out. I did quite a bit of failure testing before 
going live. So far it is working well. I'm only using it as a glorified network 
RAID1 to make live migration of my VM's fast. 

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Deduplication data for CentOS?

[David C. Miller]

- Original Message -
 From: Rainer Traut tr...@gmx.de
 To: centos@centos.org
 Sent: Monday, August 27, 2012 4:55:03 AM
 Subject: [CentOS] Deduplication data for CentOS?
 
 Hi list,
 
 is there any working solution for deduplication of data for centos?
 We are trying to find a solution for our backup server which runs a
 bash
 script invoking xdelta(3). But having this functionality in fs is
 much
 more friendly...
 
 We have looked into lessfs, sdfs and ddar.
 Are these filesystems ready to use (on centos)?
 ddar is sthg different, I know.
 
 Thx
 Rainer

Although not open source, CrashplanPROe only costs $365 for a perpetual five 
client license. I use it to backup some of my Linux boxes. It has very good 
deduplication, compression, and encryption. For example I have 1.7TB of data on 
one linux system and another system that has 1.5TB. I NFS mount one of the 
systems to another and only use one Crashplan client to backup both data sets 
to a single backup archive. The backup archive is only 1.2TB and that also 
spans 90 days worth of file modification and deletion I can recover. 

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RAID card selection - JBOD mode / Linux RAID

[David C. Miller]

- Original Message -
 From: Alan McKay alan.mc...@gmail.com
 To: CentOS mailing list centos@centos.org
 Sent: Thursday, July 19, 2012 5:21:17 AM
 Subject: Re: [CentOS] RAID card selection - JBOD mode / Linux RAID
 
 On Wed, Jul 18, 2012 at 6:44 PM, SilverTip257
 silvertip...@gmail.com wrote:
  That's going to really drag if you have to configure a RAID0 for
  all
  48 disks ... it'd be much easier if you could directly communicate
  with the drives.  I've set up at most five or six RAID0 devices on
  one
  host and it's not particularly enjoyable!
 
 Well using the command line tools it is not bad at all - but my
 question remains unanswered - how many logical devices can your card
 have?  I've hit my limit at 24 but I have 48 drives.  So I need to
 find a card that can do 48 logical devices.
 
 thanks
 

I use an LSI 9200-8e PCIe host bus adapter card for my SAS JBOD's. It has 
nothing but two standard SFP connecters for connecting external JBOD. No fancy 
hardware RAID or anything is done by the card. I can see up to 512 SATA/SAS 
drives connected to the card via SAS JBOD enclosures. Drivers a re built into 
the Linux kernel. Drives are seen raw in Linux so you can use smartd and 
smartctl to monitor them. There is also an HBA 9200 series that does internal 
connections too. Most of LSI's non HBA cards that do RAID do NOT support pure 
JBOD.

David.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Fwd: Bug 800181: NFSv4 on RHEL 6.3 over six times slower than 5.8

[David C. Miller]

- Original Message -
 On Wed, Jul 11, 2012 at 11:29 AM, Colin Simpson
 colin.simp...@iongeo.com wrote:
 
  But think yourself lucky, BTRFS on Fedora 16 was much worse. This
  was
  the time it took me to untar a vlc tarball.
 
  F16 to RHEL5 - 0m 28.170s
  F16 to F16 ext4 -  4m 12.450s
  F16 to F16 btrfs - 14m 31.252s
 
  A quick test seems to say this is better in F17 (3m7.240s on BTRFS
  but
  still looks like we are hitting NFSv4 issues for this but btrfs
  itself
  is better).
 
 I wonder if the real issue is that NFSv4 waits for a directory change
 to sync to disk but linux wants to flush the whole disk cache before
 saying the sync is complete.
 
 --
   Les Mikesell
  lesmikes...@gmail.com

I think you are right that it is the forcing of the sync operation for all 
writes in NFSv4 that is making it slow. I just tested on a server and client 
both running RHEL 6.3. I exported a directory that had an old tar.gz of open 
office 3.0 distribution for Linux. 175MB. Exported with the default of sync 
option took 26 seconds to extract from the client mount. Exported with the 
async option and the extraction only took 4 seconds. Just to be clear on what I 
tested with. This is over 1GbE. The NFS server has an Intel Core i3-2125 CPU @ 
3.3GHz, 16GB ram, NFS export directory is from a 22 drive Linux RAID6 connected 
via a SAS 6Gb/sec HBA. The client is a Intel Core 2 duo E8400 @ 3GHz, 4GB ram. 

Mark,

Have you tried using async in your export options yet? Any difference?

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Postfix mail server procedure

[David C. Miller]

- Original Message -
 From: Jonathan Vomacka juvi...@gmail.com
 To: centos@centos.org
 Sent: Tuesday, November 8, 2011 10:10:28 PM
 Subject: [CentOS] Postfix mail server procedure
 
 CentOS Community,
 
 I was wondering if anyone had a good resource or procedure for a step
 by
 step in installing a mail server with Centos. There ARE documents on
 google, however almost all that i've found were outdated from 2005.
 Does
 anyone know where I can find this type of document for a mailserver
 Postfix + MySQL + SpamAssassin + ClamAV + Squirrelmail +
 Postfixadmin, etc?


Save yourself from the headache of setting all this up and just use the open 
source version of Zimbra. It installs very cleanly on CentOS.

http://www.zimbra.com/downloads/os-downloads.html

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] redhat vs centos

[David C. Miller]

- Original Message -
 From: Bob Hoffman b...@bobhoffman.com
 To: CentOS mailing list centos@centos.org
 Sent: Monday, October 31, 2011 10:46:57 PM
 Subject: [CentOS] redhat vs centos
 
 I have been reading the threads on here with great ernest about
 redhat
 making a move to throw off centos compilations.
 I read some stories about microsoft wanting to work closer with
 centos
 http://www.theregister.co.uk/2011/05/17/microsoft_and_centos/
 
 I have to update to centos 6 due to some needs of clients who need
 newer
 mysql and php (and installing them on centos5
 was too hard for me).
 
 I am thinking of going ubuntu server but at the same time I have this
 feeling centos team will pull through, make a new method to
 streamline
 this, and redhat will back down and stop being REDa$$-hats.
 
 Redhat thinks us 'freebie' people will move to them to get the
 quicker
 updates and releases.
 I look at the pricing and I say they must be out of their minds.
 The server comes at 1,999 a year for 2 sockets and more than 4
 guests...which is what I would need.
 The virtualization  package, which may or may not be needed is
 thousands
 more.
 All for one server.
 

You can go with the self support option. Seeing you are willing to go with 
CentOS as long as there are timely updates. That tells me you dont really care 
about getting support from the vendor. You can pick up workstation self 
support for $50 and server for $350 a year. That means you will get all the 
updates but just can't call or open tickets with Redhat. The limitations 
imposed by Redhat for Support they will provide are artificial. Although 
Redhat says it will only support 2 sockets and x amount of virtual guests you 
can still do it. 

 that ain't gonna happen.
 
 Personally I am thinking of staying away from all red hat clones due
 to
 redhat's actions for my own security.
 The only thing on the horizon I see is ubuntu server as best
 supported
 and up to date.
 
 I am teetering tonight. I have downloaded it and am thinking of
 wiping
 my new centos6 install and trying it out.
 
 How do you all feel about this turn of events and what is your gut
 feeling on where this is going?
 And how about them hard drive prices?!!


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] redhat vs centos

[David C. Miller]

- Original Message -
 From: Johnny Hughes joh...@centos.org
 To: centos@centos.org
 Sent: Tuesday, November 1, 2011 2:12:15 PM
 Subject: Re: [CentOS] redhat vs centos
 
 On 11/01/2011 03:50 PM, Brian Mathis wrote:
  On Tue, Nov 1, 2011 at 1:57 PM, Rob Kampen
  rkam...@kampensonline.com wrote:
  Tony Mountifield wrote:
  In article
  calkwpeyupru5az9xu_d_brjc0m_e9xdlh1t5iub2u8rvrze...@mail.gmail.com,
  Brian Mathis brian.mathis+cen...@betteradmin.com wrote:
 
  When Redhat announced the changes they made it very clear they
  were
  trying to prevent other companies (like Oracle and Novell) who
  were
  providing support to RHEL customers at reduced rates.  They have
  never
  said they were concerned with the free clones and in fact have
  helped
  CentOS many times in the past (according to statements from the
  core
  developers).
 
  Redhat knows that the free distros help them maintain market
  share,
  and gain customers who need full support eventually.  The issues
  CentOS are seeing are simply collateral damage to the larger war
  against the other big companies who are trying to provide
  services by
  cheating.
 
  Except that the other day, Johnny posted this:
 
  I can tell you that we have been contacted by upstream to make
  sure we
  **UNDERSTAND** the new AUP restrictions on distribution.  I can
  also
  tell you that we (CentOS) are doing everything in our power to
  meet the
  restrictions as they were explained to us.
 
  which sounds like RH making it clear that their changes are aimed
  at
  CentOS too.
 
  This sounds more like a butt covering exercise by lawyers,
  remember this all
  comes from the USA where there are FAR TOO MANY lawyers.
  To be able to enforce a possible claim under this AUP restriction,
  they will
  need to show that those involved with use of the code, under this
  new
  clause, understand and have been communicated with...etc.
  As I said, a butt covering exercise - rather than any expressed
  attempt at
  intimidation or enforcement - just my $0.01 worth.
  
  
  I know it's more fun to blame the evil lawyers for everything, but
  it
  sounds more like they respect the project and took special effort
  to
  reach out and make sure they were aware and fully understood the
  changes.  That is far more likely given the history and widespread
  usage of CentOS.
  
 
 
 I said they made sure we were aware of the AUP and explained what the
 new AUP meant.  I never said anything about anyone being threatening
 or
 being threatened.
 
 The CentOS Project is very appreciative for the openness of the
 upstream
 provider.
 
 It has always been our policy to stay within the upstream provider's
 guidelines and AUP's.  We will continue to do so when the guidelines
 and
 AUP's change.
 =
 We have created the CR repo ... it has not REPLACED updates, it is
 just
 an additional repo.  Its purpose is to allow us to release the
 packages
 that will eventually be in the NEXT point release in stages as we get
 them done.  You can get these changes if you chose ... or you can
 wait
 until we get everything done and released as 6.1.
 
 We will eventually get a 6.1 release out ... in the meantime, the CR
 repo will have MOST of the updates (the ones that are done now) while
 we
 fix the problem updates.
 =

My apologies if this has been addressed before. What are the plans if upstream 
releases 6.2 and CentOS 6.1 has not been released? Will CR just continue to get 
updates from 6.2? I actually love the CR and if such a scenario occurs would 
like that the CR to have the latest packages no matter how far behind the 
official release of CentOS is. 

 We provide CentOS as is, to the best of our ability, for your use.
  If
 CentOS meets you needs, well then we certainly want you to use it.
  If
 you need it faster, or more like RHEL, then we HIGHLY recommend that
 you
 just buy RHEL.  If Red Hat does not make money from RHEL then they
 will
 stop releasing it all together.  CentOS can not exist without those
 sources.  I would like to stress that we want you to use RHEL and buy
 RHN subscriptions for projects that require that kind of support.
 

I always tell clients to use RHEL for internet facing computers/services so 
they can get the security patches as soon as they are available. Also use RHEL 
for mission critical services were they do not have the expertise of deep Linux 
troubleshooting and need a vendor to lean on. For internal services that should 
not or does not need immediate security patching use CentOS. 

As always, I appreciate and thank the CentOS team for providing such a 
wonderful free tool. 

David.
 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 5.7, evince

[David C. Miller]

- Original Message -
 From: m roth m.r...@5-cent.us
 To: CentOS mailing list centos@centos.org
 Sent: Wednesday, October 26, 2011 11:03:19 AM
 Subject: [CentOS] CentOS 5.7, evince
 
 I believe I updated evince early this month on this one server. Since
 then
 I don't seem to be able to open a .pdf: 100% of the time, I get
 unhandled
 mime type: files/allfiles. Has anyone seen anything like this?
 
 Note that this is when it's allegedly trying to open it. I've tried
 telling it what to open from the command line, and brought it up by
 itself, told it to open, pointed it to the correct directory, and
 clicked
 on the .pdf I want, and hit open, and *bang*, it doesn't like it.
 
 I've rm'd .local/share/mime/mime.cache and
 .gnome2/evince/ev-metadata.xml.
 straceing doesn't even show me the filename mentioned.
 
 mark
 

No problem opening pdf's using the latest evince under 5.7 64 bit here.

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] raid on large disks?

[David C. Miller]

- Original Message -
 From: Les Mikesell lesmikes...@gmail.com
 To: CentOS mailing list centos@centos.org
 Sent: Wednesday, October 12, 2011 9:28:48 AM
 Subject: Re: [CentOS] raid on large disks?
 
 On Wed, Oct 12, 2011 at 11:22 AM, David Miller davi...@gmail.com
 wrote:
 
  With GPT that's set using flags.  This is done in parted with the
  command
  set partition number raid on
 
 
  I just thought of one other thing.  You'll want to read up on bios
  boot if
  these large drives are being used for the grub boot loader.
 
 
 Not booting from them, but is there a problem with kernel
 autoassembly
 on large partitions?  I see this in dmsg:
 
 md: Autodetecting RAID arrays.
 md: invalid raid superblock magic on sde1
 md: sde1 has invalid sb, not importing!
 
 But
 mdadm --assemble /dev/md5 /dev/sde1
 works fine after booting.  (The array was created with a missing
 member which hasn't been added yet).
 

When using mdadm you don't even have to partition a drive if you are using the 
whole thing. Just make sure the block device is set to GPT in parted if it is 
not already. After creating the RAID1 get the uuid of the raid by doing mdadm 
-D /dev/dm5. Then use the following format in the /etc/mdadm.conf to have it 
auto assemble at boot.

ARRAY /dev/md5 devices=/dev/sd[e-f] uuid=$UUID_FROM_MDADM

David C Miller.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Formatting an external USB drive

[David C. Miller]

- Original Message -
 From: Todd Cary t...@aristesoftware.com
 To: CentOS mailing list centos@centos.org
 Sent: Wednesday, October 5, 2011 3:34:54 PM
 Subject: [CentOS] Formatting an external USB drive
 
 I have an external USB drive that was formatted with NTFS and I
 want to use it to backup some files from my Centos 5.5 system.
 
 When I check my documentation, I am not certain of the best way
 to do the formatting.
 
 Suggestions welcomed
 
 Todd
 
 --
 Ariste Software
 Petaluma, CA 94952
 
 http://www.aristesoftware.com
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
 
 
Use fdisk as root. Before plugging the drive in type fdisk -l to get a 
listing of drives already attached. Plug the drive in and after a minute type 
fdisk -l to see the new drive listed. It will be something like /dev/sdX 
where X is the next letter in the order. to set the drive up type fdisk 
/dev/sdX. To clear the partition table type o and hit return and then type w 
and hit return. Now type fdisk /dev/sdX again. Type n and hit return. Type p 
and hit return. Type 1 and hit return. Hit return twice more to use the whole 
disk. Type w and hit return to finish. To format it type mkfs.ext3 -L usb-disk 
/dev/sdX1 and hit return to format the partition as ext3. Create a directory 
to mount the disk to mkdir /backup-disk and then mount it mount 
LABEL=usb-disk /backup-disk. To have it auto mount at boot edit the /etc/fstab 
file and add.

LABEL=usb-disk /backup-disk ext3 defaults 0 0

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Formatting an external USB drive

[David C. Miller]

- Original Message -
 From: Todd Cary t...@aristesoftware.com
 To: centos@centos.org
 Sent: Wednesday, October 5, 2011 6:43:10 PM
 Subject: Re: [CentOS] Formatting an external USB drive
 
 Dave -
 
 I recieved this response and I am not sure what the next step
 should be:
 
 [root@centos5 todd]# /sbin/fdisk /dev/sda1
 
 The number of cylinders for this disk is set to 30514.
 There is nothing wrong with that, but this is larger than 1024,
 and could in certain setups cause problems with:
 1) software that runs at boot time (e.g., old versions of LILO)
 2) booting and partitioning software from other OSs
 (e.g., DOS FDISK, OS/2 FDISK)
 
 Command (m for help):
 [root@centos5 todd]#
 
 
 Todd
 
 



You are trying to run fdisk on the first partition of /dev/sda. Unless you are 
using an old PATA drive for booting your USB drive should not be /dev/sda. 
Before you go any further do the following commands and report back with the 
output.

fdisk -l

df -h

David.
 
 On 10/5/2011 4:08 PM, David C. Miller wrote:
  - Original Message -
  From: Todd Caryt...@aristesoftware.com
  To: CentOS mailing listcentos@centos.org
  Sent: Wednesday, October 5, 2011 3:34:54 PM
  Subject: [CentOS] Formatting an external USB drive
 
  I have an external USB drive that was formatted with NTFS and I
  want to use it to backup some files from my Centos 5.5 system.
 
  When I check my documentation, I am not certain of the best way
  to do the formatting.
 
  Suggestions welcomed
 
  Todd
 
  --
  Ariste Software
  Petaluma, CA 94952
 
  http://www.aristesoftware.com
 
  ___
  CentOS mailing list
  CentOS@centos.org
  http://lists.centos.org/mailman/listinfo/centos
 
 
  Use fdisk as root. Before plugging the drive in type fdisk -l to
  get a listing of drives already attached. Plug the drive in and
  after a minute type fdisk -l to see the new drive listed. It
  will be something like /dev/sdX where X is the next letter in the
  order. to set the drive up type fdisk /dev/sdX. To clear the
  partition table type o and hit return and then type w and hit
  return. Now type fdisk /dev/sdX again. Type n and hit return.
  Type p and hit return. Type 1 and hit return. Hit return twice
  more to use the whole disk. Type w and hit return to finish. To
  format it type mkfs.ext3 -L usb-disk /dev/sdX1 and hit return to
  format the partition as ext3. Create a directory to mount the disk
  to mkdir /backup-disk and then mount it mount LABEL=usb-disk
  /backup-disk. To have it auto mount at boot edit the /etc/fstab
  file and add.
 
  LABEL=usb-disk /backup-disk ext3 defaults 0 0
 
  David.
  ___
  CentOS mailing list
  CentOS@centos.org
  http://lists.centos.org/mailman/listinfo/centos
 
 
 
 --
 Ariste Software
 Petaluma, CA 94952
 
 http://www.aristesoftware.com
 
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] add on sata card relabeling drives, installation

[David C. Miller]

- Original Message -
 From: Lamar Owen lo...@pari.edu
 To: CentOS mailing list centos@centos.org
 Sent: Thursday, September 29, 2011 1:36:28 PM
 Subject: Re: [CentOS] add on sata card relabeling drives, installation
 
 On Wednesday, September 28, 2011 07:47:15 PM Bob Hoffman wrote:
  I do not want my raid 1 mirror OS to be on sdc, sdd, and sdeit
  just
  looks weird.
 
 It's related to PCI enumeration order, and may not be changeable.
  You could try the add-on card in another slot.
 
 However, if you think that's weird, I want you to note the portion of
 the output of mount below, and note the drive device my /boot is on
 (and yes, that is actually the real booting drive):
 
 [root@www ~]# mount|grep boot
 /dev/sdag1 on /boot type ext4 (rw)
 [root@www ~]# cat /etc/issue
 Red Hat Enterprise Linux Server release 6.1 (Santiago)
 Kernel \r on an \m
 
 [root@www ~]#
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
 

This type of issue is why relying on /dev/sdX is bad. Mounting based on uuid or 
label when available is best. Unfortunately, there are controller cards that 
present all disks as the same uuid. It makes using mdadm that can only see 
/dev/sdX a pain to use.

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] add on sata card relabeling drives, installation

[David C. Miller]

- Original Message -
 From: Les Mikesell lesmikes...@gmail.com
 To: CentOS mailing list centos@centos.org
 Sent: Thursday, September 29, 2011 2:16:16 PM
 Subject: Re: [CentOS] add on sata card relabeling drives, installation
 
 On Thu, Sep 29, 2011 at 4:09 PM, David C. Miller
 mille...@fusion.gat.com wrote:
 
  This type of issue is why relying on /dev/sdX is bad. Mounting
  based on uuid or label when available is best. Unfortunately,
  there are controller cards that present all disks as the same
  uuid. It makes using mdadm that can only see /dev/sdX a pain to
  use.
 
 So how do you propose getting a uuid or label on a disk in the first
 place if you can't identify which is which physically?  And how do
 you
 know which to move when you want the content in some other box?
 
 --
   Les Mikesell
 lesmikes...@gmail.com

I just had to come up with a solution for this recently. Here is what I did.

I create a small 2 block partition on each disk and gave them labels that is 
the drives serial number when I format them as ext3/4. I dedicate the rest of 
the disk to Linux auto RAID. Something like this to create a label.

mkfs.ext3 -L $DRIVE_SN /dev/sd1

I then have a script that mounts the small partitions by label to a directory 
with the same name as the label.

mount LABEL=$DRIVE_SN /mnt/drive-check/$DRIVE_SN

So if you do a df it will show something like.

FilesystemSize  Used Avail Use% Mounted on
/dev/md0   71G  3.9G   63G   6% /
tmpfs  12G 0   12G   0% /dev/shm
/dev/sdc1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03208723
/dev/sdd1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03287844
/dev/sde1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03247298
/dev/sdf1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03247844
/dev/sdg1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03674888
/dev/sdh1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03678644
/dev/sdi1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03674814
/dev/sdj1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03675850
/dev/sdk1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03675194
/dev/sdl1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03288196
/dev/sdm1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03672314
/dev/sdn1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03287843
/dev/sdo1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03674460
/dev/sdp1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03585344
/dev/sdq1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03508896
/dev/sdr1  16M  1.2M   14M   8% /mnt/drive-check/WD-WMAY03209984

Now if I'm using mdadm to make a software RAID and it is complaining /dev/sdf2 
is missing. I can run my script to mount all the small partitions and the one 
that complains it can't mount is easily identified by the serial number. Sure I 
can just let the hardware RAID card handle everything but I don't trust them 
from past experiences seeing failed cards and corrupted arrays. With the disks 
seen by linux as raw block devices I can put these disks on any JBOD controller 
and mount my raid using mdadm. I'm not tied to a particular controller if it 
fails. 

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] mdadm and drive identification?

[David C. Miller]

I have a server that has 16 drives in it. They are connected to a 3ware 
9650SE-16ML SATA RAID card. I have the card set to export all the drives as 
JBOD because I prefer Linux to do the reporting of drive and RAID health . I'm 
using mdadm to create a RAID6 with a hot spare. Doing this I can take the disks 
and put them on a completely different SATA controller/computer and still have 
the RAID intact. My problem is that I have no for sure way of matching a 
drive assigned to one of the /dev/sd[a-z]. Normally I could use a number of 
methods to match up what /dev/sd[a-z] is to a drives serial number. smartctl, 
hdparm, udevinfo, /dev/disk/by-uuid, or /dev/disk/by-id. However, the 3ware 
card obfuscates the drives from the OS and those methods don't work. The only 
way I know how to get a drives serial number is via the smartctl command like 
smartctl -d 3ware,[0-15] -i /dev/twa0, but that does not tell me which 
sd[a-z] the drive is assigned to. Here is what I have tried.

Creating a single large partition with fdisk on each drive as linux autoraid to 
get a uuid. for some reason the OS assigns the same uuid and only one uuid to 
the last drive I partition from the 3ware card. Basically all drives on the 
3ware card have the same uuid..

Using the /dev/disk/by-id/.  For some reason the 3ware card does not always 
assign the same id to a drive after a reboot. 

Is there another easy way I can positively ID a drive by serial number and the 
/dev/sd[a-z] that mdadm sees? 

Thanks.
David.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] glibc-2.5-58.el5_6.2.i686 broken?

[David C. Miller]

- Original Message -
 From: Eero Volotinen eero.voloti...@iki.fi
 To: CentOS mailing list centos@centos.org
 Sent: Sunday, April 17, 2011 8:27:45 AM
 Subject: Re: [CentOS] glibc-2.5-58.el5_6.2.i686 broken?
 
 2011/4/17 Leonard den Ottolander leon...@den.ottolander.nl:
  Hi Akemi,
 
  On Sat, 2011-04-16 at 18:18 -0700, Akemi Yagi wrote:
  See also:
 
  http://www.centos.org/modules/newbb/viewtopic.php?topic_id=30939forum=37
 
  Please don't take this the wrong way, but not everybody reads the
  forums. Perhaps it is possible to give a heads up about such
  breakage
  via the CentOS general or announce mailing list before such a
  broken
  package is released into the wild? That would actually make it an
  advantage to swim down stream :-) .
 
  I would like to advice everyone to avoid this update by adding
  exclude=glibc*2.5-58.el5_6.2 nscd*2.5-58.el5_6.2
  to their updates channel config - added it to base just to be sure
  -
  until upstream releases a fix.
 
  Regards,
  Leonard.
 
 Does this also affects grub? if so, then this is very critical, it
 can
 trash my rhel installations :/
 
 --
 Eero

I have updated about a dozen systems and rebooted without issue. I don't think 
it has anything to do with glibc.

David.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos