Re: [CentOS] CentOS 5 and Xen Windows domU

[Daniel de Kok]

On Mon, 2007-06-18 at 16:13 -0700, Fong Vang wrote:
> Has anyone been able to get a Xen Windows domU to install or work
> properly on CentOS 5?  I'm trying to do that now.  It's able to boot
> and start he installation (from ISO), but after partitioning the disk
> and copying a few files to the hard drive, it cannot boot into the
> graphical installer.

Could you describe what happens?


> on_reboot = 'preserve'

Are you sure you want this? Why not 'destroy' or 'restart'?

-- Daniel

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Daniel de Kok]

On Mon, 2007-06-18 at 15:26 -0600, Stephen John Smoogen wrote:
> I am sorry, but while I believe that it was meant in jest...

Yes, it was a slight reference to a message from a few days ago.

> the core
> of the problem is that turning it off is the default answer from too
> many people who have no idea why an application isnt working.

Yes. There are many CentOS-oriented howtos out there that recommend
turning off SELinux as their first step, where it is unnecessary for
such configuration. It is better to teach people about security in such
articles, than to recommend turning off SELinux defacto.

I agree with you (Stephen Harris) that it is not always necessary to
have SELinux enabled. But there was a tendency on various lists that
started with the non-modular SELinux policy (which is admittedly, much
more of a pain to modify) to recommend users to turn of SELinux. I'd
like to see things happen the other way around, where people keep it
enabled, unless there is a good (informed) reason to so.

It was not my intention to imply that you haven't disabled SELinux for a
good reason. I reacted to your message, because it may give some people
bad ideas (like turning off SELinux when Xen doesn't work, because they
haven't set the correct context for images).

-- Daniel

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 5 Repo errors

[Robert Moskowitz]

Thanks for getting back to me on this

Jim Perrin wrote:

On 6/18/07, Robert Moskowitz <[EMAIL PROTECTED]> wrote:


kbs-CentOS-Misc

http://centos.karan.org/el5/misc/stable/i386/RPMS/repodata/repomd.xml:
  --> [Errno 14] HTTP Error 404: Not Found


Doesn't exist. Extras is there.  You'll note that
http://centos.karan.org makes no mention at all of the Misc repo. Just
because it was there for c4 doesn't mean it'll be there for c5.

Well it says:

" On CentOS 4 and CentOS 5 ( yum version 2.2 and higher ) : Download 
file : kbsingh-CentOS-Misc.repo 
 and save it in 
/etc/yum.repos.d/"


And that is what I did, so there may be a bit of contrary info here.



contrib

Failure getting
http://centosn.centos.org/centos/5/contrib/i386/repodata/repomd.xml:
  --> [Errno 14] HTTP Error 404: Not Found


Contrib has never existed, though it's included in the
Centos-Base.repo file. You can safely comment the entire bit out for
this repo. It's not used.

OK.




what is the correct source for c5-media instead of:

[c5-media]
name=CentOS-$releasever - Media
baseurl=file:///media/CentOS/
file:///media/cdrom/
file:///media/cdrecorder/


That is the right one. Only thing you're missing there are the
gpgcheck, and enabled=0 lines.
um.  Oh.  Now I get it.   I thought 'media' meant a repo of media 
apps!   Silly me...



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 5 Repo errors

[Jim Perrin]

On 6/18/07, Robert Moskowitz <[EMAIL PROTECTED]> wrote:


kbs-CentOS-Misc

http://centos.karan.org/el5/misc/stable/i386/RPMS/repodata/repomd.xml:
  --> [Errno 14] HTTP Error 404: Not Found


Doesn't exist. Extras is there.  You'll note that
http://centos.karan.org makes no mention at all of the Misc repo. Just
because it was there for c4 doesn't mean it'll be there for c5.


contrib

Failure getting
http://centosn.centos.org/centos/5/contrib/i386/repodata/repomd.xml:
  --> [Errno 14] HTTP Error 404: Not Found


Contrib has never existed, though it's included in the
Centos-Base.repo file. You can safely comment the entire bit out for
this repo. It's not used.



what is the correct source for c5-media instead of:

[c5-media]
name=CentOS-$releasever - Media
baseurl=file:///media/CentOS/
file:///media/cdrom/
file:///media/cdrecorder/


That is the right one. Only thing you're missing there are the
gpgcheck, and enabled=0 lines.


--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Dave Hatton wrote:

I have rpms for 1.0.0 / Centos4 stored here - which I can make available 
to you if you need?


Although I see Axelis going to produce a fix very soon now so maybe you 
won't need them.


Let me know


	Thanks, Dave, but I'll just wait for the updated update from the 
Axe-man.


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Axel Thimm wrote:


I found a bug in the pam_stack autodetection part of the
specfile. This can explain any authentication issues with dovecot on
CentOS4 and 3 (5 is safe). There will be 1.0.1-1_58 very soon to fix
this, thanks for spotting this!


	Ha!  See?  My ex-wife was wrong.  I really AM good for something. 
;-)


	I was just daydreaming recently on when I found my first "Linux 
Bug".  I remember it was something fairly trivial that most people weren't 
affected by, just me and that idiotic 386SX I had.  This must have been, 
what, still in the 0.12 days 'cause I remember using HJ Lu's Boot/Root 
floppies (the 5.25" buggers).  	Ah, the memories...


But back to reality; I am always happy to help in any way I can.

Joe

--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Gnome Taskbar(s)

[Max Hetrick]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

fredex wrote:

> When I install Centos5 in the near future I'm going to want to be able
> to restore the old-style panels. Anybody know what I need to change to 
> make it work in the old way?

Poke around the hidden directory in your profile:

/home/username/.gnome2

There should be some stuff in there that's specific to your customized
desktop. If you are running 4.x now, though, I can't say for sure that
copying that over would work upgrading from 4 to 5, since things change
in different versions of Gnome.

At any rate, look in there. I don't know where else user specific
settings are stored for Gnome.

Regards,
Max
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFGdzRYHoeeepPau2ERAoDyAKCfI7pZ4WJdhLZa31Hz/pxL9XotVwCffmSv
VIWodlHtKg0TUeDBK0ZF6fk=
=aoy2
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Gnome Taskbar(s)

[fredex]

Question:

All the newer Gnome distributions seem to configure themselves with
two small "taskbars" (panels, I guess) one at the top and one at the
bottom.

I prefer the older scheme with one larger one (usually) at the bottom.

When I install Centos5 in the near future I'm going to want to be able
to restore the old-style panels. Anybody know what I need to change to 
make it work in the old way?

Thanks!
-- 
 Fred Smith -- [EMAIL PROTECTED] -
   I can do all things through Christ 
  who strengthens me.
-- Philippians 4:13 ---


pgp5UGye5OMvF.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] PXE problems with syslinux 3.51

[Gavin Carr]

Anyone else seeing problems doing pxe boots off the latest dag/rpmforge
syslinux packages? Versions 3.35 works, doing the tftp request like this:

  Jun 18 06:01:19 boothost in.tftpd[25947]: RRQ from 172.16.0.26 filename 
/centos5-i386/pxelinux.0
  Jun 18 06:01:19 boothost in.tftpd[25947]: tftp: client does not accept 
options 
  Jun 18 06:01:19 boothost in.tftpd[25948]: RRQ from 172.16.0.26 filename 
/centos5-i386/pxelinux.0 
  Jun 18 06:01:19 boothost in.tftpd[25950]: RRQ from 172.16.0.26 filename 
/centos5-i386/pxelinux.cfg/03-03-13-83-83-d3-a3
  Jun 18 06:01:19 boothost in.tftpd[25951]: RRQ from 172.16.0.26 filename 
/centos5-i386/pxelinux.cfg/AC10001A 
  Jun 18 06:01:19 boothost in.tftpd[25957]: RRQ from 172.16.0.26 filename 
/centos5-i386/vmlinuz
  Jun 18 06:01:19 boothost in.tftpd[25958]: RRQ from 172.16.0.26 filename 
/centos5-i386/initrd.img


Versions 3.50 and 3.51 request the filenames without the leading /centos5-i386, 
and fail:

  Jun 18 06:05:13 boothost in.tftpd[25947]: RRQ from 172.16.0.26 filename 
/centos5-i386/pxelinux.0
  Jun 18 06:05:13 boothost in.tftpd[25947]: tftp: client does not accept options
  Jun 18 06:05:13 boothost in.tftpd[25948]: RRQ from 172.16.0.26 filename 
/centos5-i386/pxelinux.0
  Jun 18 06:05:13 boothost in.tftpd[25949]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/44454c4c-3300-1033-8050-abcdef4e3153
  Jun 18 06:05:13 boothost in.tftpd[25950]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/03-03-13-83-83-d3-a3
  Jun 18 06:05:13 boothost in.tftpd[25951]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC10001A
  Jun 18 06:05:13 boothost in.tftpd[25952]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC10001
  Jun 18 06:05:13 boothost in.tftpd[25953]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC1000
  Jun 18 06:05:13 boothost in.tftpd[25954]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC100
  Jun 18 06:05:13 boothost in.tftpd[25955]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC10
  Jun 18 06:05:13 boothost in.tftpd[25956]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC1
  Jun 18 06:05:13 boothost in.tftpd[25957]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/AC
  Jun 18 06:05:13 boothost in.tftpd[25958]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/A
  Jun 18 06:05:13 boothost in.tftpd[25959]: RRQ from 172.16.0.26 filename 
pxelinux.cfg/default


Any cluesticks on solving this? For now I've just reverted to 3.35, but it 
would 
be nice to get it working with the current release.


Cheers,
Gavin



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] yumex 'crashed' - anyway to resume?

[Robert Moskowitz]

I spent quite a bit of time setting up what I wanted to update and 
install via yumex.


I left my system for a few minutes to attend to another computer.

A helpful family member logged me off without checking.

So can I recapture what I had queued?  I cannot find anything that looks 
like a yumex queue file.


yum.log does not have any updates from today

:(


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 5 & USB Kickstart?

[Jiann-Ming Su]

Is anybody else having problems with CentOS 5 not loading the usb
drivers for kickstart installations?

I'm passing "linux ks=hd:sdb1:/ks.cfg," but I get a message saying it
can't find the ks.cfg file and I should enter another path.  I use the
exact same boot options with CentOS 4 without any problems.

What am I missing with CentOS 5?  Thanks for any tips.

--
Jiann-Ming Su
"I have to decide between two equally frightening options.
If I wanted to do that, I'd vote." --Duckman
"The system's broke, Hank.  The election baby has peed in
the bath water.  You got to throw 'em both out."  --Dale Gribble
"Those who vote decide nothing.
Those who count the votes decide everything."  --Joseph Stalin


--
Jiann-Ming Su
"I have to decide between two equally frightening options.
If I wanted to do that, I'd vote." --Duckman
"The system's broke, Hank.  The election baby has peed in
the bath water.  You got to throw 'em both out."  --Dale Gribble
"Those who vote decide nothing.
Those who count the votes decide everything."  --Joseph Stalin
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Wireless mouse problem

[P Marvin Eberly]

Hello all, 
 Just for kicks I plugged in a Microsoft wireless optical desktop 1000
keyboard/mouse combo into my Centos 4.5 machine. It recognized it on
boot and configured it and it mostly works good. The issue is with the
mouse, when I hold it over a folder on my desktop for a second or so it
grabs the folder and opens a small menu as if I was using my middle
button on my Logitech. All this happens without me touching a button. It
also opens links in firefox (seemingly at random) and brings background
windows to the front as soon as the cursor touches them. 
   
  I know it's probably my punishment for using something with that name
on it, but I really didn't expect it to work as well as it does. Does
anyone have any ideas of config files or any other things I could try to
get this working better.

  It is a USB keyboard/mouse with a single receiver, and the machine is
fully updated.


  Thanks,
   Marvin E.
-- 
P Marvin Eberly <[EMAIL PROTECTED]>

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 5 and Xen Windows domU

[Fong Vang]

Has anyone been able to get a Xen Windows domU to install or work properly
on CentOS 5?  I'm trying to do that now.  It's able to boot and start he
installation (from ISO), but after partitioning the disk and copying a few
files to the hard drive, it cannot boot into the graphical installer.  This
is the config file I'm using:

import os, re
arch = os.uname()[4]
if re.search('64', arch):
   arch_libdir = 'lib64'
else:
   arch_libdir = 'lib'

kernel = "/usr/lib/xen/boot/hvmloader"
builder='hvm'
memory = 1024
shadow_memory = 520
name = "acw2"
vcpus=4
vif = [ 'type=ioemu, mac=00:18:32:6c:00:ba, bridge=xenbr0' ]
disk = [ 'phy:/dev/acw1/acw2,ioemu:hda,w',
'file:/isos/en_ws_2003_std_sp1_vl.iso,ioemu:hdc:cdrom,r' ]
cdrom='/dev/hdc'
boot='dca'
#boot='a'
device_model = '/usr/' + arch_libdir + '/xen/bin/qemu-dm'
sdl=0
vnclisten="10.1.34.108"
vnc=1
vncdisplay=2
vncconsole=0
vncpasswd=''
stdvga=1
serial='pty'
on_reboot = 'preserve'
on_crash = 'preserve'
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 5 Repo errors

[Robert Moskowitz]

Where are:

kbs-CentOS-Misc

http://centos.karan.org/el5/misc/stable/i386/RPMS/repodata/repomd.xml:
 --> [Errno 14] HTTP Error 404: Not Found

contrib

Failure getting 
http://centosn.centos.org/centos/5/contrib/i386/repodata/repomd.xml:

 --> [Errno 14] HTTP Error 404: Not Found


what is the correct source for c5-media instead of:

[c5-media]
name=CentOS-$releasever - Media
baseurl=file:///media/CentOS/
   file:///media/cdrom/
   file:///media/cdrecorder/




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Justin Morgan is out of the office.

[Ralph Angenendt]

Scott Silva wrote:
> Justin Morgan spake the following on 10/16/2006 11:01 AM:
> > I will be out of the office starting  17/10/2006 and will not return until
> > 30/10/2006.
> > 
> > I will respond to your message when I return.
> Justin Morgan is probably going to be killed from the list also!

How about people who respond to out-of-office-mails?



Ralph


pgpHVmTTaGyVe.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Dave Hatton]

>> I've had a similar problem that I haven't been able to resolve yet.
>>
>> I downgraded to dovecot 1.0.0 (from atrpms) and all is well.
>>
>> I think that the authentication methods are changing and I was 
> planning some research tomorrow.
>>
>> Hope this helps.
>
>   It does.  I was just thinking of trying that so I'll give it a shot
and see what happens.  I do wish yum had a facility for >downgrading
versions.
>
>   I just did a search on atrpms stable for dovecot and it's no longer
there.  There is a dovecot-sieve rpm.  I had to downgrade all >the way back
to 0.99.11-8.EL4 from the base repo to get things working again.

I have rpms for 1.0.0 / Centos4 stored here - which I can make available to
you if you need?

Although I see Axelis going to produce a fix very soon now so maybe you
won't need them.

Let me know

Daveh



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Dave Hatton wrote:


I've had a similar problem that I haven't been able to resolve yet.

I downgraded to dovecot 1.0.0 (from atrpms) and all is well.

I think that the authentication methods are changing and I was planning 
some research tomorrow.


Hope this helps.


	It does.  I was just thinking of trying that so I'll give it a 
shot and see what happens.  I do wish yum had a facility for downgrading 
versions.


	I just did a search on atrpms stable for dovecot and it's no 
longer there.  There is a dovecot-sieve rpm.  I had to downgrade all the 
way back to 0.99.11-8.EL4 from the base repo to get things working again.


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Scott Silva]

Joe Klemmer spake the following on 6/18/2007 2:13 PM:
> On Mon, 18 Jun 2007, Scott Silva wrote:
> 
>> Do you have a /etc/dovecot.conf.rpmnew?
>> Maybe you need to diff the files and see if something changed.
> 
> No .rpmnew or .rpmold or any variation.
> 
>> If you were running 0.99 from stock CentOS before the upgrade, then
>> you definitely need to fix your config file.
> 
> I was running 0.99 something (whatever was in base).  Is there
> something specific I need to look for?  This is the current content of
> the conf file (excluding comments) -
> 
> --8<--8<--
> 
> protocol imap {
> 
> }
> 
> 
> protocol pop3 {
> 
> }
> 
> 
> protocol lda {
>   postmaster_address = [EMAIL PROTECTED]
> 
> }
> 
> 
> auth default {
>   mechanisms = plain
> 
>   passdb pam {
>   }
> 
>   userdb passwd {
>   }
> 
>   user = root
> 
> }
> 
> 
> dict {
> }
> 
> 
> plugin {
> 
> }
> 
> --8<--8<--
> 
> 
> -- 
> Boring Home Page - http://www.webtrek.com/joe
> See my blog, sumo game ranks and other interesting junk
If you were using the default config file from 0.99, you can get by with the
default on Axel's rpm. You just need to make sure that your protocols (pop3
and/or imap) are enabled if needed.

-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen John Smoogen]

On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:

On Mon, Jun 18, 2007 at 12:18:40PM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've never said there are _no_ cases for SELinux.  I was questioning it
> >as a general rule for all machines.

> Several of the problems were machines that were not connected to the
> internet or were deep behind firewalls. The problems were that all it
> takes is one user who doesnt think well to make all those
> firewalls/issues useless. E.G the person who coming in from work finds
> a nice shiney USB fob and plugs it into a work computer to see who it
> belonged to so they could return it.  The guy who downloads an

[ etc ]

This is why I mentioned "risk profile" in another message.  You evaluate
the perceived risk, the likely-hood of the event happening, the cost of
the event, the "cost" of a potential solution and perform an analysis.

So one might rank the items this:
  external facing servers: high risk!  Automated attacks possible
  Desktop work stations: moderate.  User stupidity highest attack vector
  General compute server: low risk.  Only "trained" staff have access.



Most of my cleanup/horror stories are on servers that supposedly
"trained" staff have access to. I was wondering what a general compute
server is... I have seen this term multiple times ot be used for too
many items (internal webservers, share servers, financial database,
etc) where due to the fact that the desktop could access it in some
way.. the stupid user had somehow basically infected it in one way or
another.




(Umm, sorry for going on... I work in an area where these things are
every day considerations so...)



No problem..


> up to you as the site administrator to determine what is safe enough

Actually, in large companies you have a whole risk organisational
structure whose job it is to evaluate these things and determine policy.
They straddle the line between technology (my side) and business (my
customer) needs and try to balance the two.



H I guess I havent worked in a big enough business or the ones I
have dealt with were more inclined to just keep up with paperwork
versus actually making risk analysis. [Is also probably also grumpy
today from having to do other peoples work for them.]



> for Your Site using appropriate risk management. If you believe your
> site has enough methods of protection or are that the cost of extra
> security (selinux) is not appropriate for your risk model.. you can
> turn it off.

I'd argue the opposite; if you feel you the risk exposure is such that
you need the protection then enable it.  I've listed cases where this
is the case.

That cases exist for SELinux does not mean it should be on by default,
and is definitely not deserving of a sheeplike response whenever anyone
proposes otherwise.



I am sorry, but while I believe that it was meant in jest... the core
of the problem is that turning it off is the default answer from too
many people who have no idea why an application isnt working.

Web-application not working, turn off selinux. File-share system not
working, turn off selinux. Desktop application you downloaded from
rpmfind.net not working, turn off selinux. It usually comes with the
recommended advice of use '--force --nodeps' to install/remove RPMS
and just keep setting files 777 until your application works. And
while your answers are clearly thought out... they are pretty much
drowned out in the Slashdot like posts on webforums, email-lists, and
IRC where people who have no clue will tell people to turn off Selinux
by default and then give the other advice above.

Sorry for the grumpy analogy.. and I probably need a vacation from
mailling lists/IRC for a while.. but it seems that this last month has
been dealing with people who turned off selinux because someone told
them too on IRC etc etc. And those people have no idea why just that
they do it because someone told them too.

--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Do I really have the right ATrpms repo?

[Axel Thimm]

On Mon, Jun 18, 2007 at 05:18:41PM -0400, Robert Moskowitz wrote:
> I copied exactly where Axel provided into atrmps.repo.  I have the line:
> 
> atrpms.repo:baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable
> 
> but the rpms that are being flagged as updates pretty much all have fc5 
> in their names.
> 
> e.g.:
> 
> ---> Package mplayer-fonts.noarch 4:1.0-7.at set to be updated
> ---> Package mplayer.i386 4:1.0-60_r23482.fc5 set to be updated
> ---> Package zonecheck.noarch 0:2.0.4-3.fc5.at set to be updated
> 
> ???

Prhaps you still have another *.repo file somewhere, or yum stull
remembers the old settings you had? Also check /etc/yum.conf, then try

yum clean all
yum update
-- 
Axel.Thimm at ATrpms.net


pgpW91LnLQSR2.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Axel Thimm wrote:

Was that the previous version? If so then the breakage is serious, as 
1.0.1 is considered a stable bugfix release over 1.0.0. Please feed me 
(or directly the dovecot list) with any information you can gather.


(Until now I though you were running 0.99.x previously)


	No, it was with the 0.99 version.  I had just noticed that there 
was a slightly older version on atrpms (1.0.0-8_56.el4.at) so I was 
looking to downgrade to it and see what happens.


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Do I really have the right ATrpms repo?

[Robert Moskowitz]

I copied exactly where Axel provided into atrmps.repo.  I have the line:

atrpms.repo:baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable

but the rpms that are being flagged as updates pretty much all have fc5 
in their names.


e.g.:

---> Package mplayer-fonts.noarch 4:1.0-7.at set to be updated
---> Package mplayer.i386 4:1.0-60_r23482.fc5 set to be updated
---> Package zonecheck.noarch 0:2.0.4-3.fc5.at set to be updated

???


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Axel Thimm]

On Mon, Jun 18, 2007 at 07:18:55PM +0200, Axel Thimm wrote:
> On Mon, Jun 18, 2007 at 01:09:06PM -0400, Joe Klemmer wrote:
> > On Mon, 18 Jun 2007, Axel Thimm wrote:
> > 
> > >Personally I would recommend fixing the above, as the dovecot version
> > >as shipped by the upstream vendor (0.99.11 from 2004) is not
> > >maintained by the author anymore. See
> > >
> > > http://wiki.dovecot.org/UpgradingDovecot
> 
> > Maybe dropping back to 1.0.0-8_56.el4.at might be worth a test.  I may try 
> > that later today.
> 
> Was that the previous version? If so then the breakage is serious, as
> 1.0.1 is considered a stable bugfix release over 1.0.0. Please feed me
> (or directly the dovecot list) with any information you can gather.
> 
> (Until now I though you were running 0.99.x previously)

I found a bug in the pam_stack autodetection part of the
specfile. This can explain any authentication issues with dovecot on
CentOS4 and 3 (5 is safe). There will be 1.0.1-1_58 very soon to fix
this, thanks for spotting this!
-- 
Axel.Thimm at ATrpms.net


pgpYc00pWNN1N.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Scott Silva wrote:


Do you have a /etc/dovecot.conf.rpmnew?
Maybe you need to diff the files and see if something changed.


No .rpmnew or .rpmold or any variation.

If you were running 0.99 from stock CentOS before the upgrade, then you 
definitely need to fix your config file.


	I was running 0.99 something (whatever was in base).  Is there 
something specific I need to look for?  This is the current content of the 
conf file (excluding comments) -


--8<--8<--

protocol imap {

}


protocol pop3 {

}


protocol lda {
  postmaster_address = [EMAIL PROTECTED]

}


auth default {
  mechanisms = plain

  passdb pam {
  }

  userdb passwd {
  }

  user = root

}


dict {
}


plugin {

}

--8<--8<--


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Copying my new Centos 5 to my main drive

[Robert Moskowitz]

Well it is now time to take the final upgrade steps.

I have spent a bit of time looking here in the archives and googling 
along on migration, cloning, and copying and don't think I found any 
approach that includes first setting partitions as you like


I am working with a different partition setup for Centos 5 than 4 (I've 
learned a few things in the past year).


So I plan is:

Do minimum install of Centos 5 to my main drive, using my new 
partitioning scheme:


A /boot ext3 partition.
A swap partition.
A LVM partition with:
a / ext3 sub-partition.
a /home ext3 sub-partition.

while booted from this minimum install, use cp to copy the following 
directories from the test drive to something like /home/working:


boot, bin,  lib, misc, opt, sbin, sys, usr, etc, var, root, tmp


In otherwords skip:

lost+found, mnt, proc, selinux, home, media, net, tftpboot, srv

The reason for including boot is to get the newer kernels.  This opens 
the question of is there anything in places like proc and dev that I 
need to get becuase they were updated since the 5.0 ISO images?


Once copied, boot from the test drive, mount the old drive, copy from 
/home/working to the 'real' directories.


Switch drives again, and I should be operational


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to change distro live?

[Fabian Arrotin]

On Mon, 2007-06-18 at 15:01 +0200, Farkas Levente wrote:
> hi,
> we've got many mandrake 8,9 and 10 system remotely. we'd like to
> remotely replace these systems to centos 5. we've 4 disk in them. one is
> the system drive (no need for raid) and there is free space on the
> remaining 3 disk. so what we think about:
> - download the new system to the data disks
> - install grub (mandrake has lilo) to boot the old system and reboot
> - create the old system in the data disk
> - update grub to boot the old system from the data disk and reboot
> - repartition the system disk
> - transfer the new system to the system disk
> - update grub to boot form new system disk and reboot.
> this seems to easy but has many very dangerous steps and we has only
> remote ssh access to the system. if we loose the connections we can't
> access the system anymore and we've to travel a lot! another constrain
> that we should have to do this very fast ie. it'd be nice if the system
> wouldn't be down for a long time.
> - what would be the best method for this?
> - what are the dangerous step here?
> - what would be the best way and format to transfer the new system to
> the disk (we think about an iso file)?
> - does anybody do such thing and what is his experience?
> thank you for your help in advance.
> 
I've done such migrations (from Mandrake to CentOS) remotely just by
following the steps that Karanbir described on his blog 2 years ago :
http://www.karan.org/blog/index.php?s=vnc&sentence=AND&submit=Search

Of course, depending on your architecture, you'll have to adapt this
documentation, but you'll have a step to begin from.
If all your remote machines are on the same network, you can make a
local mirror on one of your existing box and point the first box you
want to migrate to this local mirror . At least , you'll see in your
logs when the machine will download stage2.img.
Of course, test the whole procedure in your lan first, and test also
that hardware on remote box works with CentOS before trying the
migration ...

-- 

Fabian Arrotin <[EMAIL PROTECTED]>
Solution ? 
echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq' | dc


signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Kickstart stopped working

[Alfred von Campe]

I've been using kickstart for a while now, but today I tried to  
kickstart a system and it's just not working at all.  I can't figure  
out why it's hanging.


I booted from the CentOS 4.5 CD #1 and typed "linux ks=http:// 
centosmirror/ks/sys20.cfg".  If I check my web server's log, I can  
see that sys20.cfg was accessed.  This file begins with the following  
lines:


  install
  url --url http://centosmirror/

Looking at the text in alternate console 3 (or was it 4), I can see  
that it got an IP address via DHCP, got the config file mentioned  
above, set the hostname as specified in the config file, and then  
ends with the following messages:


  trying to mount CD device hdc
  mntloop loop0 on /mnt/runtime as /mnt/source/CentOS/base/ 
stage2.img fd is 21

  transferring http://centosmirror//./CentOS/base/product.img to a fd
  transferring http://centosmirror//./disc1/CentOS/base/product.img  
to a fd


A long time (5 minutes?) passed between the last two lines, and then  
the entire things repeats (with some additional output lines that I  
didn't bother to write down).


First, I don't have a product.img file in my base directory.  In a  
recent thread on this list about doing an ftp install, I remember  
reading that copying stage2.img to product.img helped, so I created a  
hard link between the two.  Second, looking at the webserver logs,  
there is no mention of product.img or stage2.img.  Finally, there is  
no alternate console #2, so I can't get a shell prompt to poke around  
a little more.


I've done dozens of kickstarts in the past using this server, but I  
don't remember if I've successfully done a kickstart install since  
4.5 came out.  Are there some known issues with kickstart in 4.5?  I  
rsync my local repo every night from one of the public mirrors.


Alfred

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen Harris]

On Mon, Jun 18, 2007 at 12:18:40PM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've never said there are _no_ cases for SELinux.  I was questioning it
> >as a general rule for all machines.

> Several of the problems were machines that were not connected to the
> internet or were deep behind firewalls. The problems were that all it
> takes is one user who doesnt think well to make all those
> firewalls/issues useless. E.G the person who coming in from work finds
> a nice shiney USB fob and plugs it into a work computer to see who it
> belonged to so they could return it.  The guy who downloads an

[ etc ]

This is why I mentioned "risk profile" in another message.  You evaluate
the perceived risk, the likely-hood of the event happening, the cost of
the event, the "cost" of a potential solution and perform an analysis.

So one might rank the items this:
  external facing servers: high risk!  Automated attacks possible
  Desktop work stations: moderate.  User stupidity highest attack vector
  General compute server: low risk.  Only "trained" staff have access.

Each of those profiles have different uses and require different solutions.

On a DMZ machine you probably wouldn't use unauthenticated naming services
(eg LDAP with SSL certs is OK, NIS is bad!).  SELinux or SEOS is a very
good idea.  chroot'd daemons, maybe read-only filesystems, disable
unecessary setuid programs, minimal install.  Disable hotplug ports.

On a desktop you need GUIs.  Centralised naming services.  Roaming
profiles.  Maybe a netboot'd image (no local storage).  Disable hotplug
ports, or at least minimise scope so that only authorised devices
(Blackberry's, whatever) can sync.  In particular mass storage isn't
allowed.  End users don't have root access.

General compute server... well, now we have further ranking; prod/dev/uat
boxes have different risk profiles.  SOX scoped boxes even more.  

And so on.

(Umm, sorry for going on... I work in an area where these things are
every day considerations so...)

> up to you as the site administrator to determine what is safe enough

Actually, in large companies you have a whole risk organisational
structure whose job it is to evaluate these things and determine policy.
They straddle the line between technology (my side) and business (my
customer) needs and try to balance the two.

> for Your Site using appropriate risk management. If you believe your
> site has enough methods of protection or are that the cost of extra
> security (selinux) is not appropriate for your risk model.. you can
> turn it off.

I'd argue the opposite; if you feel you the risk exposure is such that
you need the protection then enable it.  I've listed cases where this
is the case.

That cases exist for SELinux does not mean it should be on by default,
and is definitely not deserving of a sheeplike response whenever anyone
proposes otherwise.

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Justin Morgan is out of the office.

[Scott Silva]

Justin Morgan spake the following on 10/16/2006 11:01 AM:
> I will be out of the office starting  17/10/2006 and will not return until
> 30/10/2006.
> 
> I will respond to your message when I return.
Justin Morgan is probably going to be killed from the list also!


-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Centos 5 - Setting up yum for ATrpms

[Robert Moskowitz]

Peter Kjellstrom wrote:

On Monday 18 June 2007, Robert Moskowitz wrote:
  

Axel Thimm wrote:


On Mon, Jun 18, 2007 at 12:43:00PM -0400, Robert Moskowitz wrote:
  

...
  

What do I use in my atrmps.repo to get it to access the RL5 directories?


There is a package called atrpms-package-config, but you can just as
well simply cut and paste the following.
  

...
  

Thanks a bunch for this.  I have to boot back to Centos 4 for a bit (figure
out what is wrong with my Thunderbird setup), then come back and try this.

I use yumex, and first do everything stable.  Then if I am looking for
things, then I enable bleeding and testing.  I should note that at least
until recently, the wpasupplicant was over at either testing or bleeding,
don't remember which right now...



And while you are fiddeling with your yum config, do yourself (and possibly 
this list) a favor and read up on and configure either protectbase or 
priorites (those are yum plugins).

All set on protectbase.

I will have to look into priorities.  Seem to recall about this, but I 
am sure whatever I did over on Centos 4 did not carry over to Centos 5.  
Protectbase did, as that is easy and well covered on the wiki with 3rd 
party repos.


I do a lot of searching in a message base of over 25K messages before I 
post here.  Of course the thing with searching is knowing what to search 
for!



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Red Hat Linux gets top government security rating

[Rodrigo Barbosa]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

In case you have been living in an underground security cave lately.
(For the lazy ones, this was RHEL 5).

http://www.computerworld.com.au/index.php/id;306842912;fp;4194304;fpid;1;pf;1

http://www.niap-ccevs.org/cc%2Dscheme/st/?vid=10125


- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGdtIrpdyWzQ5b5ckRAmLYAJ9SzclZ4wKxA7aWkzieN/rbbbRwMQCePxLS
yX611BNW+QVfZfz+nm8H4KU=
=wmS9
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ClamAV (was: antivirus)

[Rodrigo Barbosa]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Jun 18, 2007 at 11:35:40AM -0700, Kenneth Porter wrote:
>  --On Monday, June 18, 2007 2:10 PM -0300 Rodrigo Barbosa 
>  <[EMAIL PROTECTED]> wrote:
> 
> > Ok, please disregard my last e-mail ehehehe You are actually pointing to
> > my rules :)
> >
> > Save those rules to clamd.te, then:
> >
> > # checkmodule -M -m clamd.te -o clamd.mod
> > # semodule_package -o clamd.pp -m clamd.mod
> > # semodule -i clamd.pp
> 
>  The 3rd command fails:
> 
>  [EMAIL PROTECTED] SELinux]# ls -l
>  total 24
>  -rw-r--r-- 1 root root 2284 Jun 18 11:30 clamd.mod
>  -rw-r--r-- 1 root root 2300 Jun 18 11:30 clamd.pp
>  -rw-r--r-- 1 root root  777 Jun 18 11:29 clamd.te
>  [EMAIL PROTECTED] SELinux]# semodule -i clamd.pp
>  semodule:  Could not read file 'clamd.pp':
>  [EMAIL PROTECTED] SELinux]#

Wow. Thats really odd. I just did that on a new server (as opposed to the
one where I created those rules) and it worked flawlessly.

Are you sure you've got no errors during any of the first 2 commands ?

Since we are talking about SELinux, this _might_ be relevant: I usually
do this inside /root/selinux

[]s

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGdtGqpdyWzQ5b5ckRAueQAJ91GFGEFVD9CCBNGtRIo5l3plpLLwCgl/Pq
NgPTbUYB5loiFFUn8zsFuVY=
=gXNK
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Dave Hatton]

I've had a similar problem that I haven't been able to resolve yet.

I downgraded to dovecot 1.0.0 (from atrpms) and all is well.

I think that the authentication methods are changing and I was planning some
research tomorrow.

Hope this helps.

daveh


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ClamAV (was: antivirus)

[Kenneth Porter]

--On Monday, June 18, 2007 2:10 PM -0300 Rodrigo Barbosa 
<[EMAIL PROTECTED]> wrote:



Ok, please disregard my last e-mail ehehehe You are actually pointing to
my rules :)

Save those rules to clamd.te, then:

# checkmodule -M -m clamd.te -o clamd.mod
# semodule_package -o clamd.pp -m clamd.mod
# semodule -i clamd.pp


The 3rd command fails:

[EMAIL PROTECTED] SELinux]# ls -l
total 24
-rw-r--r-- 1 root root 2284 Jun 18 11:30 clamd.mod
-rw-r--r-- 1 root root 2300 Jun 18 11:30 clamd.pp
-rw-r--r-- 1 root root  777 Jun 18 11:29 clamd.te
[EMAIL PROTECTED] SELinux]# semodule -i clamd.pp
semodule:  Could not read file 'clamd.pp':
[EMAIL PROTECTED] SELinux]#

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Centos 5 - Setting up yum for ATrpms

[Peter Kjellstrom]

On Monday 18 June 2007, Robert Moskowitz wrote:
> Axel Thimm wrote:
> > On Mon, Jun 18, 2007 at 12:43:00PM -0400, Robert Moskowitz wrote:
...
> >> What do I use in my atrmps.repo to get it to access the RL5 directories?
> >
> > There is a package called atrpms-package-config, but you can just as
> > well simply cut and paste the following.
...
> Thanks a bunch for this.  I have to boot back to Centos 4 for a bit (figure
> out what is wrong with my Thunderbird setup), then come back and try this.
>
> I use yumex, and first do everything stable.  Then if I am looking for
> things, then I enable bleeding and testing.  I should note that at least
> until recently, the wpasupplicant was over at either testing or bleeding,
> don't remember which right now...

And while you are fiddeling with your yum config, do yourself (and possibly 
this list) a favor and read up on and configure either protectbase or 
priorites (those are yum plugins).

/Peter


pgp0w4Hd9aICn.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen John Smoogen]

On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:

On Mon, Jun 18, 2007 at 10:31:30AM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've not heard a good reason to keep SELinux enabled, to be honest.
> >For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> >sensitivity machines - eg those where third parties might have access).
> >But as a general rule for all machines?  Why?

> Good experience... I have had multiple webservers not have successful

Yup.  Webservers are machines where third parties might have access, and
so are candidates for enhanced security processes such as SELinux or
SEOS.

I've never said there are _no_ cases for SELinux.  I was questioning it
as a general rule for all machines.



Several of the problems were machines that were not connected to the
internet or were deep behind firewalls. The problems were that all it
takes is one user who doesnt think well to make all those
firewalls/issues useless. E.G the person who coming in from work finds
a nice shiney USB fob and plugs it into a work computer to see who it
belonged to so they could return it.  The guy who downloads an
attachment supposedly from the partner in France and wonders why the
system runs so slowly. The fellow who has an addiction to porn and
decides that he just has to meet that 'blonde' who just wrote him
about sharing pictures. Etc etc.

While a lot of these things sound Windows specific.. there is a
boutique industry in doing it for Linux especially when you know that
the company you are wanting to infiltrate is using Linux for 'security
means'.

Or to be direct.. there is no such thing as a secure computer.. it is
up to you as the site administrator to determine what is safe enough
for Your Site using appropriate risk management. If you believe your
site has enough methods of protection or are that the cost of extra
security (selinux) is not appropriate for your risk model.. you can
turn it off.

--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Justin Morgan is out of the office.

[Rodrigo Barbosa]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

Hummm. The oportunities for social engineering never stop.

Gotta love security conscious people.

On Tue, Jun 19, 2007 at 04:00:58AM +1000, Justin Morgan wrote:
> 
> I will be out of the office starting  18/06/2007 and will not return until
> 02/07/2007.
> 
> I will respond to your message when I return.
> 
> For urgent matters please contact Panbio Reception for assistance : +617
> 3363 7100.

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGdswGpdyWzQ5b5ckRAmk/AKCZemKMFyjujGRUYEfjQo8RRDhx1QCcC24X
0lZFttwcEXl2QJYWAQV2+K8=
=O25W
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Justin Morgan is out of the office.

[Matt Shields]

Justin,
Thanks for letting us all know.  We'll keep an eye on your house while
you're gone and just to make sure that your house looks lived in we'll
throw parties each night.  Don't worry we won't forget about you,
we'll let you clean up when you get back.

Have a great trip

-matt

On 6/18/07, Justin Morgan <[EMAIL PROTECTED]> wrote:


I will be out of the office starting  18/06/2007 and will not return until
02/07/2007.

I will respond to your message when I return.

For urgent matters please contact Panbio Reception for assistance : +617
3363 7100.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Justin Morgan is out of the office.

[Justin Morgan]

I will be out of the office starting  18/06/2007 and will not return until
02/07/2007.

I will respond to your message when I return.

For urgent matters please contact Panbio Reception for assistance : +617
3363 7100.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Upgrade of dovecot broke imap (CentOS 4.5)

[Jim Perrin]

On 6/18/07, Kanwar Ranbir Sandhu <[EMAIL PROTECTED]> wrote:

On Sun, 2007-06-17 at 21:00 -0400, Joe Klemmer wrote:
>   Anyone run into this?  I was planning to upgrade the box to CentOS
> 5 next month but I may do it sooner if it will fix this.

I just did an upgrade on a CentOS 4 server, and dovecot won't even
install for me.  I keep getting this:

[EMAIL PROTECTED] ~]$ sudo rpm -Uvh dovecot-0.99.11-8.EL4.i386.rpm
Preparing...###
[100%]
error: %pre(dovecot-0.99.11-8.EL4.i386) scriptlet failed, exit status 1
error:   install: %pre scriptlet failed (2), skipping
dovecot-0.99.11-8.EL4


This means that the pre-install script failed on the rpm. you can see
what this is by running rpm -q --scripts dovecot


I also can't shutdown anymore.  When I do a "reboot" or "shutdown -r
now", I get this:


This is unrelated (to the original poster's issue) and is possible
thread hi-jacking.



[EMAIL PROTECTED] ~]# shutdown -h now

Broadcast message from root (pts/0) (Mon Jun 18 00:58:20 2007):

The system is going down for system halt NOW!
init: timeout opening/writing control channel /dev/initctl


What the hell is going on?


Look in your logs for details. Do you have selinux enabled? If so,
it's possible that some of your files have invalid selinux contexts.

--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen Harris]

On Mon, Jun 18, 2007 at 07:17:54PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 12:56 -0400, Stephen Harris wrote:
> > The security rule of thumb here is that such machine _will_ be attacked,
> > and so "security in depth" is the process to apply.
> 
> There are far more attack vectors than just through network facing
> daemons. To name just one example, web browsers. Unfortunately, Firefox
> is not yet protected by the targeted policy. Hopefully that will happen
> one day.

Web browsers typically don't run as root and don't run on servers, but
work stations.  They also require users to access "infected" sites.

Daemons on internet facing systems generally provide access to application
data (eg a web application) or system resources (eg ssh) with higher
priveleges and are candidates for automated zombie attacks and, therefore,
have a much bigger risk profile.

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Axel Thimm]

On Mon, Jun 18, 2007 at 01:12:32PM -0400, Joe Klemmer wrote:
> On Mon, 18 Jun 2007, Axel Thimm wrote:
> 
> >>$ rpm -V dovecot
> >>. c /etc/dovecot.conf
> >
> >This output means that /etc/dovecot.conf was modified. If it had been
> >modified before the upgrade then the new config file lands under
> >/etc/dovecot.conf.rpmnew.
> 
>   That's right, I did change the example email address from 
> "example.com" to "webtrek.com" in the "protocol lda" section but that 
> shouldn't hurt anything, should it?

No, certainly not :)
-- 
Axel.Thimm at ATrpms.net


pgpNNyepimRaX.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Axel Thimm]

On Mon, Jun 18, 2007 at 01:09:06PM -0400, Joe Klemmer wrote:
> On Mon, 18 Jun 2007, Axel Thimm wrote:
> 
> >Personally I would recommend fixing the above, as the dovecot version
> >as shipped by the upstream vendor (0.99.11 from 2004) is not
> >maintained by the author anymore. See
> >
> >   http://wiki.dovecot.org/UpgradingDovecot

> Maybe dropping back to 1.0.0-8_56.el4.at might be worth a test.  I may try 
> that later today.

Was that the previous version? If so then the breakage is serious, as
1.0.1 is considered a stable bugfix release over 1.0.0. Please feed me
(or directly the dovecot list) with any information you can gather.

(Until now I though you were running 0.99.x previously)
-- 
Axel.Thimm at ATrpms.net


pgpgL0A5mILhq.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Daniel de Kok]

On Mon, 2007-06-18 at 12:56 -0400, Stephen Harris wrote:
> The security rule of thumb here is that such machine _will_ be attacked,
> and so "security in depth" is the process to apply.

There are far more attack vectors than just through network facing
daemons. To name just one example, web browsers. Unfortunately, Firefox
is not yet protected by the targeted policy. Hopefully that will happen
one day.

-- Daniel

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Axel Thimm wrote:


$ rpm -V dovecot
. c /etc/dovecot.conf


This output means that /etc/dovecot.conf was modified. If it had been
modified before the upgrade then the new config file lands under
/etc/dovecot.conf.rpmnew.


	That's right, I did change the example email address from 
"example.com" to "webtrek.com" in the "protocol lda" section but that 
shouldn't hurt anything, should it?


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Scott Silva]

Joe Klemmer spake the following on 6/18/2007 9:30 AM:
> On Mon, 18 Jun 2007, Axel Thimm wrote:
> 
 Do you by any chance have atrpms enabled as a repo?
>>>
>>> As it happens, yes.  Is this a good thing or a bad thing?
>>
>> A good thing definitely. :)
>>
>> What version of dovecot is now on your system? E.g. what's rpm -q
>> dovecot saying?
> 
> $ rpm  -q dovecot
> dovecot-1.0.1-1_57.el4
> 
> I was thinking of dropping back to an earlier version to see if that
> makes a difference.
> 
> -- 
> Boring Home Page - http://www.webtrek.com/joe
> See my blog, sumo game ranks and other interesting junk
Do you have a /etc/dovecot.conf.rpmnew?
Maybe you need to diff the files and see if something changed. If you were
running 0.99 from stock CentOS before the upgrade, then you definitely need to
fix your config file.

-- 

MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ClamAV (was: antivirus)

[Rodrigo Barbosa]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Jun 18, 2007 at 06:14:54AM -0700, Kenneth Porter wrote:
>  --On Saturday, June 16, 2007 4:57 PM -0600 Leonel <[EMAIL PROTECTED]> wrote:
> 
> > Centos 5 with  clamav ???
> >
> > Where is that ?
> > Did you mean  using   dag's  repo
> 
>  I installed it from RPMForge, but I'm getting SELinux issues with it.
> 
>  
> 
>  I'm very new to SELinux so I'm going to have to do some research to figure 
>  out how to apply that solution.

Ok, please disregard my last e-mail ehehehe You are actually pointing to
my rules :)

Save those rules to clamd.te, then:

# checkmodule -M -m clamd.te -o clamd.mod
# semodule_package -o clamd.pp -m clamd.mod
# semodule -i clamd.pp

Best Regards,

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGdrxwpdyWzQ5b5ckRAuFFAJ4taLl5Ua8M+9967ci6CskL8kSA1ACgwADT
rizsiAdbx9aw29LkVc/cYGo=
=RZC4
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Axel Thimm wrote:


Personally I would recommend fixing the above, as the dovecot version
as shipped by the upstream vendor (0.99.11 from 2004) is not
maintained by the author anymore. See

  http://wiki.dovecot.org/UpgradingDovecot


	Just for grins I did a yum search for all the available versions 
of dovecot and this is what I get back -


$ yum search dovecot | grep ^dovecot | awk 'NF == 3 {print $0}'
dovecot.i386 1.0.0-8_56.el4.at  atrpms
dovecot-devel.i386   1.0.0-8_56.el4.at  atrpms
dovecot-sieve.i386   1.0.1-5.el4.at atrpms
dovecot.i386 1.0.1-1_57.el4 atrpms
dovecot-devel.i386   1.0.1-1_57.el4 atrpms
dovecot-sieve.i386   1.0.1-5.1.el4  atrpms
dovecot.i386 0.99.11-8.EL4  base
dovecot.i386 0.99.11-4.EL4  sl-release
dovecot.i386 1.0.1-1_57.el4 installed

Maybe dropping back to 1.0.0-8_56.el4.at might be worth a test.  I may try 
that later today.


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Centos 5 - Setting up yum for ATrpms

[Robert Moskowitz]

Axel Thimm wrote:


On Mon, Jun 18, 2007 at 12:43:00PM -0400, Robert Moskowitz wrote:
  
I think I found one of my setup problems.  I followed instructions at:  
http://atrpms.net/install.html


And now I see that the information shown there to put into yum.conf (that I 
put into yum.repo.d/atrpms.repo) is only for FC, not for RL5 (thus Centos 
5).


What do I use in my atrmps.repo to get it to access the RL5 directories?



There is a package called atrpms-package-config, but you can just as
well simply cut and paste the following.

Don't enable atrpms-testing or atrpms-bleeding as they mean what they
are named as. :)
(They are disabled by default in the example below, so it's safe to
cut and paste)

$ cat /etc/yum.repos.d/atrpms.repo 
# 
# 
[atrpms]

name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable
failovermethod=priority

# 
# requires stable
# 
[atrpms-testing]

name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms testing
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/testing
failovermethod=priority
enabled=0

# 
# requires stable and testing
# 
[atrpms-bleeding]

name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms bleeding
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/bleeding
failovermethod=priority
enabled=0
  

Thanks a bunch for this.  I have to boot back to Centos 4 for a bit (figure out 
what is wrong with my Thunderbird setup), then come back and try this.

I use yumex, and first do everything stable.  Then if I am looking for things, 
then I enable bleeding and testing.  I should note that at least until 
recently, the wpasupplicant was over at either testing or bleeding, don't 
remember which right now...


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ClamAV (was: antivirus)

[Rodrigo Barbosa]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On Mon, Jun 18, 2007 at 06:14:54AM -0700, Kenneth Porter wrote:
> > Centos 5 with  clamav ???
> >
> > Where is that ?
> > Did you mean  using   dag's  repo
> 
>  I installed it from RPMForge, but I'm getting SELinux issues with it.
> 
>  
> 
>  I'm very new to SELinux so I'm going to have to do some research to figure 
>  out how to apply that solution.

Humm, I did post some SELinux rules for clamd a few days ago do that
exactly same list. Have you tried them ?

[]s

- -- 
Rodrigo Barbosa
"Quid quid Latine dictum sit, altum viditur"
"Be excellent to each other ..." - Bill & Ted (Wyld Stallyns)

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFGdrwSpdyWzQ5b5ckRAlZwAKCARCFWWhQ/hV4o286TE9+OWotzfwCgr5yM
Ef6qYV8sHXoBGkSA+Ys7oi8=
=zuZv
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Axel Thimm]

On Mon, Jun 18, 2007 at 01:02:07PM -0400, Joe Klemmer wrote:
>   No config changes were made, just 'yum update'.  No *.rpmnew files 
> that I can find.  Running rpm -V gives -
> 
> $ rpm -V dovecot
> . c /etc/dovecot.conf

This output means that /etc/dovecot.conf was modified. If it had been
modified before the upgrade then the new config file lands under
/etc/dovecot.conf.rpmnew.
-- 
Axel.Thimm at ATrpms.net


pgpY7rud8jzwI.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Axel Thimm wrote:


$ rpm  -q dovecot
dovecot-1.0.1-1_57.el4


That's an ATrpms version (living in atrpms-testing).


Hmm, I don't have the atrpms-testing repo enabled.


I was thinking of dropping back to an earlier version to see if
that makes a difference.


Personally I would recommend fixing the above, as the dovecot version as 
shipped by the upstream vendor (0.99.11 from 2004) is not maintained by 
the author anymore. See


  http://wiki.dovecot.org/UpgradingDovecot


	I know, I've already run into the issue of needing to fix/clear 
out the index bug.


for details. If you were using the default config nothing really affects 
you, but since you have troubles there must be something changed. Also 
check with rpm -V dovecot whether the config files are changed and 
whether you have *.rpmnew files instead.


	No config changes were made, just 'yum update'.  No *.rpmnew files 
that I can find.  Running rpm -V gives -


$ rpm -V dovecot
. c /etc/dovecot.conf

I have done a service restart for it just to make sure nothing was hung or 
something.


Have I mentioned recently how much I hate computers?  :-P

--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other (semi)interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen Harris]

On Mon, Jun 18, 2007 at 10:31:30AM -0600, Stephen John Smoogen wrote:
> On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:
> >I've not heard a good reason to keep SELinux enabled, to be honest.
> >For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> >sensitivity machines - eg those where third parties might have access).
> >But as a general rule for all machines?  Why?

> Good experience... I have had multiple webservers not have successful

Yup.  Webservers are machines where third parties might have access, and
so are candidates for enhanced security processes such as SELinux or
SEOS.

I've never said there are _no_ cases for SELinux.  I was questioning it
as a general rule for all machines.

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen Harris]

On Mon, Jun 18, 2007 at 06:45:26PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 12:03 -0400, Stephen Harris wrote:
> > I've not heard a good reason to keep SELinux enabled, to be honest.
> > For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> > sensitivity machines - eg those where third parties might have access).
> > But as a general rule for all machines?  Why?
> 
> One of the major goals of SELinux is to restrict the impact of 0-day
> vulnerabilities. If there is an ugly exploit for some network-facing
> daemon, it is a good idea to restrict the potential damage as possible.

"External facing" machines (ie those that can be reached off the
internal network) _are_ one of those classes of machines flagged as "high
sensitivity".  These are candidates for SELinux, SEOS or equivalents.
They may be either directly on the internet or in a DMZ area behind
firewalls that allow certain incoming traffic (or in large corporations,
accessed via VPNs or leased lines from customer sites; a different type
of DMZ).

The security rule of thumb here is that such machine _will_ be attacked,
and so "security in depth" is the process to apply.

But these are special cases with special "elevated security" rules.

Now... why should such rules apply to machines not thus exposed?

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 5

[Joe Klemmer]

On Fri, 15 Jun 2007, Johnny Hughes wrote:

Because this stuff takes time to design and build and I need to do the 
job I get paid for SINCE noone will donate money to the CentOS Project 
and I have to eat?


	I would love to donate anything I could to CentOS.  However, I am 
not in a situation to do so.  I am (technically/legally) homeless, on 
disability retirement with no potential income in the foreseeable future. 
This is why you will never seem me complaining about the project, though. 
:-)


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Centos 5 - Setting up yum for ATrpms

[Axel Thimm]

On Mon, Jun 18, 2007 at 12:43:00PM -0400, Robert Moskowitz wrote:
> I think I found one of my setup problems.  I followed instructions at:  
> http://atrpms.net/install.html
> 
> And now I see that the information shown there to put into yum.conf (that I 
> put into yum.repo.d/atrpms.repo) is only for FC, not for RL5 (thus Centos 
> 5).
> 
> What do I use in my atrmps.repo to get it to access the RL5 directories?

There is a package called atrpms-package-config, but you can just as
well simply cut and paste the following.

Don't enable atrpms-testing or atrpms-bleeding as they mean what they
are named as. :)
(They are disabled by default in the example below, so it's safe to
cut and paste)

$ cat /etc/yum.repos.d/atrpms.repo 
# 
# 
[atrpms]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/stable
failovermethod=priority

# 
# requires stable
# 
[atrpms-testing]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms testing
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/testing
failovermethod=priority
enabled=0

# 
# requires stable and testing
# 
[atrpms-bleeding]
name=Red Hat Enterprise Linux 5 - x86_64 - ATrpms bleeding
baseurl=http://dl.atrpms.net/el5-x86_64/atrpms/bleeding
failovermethod=priority
enabled=0
-- 
Axel.Thimm at ATrpms.net


pgpz00DUk7QKN.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Axel Thimm]

On Mon, Jun 18, 2007 at 12:30:14PM -0400, Joe Klemmer wrote:
> On Mon, 18 Jun 2007, Axel Thimm wrote:
> 
> >>>Do you by any chance have atrpms enabled as a repo?
> >>
> >>As it happens, yes.  Is this a good thing or a bad thing?
> >
> >A good thing definitely. :)
> >
> >What version of dovecot is now on your system? E.g. what's rpm -q
> >dovecot saying?
> 
> $ rpm  -q dovecot
> dovecot-1.0.1-1_57.el4

That's an ATrpms version (living in atrpms-testing).

>   I was thinking of dropping back to an earlier version to see if 
> that makes a difference.

Personally I would recommend fixing the above, as the dovecot version
as shipped by the upstream vendor (0.99.11 from 2004) is not
maintained by the author anymore. See

  http://wiki.dovecot.org/UpgradingDovecot

for details. If you were using the default config nothing really
affects you, but since you have troubles there must be something
changed. Also check with rpm -V dovecot whether the config files are
changed and whether you have *.rpmnew files instead.
-- 
Axel.Thimm at ATrpms.net


pgprkg5uPgDOJ.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Axel Thimm]

On Mon, Jun 18, 2007 at 12:07:32PM -0400, Joe Klemmer wrote:
> On Sun, 17 Jun 2007, Scott Silva wrote:
> 
> >>Anyone run into this?  I was planning to upgrade the box to CentOS 5
> >>next month but I may do it sooner if it will fix this.
> >
> >Do you by any chance have atrpms enabled as a repo?
> 
>   As it happens, yes.  Is this a good thing or a bad thing?

A good thing definitely. :)

What version of dovecot is now on your system? E.g. what's rpm -q
dovecot saying?
-- 
Axel.Thimm at ATrpms.net


pgpdnAhnn3Ajf.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Daniel de Kok]

On Mon, 2007-06-18 at 12:03 -0400, Stephen Harris wrote:
> I've not heard a good reason to keep SELinux enabled, to be honest.
> For high sensitivity stuff, sure (much like using SEOS on Solaris for high
> sensitivity machines - eg those where third parties might have access).
> But as a general rule for all machines?  Why?

One of the major goals of SELinux is to restrict the impact of 0-day
vulnerabilities. If there is an ugly exploit for some network-facing
daemon, it is a good idea to restrict the potential damage as possible.
Besides that, due to the restrictions that SELinux imposes, it can also
catch a class of configuration errors that impact security.

Sure, it does not solve all security problems. But IMO it is a step
forward from running daemons with (nearly) the rights of a normal user.

-- Daniel

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 5 - Setting up yum for ATrpms

[Robert Moskowitz]

I think I found one of my setup problems.  I followed instructions at:  
http://atrpms.net/install.html

And now I see that the information shown there to put into yum.conf (that I put 
into yum.repo.d/atrpms.repo) is only for FC, not for RL5 (thus Centos 5).

What do I use in my atrmps.repo to get it to access the RL5 directories?



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Madwifi just seems to work in Centos 5

[Axel Thimm]

On Mon, Jun 18, 2007 at 12:36:53PM -0400, Robert Moskowitz wrote:
> I have not installed the madwifi specific kernel stuff (kdml and
> hal-kdml) from atrpms.  I have installed with wpa rpms.
> 
> And my Atheros card is working with almost no work on my part (other
> than runing wpa_supplicant as a deamon).

> madwifi-0.9.2.1-2.el5.rf.i386.rpm
> ath_pci86180  0 
> ath_rate_sample16896  1 ath_pci
> wlan  172764  4 wlan_scan_sta,ath_pci,ath_rate_sample
> ath_hal   195280  3 ath_pci,ath_rate_sample

> >>>So you are obviously using madwifi after all to drive the card. :)
> >>>  
> >>But where did it come from?

> How do tell where these things came from and what method they use???

The origin can be read of the repo tag, that is the "rf" above. "rf"
stands for rpmforge. The methods, well, that you must know. But I'm
discussing with Dag about how to use a common scheme that will do the
best of both worlds anyway, so perhaps in a couple of months this
question will not be relevant anymore :)

> One of my 'issues' or feature requests is to know which repo an rpm came 
> from provided it was installed via yum or yumex.

The repotag was a good method. But it was killed by the epel
project. So you will find less and less repos using it.

> Obviously if i downloaded the rpm and 'manually installed' directly with 
> rpm, it is my job to track where I got the rpm from

You will get a much more verbose info with rpm -qi foo.
-- 
Axel.Thimm at ATrpms.net


pgpWvnyj7UgrT.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Robert Moskowitz]

Axel Thimm wrote:


On Mon, Jun 18, 2007 at 12:22:04PM -0400, Robert Moskowitz wrote:
  

Axel Thimm wrote:



On Mon, Jun 18, 2007 at 11:55:25AM -0400, Robert Moskowitz wrote:
 
  

On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
 
  

I have not installed the madwifi specific kernel stuff (kdml and
hal-kdml) from atrpms.  I have installed with wpa rpms.

And my Atheros card is working with almost no work on my part (other
than runing wpa_supplicant as a deamon).
   

 
  
Here is the results from lspci and lsmod.  There is ONE madwifi rpm 
installed:


madwifi-0.9.2.1-2.el5.rf.i386.rpm
   

 
  
ath_pci86180  0 
ath_rate_sample16896  1 ath_pci

wlan  172764  4 wlan_scan_sta,ath_pci,ath_rate_sample
ath_hal   195280  3 ath_pci,ath_rate_sample
   


So you are obviously using madwifi after all to drive the card. :)
  

But where did it come from?

I did not install the kernel driver rpms.



madwifi-0.9.2.1-2.el5.rf.i386.rpm follows a different method that
creates them on your system. There are pros and cons to using prebuilt
binaries vs your own custom kernel modules.

How do tell where these things came from and what method they use???

One of my 'issues' or feature requests is to know which repo an rpm came from 
provided it was installed via yum or yumex.

Obviously if i downloaded the rpm and 'manually installed' directly with rpm, 
it is my job to track where I got the rpm from



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen John Smoogen]

On 6/18/07, Stephen Harris <[EMAIL PROTECTED]> wrote:

On Mon, Jun 18, 2007 at 05:46:27PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 11:07 -0400, Stephen Harris wrote:
> > On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> > > My preference was to use /srv/xen and then symlink /srv/xen/etc to
> > > /etc/xen and /srv/xen/images to /var/lib/xen/images
> >
> > My preference is to disable SELinux totally and use /xen as a seperate
> > mount point :-)
>
> I keep repeating in a sheepish fashion: bad :p.

I've not heard a good reason to keep SELinux enabled, to be honest.
For high sensitivity stuff, sure (much like using SEOS on Solaris for high
sensitivity machines - eg those where third parties might have access).
But as a general rule for all machines?  Why?

Being sheep like doesn't educate; a sheeplike post is... pointless.


Ok.. I have had good and bad experience with Selinux.

Good experience... I have had multiple webservers not have successful
exploits because someone forgot to update phpBB or some such. Another
good experience was dealing with a mail server compromise that didnt
happen (it looked like it had but selinux had stomped the bad program
when it tried to execute.)

Bad experience... spending 8 hours because of a broken shipped policy
that I needed to find a posting on to fix. Or trying to figure out why
xen on my test system wasnt working because selinux policy doesnt do
what it says it is supposed to do.

However, overall I have found that spending 8-12 hours to read/learn
Selinux was worth it. I believe that it and the SuSE tool are pretty
much going to be needed in the future as Linux become more popular and
hacking/breaking into it is more monetarily worthwhile to the mobs
etc.

Yes they add complexity.. but I am old enough to remember having to
deal with people who thought that the Unix DAC rwx system was too
complicated. Heck it was only 2 years ago I had to figure out what/why
a system was compromised.. the reason was that the person was an NT
person and had set everything on the system as  that he could.. so
that he didnt have to remember root passwds and all his applications
just worked. [Effectively turning off Unix DAC as it were.]

What I normally do is build system first with a default policy in
place.. and if I cant figure out or have other issues.. I put selinux
in permissive mode to work from there.

--
Stephen J Smoogen. -- CSIRT/Linux System Administrator
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Mon, 18 Jun 2007, Axel Thimm wrote:


Do you by any chance have atrpms enabled as a repo?


As it happens, yes.  Is this a good thing or a bad thing?


A good thing definitely. :)

What version of dovecot is now on your system? E.g. what's rpm -q
dovecot saying?


$ rpm  -q dovecot
dovecot-1.0.1-1_57.el4

	I was thinking of dropping back to an earlier version to see if 
that makes a difference.


--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Madwifi just seems to work in Centos 5

[Axel Thimm]

On Mon, Jun 18, 2007 at 12:22:04PM -0400, Robert Moskowitz wrote:
> 
> Axel Thimm wrote:
> 
> >On Mon, Jun 18, 2007 at 11:55:25AM -0400, Robert Moskowitz wrote:
> >  
> >On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
> >  
> >>I have not installed the madwifi specific kernel stuff (kdml and
> >>hal-kdml) from atrpms.  I have installed with wpa rpms.
> >>
> >>And my Atheros card is working with almost no work on my part (other
> >>than runing wpa_supplicant as a deamon).
> >>
> >
> >  
> >>Here is the results from lspci and lsmod.  There is ONE madwifi rpm 
> >>installed:
> >>
> >>madwifi-0.9.2.1-2.el5.rf.i386.rpm
> >>
> >
> >  
> >>ath_pci86180  0 
> >>ath_rate_sample16896  1 ath_pci
> >>wlan  172764  4 wlan_scan_sta,ath_pci,ath_rate_sample
> >>ath_hal   195280  3 ath_pci,ath_rate_sample
> >>
> >
> >So you are obviously using madwifi after all to drive the card. :)
> 
> But where did it come from?
> 
> I did not install the kernel driver rpms.

madwifi-0.9.2.1-2.el5.rf.i386.rpm follows a different method that
creates them on your system. There are pros and cons to using prebuilt
binaries vs your own custom kernel modules.
-- 
Axel.Thimm at ATrpms.net


pgpeJkZn2ZWsF.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Robert Moskowitz]

Axel Thimm wrote:


On Mon, Jun 18, 2007 at 11:55:25AM -0400, Robert Moskowitz wrote:
  

On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
  

I have not installed the madwifi specific kernel stuff (kdml and
hal-kdml) from atrpms.  I have installed with wpa rpms.

And my Atheros card is working with almost no work on my part (other
than runing wpa_supplicant as a deamon).



  
Here is the results from lspci and lsmod.  There is ONE madwifi rpm 
installed:


madwifi-0.9.2.1-2.el5.rf.i386.rpm



  
ath_pci86180  0 
ath_rate_sample16896  1 ath_pci

wlan  172764  4 wlan_scan_sta,ath_pci,ath_rate_sample
ath_hal   195280  3 ath_pci,ath_rate_sample



So you are obviously using madwifi after all to drive the card. :)


But where did it come from?

I did not install the kernel driver rpms.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] diagnosing strange crash/hang

[Gordon McLellan]

This morning I get a call that a server is down.  The server in
question is a vmware guest, windows 2003 advanced.  The host is vmware
server 1.01, running on centos 4.4 x64 on a poweredge 2950.  The
server has 16g of ram and a quadcore cpu, storage is provided by a
perc 5/i, raid 1 across two 146gb sas drives.

I was able to ssh into the host.  After trying to ping the guest, and
trying to connect to vmware via the management console, I decided to
restart the vmware service.  so I type service vmware restart.  it
hung on "shutting down virtual machines".  I was able to ctrl-c out,
and decided to manually kill the vmware processes.  after killing all
the vmware stuff, I did a service vmware start.  I get an error
"cannot touch /etc/vmware/locations: read only file system"

/etc is part of /, which mount claimed was mounted RW

so I try cat /var/log/messages and get nothing

so I tell the machine to reboot (remotely).  of course, it doesn't
come back up on its own, so I drive to the location.  the machine is
running, but sitting at a black screen.  I don't know what state it
was in, so did a forced turn off.  turning it back on, it proceeded to
boot normally.  it had a slight pause while it ran fsck on / but other
than that, no errors.

the vm's restarted normally, /var/log/messages is back, but has no
entries between June 15 and when I rebooted it the 2nd time on June
18.

any ideas on where I should start looking?

is there some way to read array status from a Perc controller under linux?

any suggestions will be appreciated!

thanks
Gordon
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Upgrade of dovecot broke imap (CentOS 4.5)

[Joe Klemmer]

On Sun, 17 Jun 2007, Scott Silva wrote:


Anyone run into this?  I was planning to upgrade the box to CentOS 5
next month but I may do it sooner if it will fix this.


Do you by any chance have atrpms enabled as a repo?


As it happens, yes.  Is this a good thing or a bad thing?

--
Boring Home Page - http://www.webtrek.com/joe
See my blog, sumo game ranks and other interesting junk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Jay Leafey]

The madwifi package from RPMForge contains all the needed bits for the 
Atheros chipsets.  Into the bargain it uses the DKMS stuff to rebuild 
the modules when you install a new kernel, too, so no scrambling to 
install a new package to get your WiFi back.


I'm using a similar setup, but trying NetworkManager to handle the heavy 
lifting, with excellent results.  The laptop I'm using pretty much 
worked with no issues with a 3Com 3CRPAG175 and a Zyxel card, both 
Atheros-based.  I've used it with no problems on AEP and WPA/WPA2 
wireless LANs successfully.  It was a pleasant surprise!


--
Jay Leafey - Memphis, TN
[EMAIL PROTECTED]


smime.p7s
Description: S/MIME Cryptographic Signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen Harris]

On Mon, Jun 18, 2007 at 05:46:27PM +0200, Daniel de Kok wrote:
> On Mon, 2007-06-18 at 11:07 -0400, Stephen Harris wrote:
> > On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> > > My preference was to use /srv/xen and then symlink /srv/xen/etc to 
> > > /etc/xen and /srv/xen/images to /var/lib/xen/images
> > 
> > My preference is to disable SELinux totally and use /xen as a seperate
> > mount point :-)
> 
> I keep repeating in a sheepish fashion: bad :p.

I've not heard a good reason to keep SELinux enabled, to be honest.
For high sensitivity stuff, sure (much like using SEOS on Solaris for high
sensitivity machines - eg those where third parties might have access).
But as a general rule for all machines?  Why?

Being sheep like doesn't educate; a sheeplike post is... pointless.

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] GUI Login Screen for CentOS 5

[Mark Snyder]

Jim Perrin wrote:

On 6/18/07, Mark Snyder <[EMAIL PROTECTED]> wrote:
I installed CentOS using the option for a GUI Server with GRUB and 
GNOME.  When it boots it
stops at a text login screen, which is not desirable in our setup. I 
want it to start at the
GUI login screen and not have to press 'Ctrl Alt F7' to bring this 
screen up.


I thought this was controlled by /etc/inittab but it is setup 
correctly for runlevel 5.  How

can I correct this setup?


Are you using the Xen kernel, or an ATI graphics card? This seems to
be a recurring issue where those two bits are related.



This is on a Dell server, it has the ATI ES1000 video controller. Not using the 
Xen kernel.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Madwifi just seems to work in Centos 5

[Axel Thimm]

On Mon, Jun 18, 2007 at 11:55:25AM -0400, Robert Moskowitz wrote:
> >>>On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
> I have not installed the madwifi specific kernel stuff (kdml and
> hal-kdml) from atrpms.  I have installed with wpa rpms.
> 
> And my Atheros card is working with almost no work on my part (other
> than runing wpa_supplicant as a deamon).

> Here is the results from lspci and lsmod.  There is ONE madwifi rpm 
> installed:
> 
> madwifi-0.9.2.1-2.el5.rf.i386.rpm

> ath_pci86180  0 
> ath_rate_sample16896  1 ath_pci
> wlan  172764  4 wlan_scan_sta,ath_pci,ath_rate_sample
> ath_hal   195280  3 ath_pci,ath_rate_sample

So you are obviously using madwifi after all to drive the card. :)
-- 
Axel.Thimm at ATrpms.net


pgpzokt3gM3uP.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Robert Moskowitz]

Migration in progress.  But fonts are wrong in Thunderbird

Andy Green wrote:


Robert Moskowitz wrote:
  

Axel Thimm wrote:


On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
 
  

I have not installed the madwifi specific kernel stuff (kdml and
hal-kdml) from atrpms.  I have installed with wpa rpms.

And my Atheros card is working with almost no work on my part (other
than runing wpa_supplicant as a deamon).

Nice!



But how is that supposed to work? Perhaps you don't have an atheros
chipset at all? If you have an atheros chipset then you will need
madwifi/dadwifi and hal/openhal to use it.
  

Oh, it is definitely the Atheros chipset.  Given to me by my friends at
Atheros at one of the 802.11 meetings over a year ago



Well, we'll see... type lspci to hear about the card and lsmod to see
what modules you have loaded, post the results.

Here is the results from lspci and lsmod.  There is ONE madwifi rpm installed:

madwifi-0.9.2.1-2.el5.rf.i386.rpm

and for wpa:

wpa_supplicant-0.4.8-10.1.fc6.i386.rpm

cat lspci.lst 


00:00.0 Host bridge: ATI Technologies Inc RS200/RS200M AGP Bridge [IGP 340M] 
(rev 02)
00:01.0 PCI bridge: ATI Technologies Inc PCI Bridge [IGP 340M]
00:06.0 Multimedia audio controller: ALi Corporation M5451 PCI AC-Link 
Controller Audio Device (rev 02)
00:07.0 ISA bridge: ALi Corporation M1533/M1535 PCI to ISA Bridge [Aladdin 
IV/V/V+]
00:08.0 Modem: ALi Corporation M5457 AC'97 Modem Controller
00:09.0 Ethernet controller: Atheros Communications, Inc. AR5212 802.11abg NIC 
(rev 01)
00:0b.0 CardBus bridge: O2 Micro, Inc. OZ711M1/MC1 4-in-1 MemoryCardBus 
Controller (rev 20)
00:0b.1 CardBus bridge: O2 Micro, Inc. OZ711M1/MC1 4-in-1 MemoryCardBus 
Controller (rev 20)
00:0b.2 System peripheral: O2 Micro, Inc. OZ711Mx 4-in-1 MemoryCardBus 
Accelerator
00:10.0 IDE interface: ALi Corporation M5229 IDE (rev c4)
00:11.0 Bridge: ALi Corporation M7101 Power Management Controller [PMU]
00:12.0 USB Controller: NEC Corporation USB (rev 43)
00:12.1 USB Controller: NEC Corporation USB (rev 43)
00:12.2 USB Controller: NEC Corporation USB 2.0 (rev 04)
00:13.0 Ethernet controller: Broadcom Corporation NetXtreme BCM5705M Gigabit 
Ethernet (rev 03)
01:05.0 VGA compatible controller: ATI Technologies Inc Radeon IGP 
330M/340M/350M

cat lsmod.lst 
Module  Size  Used by
autofs423749  2 
hidp   23105  2 
rfcomm 42457  0 
l2cap  29633  10 hidp,rfcomm

bluetooth  53925  5 hidp,rfcomm,l2cap
sunrpc142973  1 
ip_conntrack_netbios_ns 6977  0 
ipt_REJECT  9537  1 
xt_state6209  3 
ip_conntrack   53153  2 ip_conntrack_netbios_ns,xt_state

nfnetlink  10713  1 ip_conntrack
iptable_filter  7105  1 
ip_tables  17029  1 iptable_filter
ip6t_REJECT 9409  1 
xt_tcpudp   7105  12 
ip6table_filter 6849  1 
ip6_tables 18181  1 ip6table_filter

x_tables   17349  6 
ipt_REJECT,xt_state,ip_tables,ip6t_REJECT,xt_tcpudp,ip6_tables
cpufreq_ondemand   10573  1 
video  19269  0 
sbs18533  0 
i2c_ec  9025  1 sbs
button 10705  0 
battery13637  0 
asus_acpi  19289  0 
ac  9157  0 
radeon103905  2 
drm65493  3 radeon

ipv6  250369  19 ip6t_REJECT
lp 15849  0 
joydev 13185  0 
snd_ali545125165  1 
snd_ac97_codec 87009  1 snd_ali5451

snd_ac97_bus6337  1 snd_ac97_codec
snd_seq_dummy   7877  0 
snd_seq_oss32705  0 
snd_seq_midi_event 11073  1 snd_seq_oss

snd_seq49841  5 snd_seq_dummy,snd_seq_oss,snd_seq_midi_event
snd_seq_device 11853  3 snd_seq_dummy,snd_seq_oss,snd_seq
snd_pcm_oss42849  0 
snd_mixer_oss  19137  1 snd_pcm_oss

snd_pcm71621  3 snd_ali5451,snd_ac97_codec,snd_pcm_oss
wlan_scan_sta  16128  0 
snd_timer  24901  2 snd_seq,snd_pcm

snd51909  11 
snd_ali5451,snd_ac97_codec,snd_seq_oss,snd_seq,snd_seq_device,snd_pcm_oss,snd_mixer_oss,snd_pcm,snd_timer
soundcore  13217  1 snd
pcspkr  7105  0 
snd_page_alloc 13641  1 snd_pcm
parport_pc 29157  1 
parport37513  2 lp,parport_pc
ath_pci86180  0 
ath_rate_sample16896  1 ath_pci

wlan  172764  4 wlan_scan_sta,ath_pci,ath_rate_sample
i2c_ali153510565  0 
tg399781  0 
i2c_ali15x311333  0 
ath_hal   195280  3 ath_pci,ath_rate_sample
serio_raw  10693  0 
i2c_core   23745  3 i2c_ec,i2c_ali1535,i2c_ali15x3
dm_snapshot20581  0 
dm_zero 6209  0 
dm

Re: [CentOS] GUI Login Screen for CentOS 5

[Jim Perrin]

On 6/18/07, Mark Snyder <[EMAIL PROTECTED]> wrote:

I installed CentOS using the option for a GUI Server with GRUB and GNOME.  When 
it boots it
stops at a text login screen, which is not desirable in our setup. I want it to 
start at the
GUI login screen and not have to press 'Ctrl Alt F7' to bring this screen up.

I thought this was controlled by /etc/inittab but it is setup correctly for 
runlevel 5.  How
can I correct this setup?


Are you using the Xen kernel, or an ATI graphics card? This seems to
be a recurring issue where those two bits are related.

--
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: how to change distro live?

[Dhawal Doshy]

Farkas Levente wrote:

hi,
we've got many mandrake 8,9 and 10 system remotely. we'd like to
remotely replace these systems to centos 5. we've 4 disk in them. one is
the system drive (no need for raid) and there is free space on the
remaining 3 disk. so what we think about:
- download the new system to the data disks
- install grub (mandrake has lilo) to boot the old system and reboot
- create the old system in the data disk
- update grub to boot the old system from the data disk and reboot
- repartition the system disk
- transfer the new system to the system disk
- update grub to boot form new system disk and reboot.
this seems to easy but has many very dangerous steps and we has only
remote ssh access to the system. if we loose the connections we can't
access the system anymore and we've to travel a lot! another constrain
that we should have to do this very fast ie. it'd be nice if the system
wouldn't be down for a long time.
- what would be the best method for this?
- what are the dangerous step here?
- what would be the best way and format to transfer the new system to
the disk (we think about an iso file)?
- does anybody do such thing and what is his experience?
thank you for your help in advance.



See koan, a helper program with cobbler http://cobbler.et.redhat.com/

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Daniel de Kok]

On Mon, 2007-06-18 at 11:07 -0400, Stephen Harris wrote:
> On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> > My preference was to use /srv/xen and then symlink /srv/xen/etc to 
> > /etc/xen and /srv/xen/images to /var/lib/xen/images
> 
> My preference is to disable SELinux totally and use /xen as a seperate
> mount point :-)

I keep repeating in a sheepish fashion: bad :p.

-- Daniel

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] GUI Login Screen for CentOS 5

[Mark Snyder]

I installed CentOS using the option for a GUI Server with GRUB and GNOME.  When it boots it 
stops at a text login screen, which is not desirable in our setup. I want it to start at the 
GUI login screen and not have to press 'Ctrl Alt F7' to bring this screen up.


I thought this was controlled by /etc/inittab but it is setup correctly for runlevel 5.  How 
can I correct this setup?


Mark
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Stephen Harris]

On Mon, Jun 18, 2007 at 11:05:24AM -0400, Rick Barnes wrote:
> My preference was to use /srv/xen and then symlink /srv/xen/etc to 
> /etc/xen and /srv/xen/images to /var/lib/xen/images

My preference is to disable SELinux totally and use /xen as a seperate
mount point :-)

Which I would be using now except I read that VMware server doesn't work
on a Xen kernel, so that ruins that!

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Rick Barnes]

Daniel de Kok wrote:

On Mon, 2007-06-18 at 11:50 +0200, Jordi Espasa Clofent wrote:
1. According to 
http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU?highlight=%28xen%29 
it would be /srv/xen or even /var/lib/xen/images.


¿What is the correct absolute path to put into the xen domains files?


Whatever you prefer, as long as the images have the correct security
context. Otherwise, SELinux will deny access to the images.

2. Moreover, if you want the domU(s) boot together dom0, you should put 
the domains files (images) into /etc/xen/auto.


¿A simple symlink will be enough in this case?


No, you shouldn't put the images there, but the (Xen) domain
configuration files of the domains you would like to start during the
boot process.



As Daniel said it the config file that goes in /etc/xen/auto, but you 
can also symlink to the config file, not the image.


My preference was to use /srv/xen and then symlink /srv/xen/etc to 
/etc/xen and /srv/xen/images to /var/lib/xen/images


YMMV,
Rick
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Robert Moskowitz]

Andy Green wrote:

Robert Moskowitz wrote:
  

Axel Thimm wrote:


On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
 
  

I have not installed the madwifi specific kernel stuff (kdml and
hal-kdml) from atrpms.  I have installed with wpa rpms.

And my Atheros card is working with almost no work on my part (other
than runing wpa_supplicant as a deamon).

Nice!



But how is that supposed to work? Perhaps you don't have an atheros
chipset at all? If you have an atheros chipset then you will need
madwifi/dadwifi and hal/openhal to use it.
  

Oh, it is definitely the Atheros chipset.  Given to me by my friends at
Atheros at one of the 802.11 meetings over a year ago



Well, we'll see... type lspci to hear about the card and lsmod to see
what modules you have loaded, post the results.
Will be rebooting to Centos 5 shortly.  And with the lvm mounting 
(vgscan and vgchange) instructions, I might just get my email switched 
over and just respond from there!


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Andy Green]

Robert Moskowitz wrote:
> Axel Thimm wrote:
>> On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
>>  
>>> I have not installed the madwifi specific kernel stuff (kdml and
>>> hal-kdml) from atrpms.  I have installed with wpa rpms.
>>>
>>> And my Atheros card is working with almost no work on my part (other
>>> than runing wpa_supplicant as a deamon).
>>>
>>> Nice!
>>> 
>>
>> But how is that supposed to work? Perhaps you don't have an atheros
>> chipset at all? If you have an atheros chipset then you will need
>> madwifi/dadwifi and hal/openhal to use it.
> Oh, it is definitely the Atheros chipset.  Given to me by my friends at
> Atheros at one of the 802.11 meetings over a year ago

Well, we'll see... type lspci to hear about the card and lsmod to see
what modules you have loaded, post the results.

-Andy
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] mounting an lvm partition via a USB adapter

[Robert Moskowitz]

Luciano Rocha wrote:

On Mon, Jun 18, 2007 at 08:10:28AM -0400, Robert Moskowitz wrote:
  
 I am trying to mount this (my old hard drive) from my Centos 5 install as a 
 USB drive so I can copy files over.


 The second partition, /dev/sda2 is the one I really want and it is an lvm 
 partition.  When I am booted from this drive (as the installed IDE drive, 
 not as a usb drive) has for its  /etc/fstab:


 # This file is edited by fstab-sync - see 'man fstab-sync' for details
 /dev/VolGroup00/LogVol01 /   ext3defaults1 1
 LABEL=/boot /boot   ext3defaults1 2
 none/dev/ptsdevpts  gid=5,mode=620  0 0
 none/dev/shmtmpfs   defaults0 0
 /dev/VolGroup00/LogVol02 /home   ext3defaults1 2
 none/proc   procdefaults0 0
 none/syssysfs   defaults0 0
 /dev/VolGroup00/LogVol00 swapswapdefaults0 0


 But I do not see any /dev/Vol... when I boot from my Centos 5 drive (oh, I 
 have labeled the lvm partitions on that drive to start with Centos5 so that 
 its labels are different from my Centos 4 drive lablels).



vgscan ; vgchange -ay VolGroup00
  

I will give this a try, shortly.

If the volume group happens to be the same as the one you're using on
your new system,
I was careful to give the new drive a different name than the old 
one  So I suspect I am set for this.

 then that will probably fail, and I suggest renaming
your current volume group using a rescue cd (don't forget to recreate
the initrd, as it has the vg hardcoded).

  



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
  

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Madwifi just seems to work in Centos 5

[Robert Moskowitz]

Axel Thimm wrote:

On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
  
I have not installed the madwifi specific kernel stuff (kdml and 
hal-kdml) from atrpms.  I have installed with wpa rpms.


And my Atheros card is working with almost no work on my part (other 
than runing wpa_supplicant as a deamon).


Nice!



But how is that supposed to work? Perhaps you don't have an atheros
chipset at all? If you have an atheros chipset then you will need
madwifi/dadwifi and hal/openhal to use it.
Oh, it is definitely the Atheros chipset.  Given to me by my friends at 
Atheros at one of the 802.11 meetings over a year ago


I was supprised/shocked.  I was watching the boot and saw an attempt to 
aquire an IP address for wifi0.  Gee, I had not configured my wireless 
card at all.  Why did Kudzu discover the card, I had never installed the 
madwifi kernel drivers.  Yeah, I DID install the WPA and wireless tools 
(wpa_supplicant, wpa_cli, wpa_dui, iwconfig, wlanconfig, etc) but not 
the madwifi-kmdl or madwifi-hal-kdml.  So what is going on?


All I had to do was to get the wpasupplicant running as a deamon, 
reading my wpasupplicant.conf file (with the PSK for my network), and I 
was Associated.  Then grab a dhcp lease and off I went wirelessly.


Is there any tool to analyse the kernel to see if the madwifi drivers 
are in the sauce?




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] ClamAV (was: antivirus)

[Kenneth Porter]

--On Saturday, June 16, 2007 4:57 PM -0600 Leonel <[EMAIL PROTECTED]> wrote:


Centos 5 with  clamav ???

Where is that ?
Did you mean  using   dag's  repo


I installed it from RPMForge, but I'm getting SELinux issues with it.



I'm very new to SELinux so I'm going to have to do some research to figure 
out how to apply that solution.



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOSplus Postfix with mysql/pgsql

[Brent DiNicola]

The lasted version of Postfix in the OS for 4.5 add a .1 to the rpm
version which makes it newer than the CentOSPlus version and hence
replaces it, any intent to update the 4.5 CentOSPlus package or should I
roll my own with mysql included?

4.5 OS Version: postfix-2.2.10-1.1.el4.i386.rpm
4.4/5 CentOSPlus Version: postfix-2.2.10-1.RHEL4.2.mysql_pgsql.c4.i386.rpm

Thanks
Brent
-- 
Brent DiNicola/Whitewolf
The Whitewolf of Imrryr

http://www.elric.net
Disclaimer: Any opinions expressed here are
from my dog. Any liabilities fall to the dog.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] mounting an lvm partition via a USB adapter

[Luciano Rocha]

On Mon, Jun 18, 2007 at 08:10:28AM -0400, Robert Moskowitz wrote:
>  I am trying to mount this (my old hard drive) from my Centos 5 install as a 
>  USB drive so I can copy files over.
> 
>  The second partition, /dev/sda2 is the one I really want and it is an lvm 
>  partition.  When I am booted from this drive (as the installed IDE drive, 
>  not as a usb drive) has for its  /etc/fstab:
> 
>  # This file is edited by fstab-sync - see 'man fstab-sync' for details
>  /dev/VolGroup00/LogVol01 /   ext3defaults1 1
>  LABEL=/boot /boot   ext3defaults1 2
>  none/dev/ptsdevpts  gid=5,mode=620  0 0
>  none/dev/shmtmpfs   defaults0 0
>  /dev/VolGroup00/LogVol02 /home   ext3defaults1 2
>  none/proc   procdefaults0 0
>  none/syssysfs   defaults0 0
>  /dev/VolGroup00/LogVol00 swapswapdefaults0 0
> 
> 
>  But I do not see any /dev/Vol... when I boot from my Centos 5 drive (oh, I 
>  have labeled the lvm partitions on that drive to start with Centos5 so that 
>  its labels are different from my Centos 4 drive lablels).

vgscan ; vgchange -ay VolGroup00

If the volume group happens to be the same as the one you're using on
your new system, then that will probably fail, and I suggest renaming
your current volume group using a rescue cd (don't forget to recreate
the initrd, as it has the vg hardcoded).

-- 
lfr
0/0


pgpz8L8jTzZgV.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] how to change distro live?

[Farkas Levente]

hi,
we've got many mandrake 8,9 and 10 system remotely. we'd like to
remotely replace these systems to centos 5. we've 4 disk in them. one is
the system drive (no need for raid) and there is free space on the
remaining 3 disk. so what we think about:
- download the new system to the data disks
- install grub (mandrake has lilo) to boot the old system and reboot
- create the old system in the data disk
- update grub to boot the old system from the data disk and reboot
- repartition the system disk
- transfer the new system to the system disk
- update grub to boot form new system disk and reboot.
this seems to easy but has many very dangerous steps and we has only
remote ssh access to the system. if we loose the connections we can't
access the system anymore and we've to travel a lot! another constrain
that we should have to do this very fast ie. it'd be nice if the system
wouldn't be down for a long time.
- what would be the best method for this?
- what are the dangerous step here?
- what would be the best way and format to transfer the new system to
the disk (we think about an iso file)?
- does anybody do such thing and what is his experience?
thank you for your help in advance.

-- 
  Levente   "Si vis pacem para bellum!"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Madwifi just seems to work in Centos 5

[Axel Thimm]

On Mon, Jun 18, 2007 at 08:03:39AM -0400, Robert Moskowitz wrote:
> I have not installed the madwifi specific kernel stuff (kdml and 
> hal-kdml) from atrpms.  I have installed with wpa rpms.
> 
> And my Atheros card is working with almost no work on my part (other 
> than runing wpa_supplicant as a deamon).
> 
> Nice!

But how is that supposed to work? Perhaps you don't have an atheros
chipset at all? If you have an atheros chipset then you will need
madwifi/dadwifi and hal/openhal to use it.
-- 
Axel.Thimm at ATrpms.net


pgpGdxJ1EV25p.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] mounting an lvm partition via a USB adapter

[Robert Moskowitz]

I am trying to mount this (my old hard drive) from my Centos 5 install 
as a USB drive so I can copy files over.


I have made the change to max_luns so that I can have more than one 
drive on a USB drive.


The first partition, /dev/sda1 mounts automatically as /boot_

The second partition, /dev/sda2 is the one I really want and it is an 
lvm partition.  When I am booted from this drive (as the installed IDE 
drive, not as a usb drive) has for its  /etc/fstab:


# This file is edited by fstab-sync - see 'man fstab-sync' for details
/dev/VolGroup00/LogVol01 /   ext3defaults1 1
LABEL=/boot /boot   ext3defaults1 2
none/dev/ptsdevpts  gid=5,mode=620  0 0
none/dev/shmtmpfs   defaults0 0
/dev/VolGroup00/LogVol02 /home   ext3defaults1 2
none/proc   procdefaults0 0
none/syssysfs   defaults0 0
/dev/VolGroup00/LogVol00 swapswapdefaults0 0


But I do not see any /dev/Vol... when I boot from my Centos 5 drive (oh, 
I have labeled the lvm partitions on that drive to start with Centos5 so 
that its labels are different from my Centos 4 drive lablels).


What mount command do I use?


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Madwifi just seems to work in Centos 5

[Robert Moskowitz]

I have not installed the madwifi specific kernel stuff (kdml and 
hal-kdml) from atrpms.  I have installed with wpa rpms.


And my Atheros card is working with almost no work on my part (other 
than runing wpa_supplicant as a deamon).


Nice!


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 28, Issue 15

[centos-announce-request]

Send CentOS-announce mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CESA-2007:0406 Important CentOS 4 i386openoffice.org -
  security update (Johnny Hughes)
   2. CESA-2007:0406 Important CentOS 4 x86_64  openoffice.org -
  security update (Johnny Hughes)
   3. CESA-2007:0492 Moderate CentOS 4 i386 spamassassin - security
  update (Johnny Hughes)
   4. CESA-2007:0492 Moderate CentOS 4 x86_64   spamassassin -
  security update (Johnny Hughes)
   5. CESA-2007:0494 Important CentOS 4 i386 kdebase -  security
  update (Johnny Hughes)
   6. CESA-2007:0494 Important CentOS 4 x86_64 kdebase  - security
  update (Johnny Hughes)
   7. CESA-2007:0395 Low CentOS 4 i386 mod_perl -   security update
  (Johnny Hughes)
   8. CESA-2007:0395 Low CentOS 4 x86_64 mod_perl - security update
  (Johnny Hughes)
   9. CESA-2007:0501 Moderate CentOS 4 i386 libexif -   security
  update (Johnny Hughes)
  10. CESA-2007:0501 Moderate CentOS 4 x86_64 libexif - security
  update (Johnny Hughes)


--

Message: 1
Date: Sun, 17 Jun 2007 09:44:06 -0500
From: Johnny Hughes <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2007:0406 Important CentOS 4 i386
openoffice.org - security update
To: CentOS-Announce <[EMAIL PROTECTED]>
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"

CentOS Errata and Security Advisory 2007:0406

https://rhn.redhat.com/errata/RHSA-2007-0406.html

The following updated files have been uploaded and are currently
syncing to the mirrors:

i386:
openoffice.org-1.1.5-10.6.0.1.EL4.i386.rpm
openoffice.org2-base-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-base-2.0.4-5.7.0.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-calc-2.0.4-5.7.0.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-core-2.0.4-5.7.0.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-draw-2.0.4-5.7.0.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-emailmerge-2.0.4-5.7.0.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-graphicfilter-2.0.4-5.7.0.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-impress-2.0.4-5.7.0.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-javafilter-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-af_ZA-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-ar-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-bg_BG-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-bn-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-ca_ES-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-cs_CZ-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-cy_GB-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-da_DK-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-de-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-el_GR-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-es-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-et_EE-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-eu_ES-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-fi_FI-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-fr-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-ga_IE-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-gl_ES-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-gu_IN-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-he_IL-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.1.0.i386.rpm
openoffice.org2-langpack-hi_IN-2.0.4-5.7.0.i386.rpm
openoffice.org2-langpa

Re: [CentOS] OT - IP Tables - forwarding to localhost - WORKS!!

[first last]

--- Luciano Rocha <[EMAIL PROTECTED]> wrote:

> On Mon, Jun 18, 2007 at 11:46:42AM +0100, first last wrote:
> > Hi,
> > 
> > I am trying to set up a firewall rule so calls to old_mailserver:25
> get
> > redirected to localhost:25. I have seen quite a few rules and none
> seem
> > to work.
> > 
> > I have tried with the firewall enabled (configured to allow smtp)
> and
> > disabled, but it doesn't seem to make a difference.
> > 
> > One of the commands I have been using is:
> > /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
> > --dport 25 -j REDIRECT --to 127.0.0.1:25
> 
> Try this:
> iptables -t nat -I PREROUTING -p tcp -d old_mail_server_ip --dport 25
> \
>   -j REDIRECT
> iptables -t nat -I OUTPUT -p tcp -d old_mail_server_ip --dport 25 \
>   -j REDIRECT

Thanks, this worked! This just saved me a reboot on the production
servers :)

Thanks to all who responded.

Gabriel 


  ___
Yahoo! Answers - Got a question? Someone out there knows the answer. Try it
now.
http://uk.answers.yahoo.com/ 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - IP Tables - forwarding to localhost

[<[EMAIL PROTECTED]>]

Igor Demjanenko napsal(a):
> Hi,
> 
> Try this:
> 
> iptables -t nat -A PREROUTING -p tcp -d old_mailserver_ip
> --destination-port 25 -j DNAT --to-destination 127.0.0.1:25
> 

Try: iptables -t nat -A PREROUTING -p tcp -d old_mailserver_ip
--destination-port 25 -j DNAT --to-destination 127.0.0.1

Please do note ":25" missing.
David
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - IP Tables - forwarding to localhost

[Luciano Rocha]

On Mon, Jun 18, 2007 at 11:46:42AM +0100, first last wrote:
> Hi,
> 
> I am trying to set up a firewall rule so calls to old_mailserver:25 get
> redirected to localhost:25. I have seen quite a few rules and none seem
> to work.
> 
> I have tried with the firewall enabled (configured to allow smtp) and
> disabled, but it doesn't seem to make a difference.
> 
> One of the commands I have been using is:
> /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
> --dport 25 -j REDIRECT --to 127.0.0.1:25

Try this:
iptables -t nat -I PREROUTING -p tcp -d old_mail_server_ip --dport 25 \
  -j REDIRECT
iptables -t nat -I OUTPUT -p tcp -d old_mail_server_ip --dport 25 \
  -j REDIRECT
 
> Am I missing anything?

Locally generated packets go through OUTPUT, but not PREROUTING, IIRC.

-- 
lfr
0/0


pgpjQxTJNWgqT.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - IP Tables - forwarding to localhost

[first last]

Thanks for the response but it didn't work. It just hangs there trying
to connect and then I get an error "no route to host" (as it should if
trying to connect to that host directly.

--- Igor Demjanenko <[EMAIL PROTECTED]> wrote:

> Hi,
> 
> Try this:
> 
> iptables -t nat -A PREROUTING -p tcp -d old_mailserver_ip 
> --destination-port 25 -j DNAT --to-destination 127.0.0.1:25
> 
> first last wrote:
> > Hi,
> >
> > I am trying to set up a firewall rule so calls to old_mailserver:25
> get
> > redirected to localhost:25. I have seen quite a few rules and none
> seem
> > to work.
> >
> > I have tried with the firewall enabled (configured to allow smtp)
> and
> > disabled, but it doesn't seem to make a difference.
> >
> > One of the commands I have been using is:
> > /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
> > --dport 25 -j REDIRECT --to 127.0.0.1:25
> >
> > Am I missing anything?
> >
> > Thanks
> >
> > Gabriel
> >
> >
> >   ___ 
> > Yahoo! Mail is the world's favourite email. Don't settle for less,
> sign up for
> > your free account today
>
http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html
> 
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >   
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 



  ___ 
Yahoo! Mail is the world's favourite email. Don't settle for less, sign up for
your free account today 
http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - IP Tables - forwarding to localhost

[Igor Demjanenko]

Hi,

Try this:

iptables -t nat -A PREROUTING -p tcp -d old_mailserver_ip 
--destination-port 25 -j DNAT --to-destination 127.0.0.1:25


first last wrote:

Hi,

I am trying to set up a firewall rule so calls to old_mailserver:25 get
redirected to localhost:25. I have seen quite a few rules and none seem
to work.

I have tried with the firewall enabled (configured to allow smtp) and
disabled, but it doesn't seem to make a difference.

One of the commands I have been using is:
/sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
--dport 25 -j REDIRECT --to 127.0.0.1:25

Am I missing anything?

Thanks

Gabriel


  ___ 
Yahoo! Mail is the world's favourite email. Don't settle for less, sign up for
your free account today http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html 
___

CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
  

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] OT - IP Tables - forwarding to localhost

[first last]

Hi,

I am trying to set up a firewall rule so calls to old_mailserver:25 get
redirected to localhost:25. I have seen quite a few rules and none seem
to work.

I have tried with the firewall enabled (configured to allow smtp) and
disabled, but it doesn't seem to make a difference.

One of the commands I have been using is:
/sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
--dport 25 -j REDIRECT --to 127.0.0.1:25

Am I missing anything?

Thanks

Gabriel


  ___ 
Yahoo! Mail is the world's favourite email. Don't settle for less, sign up for
your free account today 
http://uk.rd.yahoo.com/evt=44106/*http://uk.docs.yahoo.com/mail/winter07.html 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Correct xen domains path

[Daniel de Kok]

On Mon, 2007-06-18 at 11:50 +0200, Jordi Espasa Clofent wrote:
> 1. According to 
> http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU?highlight=%28xen%29 
> it would be /srv/xen or even /var/lib/xen/images.
> 
> ¿What is the correct absolute path to put into the xen domains files?

Whatever you prefer, as long as the images have the correct security
context. Otherwise, SELinux will deny access to the images.

> 2. Moreover, if you want the domU(s) boot together dom0, you should put 
> the domains files (images) into /etc/xen/auto.
> 
> ¿A simple symlink will be enough in this case?

No, you shouldn't put the images there, but the (Xen) domain
configuration files of the domains you would like to start during the
boot process.

-- Daniel

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Correct xen domains path

[Jordi Espasa Clofent]

Hi all,

Two questions

1. According to 
http://wiki.centos.org/HowTos/Xen/InstallingCentOSDomU?highlight=%28xen%29 
it would be /srv/xen or even /var/lib/xen/images.


¿What is the correct absolute path to put into the xen domains files?


2. Moreover, if you want the domU(s) boot together dom0, you should put 
the domains files (images) into /etc/xen/auto.


¿A simple symlink will be enough in this case?

--
Thanks,
Jordi Espasa Clofent

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] dovecot FC2 (0.99.14) to CentOS4 (0.99.11-8.EL4)

[David Hrbáč]

David Hrbáč napsal(a):
> Hi,
> I have to move IMAP mail store from FC Dag's dovecot 0.99.14 to new
> Centos4 machine. Dovecot complains about corrupted indexes, Missing
> location field,  Data position of record xxx points outside file etc.
> There's no 0.99.14 version for EL4 in rpmforge. Distribusion version is
>  three steps down - 0.99.11. Any hints?
> Thanks a lot.
> David
> 
> PS: I have rsynced all maildir Friday and today I had to move to the old
> machine :o(

I answer to myself .. :o)
rm .*/.imap.index* -rf
seems to help.
David
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos