[CentOS] Force package install using yum?
Hi Everyone, I have a CentOS 7 box that's refusing a rpm update. I suspect it has something to do with SCL enabled. The 'yum update' output is shown below. I need to force this package to install. I don't give a damn about the log files. I need that server patched since it is forward facing. Taking the server offline is not an option. How do I force the package installation? Thanks in advance. Running transaction Updating : httpd24-httpd-2.4.34-18.el7.x86_64 1/2 Error unpacking rpm package httpd24-httpd-2.4.34-18.el7.x86_64 error: unpacking of archive failed on file /opt/rh/httpd24/root/etc/httpd/logs: cpio: rename httpd24-httpd-2.4.34-15.el7.x86_64 was supposed to be removed but is not! Verifying : httpd24-httpd-2.4.34-15.el7.x86_64 1/2 Verifying : httpd24-httpd-2.4.34-18.el7.x86_64 2/2 Failed: httpd24-httpd.x86_64 0:2.4.34-15.el7 httpd24-httpd.x86_64 0:2.4.34-18.el7 My attempt to force it from https://www.redhat.com/archives/fedora-list/2007-October/msg02953.html: # yum clean ... # yum install --downloadonly httpd24-httpd.x86_64 0:2.4.34-15.el7.rpm ... # yum localinstall /var/cache/yum/x86_64/7/centos-sclo-rh/packages/httpd24-httpd-2.4.34-18.el7.x86_64.rpm Loaded plugins: fastestmirror Examining /var/cache/yum/x86_64/7/centos-sclo-rh/packages/httpd24-httpd-2.4.34-18.el7.x86_64.rpm: httpd24-httpd-2.4.34-18.el7.x86_64 Marking /var/cache/yum/x86_64/7/centos-sclo-rh/packages/httpd24-httpd-2.4.34-18.el7.x86_64.rpm as an update to httpd24-httpd-2.4.34-15.el7.x86_64 Resolving Dependencies --> Running transaction check ---> Package httpd24-httpd.x86_64 0:2.4.34-15.el7 will be updated ---> Package httpd24-httpd.x86_64 0:2.4.34-18.el7 will be an update --> Finished Dependency Resolution Dependencies Resolved Package Arch Version Repository Size Updating: httpd24-httpd x86_64 2.4.34-18.el7 /httpd24-httpd-2.4.34-18.el7.x86_64 4.3 M Transaction Summary Upgrade 1 Package Total size: 4.3 M Is this ok [y/d/N]: Y Downloading packages: Running transaction check Running transaction test Transaction test succeeded Running transaction Updating : httpd24-httpd-2.4.34-18.el7.x86_64 1/2 Error unpacking rpm package httpd24-httpd-2.4.34-18.el7.x86_64 error: unpacking of archive failed on file /opt/rh/httpd24/root/etc/httpd/logs: cpio: rename httpd24-httpd-2.4.34-15.el7.x86_64 was supposed to be removed but is not! Verifying : httpd24-httpd-2.4.34-15.el7.x86_64 1/2 Verifying : httpd24-httpd-2.4.34-18.el7.x86_64 2/2 Failed: httpd24-httpd.x86_64 0:2.4.34-15.el7 httpd24-httpd.x86_64 0:2.4.34-18.el7 Complete! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Understanding VDO vs ZFS
On Sat, May 2, 2020 at 10:54 PM david wrote: > > I'm looking for a solution for backups because ZFS has failed on me > too many times. In my environment, I have a large amount of data > (around 2tb) that I periodically back up. I keep the last 5 > "snapshots". I use rsync so that when I overwrite the oldest backup, > most of the data is already there and the backup completes quickly, > because only a small number of files have actually changed. Duplicity works well on CentOS. I had to perform a restore of a website and wiki after I [accidentally] deleted both. Backups are to another machine over SSH scheduled through Systemd. A Duplicity-based backup may help protect your data until you get something in place you like better. Jeff ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [Off topic] sending mail from Comcast was: Sendmail not working
On Sun, Apr 19, 2020 at 3:10 PM S.Bob wrote: > > OK, I've fired up a new VM, new CentOS 7 install, now I get this: > > # rpm -qf `which sendmail` > postfix-2.10.1-7.el7.x86_64 > > Can you point me to how to set this up properly? Note that I won the > psalm19pix.com domain, it's hosted at fastmail.com, and as far as I know > requires SSL. Can I setup sendmail to use this as it's SMPT connection? IIRC properly, many mail services don't accept over port 25 any longer. It is due to a combination of spam and plain text data. Also see https://en.wikipedia.org/wiki/Message_submission_agent. You have to use port 587. Jeff ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netfilter fails to filter traffic from a netblock?
On Sun, Apr 19, 2020 at 8:58 AM Jeffrey Walton wrote: > > Hi Everyone, > > We rent a CentOS 7 VM from GoDaddy. We received a warning about > excessive cpu usage, and a threat to cancel our service. We tracked it > down to Apache and someone hammering our web server. > > The offending host is 59.64.129.175. To err on the side of caution we > attempted to block the entire netblock. According to whois data, > that's 59.64.128.0-59.64.159.255. > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > After reboot cpu usage is still high and access_log still shows > useless requests from the host: > > 59.64.129.175 - - [19/Apr/2020:08:53:53 -0400] "GET > /w/index.php?title=Special:WhatLinksHere=50& > printable=yes HTTP/1.1" 301 311 > > I seem to be missing something. That's not surprising since I am not a > server administrator. > > How do I filter the unwanted traffic from the netblock? Thanks Mike and Mark. This is where I am at... I'm following https://www.howtogeek.com/177621/the-beginners-guide-to-iptables-the-linux-firewall/ because GoDaddy has not published any documents on this (other then use cPanel, which I don't have access to). The rule is persisted but it is being ignored. # iptables -L | grep policy Chain INPUT (policy ACCEPT) Chain FORWARD (policy ACCEPT) Chain OUTPUT (policy ACCEPT) # iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP # /sbin/service iptables save iptables: Saving firewall rules to /etc/sysconfig/iptables: [OK] # iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https REJECT all -- anywhere anywhere reject-with icmp-host-prohibited DROP tcp -- 59.64.128.0/19 anywhere Chain FORWARD (policy ACCEPT) target prot opt source destination REJECT all -- anywhere anywhere reject-with icmp-host-prohibited Chain OUTPUT (policy ACCEPT) target prot opt source destination We really need the server to honor this rule. How do we get CentOS to use this rule? Jeff ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netfilter fails to filter traffic from a netblock?
On Sun, Apr 19, 2020 at 9:40 AM Mike <1100...@gmail.com> wrote: > > Thought it might also be helpful to confirm that firewalld is not > interfering in any way. > > what is the output of ~$# systemctl status firewalld Thanks Mike. # systemctl status firewalld Unit firewalld.service could not be found. Jeff ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netfilter fails to filter traffic from a netblock?
On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev wrote: > > On 19/04/2020 14:58, Jeffrey Walton wrote: > > Hi Jeffrey, > > > The offending host is 59.64.129.175. To err on the side of caution we > > attempted to block the entire netblock. According to whois data, > > that's 59.64.128.0-59.64.159.255. > > > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > > > After reboot cpu usage is still high and access_log still shows > > useless requests from the host: > > Did you actually arrange for your iptables rule to be reinstated at boot? > > If you just configure a rule as above, but don't save it, it will > disappear ar reboot. Ugh, thanks. I did not realize the changes were only temporary. What is the recommended way to permanently add a ban rule? Thanks again. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Netfilter fails to filter traffic from a netblock?
Hi Everyone, We rent a CentOS 7 VM from GoDaddy. We received a warning about excessive cpu usage, and a threat to cancel our service. We tracked it down to Apache and someone hammering our web server. The offending host is 59.64.129.175. To err on the side of caution we attempted to block the entire netblock. According to whois data, that's 59.64.128.0-59.64.159.255. iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP After reboot cpu usage is still high and access_log still shows useless requests from the host: 59.64.129.175 - - [19/Apr/2020:08:53:53 -0400] "GET /w/index.php?title=Special:WhatLinksHere=50& printable=yes HTTP/1.1" 301 311 I seem to be missing something. That's not surprising since I am not a server administrator. How do I filter the unwanted traffic from the netblock? Thanks in advance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] sysconf and _SC_LEVEL1_DCACHE_LINESIZE returns 0?
Hi Everyone, I'm working on GCC112, which is POWER System S822 (Power8) machine running CentOS 7 machine (https://gcc.gnu.org/wiki/CompileFarm): $ cat /etc/centos-release CentOS Linux release 7.3.1611 (AltArch) I'm trying to determine L1 data cache size. When the following code runs it returns 0. The man pages state -1 is an error, so I think its claiming to succeed. cacheLineSize = sysconf(_SC_LEVEL1_DCACHE_LINESIZE); GCC119, which is also a S822 Power8 running AIX, returns 128. Does anyone know what I might be doing wrong under Cent? Or maybe, how can I retrieve the L1 data cache line size? Thanks in advance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos