Re: [CentOS] Virtualization Options!
On Thu, Nov 1, 2012 at 1:40 AM, Antonio da Silva Martins Junior asmart...@uem.br wrote: Hi, I'm searching for virtualization options. I already take a look on VMware, but it needs too much MS software to work for my needs. Citrix needs less, but the key validation is still MS-AD. The latest VMware vSphere 5.1 supports plain LDAP and Web client. But yeah it's not 100% MS free. -- To dream and to write ^^ http://mars.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Deduplication data for CentOS?
Sorry for the top posting. Dedup is just a hype. After a while the table that manage the deduped data will be just too big. Don't use it for long term. Sent from Samsung Galaxy ^^ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH prompt: Need advise from Japan
On Mon, Aug 6, 2012 at 7:54 PM, Ross Cavanagh ross@gmail.com wrote: You're prompt will reference whatever the hostname is doesn't it? I'm located in Tokyo, I haven't setup any servers with Japanese hostnames actually, but on occasion some filenames are written in Japanese. What is it you wanted to see exactly? It also depends on the keyboard setup you have set to the default. Most people in Japan set the keyboard to a US style - where they enter romaji, and don't usually enter the kana from the different keyboard layout. So, you type the roman characters ra for example to make ら, but there is a Japanese keyboard layout where you can type the ら character directly - but I never really see that used. So, as far as I know, you'll be using whatever input methods you actually have on your local system where you're ssh'ing from. So, if you needed to write Japanese input you'd need some local IME on your particular system. Hi Ross, thanks for your time. What I want to know is, during the initial ssh login. Will it display the dialogue fully in Japanese? e.g. fajar@8.8.8.8's password: (will it be in Japanese?) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH prompt: Need advise from Japan
I see. Thanks Ross. That makes sense. Sent from Samsung Galaxy ^^ On Aug 6, 2012 8:12 PM, Ross Cavanagh ross@gmail.com wrote: On Mon, Aug 6, 2012 at 8:58 PM, Fajar Priyanto fajar...@arinet.org wrote: On Mon, Aug 6, 2012 at 7:54 PM, Ross Cavanagh ross@gmail.com wrote: You're prompt will reference whatever the hostname is doesn't it? I'm located in Tokyo, I haven't setup any servers with Japanese hostnames actually, but on occasion some filenames are written in Japanese. What is it you wanted to see exactly? It also depends on the keyboard setup you have set to the default. Most people in Japan set the keyboard to a US style - where they enter romaji, and don't usually enter the kana from the different keyboard layout. So, you type the roman characters ra for example to make ら, but there is a Japanese keyboard layout where you can type the ら character directly - but I never really see that used. So, as far as I know, you'll be using whatever input methods you actually have on your local system where you're ssh'ing from. So, if you needed to write Japanese input you'd need some local IME on your particular system. Hi Ross, thanks for your time. What I want to know is, during the initial ssh login. Will it display the dialogue fully in Japanese? e.g. fajar@8.8.8.8's password: (will it be in Japanese?) As far as I'm aware, you would be seeing virtually everything in English as the directory structures are in English. Usually people's home directories are setup in English, I don't think I've ever come across a user login that does use Japanese actually (not sure if you can - otherwise your SSH connection you'd have to match you user name - eg. Ross would be my katakana name, ロス@8.8.8.8 - don't even know it's possible). I've worked at one Japanese company as the only foreigner, and all others companies have been international ones - but everyone uses Roman characters for their logins and not kana or kanji. Same with passwords. Usually, on systems I've seen in Japan most of the time files and folders are creating using Roman characters for naming (most of the time). Within a document, of course it could be written 100% in Japanese. Some folders and files can be in Japanese, so it can be hard to navigate through some directories if you don't have any IME tools for Japanese input. Lots of tab autocomplete and copy and pasting at times - but that's usually within a home directory for a user for example. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH prompt: Need advise from Japan
Definitely Ross. I'll tell my friend. Thank you. Sent from Samsung Galaxy ^^ On Aug 6, 2012 8:23 PM, Ross Cavanagh ross@gmail.com wrote: On Mon, Aug 6, 2012 at 9:14 PM, Fajar Priyanto fajar...@arinet.org wrote: I see. Thanks Ross. That makes sense. Sent from Samsung Galaxy ^^ On Aug 6, 2012 8:12 PM, Ross Cavanagh ross@gmail.com wrote: On Mon, Aug 6, 2012 at 8:58 PM, Fajar Priyanto fajar...@arinet.org wrote: On Mon, Aug 6, 2012 at 7:54 PM, Ross Cavanagh ross@gmail.com wrote: You're prompt will reference whatever the hostname is doesn't it? I'm located in Tokyo, I haven't setup any servers with Japanese hostnames actually, but on occasion some filenames are written in Japanese. What is it you wanted to see exactly? It also depends on the keyboard setup you have set to the default. Most people in Japan set the keyboard to a US style - where they enter romaji, and don't usually enter the kana from the different keyboard layout. So, you type the roman characters ra for example to make ら, but there is a Japanese keyboard layout where you can type the ら character directly - but I never really see that used. So, as far as I know, you'll be using whatever input methods you actually have on your local system where you're ssh'ing from. So, if you needed to write Japanese input you'd need some local IME on your particular system. Hi Ross, thanks for your time. What I want to know is, during the initial ssh login. Will it display the dialogue fully in Japanese? e.g. fajar@8.8.8.8's password: (will it be in Japanese?) As far as I'm aware, you would be seeing virtually everything in English as the directory structures are in English. Usually people's home directories are setup in English, I don't think I've ever come across a user login that does use Japanese actually (not sure if you can - otherwise your SSH connection you'd have to match you user name - eg. Ross would be my katakana name, ロス@8.8.8.8 - don't even know it's possible). I've worked at one Japanese company as the only foreigner, and all others companies have been international ones - but everyone uses Roman characters for their logins and not kana or kanji. Same with passwords. Usually, on systems I've seen in Japan most of the time files and folders are creating using Roman characters for naming (most of the time). Within a document, of course it could be written 100% in Japanese. Some folders and files can be in Japanese, so it can be hard to navigate through some directories if you don't have any IME tools for Japanese input. Lots of tab autocomplete and copy and pasting at times - but that's usually within a home directory for a user for example. I just quickly started up a CentOS VM to check something... [root@CENT01 ~]# useradd -m ロス useradd: invalid user name 'ロス' So, looks like it needs to be in Roman characters. But it appears even I have some issues via my terminal too: [root@CENT01 ~]# useradd -m ross [root@CENT01 ~]# cd /home/ross/ [root@CENT01 ross]# touch ロス [root@CENT01 ross]# ls ?? So, my Japanese input isn't being displayed. But I did get a warning when I SSH'd in about that: -bash: warning: setlocale: LC_CTYPE: cannot change locale (UTF-8) Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SSH prompt: Need advise from Japan
Hi all, I hope there is someone in Japan. If we install Centos in Japanese, and then I ssh to it from an English client. Will the SSH prompt be in Japanese? How to make the SSH prompt in Japanese? Thank you. -- Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 : Tip for significantly increasing battery life / reducing power consumption (Thinkpad X220 Tablet)
On Fri, Aug 3, 2012 at 3:05 PM, Mathieu Baudier mbaud...@argeo.org wrote: pcie_aspm=force i915.i915_enable_rc6=1 i915.lvds_downclock=1 i915.i915_enable_fbc=1 Interesting as now I'm using RHEL 6.3 on T400. Would that make the notebook slower? -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to handel smtp to public servers
On Wed, Jun 27, 2012 at 4:23 PM, Götz Reinicke goetz.reini...@filmakademie.de wrote: Hi, we do have some subnetworks for private computers, which are allowed to use there public smtp servers like msn, web.de or whatever with the users private accounts. All our own computers have to send mail trough our mailserver with user authentication. From time to time we are faced with the fact, that a virus infected private notebook sends spam and we are told by our ISP to take care :) What might be a good choice to allow clients to send unrestricted transparent mails (= use smtp(s)) but we can monitor? E.g. like a redirect or proxy for smtp? I like to know which private computer sends lot of mail. :) Hi, 1. Many malware have their own smtp and can send spam directly. To overcome this, block port tcp 25 on your gateway, and only allow your mailserver. From the firewall log then you will know which client is infected. 2. In the case that the malware use your mailserver to send the spam, there are plugins to log how many email sent by which client. HTH -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to handel smtp to public servers
On Wed, Jun 27, 2012 at 5:15 PM, Götz Reinicke goetz.reini...@filmakademie.de wrote: Am 27.06.12 10:29, schrieb Fajar Priyanto: On Wed, Jun 27, 2012 at 4:23 PM, Götz Reinicke goetz.reini...@filmakademie.de wrote: Hi, we do have some subnetworks for private computers, which are allowed to use there public smtp servers like msn, web.de or whatever with the users private accounts. All our own computers have to send mail trough our mailserver with user authentication. From time to time we are faced with the fact, that a virus infected private notebook sends spam and we are told by our ISP to take care :) What might be a good choice to allow clients to send unrestricted transparent mails (= use smtp(s)) but we can monitor? E.g. like a redirect or proxy for smtp? I like to know which private computer sends lot of mail. :) Hi, 1. Many malware have their own smtp and can send spam directly. To overcome this, block port tcp 25 on your gateway, and only allow your mailserver. From the firewall log then you will know which client is infected. 2. In the case that the malware use your mailserver to send the spam, there are plugins to log how many email sent by which client. HTH Hi, thanks for your suggestion. But for the mentioned clients thats not possible. :/ (For our own we do exactly as you suggest :) ) We do have about 100th of freelancers 'flying in and out' of our academy which we cant 'restrict' by forcing tham to change there clients settings. But may be we have to think about that if thats the only chance we have Hi Gotz, I don't understand. Those clients are connected to your network, aren't they? Then the proposed solution 1 and 2 would work. Unless what you mean is when they are working from home, but at least solution 2 would give you a clue who send the spam. -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Question about storage for virtualisation
On Tue, Jun 26, 2012 at 9:05 AM, Nicolas Ross rossnick-li...@cybercat.ca wrote: I have some general questions about VM. If I set vcpu let's say to 2-3 for a single vm, does this mean that those CPU are dedicated to that vm or many vm can share the same physicial cpus ? No, all the CPU will be virtualized and shared. Although there is affinity option where physical CPU is locked to a certain VM. But in general this option gives more bad effect than good. So, I was wondering what's the best for managing storage for VMs ? I see mostly recomandations for LV for storing VM's disks. It seem to helps to create snapshots for backup purposes. Is this the fastest way of creating backups ? And will data access be faster that if I use regular files ? Using LV will give you flexibility among other things. Better have it in the beginning rather than sorry later (e.g. running out of space, etc). The performance difference is insignificant. In my case, the main setup of each vm is rather simple. The minimal OS, updates, my own httpd, my own php a couple of other packages. So restoring a VM from scratch can take less than an hour. So I was thinking of not taking snapshot of the whole VM and only sync the data partition. That's ok. As for the guest paritions, I am accustomed of separating my servers disks with separate /, /usr, /var, /home and /data partitions. I can't recall today why I started doing this, 15 years ago, but I still like it that way and continue to do so. Do I still need to do this with VMs ? The reason of creating separate partitions is mainly for security and preserve data during reinstallation. I believe it's still good to do your way. -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Bug 820677 - (CVE-2012-2337) CVE-2012-2337 sudo: Multiple netmask values used in Host / Host_List configuration cause any host to be allowed access
Hi all, I just want to confirm, there is no patch release yet for this sudo, is it? https://bugzilla.redhat.com/show_bug.cgi?id=820677 Thank you. -- Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] editing bind (DNS) configuration under CentOS 6
Webmin is perfect for that. Sent from my iPhone On 2 May, 2012, at 8:58 PM, Boris Epstein borepst...@gmail.com wrote: Hello listmates, It appears that system-config-bind has been phased out. Whatever the reasoning was behind that decision - what are we expected to do now? Edit it manually? That is doable, of course, but kind of cumbersome. Does anybody know if there is a tool we are expected to use for that purpose? Thanks. Boris. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help needed with NFS issue
Also shot in the dark from me. There maybe some IP conflict in the network. Sent from my iPhone ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A problem with power outages
On Mon, Mar 26, 2012 at 5:30 PM, Timothy Murphy gayle...@alice.it wrote: William Warren wrote: in the apc software(or nut worst case) you'll be able to specify that after x minutes it will shutdown. Better to have a clean shutdown and have to hit the power button than a dirty one and risk corrupting your filesystem. Unfortunately I won't be there to hit the power button. If I were there would be no need for UPS. Another approach is to buy a remote power switch. With it, basically you can remotely power cycle the server :) It will solve any hang problem just as if you are there :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] A problem with power outages
On Mon, Mar 26, 2012 at 7:35 PM, Timothy Murphy gayle...@alice.it wrote: One possibility I've considered is to have a UPS stop the machine, and then use Wake-on-LAN to start it again. But to date I haven't been able to get Wake-on-LAN to work on my HP PowerServer, though it is supposed to be an option. I see. I think your HP machine also have iLO. You can use it to power on/off remotely too. If I remember correctly earlier you said you have problem with public IP availability. In that case you can setup a gateway with any static IP you have and connect the server from there. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reason for high load on CentOS
On Mon, Mar 26, 2012 at 11:07 AM, Kaushal Shriyan kaushalshri...@gmail.com wrote: Are there tools or utilities to understand about the reason behind high load on CentOS Linux. Please help me understand with examples. How did you know there is a high load in the first place? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] your advice on backup procedure
On Sat, Mar 24, 2012 at 8:19 AM, Bob Hoffman b...@bobhoffman.com wrote: The scenario... centos server acting as a virtual host. Virtual machines are webservers and dns servers. All on one machine, all running centos 6. Virtual machines are kvm, sitting in lvm storage. What I want to do.. auto backups of the virtual machines to be stored on the virtual host's extra drives for later download to my home computer. Hi Bob, You want to backup the whole VM? You can set a script to periodically shutdown the VM and then just rsync the VM files to the other partition. -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] your advice on backup procedure
On Sat, Mar 24, 2012 at 11:22 AM, Bob Hoffman b...@bobhoffman.com wrote: I am not looking to back up the vms for a easy reinstall, I can do them in less than a 1/2 hour each. The back up is for the webservers so the database and html and some other folders are continually backed up incase of hack or whatever. Still thinking amanda, or bacula as first choice, rsync second, kpartx somehow third. If that's the case, you don't have to mention the VM at all. For database, there is automysqlbackup (and postrgre) too in sourceforge. For the html and folders, just use rsnapshot would be nice. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Constant disk activity
On Thu, Mar 22, 2012 at 12:24 PM, dnk d.k.emailli...@gmail.com wrote: Hi there, I have an old server (home use now), and i just did a fresh install of 5.8 on it. But the disk is constantly noisy. What is the spec of the machine? RAM, CPU, HDD Any particular purpose? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Constant disk activity
On Thu, Mar 22, 2012 at 12:45 PM, dnk d.k.emailli...@gmail.com wrote: It is old. 512 Mb ram, 1.6 Ghz (Celeron), 2 X 1TB Dell 7200 RPM Sata drives. Mostly backup purposes (rsync and crashplan). transmission-daemon running. That's about it at this point. 512MB is pretty low. I wont be surprised that it's doing swapping all the time. Try to stop and disable all services you can from: chkconfig --list Moreover, that transmission daemon is surely causing disk activity, don't you think so? If you are talking about noise level of the disk activity. :) Make sure you screw the harddisk tight to the casing. -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mount NFS share over specific nic?
On Wed, Mar 14, 2012 at 9:29 AM, Smithies, Russell russell.smith...@agresearch.co.nz wrote: I have a new server with multiple nics running Centos 6.2 and I'd like to force all NFS traffic over one nic. We're using FreeNAS to dish out NFS shares and I have different IPs on my 2 nics but how can I get the server to mount the share over one particular nic? Or is there a better way to do it? You can force it from the server, you do it from the client. Just tell the client to mount the NFS from the IP you want. :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Promo Store is now open
Maybe we can setup a localize distribution point in major continents to cut shipping cost. Not sure how to do that though. Sent from my iPhone ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP encryption, not sure.
On Thu, Feb 16, 2012 at 7:34 AM, Craig White craig.wh...@ttiltd.com wrote: Say the case is like this. CompB is set to have LDAP authentication. A --- SSH --- CompB --- Local LDAP:389 --- SASLAUTHD -- Global LDAP: 636 1. Password on the SSH session would be encrypted, isn't it? ldaps (port 636) would indeed be encrypted but it is deprecated and not typically started by default configurations these days. 2. How about when it goes to the local LDAP:389, would it be encrypted? depends upon whether TLS is indicated and/or required. If you require it via an ACL on the LDAP server, then it succeeds only if the connection is made via TLS. If you require it at the client (TLS_ReqCert demand or hard), then it succeeds only if the connection is made via TLS. Thanks for the thoughts so far. When I setup TLS on the local LDAP, somehow the saslauthd fails to authenticate the password with Global LDAP. The admin said that the Global LDAP doesn't support TLS, only SSL. Basic question... What's the different between TLS and SSL in LDAP? I googled no clue yet. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] LDAP encryption, not sure.
Hi all, I'm setting up a local LDAP server with a pass-through authentication to another LDAP. I'm not clear about the encryption. Say the case is like this. CompB is set to have LDAP authentication. A --- SSH --- CompB --- Local LDAP:389 --- SASLAUTHD -- Global LDAP: 636 1. Password on the SSH session would be encrypted, isn't it? 2. How about when it goes to the local LDAP:389, would it be encrypted? Thank you. Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Tools to change ssh password easily
Hi all, I have an issue where I need to find an easy way to change ssh password in 3 different machines at the same time, at least in one go. Is there such tool? Preferably Web based. Thank you. Fajar ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] lm_sensors
Hi all :) Using lm_sensors, I can see few temperature indicator. M/B Temp:+39°C (low = +15°C, high = +40°C) sensor = thermistor CPU Temp:+33°C (low = +15°C, high = +45°C) sensor = thermistor Temp3: +53°C (low = +15°C, high = +45°C) sensor = diode What is that Temp3? It's the hottest. Which one is the best to use if I want to use lm_sensor as a general indicator of my server room temperature? (my request to buy a Mini Goose temperature monitor is still pending). Thank you. Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Advise on recovering 2TB RAID1
On Sun, Jan 29, 2012 at 10:56 AM, Phil Schaffner philip.r.schaff...@nasa.gov wrote: Is it ok? Does the original disk use GPT? It should not be necessary if it is 2.19TB. After some more googling using GPT, I found this: http://askubuntu.com/questions/57908/how-can-i-quickly-copy-a-gpt-partition-scheme-from-one-hard-drive-to-another ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Advise on recovering 2TB RAID1
Hi all, I have one drive fails on a software 2TB RAID1. I have removed the failed partition from mdraid and now ready to replace the failed drive. I want to ask for opinion if there is better way to do that other than: 1. Put the new HDD. 2. Use parted to recreate the same partition scheme. 3. Use mdadm to rebuild the RAID. Especially #2 is rather tricky. I have to create an exact partition scheme. Can I just clone the partition table without the data in it using parted? How? Thank you, Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Advise on recovering 2TB RAID1
On Sun, Jan 29, 2012 at 10:39 AM, Markus Falb markus.f...@fasel.at wrote: I want to ask for opinion if there is better way to do that other than: 1. Put the new HDD. 2. Use parted to recreate the same partition scheme. Maybe sfdisk like sfdisk -d /dev/gooddisk | sfdisk /dev/newdisk 3. Use mdadm to rebuild the RAID. Thanks Markus, But I see this: DESCRIPTION sfdisk has four (main) uses: list the size of a partition, list the partitions on a device, check the partitions on a device, and - very dangerous - repartition a device. sfdisk doesn't understand GUID Partition Table (GPT) and it is not designed for large partitions. In particular case use more advanced GNU parted(8). Is it ok? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OT: simple server room temp monitor
Hi all, I have a spare USB GSM modem and it's card. I want to setup a very simple server room temperature monitor using it. Anyone has experience to share? - Program required - Script example Currently I have something like this that will send email if temp reaches something. Invoked by cron. #!/bin/bash # lm_sensors must be installed and configured first # This will check the CPU temp and send email # Changelog: # 18 Feb 2009 - created temp=$(/sbin/service lm_sensors status | /bin/grep CPU | /bin/cut -c 15-16) /bin/echo $temp #function to send mail with subject Hot func_mail_hot () { /bin/echo $temp | /bin/mail -s server is hot notificat...@arinet.org } #function to send mail with subject Cool func_mail_cool () { /bin/date /var/log/temp.log /bin/echo $temp /var/log/temp.log } #testing the temperature of CPU ((temp40)) func_mail_hot || func_mail_cool Thank you -- Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] monitoring space in directories
On Fri, Jan 6, 2012 at 10:25 PM, Alan McKay alan.mc...@gmail.com wrote: Hey folks, Is there a Linux tool that will monitor a disk and tell me which directories are growing over time? I could cobble something together myself of course, but if there is already a good off-the-shelf solution, why bother? Even if it only checks once per day that would be fine. Graphs would be pretty too :-) Hi Alan, Few to check: http://www.humans-enabled.com/2011/06/sample-script-to-report-home-directory.html xdiskusage filelight ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] monitoring space in directories
On Fri, Jan 6, 2012 at 11:49 PM, Alan McKay alan.mc...@gmail.com wrote: BTW, in a pinch since I'm already using Munin what I'm going to do is this : - write a cronjob that fires maybe 2 to 4 times a day and does a du -s of directories I'm interested in , and stores the sizes in a file - write a simple munin plugin that reads the file (and munin will do the graphing for me) Munin fires every 5 minutes so it will be a bit of waste since my cronjob will only fire a few times a day, but the weekly and monthly munin graphs will tell me what I want to know That sounds good. Would you share the munin plugin later pls? I'm interested too. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] an actual hacked machine, in a preserved state
On Thu, Jan 5, 2012 at 1:32 AM, Lamar Owen lo...@pari.edu wrote: root:LdP9cdON88yW root:u2x2bz root:6e51R12B3Wr0 root:nb0M4uHbI6M root:c3qLzdl2ojFB root:LX5ktj root:34KQ root:8kLKwwpPD root:Bl95X1nU root:3zSlRG73r17 root:fDb8 root:cAeM1KurR root:MXf3RX7 root:4jpk root:j00U3bG1VuA root:HYQ9jbWbgjz3 root:Ex4yI8 root:k9M0AQUVS5D root:0U9mW4Wh root:2HhF19 root:EmGKf4 root:8NI877k8d5v root:K539vxaBR root:5gvksF8g55b root:TO553p9E root:7LX66rL7yx1F root:uOU8k03cK2P root:l9g7QmC9ev0 root:E8Ab root:98WZ4C55 root:kIpfB0Pr3fe2 ... I bet someone in this list will say surprisingly Damnit. That's my password! :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] an actual hacked machine, in a preserved state
On Wed, Jan 4, 2012 at 11:40 AM, Les Mikesell lesmikes...@gmail.com wrote: Do you lock your doors or just leave them open because anyone who wants in can break a window anyway? Hi Benneth, In conclusion, IMHO, I think you are worried too much :) Don't be afraid just because it's a dangerous world out there. - Subscribe to security advisories - Read best practice docs - Follow suggestions said in this list And high chances you will be fine :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] an actual hacked machine, in a preserved state
On Mon, Jan 2, 2012 at 9:33 AM, RILINDO FOSTER rili...@me.com wrote: The script in question is an exploit from a web board which is apparently designed to pull outside traffic. If you had SELinux, it would put httpd in its own context and by default, it will NOT allow connections from that context to another. You have to enable it with: The only time my server got hacked was because of phpBB. Using cross-site scripting, the hacker managed to put a pl file and when I ran it, it opened a console. Apparently you are running one of the web boards. Pls follow up any security advisories of that product and any addon/module closely. If you are really curious how yours got hack. You can setup similar system and put a bounty (maybe $1000) in one of the underground community for anyone to hack it and tell you how they do it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] why not have yum-updatesd running by default?
On Wed, Dec 28, 2011 at 4:04 PM, Bennett Haselton benn...@peacefire.org wrote: Power users can always change it if they want; the question is what would be better for the vast majority of users who don't change defaults. In that case it would seem better to have updates on, so that they'll get patched if an exploit is released but a patch is available. If the risk is that a buggy update might crash the machine, then that has to be weighed against the possibility of *not* getting updates, and getting hacked as a result -- usually the latter being worse. IMHO, the risk of applying patches blindly outweight the benefit of automatic update. Yum-updatesd would not only fixes security bug, but also other things that may not be good for our system. Consider a database server that got automatically updated and the sysadmin is so contemplate that it's only after a month or so he realized the update have caused a corruption in the database. I don't think his boss would be happy. If a sysadmin is concern of the security of the servers, he should subscribe to security advisory mailing list and do any required update in time. Laziness is not an excuse. Anyway, should he decides, he can always easily activate the automatic updates. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /etc/cron.d
On Thu, Dec 8, 2011 at 4:27 PM, Cliff Pratt enkiduonthe...@gmail.com wrote: You can put a crontab file in there. Just don't alter any of the others. Crond automatically runs everything in /etc/cron.d, in /etc/crontab, and in user crontabs. That's what I thought, but /etc/crontab only mention this: # run-parts 01 * * * * root run-parts /etc/cron.hourly 02 4 * * * root run-parts /etc/cron.daily 22 4 * * 0 root run-parts /etc/cron.weekly 42 4 1 * * root run-parts /etc/cron.monthly No /etc/cron.d ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] /etc/cron.d
Hi all, Who takes care of cronjob in /etc/cron.d ? Should we tell crond to run it? /etc/crontab only mentions hourly, daily, weekly, monthly -- Thanks Fajar ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] duqu
Dec 7, 2011 5:58 AM Lamar Owen lo...@pari.edu 작성: On Tuesday, December 06, 2011 04:45:04 PM Johnny Hughes wrote: If I had to guess, I would say that the attackers probably developed their code on CentOS, so they were looking for a CentOS machine to deploy their code on in the wild. That would be why I would say CentOS was the OS used. I read the Kaspersky article and the comments, and the use of 'up2date' in the transcript could possibly point to someone used to upstream EL. But it does illustrate three major points: 3.) Keep good passwords. This can't be stressed enough: if your password was successfully brute-forced it is now in the brute-forcer's *dictionary* of passwords to try in the future and should never be used again, regardless of how secure it might seem. I happen to have a copy of an older brute-forcer dictionary here (somewhere) and it's very large and has lots of very secure-seeming passwords in it. Why not don't allow root login from ssh? That's basic yet effective. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Seeing rlimits on CentOS 4
Dec 7, 2011 2:43 AM Stephen Harris li...@spuddy.org 작성: I can't upgrade these machines in a reasonable time period (production outage on core infra? Ugh) and need the values on the current systems. I also have few important systems that are stuck in Centos 4.x. Can't afford the downtime. So far it's fine. But as the end of life comes closer.. (fill in any admin rants here). :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] duqu
Dec 7, 2011 7:05 AM Lamar Owen lo...@pari.edu 작성: On Tuesday, December 06, 2011 05:31:58 PM Fajar Priyanto wrote: Dec 7, 2011 5:58 AM Lamar Owen lo...@pari.edu 작성: I happen to have a copy of an older brute-forcer dictionary here (somewhere) and it's very large and has lots of very secure-seeming passwords in it. Why not don't allow root login from ssh? That's basic yet effective. This particular brute-forcer didn't require root access to spread. It can work under a normal user without root You miss my point. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to preserve iptables when running the GUI tool ?
Dec 6, 2011 4:32 AM Timothy Madden terminato...@gmail.com 작성: Hello I have set up NAT with iptables for an openvpn connection, so that the VPN server could give VPN clients access to the entire sub-net of the server. The probelm is if I start system-config-securitylevel to say disable the firewall, and then again to enable it, my iptable rules are gone ! I did run `service iptables save` before. Is there something I can do to prevent this ? Is there a gui interface to enable NAT over a VPN connection that cooperates with system-config-network ? You mean system-config-securitylevel? It's pretty useless. Pls take a look at Fwbuilder. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Replacing gateway, is it bad idea?
Hi all, I have plan to replace my Centos5.7 VM with newer version. The VM works as our network gateway. I want to ask from your experience, will it be a bad decision? My concern is that since the Mac Address of the gateway will change, will it disrupt the network? How fast the Switches can recognize the new mac? Any other pitfall? Thanks Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Replacing gateway, is it bad idea?
On Wed, Nov 30, 2011 at 5:09 PM, John R Pierce pie...@hogranch.com wrote: On 11/30/11 12:59 AM, Fajar Priyanto wrote: How fast the Switches can recognize the new mac? Any other pitfall? within seconds. or faster. and the client's ARP caches expire nearly as fast. its not the switches you care about as much as the DHCP leases for your clients. if you can copy the dhcp leases file over, that will save a lot of grief. Thanks John, I feel a bit relief hearing that. More over, the gateway is a pure one, no dhcp, no other services. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Replacing gateway, is it bad idea?
On Wed, Nov 30, 2011 at 11:22 PM, Lamar Owen lo...@pari.edu wrote: So be prepared to clear ARP caches (since gratuitous ARP is sometimes seen as an attack vector, although it works quite well for VMware vMotion, DRS, and HA) and CAM/TCAM entries if things go awry. The RPMforge/repoforge repository includes the 'garp' package; on the new gateway you could have this garp package installed, and then run garp with the IP address of the old gateway immediately after stopping the old gateway's interface, and that might work. But caution is advised, and YMMV, of course. Thanks all for all the insights from your experience. Much appreciated. I will do it during weekend when no users are working. (this creates the saying about sysadmin: people work, we work. people rest, we still work). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Forget SMB password immediately
On Mon, Nov 28, 2011 at 4:22 PM, Guitart Francesc francesc.guit...@enise.fr wrote: if all the user processes are running as the same user ID, how do you expect the file system to know what user is supposed to have access to which share? what you're asking for is physically impossible. once user A logged on as unix user X opens his user 'ShareA', *all* processes running as unix user X will have access to it. if you thought it worked differently on Debian, you were wrong. Sorry, maybe I haven't been clear. What I can do with Debian is to forget the SMB password every time I get connect to NAS, in such a way several network users can use the same local account. While, if I understand correctly, you are talking on the assumption of one NFS connection. I don't get it. 1. Why use shared account? 2. If you are using the same account, how can you prevent user from accessing each other's folder? /data/userA /data/userB The above ownership and permission won't do any good. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Forget SMB password immediately
On Tue, Nov 29, 2011 at 4:03 AM, Lamar Owen lo...@pari.edu wrote: On Wednesday, November 23, 2011 06:11:31 AM Guitart Francesc wrote: How I can force always the request of login and password? In System - Administration - Authentication, 'Options' tab, is 'Cache User Information' checked? I think Centos Nautilus and Ubuntu should have 'forget password immediately? In other case you can force it to do that by: killall -HUP gnome-vfs-daemon ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C5: text editor with file compare?
On Fri, Nov 25, 2011 at 5:37 PM, Rainer Traut tr...@gmx.de wrote: I'm looking for an editor with file compare capabilities. Gedit and kate don't seem to do this? Try Diffuse Merge Tool. Although it's main purpose is to compare and merge, we can use it as editor too. -- http://linux3.arinet.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Forget SMB password immediately
On Wed, Nov 23, 2011 at 7:59 PM, Guitart Francesc francesc.guit...@enise.fr wrote: In fact I have explained wrong. This time I log in from any window File Go to .. (I don't know the exact translation in english cause I'm in one french computer) and type smb://nas_name. I can access to the NAS and I can enter all the shared folders of all users that I previously had been logged from Connect to server 1) How do you arrange the directory structures of the share? Is it like: /data/share/userA /data/share/userB ? 2). How do you setup the share in smb.conf? Is it like: [data] path=/data/share ? If yes to the above the only protection you can give is by filesystem permission and ownership, not through samba. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS fileserver migrating to ZFS appliance
On Fri, Nov 25, 2011 at 10:00 PM, Alan McKay alan.mc...@gmail.com wrote: I've got a CentOS / RHEL (5.x) environment and am in the process of migrating the 5.3 file server over to an Oracle/Sun 7120 appliance. Hi Alan, sorry for the OT. I'm very much interested on the 7120. How much space do you have on it and what is the price? The oracle web doesn't show the price. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: ZFS appliance Oracle / Sun 7120
On Sat, Nov 26, 2011 at 9:16 AM, Alan McKay alan.mc...@gmail.com wrote: I don't know the price - I've only been here a few weeks. I'll have to check when I'm back at work for details on it - don't have my VPN login yet. I'm going into work tomorrow to migrate another filesystem to the ZFS so I'll try to remember then. I am pretty happy with it so far - nice system with a relatively simple but powerful GUI. There is also a cryptic command line access level for managing it. I'm looking forward for the info. I cannot implement quota on my fileserver due to convention. And this results in storage capacity issue. Luckily most of the files stored by the users are text files so compression helps a lot. I've been using lessFS and zfs-fuse and pretty satisfied. It saves space a lot. I just thought that the Zfs appliance would be even more beneficial for my need. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 2 network card setup
On Mon, Nov 21, 2011 at 1:39 PM, Johan Vermeulen jvermeu...@cawdekempen.be wrote: Until a few months ago, I worked with OpenSuse. There in firewall config, you had to assign each NIC to a zone, either internal, external, DMZ or custom. Without it not much would work. I don't seen anything on CentOs in firewall config. So how does this work in CentOs? In Centos the standard firewall settings are basic. Don't worry about setting up zones, etc. Unless you do want that setting. What are you going to do with 2 network card? As gateway? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ip command
Hi all, I have this network: 10.1.20.0 - 10.1.23.0 /22 Broadcast 10.1.23.255 Say I have a machine with IP: 192.168.1.1 Now, I want to create virtual IP on it with ip command: 1. Is this ok? ip addr add 10.1.22.100/22 dev eth0:1 2. Should I define the broadcast too in the above command? If I don't define it, will the above command means the broadcast would be 10.1.25.255? Thank you. Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Misterious hang
On Thu, Nov 10, 2011 at 5:03 PM, Fajar Priyanto fajar...@arinet.org wrote: Hi all, Recently one my Centos 5.7 VM just crashes at least once a day randomly (hang). In /var/log/messages there is nothing at all that there is problem (no error, no failure). The log just stops. The only change I did before this crashes is I activated LDAP authentication, and also auditd. But I don't see any evidence relating to it. Hi all, I want to give update Removing auditd didn't solve the problem. Still hang. So, finally I create a cronjob to echo date and time into a text file every 5 minutes to find out if there is a pattern on when the hang occurs and the result is It hasn't hang for more than 3 days...! Definitely there is still problem, but somehow that cronjob prevents the hang from occurring. Like as if the VM got idle, it will hang? I don't know... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Misterious hang
On Thu, Nov 10, 2011 at 10:25 PM, m.r...@5-cent.us wrote: Any clue where to look for the cause? Two questions: is there anything on the console screen? Does it just hang, or reboot? If the latter, and there's nothing in the logs, it's possible activating openLDAP was just coincidental with the problem, and I'd start worrying about hardware problems. 1. It's a VM, the console looks black. Typing something on keyboard doesn't bring back the console to alive. It's also unresponsive to ping. 2. It's just hang. Not reboot. I have to power off the VM and power on. The ESXi host has many VM in it and only my that VM has problem. No specific time of hang. Only thing I can try is to deactivate auditd. Let's see if it survives more than one day without hang. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos Firewall - router with virtual IP
On Sat, Nov 5, 2011 at 11:19 PM, m...@tdiehl.org wrote: Does fwbuilder have that function? Fwbuilder does indeed have time objects in it, although I have never used them. The docs at http://fwbuilder.org are pretty extensive and the devs hang out on the mailing lists and regularly answer questions or provide pointers to the relevant docs. Hi Tom! You're right. http://www.fwbuilder.org/4.0/docs/users_guide/time-interval-objects.html Perfect for me!! Thank you :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos Firewall - router with virtual IP
On Fri, Nov 4, 2011 at 6:59 AM, John R Pierce pie...@hogranch.com wrote: On 11/02/11 7:34 PM, Fajar Priyanto wrote: I'm creating a firewall router with Centos with few virtual IP using iptables. May I ask for your experience? Is there any pitfall or bad side of using virtual IP for this purpose? I'm using few virtual IP to accommodate few subnets that go through this firewall/router. now, when you say 'virtual IP', do you mean alias IPs on your WAN (outside) interface(s), or multiple private subnets on the LAN (inside) interface(s) ? none of those are 'virtual' in any sense I'd use that adjective. Hi John, thanks for asking. My firewall setup is like this: Physical NIC: eth0 - to outside world eth1 - to LAN There is masquerading in eth0 so LAN can go to internet Now, I'm adding some virtual interface eth1:0, eth1:1... so on to accommodate new subnets created in the LAN. My concern comes from question... how does the MAC addressing is handled (by the switches and the OS)? Because wouldn't eth1:0, etc be sharing the same MAC address as eth1? Will there be any problem or confusion in the network? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos Firewall - router with virtual IP
On Fri, Nov 4, 2011 at 10:15 AM, KevinO ke...@kevino.org wrote: anyways, whatever, yes, you can do it with iptables, but not all off the shelf firewall script generators will support multiple LAN subnets. I usually write my own iptables rulesets. I can say first hand that fwbuilder easily handles managing scripts for multiple subnets and aliased addressing on NIC's. I use separate interface cards for each subnet, however. (5 NIC's, 4 internal subnets, 3 public IP's on the one external facing NIC) Hi Kevin, Expanding my original question. I have a need to open and close iptables rules based on particular time, say 1 week later, 1 month later, etc. Currently I have a simple script to do that: - Create the rules. - Create atd job to delete the rule based on the defined time. - Log it. It works, but not elegant :) Does fwbuilder have that function? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos Firewall - router with virtual IP
Hi all, I haven't found anything in Google about this. I'm creating a firewall router with Centos with few virtual IP using iptables. May I ask for your experience? Is there any pitfall or bad side of using virtual IP for this purpose? I'm using few virtual IP to accommodate few subnets that go through this firewall/router. Thank you. Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netapp like snapshots using Centos 5/6 direct attached storage
On Sun, Oct 23, 2011 at 9:56 PM, Scott McKenzie spud...@hotmail.com wrote: Hello, I'm researching the best method of providing about 20 users in a production environment the same functionality as they would have on a Netapp NFS share. The O/S I will be using is CentOS 5 or 6 (max flex on which one) and the hardware is a disk array directly (12 SAS disks 7TB un-configured brand new) attached to a HP 580 G 7. I've done some reading on ZFS on Linux ,fuse-ZFS, BRTFS ,rsnapshot, snapFS. Any one have some advice or experiences to share? IMHO, Currently none can beat ZFS features. If you look in wikipedia, only ZFS has YES in all the columns. I've tried fuse-zfs, not bad. The snapshot works great. However performance is rather heavy. ZFS on Linux is worth exploring. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What happened to 6.1
On Fri, Oct 21, 2011 at 6:22 PM, Steve Walsh st...@nerdvana.net.au wrote: Except. If you have a 6.0 machine, and enable the cr/ repo, then you don't just get the 6.0 updates. You get most of the post-6.0 updates, plus what's been built for 6.1 (effectively still in QA), plus some post 6.1 updates (Again, still in QA). As far as I'm aware, there's now way to say Just give me the 6.0 updates you have when using the cr/ repo. I am more than happy to be corrected on this operation of the cr repo tho, as I've held off on updating boxes with the cr/ repo so as not to get untested updates. The best policy is to stay with 5.7. Why would anyone want to use 6.x with the issue? All my boxes are still 5.7. Newer version doesn't mean better software. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Tool to track files
Hi all, Due to some reason, I will have to stop using Samba as our fileserver, and instead replace it with SSH access only. Users will be able to use WinSCP for it. The question is, is there any tool to track files (what is new files, deleted files by who, etc)? In Samba I can do that. I don't know how if it's SSH access. Thank you Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ca-certificates in 5.x
Hi all, Just want to confirm. this RHSA doesn't apply to Centos 5.x does it? [Red Hat Linux] [RHSA-2011:1248-01] Important: ca-certificates security update Thank you. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 6.1 Release
On Sat, Sep 24, 2011 at 10:08 AM, TE Dukes tdu...@palmettoshopper.com wrote: So how can we help getting CentOS 6.1 released? This is a Community project. I'm not a programmer, IT person but I do ask a lot of help from this list. What do we need to do or how can the 'average person' help? Can you send us some files to test? What? I'd like to help but don't know how. I'm average person too and the best thing we can do is to be appreciative of the hardwork from Centos team, helping in forum / maillist, etc. Donation ($$ or hardware) would also be nice. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] This doesn't make sense
On Sat, Sep 17, 2011 at 11:57 PM, Always Learning cen...@u61.u22.net wrote: On Sat, 2011-09-17 at 16:50 +0100, Keith Roberts wrote: Faulty burn media? I use a lot to record television news, among my many other activities, and estimate about 4% to 5% of DVDs are bad. Bad media is one high possibility. If you have any other 64bit OS, i.e. Windows (yuk), Ubuntu, etc. Try them. If they boot, then your Centos media is faulty. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] This doesn't make sense
On Sun, Sep 18, 2011 at 1:27 AM, Karanbir Singh mail-li...@karan.org wrote: Faulty burn media? This is the sort of message that is really unhelpful. You are stating opinion, with no relation to the actual email posted by the OP, and provide nothing to work with to prove or disprove the situation. Unless ofcourse, you travelled over to the OP's place, went through a diagnostic cycle and arrived at that conclusion. If you did so, please state it so we dont end up wasting everyone else's time trying to go down other routes. Just want to remind everyone that this isn't a social chatter list, or a LUG free for all. Lets try and actually be productive and lets try to help people in a tangible manner. If you don't have anything relevant to say or contribute to a conversation, its perfectly fine to not say anything at all. That's pretty harsh say. We're not rocket scientists, but from experience we know that to troubleshoot something we should try the easiest and most probable thing first. A lot of people responded related to media, and that's because it happens. As in the end the OP confirms that. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedup (again)
On Fri, Sep 16, 2011 at 11:58 AM, Fajar Priyanto fajar...@arinet.org wrote: The OP was asking http://www.opendedup.org/ How is it? Hmm opendedup requires java which I'm not allowed to use. :( ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dedup (again)
On Fri, Sep 16, 2011 at 12:10 PM, Christopher Chan christopher.c...@bradbury.edu.hk wrote: ZFS, ZFS, ZFS ___ Hi Christopher. Thanks for your hint. I'm testing it now on Centos. So far it's awesome!! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
On Thu, Sep 15, 2011 at 2:31 PM, Kahlil Hodgson kahlil.hodg...@dealmax.com.au wrote: Perhaps your are downloading the same corrupted primary.xml.gz from mirror.opendoc.net. Maybe try another mirror? Perhaps download the file manually and compare? Yeah could be. And if your corporate network is behind a proxy, the proxy may cache that corrupted files. [root@picard yum.repos.d]# yum update Maybe using Startrek name as server name is not a good idea. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum segmentation fault updating from 5.6 to 5.7
Stupid question. Can we uninstall yum? And install again using manual rpm. 나의 iPhone에서 보냄 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Dedup (again)
Hi all, Back in March someone asked about deduplication in Centos and I replied I'm using LessFS. I want to report that my overall experience is that I have performance issue up to the point that I would like to abandon it. The OP was asking http://www.opendedup.org/ How is it? Thanks Fajar ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fax over ip?
On Mon, Sep 12, 2011 at 5:10 PM, hadi motamedi motamed...@gmail.com wrote: I did as : #yum search fax #yum search sip http://www.avantfax.com/install.php Don't ask how to install it here. But if you need help, I believe avantfax team offer professional service for that. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] fax over ip?
On Mon, Sep 12, 2011 at 6:02 PM, hadi motamedi motamed...@gmail.com wrote: Thank you very much for your help. I got the point. So it is fax over ip provider-specific but not centos-specific. Sorry for my mistake . I thought that it is like sip phone client issue as I didn't find anything specific from 'yum search fax' . I seriously think you should use google more often. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not receiving root mail
On Mon, Aug 22, 2011 at 9:29 PM, Anne Wilson cannewil...@googlemail.com wrote: Aug 22 14:02:11 borg postfix/qmgr[1499]: B4693A377C: from=a...@borg.xxx.lan, size=7487, nrcpt=1 (queue active) Aug 22 14:02:12 borg postfix/smtp[2071]: B4693A377C: to=a...@xxx.org, relay=mailhost.zen.co.uk[212.23.3.98]:25, delay=0.43, mydestination = $myhostname, localhost.$mydomain, $mydomain, xxx.lan Hi Anne :) Found you again from Mandriva list years ago :) I think you need to put xxx.org also in mydestination. So the mail won't get through internet. As you can see, it's sending to a...@xxx.org. mydestination = $myhostname, localhost.$mydomain, $mydomain, xxx.lan, xxx.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Does anyone know if I can reconfigure a PERC H700 without rebooting?
How did you add the spare drives in the first place? Need a reboot that time? 나의 iPhone에서 보냄 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Web Site centos.org is down
Works fine from Singapore. Must be your ISP thing. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Subnet expansion
On Tue, Jul 26, 2011 at 7:53 PM, John Hodrien j.h.hodr...@leeds.ac.uk wrote: Currently I have this network: 10.1.16.0/22. 10.1.16.0-10.16.17.254 are DHCP managed 10.1.18.0-10.1.19.254 are statically assigned If I need to expand it to: 10.1.16.0/20 I think the answer to this part is not trivially. A machine in the /20 subnet will expect to be able to talk directly to a machine within the /22, but that machine will want to talk via a router. You can hide subnets within subnets using arp-proxying, but I'm not sure there's an easier way. A machine within the /22 would be able to talk to any other machine within that /22 (even if they're configured to use /20), but won't be able to happily talk to machines within the /20 but outside of the /22. Hi John, Thanks for helping. I have some discussion also with friends in the physical world, and they suggest: 1. Keep the current network 10.1.16.0/22 2. Create another network 10.1.20.0/22 (half static, half dhcp) 3. Setup a router so that the two network can talk to each other. 4. This will offer no disruption to the current network setup at all. One issue that I see may be coming is that, since I want to allocate 10.1.20.0/22 to a specific VM that belong to a specific team, I may have to setup the DHCP based on MAC. Could be very tedious. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Subnet expansion
Hi all, Can pls share your experience on this? Currently I have this network: 10.1.16.0/22. 10.1.16.0-10.16.17.254 are DHCP managed 10.1.18.0-10.1.19.254 are statically assigned If I need to expand it to: 10.1.16.0/20 1. What is the best way to do it with minimal network disruption? 2. If I keep some machine with 22 subnet mask, will it still be able to talk to the other machines in it's range? Thank you. Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] managing a rack full of centos servers
On Wed, Jul 20, 2011 at 7:43 AM, John R Pierce pie...@hogranch.com wrote: to date, I've done all my administration on a manual 1 at a time basis, as each system has been pretty much unique. its looking like I might need to setup a deployment of a dozen or 2 basically identical machines, all running pretty much the same sorts of stuff. I have zero experience with the sorts of management tools folks use to automate this type of configuration, both initial setup, and ongoing management (system updates, user application updates, configuration changes, etc). Redhat satellite can handle it. Too bad I don't know if there is foss alternative for it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] managing a rack full of centos servers
On Wed, Jul 20, 2011 at 8:25 AM, Patrick Lists centos-l...@puzzled.xs4all.nl wrote: On 07/20/2011 02:03 AM, Fajar Priyanto wrote: Redhat satellite can handle it. Too bad I don't know if there is foss alternative for it. There is http://spacewalk.redhat.com/ They have it? Awesome! Thanks for the info!! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewall?
Do this: 1. Make sure your Centos has two network card. One connected to internet, one to local lan. Make sure the Centos can already browsing internet. Example internet: eth0 192.168.1.1 local: eth1 192.168.2.1 2. Activate ip forwarding in /etc/sysconfig/sysctl.conf net.ipv4.ip_forward = 1 Run sysctl -r to reload the new setting 3. Type this iptables command to share internet: iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE 4. Set your windows box to use 192.168.2.1 as it's default gateway. Don't forget to give it DNS too like 8.8.8.8 5. I'd suggest you join your Linux Local User Group to have more help. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewall?
On Sat, Jul 16, 2011 at 7:11 PM, Fajar Priyanto fajar...@arinet.org wrote: 2. Activate ip forwarding in /etc/sysconfig/sysctl.conf net.ipv4.ip_forward = 1 Run sysctl -r to reload the new setting typo: should be sysctl -p ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewall?
On Sat, Jul 16, 2011 at 7:12 PM, John R. Dennison j...@gerdesas.com wrote: Can you at least _try_ to be self-reliant? Can you at least _try_ and use google and other resources that you've been pointed to in the past? Can you please _try_ to not ask this list to do your job for you? If you have specific questions after showing that you've done at least a modicum of research on your own is one thing; being fully reliant on the volunteers on this list is another. Yeah, some like to find the easiest the shortest the least effort way :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewall?
On Sat, Jul 16, 2011 at 6:47 PM, Ljubomir Ljubojevic off...@plnet.rs wrote: You might be interested in shorewall[1]. It has config file and extensive documentation. You tell it what you want and all iptables are automatically set. It also has webmin module. There are rpm's for CentOS 5 but I think they would be OK also on the CentOS 6. [1]: http://www.shorewall.net/ Hadi, With all the suggestions, I believe it's enough to get you going. iptables, shorewall, webmin. All you have got to do know is to google around using those keywords, and start learning by yourself. Google has everything. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Log monitoring
Hi all, Currently I do 'tail -f /var/log/messages | grep something' to monitor/tune in my iptables rules. Based on your experience, is there any tools do that better like: - color - grepping multiple keywords - some statistic Thank you Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OT: 1.1.1.1 is not private anymore?
Hi all, Our network is suspected to be infected by malware by the detector in upline network. Turns out that some of our developers use 1.1.1.1 as a pinging testing. Google comes to my knowledge that 1.1.1.1 is not a private IP anymore? Since when? Also Google says 1.1.1.1 is well-known to be used by botnet command and control host?? I've blocked it in the local gateway. Just curious.. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Power-outage
On Fri, Jul 1, 2011 at 7:05 PM, Timothy Murphy gayle...@eircom.net wrote: It seems to me that it should be possible to have a simple, torch-battery operated, system which will keep the machine alive long enough to make a graceful exit. A full-blown UPS would be excessive, I think, as I only want the machine to re-boot when the current comes back on. I believe a personal UPS would be quite cheap. Much cheaper than losing data. The UPS can tell the OS to shutdown on power loss. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Chicken and egg question: passwd and cronjob
Hi all, Let's say I activate password expiration for every account (including root) for every 90 days. I understand that cronjob for root will fail when the password expires. The question is, if I setup a cronjob every 90 days to renew the root password like: echo diFficulT123 | passwd --stdin root will it work? I mean at second 1 on the 90th day, which will run first? - The cronjob to renew the password - Or the password expiration, thus preventing the cronjob from running. Pardon me if it's silly. I know it's bad to change password from script, but the root acc is not used at all and has been disabled from logon remotely. I just need it to keep various cronjob to keep running. Any other advise are welcome. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Chicken and egg question: passwd and cronjob
On Thu, Jun 23, 2011 at 3:44 PM, Michael Gliwinski michael.gliwin...@henderson-group.com wrote: On Thursday 23 Jun 2011 07:46:01 Fajar Priyanto wrote: I understand that cronjob for root will fail when the password expires. AFAIK, account does not need to have a password at all for cron to work. Apart from that if you're going to automatically reset root's password you may as well just avoid expiring it at all. In /var/log/cron I see this when the password expires. And cronjob fail to run. Jun 23 02:50:01 my-srv crond[4424]: CRON (root) ERROR: failed to open PAM security session: Success Jun 23 02:50:01 my-srv crond[4424]: CRON (root) ERROR: cannot set security context Jun 23 03:00:01 my-srv crond[4425]: Authentication token is no longer valid; new one required ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Year in log files
Hi, Can we display year in log files timestamp? We are being audited and the auditor wants to know when we apply certain patches. yum.log shows it, but it doesn't have the year. I can argue based on common sense, but it would be much nicer if the year is there. Example: Apr 12 11:41:25 Updated: krb5-libs-1.6.1-55.el5_6.1.i386 Apr 12 11:41:27 Updated: openssl-0.9.8e-12.el5_5.7.i686 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Year in log files
On Thu, Jun 23, 2011 at 10:18 AM, lists-centos replies-lists-b3z2-cen...@listmail.innovate.net wrote: You should set that log to rotate annually. That should address your issue, in addition to keeping logwatch from picking up year-old entries. Yes it's rotated annually. That's why I can argue based on common sense, by comparing the CESA date and the occurance in the log file. But if there is year, I don't have to argue at all with the auditor. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: high static in server room
On Thu, Jun 16, 2011 at 11:28 AM, Mike Williams dmikewilli...@gmail.com wrote: Low humidity would be my first guess. The relative humidity in your server room should be between 50% +/- 10%. Too high and you can get condensation. Too low and you get electrostatic discharges. Oh! I thought it's 10% to 50%. So it's between 45%-55%. Uh-oh... need to put that fish tank asap. Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OT: high static in server room
Hi guys, Sorry for the OT. For the last couple of weeks I notice that the static in my server room is worrisomely noticeable. I cannot see what may be causing it Care to share some of your experience what may be the cause and the remedy? Thank you. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: high static in server room
Thanks all for the reply. What is the worst thing can happen from excessive static? We have two corrupted UEFI when we reboot servers which now I suspect because of static. Yesterday I actually saw a spark when I put a memory module on motherboard even though I was careful like touching the metal casing first. That just blow my mind and made me ask you in this list. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KVM vs ESXi
On Wed, May 18, 2011 at 8:58 PM, Drew drew@gmail.com wrote: My question to everyone are these: -Does KVM have a concept of virtual switches and and are they tied to physical NICs? ESXi allows me to create a vSwitch that isn't tied to a physical NIC so I can create a DMZ that exists solely within the host system. I'd like to replicate that if possible. http://bitbud.com/2008/08/20/how-to-setup-a-private-network-for-virtual-guests-in-kvm-2/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos as Gateway ? (Router/transparent proxy)
Also worth considering is to upgrade the subscription to unlimited internet access. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Removing 32bit packages from 64bit OS
Hi all, Somehow I mistakenly install a bunch of 32bit packages in my 64bit Centos 5.6 How do I remove those 32bit packages? Thank you. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] malware scanner
Thank you all for the recommendation. I'd need specifically to scan any web traffic for malware threat. So, yeah, I'll take a look at your choices. Probably squid or dansguardian, and/or clamav. Thanks again. Fajar. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] malware scanner
On Wed, Apr 27, 2011 at 5:32 PM, Ljubomir Ljubojevic off...@plnet.rs wrote: You should check out ClearOS. It's based on CentOS and it's full gateway/proxy/anti-malware solution with web interface. Ljubomir Wow, this is cool! Thanks Ljubomir! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] malware scanner
On Thu, Apr 28, 2011 at 11:43 AM, Fajar Priyanto fajar...@arinet.org wrote: On Wed, Apr 27, 2011 at 5:32 PM, Ljubomir Ljubojevic off...@plnet.rs wrote: You should check out ClearOS. It's based on CentOS and it's full gateway/proxy/anti-malware solution with web interface. Ljubomir Oh ClearOS is previously known as ClarkConnect? Isn't it a commercial product? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos