Re: [CentOS] Open Letter to Lance Davis

[Karanbir Singh]

On 07/30/2009 06:34 AM, R P Herrold wrote:
> This is an Open Letter to Lance Davis from fellow CentOS Developers

People looking for info about this and recent progress will find 
relevant info being updated on http://www.centos.org/ as things develop.

-- 
Karanbir Singh : http://www.karan.org/  : 2522...@icq
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Karanbir Singh]

On 07/31/2009 08:45 PM, James B. Byrne wrote:
> What steps, if any, have been taken to establish
> the CentOS project as a separate legal entity distinct from any
> individual contributor? What protections are being put in place to
> prevent future misappropriations of donations and advertising
> revenue, even if it turns out that no such thing has as yet
> happened?

We will be addressing these issues in the next few weeks, the plan at 
this time is to not turn on the donations option or advertising anywhere 
on the websites till we have such process's in place.

-- 
Karanbir Singh : http://www.karan.org/  : 2522...@icq
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] things weirdly different in new installation

[fred smith]

I've just built a new system and installed latest Centos 5.3 on it. My old
box also has an up to date Centos 5 on it.

Some things are just plain different between the two installations, and
it's stumping me why that would be. Example:

on the old box, the shutdown dialog offers restart, cancel, shutdown,
and also standby and hibernate. and the standby and hibernate options
work, too.

The new box, it only offers restart, cancel, or shutdown.

Oddly, the main "System" dropdown offers "suspend" as well as "logoff"
and "shutdown" submenus.

Since it's a desktop, I won't often want to suspend or hibernate, but
it may occasionally be nice to have the option to hibernate (e.g.,
power is off, UPS is about dead, hibernate could save my work.)

Ideas, anyone?

Thanks!
-- 
 Fred Smith -- fre...@fcshome.stoneham.ma.us -
"Not everyone who says to me, 'Lord, Lord,' will enter the kingdom of
 heaven, but only he who does the will of my Father who is in heaven."
-- Matthew 7:21 (niv) -
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[David McGuffey]

On Fri, 2009-07-31 at 20:56 +0100, Ned Slider wrote:
> Marcus Moeller wrote:
> > Hi,
> > 
> >>> My 'dream' OS has always been one where the base install was extremely
> >>> minimal - just enough to install the rest over the network.  Then there
...
> 
> Sounds like all you folks need to get together, start a "CentOS minimal 
> install CD" SIG and get on with it :)
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

That would certainly simplify my challenge in building "hardened"
baseline loads from which to build other specialized servers.

Dave


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[David McGuffey]

On Fri, 2009-07-31 at 13:55 -0500, Ron Blizzard wrote:
> On Fri, Jul 31, 2009 at 1:12 PM, Marcus Moeller wrote:
> >
> > But please note: CentOS itself has a clear strategy which means
> > upstream compatibility. Nothing more and nothing less. No focus on
> > specialized systems (which does not mean you can create a custom spin
> > for an specific purpose, e.g. a CentOS netbook spin)
> 
> This is one of the reasons I chose CentOS -- specifically because it
> is a Red Hat "rebuild" with upstream compatibility. Although, in my
> opinion, CentOS stands on its own -- I figured it was a plus that
> while I was learning CentOS I was also learning Red Hat. I first found
> CentOS via Trixbox and asterisk (I'm a Nortel phone tech with interest
> in asterisk). As it turns out a career change may be forced on me --
> so I'm now studying to take the Red Hat Technician (or Engineering)
> certification exams to augment my resume. It has been a huge head
> start to have been using "Red Hat" for the past year and a half.
> 
> So, I guess, this is just a vote for keeping CentOS "as is." Although
> I think community rebuild projects would be cool also.
> 
Agree.  

My customers buy RHEL by the thousands of copies.  I use CentOS so that
I stay on top of what my customers are experiencing, to test the
integration of security tools, and to test various levels of "hardening"
guidance.  RH, whether or not they know it, has a lot to gain by ensuing
that CentOS continues.

Dave


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Weird permission

[muhammad panji]

On Fri, Jul 31, 2009 at 4:31 PM, Kai Schaetzl wrote:
> Muhammad panji wrote on Fri, 31 Jul 2009 14:48:29 +0700:
>
>> I got weird permission on one of my server, when I ls -l the / i got
>> permission for all directory set to "drwxr-xr-x." there are dot after
>> the executable permission for others. what dot mean in permission and
>> how to fix it?
>
> I have never seen or heard of this. I would assume that is a formatting
> glitch produced by some shell login setting. It might help if you showed
> the whole output.
>
>
> the actual problem is I could login via ssh but cannot
>> login via winscp
>
> Change the default WinSCP login from SFTP to SCP.
I always use SCP because I got better experience with it rather than SFTP

the output of root home :

[r...@clarisa ~]# ls -lha
total 52K
drwxr-xr-x   4 root root 4.0K 2009-08-01 02:38 .
drwxr-xr-x. 23 root root 4.0K 2009-07-31 15:47 ..
drwxr-xr-x   2 root root 4.0K 2009-07-31 15:06 backup
-rw---.  1 root root  14K 2009-08-01 08:34 .bash_history
-rw-r--r--.  1 root root   18 2009-03-30 18:51 .bash_logout
-rw-r--r--.  1 root root  176 2009-03-30 18:51 .bash_profile
-rw-r--r--   1 root root  587 2009-07-20 14:34 .bashrc
-rw---   1 root root   43 2009-07-31 15:20 .lesshst
drwxr-xr-x   2 root root 4.0K 2009-07-31 15:38 .uml
there are dot on .. (parent dir), and several files on root's home dir
regards,







-- 
Muhammad Panji
http://sumodirjo.wordpress.com
http://www.kurungsiku.web.id
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Weird permission

[muhammad panji]

On Fri, Jul 31, 2009 at 4:46 PM, Mike A. Harris wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> muhammad panji wrote:
>> Dear all,
>> I got weird permission on one of my server, when I ls -l the / i got
>> permission for all directory set to "drwxr-xr-x." there are dot after
>> the executable permission for others. what dot mean in permission and
>> how to fix it? the actual problem is I could login via ssh but cannot
>> login via winscp. any idea how to fix this? thanks in advance
>> best regards,
>
> IIRC, the "." at the end of the permissions indicates that the file has
> additional permission controls beyond the standard DAC bits, such as
> filesystem ACLs, filesystem capabilities, or other attributes.
>
> Filesystem capabilities support is not present in CentOS 5, so are you
> using ACLs?  What does the following show:
>
> getfacl --tabular /*
AFAIK by default on centos partition mounted with acl option but I
haven't set anything related to ACL

the output of getfacl --tabular /*
# file: bin
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: boot
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: dev
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: etc
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: home
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: lib
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: lost+found
USER   root  rwx
GROUP  root  ---
other---

# file: media
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: mnt
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: opt
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: proc
USER   root  r-x
GROUP  root  r-x
otherr-x

# file: root
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: sbin
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: selinux
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: srv
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: sys
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: tmp
USER   root  rwx
GROUP  root  rwx
otherrwx

# file: usr
USER   root  rwx
GROUP  root  r-x
otherr-x

# file: var
USER   root  rwx
GROUP  root  r-x
otherr-x

seems normal to me :) more clues please
regards,


-- 
Muhammad Panji
http://sumodirjo.wordpress.com
http://www.kurungsiku.web.id
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[Robert Heller]

At Fri, 31 Jul 2009 22:49:46 +0300 CentOS mailing list  
wrote:

> 
> 
> 
> Are you talking about this one:
> 
> http://ftp.itu.edu.tr/Mirror/CentOS/5.3/isos/i386/CentOS-5.3-i386-bin-DVD.iso

Yes, this is the install DVD image.

> 
> On Fri, Jul 31, 2009 at 3:05 PM, Robert Heller  wrote:
> 
> >  At Fri, 31 Jul 2009 14:56:14 +0300 CentOS mailing list 
> > wrote:
> >
> > >
> > >
> > >
> > > I have very basic question:
> > >
> > > I have downloaded *CentOS-5.3-i386-LiveCD* from CentOS website. Now I
> > need
> > > to install it on my Acer Laptop permanently not as a liveCD. How do I
> > burn
> > > it to a DVD to be able to install it by simply restarting my laptop?
> >
> > The CentOS Live CD are not 'install' CDs -- they don't include the
> > installer or the RPMs.  You should download the CentOS install DVD and
> > burn that.
> >
> > >
> > > Thank you,
> > >
> > > Sam
> > >
> > > MIME-Version: 1.0
> > >
> > > ___
> > > CentOS mailing list
> > > CentOS@centos.org
> > > http://lists.centos.org/mailman/listinfo/centos
> > >
> > >
> >
> > --
> > Robert Heller -- 978-544-6933
> > Deepwoods Software-- Download the Model Railroad System
> > http://www.deepsoft.com/  -- Binaries for Linux and MS-Windows
> > hel...@deepsoft.com   -- http://www.deepsoft.com/ModelRailroadSystem/
> >
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> 
> MIME-Version: 1.0
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
>   
>   

-- 
Robert Heller -- 978-544-6933
Deepwoods Software-- Download the Model Railroad System
http://www.deepsoft.com/  -- Binaries for Linux and MS-Windows
hel...@deepsoft.com   -- http://www.deepsoft.com/ModelRailroadSystem/
  
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Drew]

> I'm already hearing
> rumblings about risks from others in the company who don't know much
> about the situation but know we are using Centos and saw a news posting
> somewhere - and I suspect that is happening in every large company.

No doubt. And if the people who mange the CentOS servers in their
organization are doing their job, the people who pay the cheques are
being made aware of the situation, what the organization's options
are, and what costs are associated with each option.

Among those options, and this is our organization's fall back, is to
pay for a subscription to access the upstream vendor's support system
for package updates.


-- 
Drew

"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how to disable scim

[Craig White]

On Fri, 2009-07-31 at 16:17 -0400, Charles E Campbell Jr wrote:
> Hello:
> 
> I keep getting these
> 
>   An IOException occurred at 
> scim_bridge_client_imcontext_set_cursor_location ()
> 
> messages -- and I'd like to turn them off.  I won't mind having scim 
> just plain turned off.
> However, in using Google, I find a hint such as "right click on the 
> tray, ..." -- so where's
> the tray?  A second part of that hint suggested using 
> System:Administration:Language
> Support -- there's a "Language" (which allows me to select my default 
> language) but
> nothing about scim.
> 
> So, any hints about how to nuke scim?

I haven't played with scim on CentOS but on Fedora, it seems that
creating a symbolic link in users home directory...

ls -l ~/.xinputrc
.xinputrc -> /etc/X11/xinit/xinput.d/scim.conf

is what launches scim at user login

so you might want to look for something like that.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Karanbir Singh]

On 07/31/2009 08:56 PM, Ned Slider wrote:
> Sounds like all you folks need to get together, start a "CentOS minimal
> install CD" SIG and get on with it :)

or a shared editor, and write a kickstart :)

-- 
Karanbir Singh : http://www.karan.org/  : 2522...@icq
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[Ron Blizzard]

On Fri, Jul 31, 2009 at 4:08 PM, Jake Shipton wrote:

> May also want to consider using the "netinstall" images if you have a
> constant network connection during install. Saves downloading a whole
> DVD or a bunch of CD's
> ;-)
>
> Although do try the LiveCD as stated above.

Netinstall is about the only way I install CentOS now. The last time I
misplaced my netinstall CD, so I used the utility from the LiveCD.
Just be sure to find your repository source *before* starting the
install -- unless you have another computer connected to the Internet.

-- 
RonB -- Using CentOS 5.3
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Les Mikesell]

William L. Maltby wrote:
> On Fri, 2009-07-31 at 15:01 -0500, Les Mikesell wrote:
>> 
> 
>>> The idea of a minimal installation is interesting. Could this be done 
> 

> 
> In spite of the fact that all thse ideas for what the new CentOS org
> could or would do, they really don't belong cluttering a thread of
> serious import about the organization/personnel issues.

That's somewhat a difference of opinion.  As much as I appreciate the 
past stability of CentOS, I see moving to Scientific Linux as a 
perfectly reasonable thing to do, with more than a little connection to 
this topic.  And merging the projects seems even more reasonable, from 
an outside point of view.

> Many who've added to this clutter have, in the past, complained about
> others hi-jacking a thread. Although I understand how these things
> mutate, if we really want a good discussion to appear in the archives,
> these suggestions should be in their own thread. Maybe eventually as an
> open item in a (future) bugzilla.
> 
> I would rather be reading and possibly contributing some thoughts about
> the issue the thread was intended to address. It's an important topic
> for the missing person, the currently active project member and the
> community as a whole. Let's see if we can, from here forward, do the
> impossible - stay on topic.

It's a bigger issue than dealing with a missing person.  While I have no 
complaints about the product and highly respect the developers for their 
competence and dedication, the project doesn't have the kind of 
transparency and community involvement that gives you faith that it can 
survive more than a few personnel problems. I'm already hearing 
rumblings about risks from others in the company who don't know much 
about the situation but know we are using Centos and saw a news posting 
somewhere - and I suspect that is happening in every large company.

-- 
   Les Mikesell
 lesmikes...@gmail.com

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Lanny Marcus]

 Fri, Jul 31, 2009 at 8:59 AM, Craig White wrote:

t> totally agree and just want to add one more thing...I am very happy to
> see Johnny posting to this list. It has been a long time and I hope you
> are well.
+1  :-) I was planning to begin a new thread, "welcome
back Johnny!" until I read  Craigs words here. I do not want to hijack
this thread, but WELCOME BACK JOHNNY!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Kai Schaetzl]

James B. Byrne wrote on Fri, 31 Jul 2009 15:45:21 -0400 (EDT):

> However, having been bitten once, I feel that I must ask this more
> formal question.  What steps, if any, have been taken to establish
> the CentOS project as a separate legal entity distinct from any
> individual contributor? What protections are being put in place to
> prevent future misappropriations of donations and advertising
> revenue, even if it turns out that no such thing has as yet
> happened?

I think these are fair questions, but a bit premature. Give the team time 
to settle this, uhm, let's call it, mess. I'm sure once this matter is 
resolved the team will also give more information about the new structure 
and funding etc. Patience, folks! One thing at a time!

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[Jake Shipton]

On 31/07/09 22:01, Lanny Marcus wrote:

On Fri, Jul 31, 2009 at 6:56 AM, sam R  wrote:
   

I have very basic question:
I have downloaded CentOS-5.3-i386-LiveCD from CentOS website. Now I need to
install it on my Acer Laptop permanently not as a liveCD. How do I burn it
to a DVD to be able to install it by simply restarting my laptop?
 

I suggest you go ahead and burn the LiveCD image you downloaded to a
CD and see if this OS will run, properly, on your HW, before you
install it. If so, then download the CD's or DVD for a regular
install. Hang onto the LiveCD, in case you need to test on other HW,
in case you have a problem and need to rescue, or if go out of town
and want to run on someone elses HW without leaving tracks.

   
May also want to consider using the "netinstall" images if you have a 
constant network
connection during install. Saves downloading a whole DVD or a bunch of 
CD's ;-)


Although do try the LiveCD as stated above.

--
Jake

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[Lanny Marcus]

On Fri, Jul 31, 2009 at 6:56 AM, sam R wrote:
> I have very basic question:
> I have downloaded CentOS-5.3-i386-LiveCD from CentOS website. Now I need to
> install it on my Acer Laptop permanently not as a liveCD. How do I burn it
> to a DVD to be able to install it by simply restarting my laptop?

I suggest you go ahead and burn the LiveCD image you downloaded to a
CD and see if this OS will run, properly, on your HW, before you
install it. If so, then download the CD's or DVD for a regular
install. Hang onto the LiveCD, in case you need to test on other HW,
in case you have a problem and need to rescue, or if go out of town
and want to run on someone elses HW without leaving tracks.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[William L. Maltby]

On Fri, 2009-07-31 at 15:01 -0500, Les Mikesell wrote:
> 

> > 
> > The idea of a minimal installation is interesting. Could this be done 

>Les Mikesell
>  lesmikes...@gmail.com

In spite of the fact that all thse ideas for what the new CentOS org
could or would do, they really don't belong cluttering a thread of
serious import about the organization/personnel issues.

Many who've added to this clutter have, in the past, complained about
others hi-jacking a thread. Although I understand how these things
mutate, if we really want a good discussion to appear in the archives,
these suggestions should be in their own thread. Maybe eventually as an
open item in a (future) bugzilla.

I would rather be reading and possibly contributing some thoughts about
the issue the thread was intended to address. It's an important topic
for the missing person, the currently active project member and the
community as a whole. Let's see if we can, from here forward, do the
impossible - stay on topic.

In good cheer and
MHO
-- 
Bill

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] kvm in Centos 5.3

[Farkas Levente]

On 07/30/2009 08:45 PM, Kanwar Ranbir Sandhu wrote:
> On Thu, 2009-07-30 at 18:56 +0200, Farkas Levente wrote:
>> see around (it's there since 06.28):
>> http://www.lfarkas.org/linux/packages/centos/5/x86_64/virt/RPMS/libvirt-0.6.4-2.el5.x86_64.rpm
>
> FYI: when I try to install libvirt from your repo, libvirt in the CentOS
> base and updates repos keep replacing it, even though I've excluded the
> package.  I've tried cleaning the yum cache and a few other trouble
> shooting steps, all to no avail.

which version from which repo?

-- 
   Levente   "Si vis pacem para bellum!"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Ron Blizzard]

On Fri, Jul 31, 2009 at 2:45 PM, James B. Byrne wrote:
>
> However, having been bitten once, I feel that I must ask this more
> formal question.  What steps, if any, have been taken to establish
> the CentOS project as a separate legal entity distinct from any
> individual contributor? What protections are being put in place to
> prevent future misappropriations of donations and advertising
> revenue, even if it turns out that no such thing has as yet
> happened?

Okay, I'm a mere CentOS desktop user (at this point) but I'm curious
as to how *you've* been "bitten" here? While it's true that your
donation money apparently did not go to the project as  intended, it's
also true that you've still received a solid and continuously updated
OS (as paid for). So, even though it is regretful that the ability of
the CentOS project to promote its distribution has been hampered -- I
can't see where you've, personally, suffered any damage.

It seems to me the ones "bitten" here, are those who have donated so
much of their own time developing and maintaining CentOS. But despite
the handicap this situation has imposed on them, they are still
providing a great distribution.

I do agree that, going forward, everything will become more
"transparent" -- but I think that's the general goal and the reason
for the open letter in the first place.

-- 
RonB -- Using CentOS 5.3
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] how to disable scim

[Charles E Campbell Jr]

Hello:

I keep getting these

  An IOException occurred at 
scim_bridge_client_imcontext_set_cursor_location ()

messages -- and I'd like to turn them off.  I won't mind having scim 
just plain turned off.
However, in using Google, I find a hint such as "right click on the 
tray, ..." -- so where's
the tray?  A second part of that hint suggested using 
System:Administration:Language
Support -- there's a "Language" (which allows me to select my default 
language) but
nothing about scim.

So, any hints about how to nuke scim?

Regards,
Chip Campbell

-- 
someday I'll have a good signature, I'm sure of it...

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Upgrade fm 4.7 to 5.3: mptscsi module?

[Curt Mills]

First issue:  I did an upgrade from 4.7 to 5.3 on an HP DL380G3 box.
I got yum working again and upgraded 160+ packages.  During that
process I saw:

---
   Installing : kernel-PAE[157/322]
WARNING: No module mptscsi found for kernel 2.6.18-128.2.1.el5PAE, continuing 
anyway
   Installing : kernel[158/322]
WARNING: No module mptscsi found for kernel 2.6.18-128.2.1.el5, continuing 
anyway
---

Since I'm running with SCSI drives on that box and lsmod shows me
this:

---
# ./lsmod | grep mpt
mptctl 31301  1 
mptsas 37193  0 
scsi_transport_sas 30529  1 mptsas
mptspi 23625  0 
scsi_transport_spi 26305  1 mptspi
mptfc  21829  0 
mptscsih   36929  3 mptsas,mptspi,mptfc
scsi_transport_fc  37449  1 mptfc
mptbase76901  5 mptctl,mptsas,mptspi,mptfc,mptscsih
scsi_mod  141589  17
mptctl,ib_iser,iscsi_tcp,libiscsi,scsi_transport_iscsi,scsi_dh,st,sg,mptsas,scsi_transport_sas,mptspi,scsi_transport_spi,mptfc,mptscsih,scsi_transport_fc,cciss,sd_mod
---

I'm a bit worried about rebooting the system.  Should I be?  Did
some other driver take over the responsibilities of the mptscsi
driver?


Second issue:  I also had to remove some repositories from yum, do a
"yum clean all", and still manually remove a few more packages before yup
update would work.  There are still quite a few "el4" packages left
on the system even now.  History:

# history
  1006  yum update;date
  1007  yum clean all
  1008  yum update;date
  1009  yum remove freetype-utils cyrus-imapd-murder cyrus-imapd-nntp
  1010  yum update;date
  1011  yum remove seamonkey
  1012  yum update;date
  1013  rpm -qa | grep -i el4

Some of the el4 packages that are left are probably one's that I
installed by hand outside the yum repository scheme, but certainly
not all of them are.  I expected the upgrade off DVD and then the
"yum update" to take care of most of those.

-- 
Curt Mills, WE7Uhacker at fluke dot com
Senior Methods Engineer/SysAdmin
"Lotto:A tax on people who are bad at math!"
"Windows:  Microsoft's tax on computer illiterates!" -- WE7U
"The world DOES revolve around me:  I picked the coordinate system!"

Please be advised that this email may contain confidential information.
 If you are not the intended recipient, please do not read, copy or
re-transmit this email.  If you have received this email in error,
please notify us by email by replying to the sender and by telephone
(call us collect at +1 202-828-0850) and delete this message and any
attachments.  Thank you in advance for your cooperation and assistance.

In addition, Danaher and its subsidiaries disclaim that the content of
this email constitutes an offer to enter into, or the acceptance of, 
any
contract or agreement or any amendment thereto; provided that the
foregoing disclaimer does not invalidate the binding effect of any
digital or other electronic reproduction of a manual signature that is
included in any attachment to this email.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Les Mikesell]

Marcelo M. Garcia wrote:
> 
>> My 'dream' OS has always been one where the base install was extremely 
>> minimal - just enough to install the rest over the network.  Then there 
>> would be a way that anyone could 'publish' their installed list of 
>> repositories and packages and anyone else could duplicate that machine's 
>> setup just by picking that list from a set of choices with the installer 
>> dealing with the hardware differences for you.  This would eliminate 
>> most of the need for custom rebuilds and respins - at least for anyone 
>> with network access, and in my opinion the optimal combination of many 
>> thousands of packages is something that deserves to be be crowdsourced. 
>>   But, so far no one has done it and whenever the discussion of modified 
>> CentOS respins comes up the developers have seemed pretty lukewarm to 
>> the idea, as though it would devalue their brand.
>>
> Hi
> 
> The idea of a minimal installation is interesting. Could this be done 
> with a kickstart or a installation CD? Then you download/customize with
> "yum groupinstall ".

Sure - anything that gets you to the point of being able to run yum with 
disk and network access.  But there is a little more to what I want than 
a "yum groupinstall" can currently handle.  I'd like anyone with a 
configuration that they think is worth duplicating/sharing to be able to 
upload both their repository configuration and their installed package 
list to either a public or local server where that configuration would 
be saved with a unique ID, description, and author listing (and perhaps 
allow for user rating/comments).  Then anyone else should be able to 
give some command to update to match any of the ID's they want.  There 
are probably some hardware-related packages that would need special 
consideration in this scheme, but the worst part is that different 
repositories exist with different but same-named packages  and yum can't 
even keep this straight when updating the original machine much less 
reproduce it on another one.

> I think I didn't understand "it would devalue their brand". How could do 
> it if you reaching a wider public, working with more people with (more 
> or less) same goal? I would say "more" than "less". To me, as user, 
> seems that you will your brand more appealing.

The discussion was not about the scheme I'm describing, but generally in 
the context of either making a distro that wouldn't be called CentOS or 
one that had the Centos branding but modified content.  If I recall 
correctly, the former was grudgingly permitted but no help or advice 
offered, and latter was not permitted or at least highly discouraged 
unless it was a strict superset of the stock distro so problems related 
to the modifications don't affect CentOS's reputation.  Personally I've 
always preferred to install from the k12ltsp respin which is a fairly 
strict superset with a lot of useful additions.  However, it's not clear 
where that project is headed with the incorporation of part of its 
content into fedora packaging (but probably not others like the 
push-button commands to get flash, Sun java, realplayer, MS fonts,etc.).

> Besides, it seems, from the comment about the Fedora 10 tools, that the 
> customization could be easier in RHEL 6.

Yes, that will be a possibility, but building a million iso images that 
are out of date the next day and still won't have the exact setup you 
want just seems like the wrong approach.  What we need is one thing that 
handles hardware differences (and might also fix things up if you move a 
disk from one machine to another or restore a backup on a new machine) 
and another thing that can save and re-install lists of packages 
repeatably even if the repositories won't cooperate with their package 
names.  The rest would happen by itself as people came up with 
interesting combinations of packages tuned to different purposes and 
optimized for different types of hardware.

--
   Les Mikesell
 lesmikes...@gmail.com


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Ned Slider]

Marcus Moeller wrote:
> Hi,
> 
>>> My 'dream' OS has always been one where the base install was extremely
>>> minimal - just enough to install the rest over the network.  Then there
>>> would be a way that anyone could 'publish' their installed list of
>>> repositories and packages and anyone else could duplicate that machine's
>>> setup just by picking that list from a set of choices with the installer
>>> dealing with the hardware differences for you.  This would eliminate
>>> most of the need for custom rebuilds and respins - at least for anyone
>>> with network access, and in my opinion the optimal combination of many
>>> thousands of packages is something that deserves to be be crowdsourced.
>>>   But, so far no one has done it and whenever the discussion of modified
>>> CentOS respins comes up the developers have seemed pretty lukewarm to
>>> the idea, as though it would devalue their brand.
>>Such an OS, or release of an OS, would be mighty welcome to those
>> of us with early notebooks/netbooks/whatever (such as the EeePC 701).
> 
> Re-Spins are yet possible. You can take a look at the LiveCD project:
> 
> https://projects.centos.org/trac/livecd/
> 
> to learn how to spin a custom CentOS LiveCD.
> 

Sounds like all you folks need to get together, start a "CentOS minimal 
install CD" SIG and get on with it :)

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Ned Slider]

Beartooth wrote:
> On Fri, 31 Jul 2009 10:36:51 -0500, Les Mikesell wrote:
>   [] 
>> My 'dream' OS has always been one where the base install was extremely
>> minimal - just enough to install the rest over the network.  Then there
>> would be a way that anyone could 'publish' their installed list of
>> repositories and packages and anyone else could duplicate that machine's
>> setup just by picking that list from a set of choices with the installer
>> dealing with the hardware differences for you.  This would eliminate
>> most of the need for custom rebuilds and respins - at least for anyone
>> with network access, and in my opinion the optimal combination of many
>> thousands of packages is something that deserves to be be crowdsourced.
> 
>>   But, so far no one has done it and whenever the discussion of modified
>> CentOS respins comes up the developers have seemed pretty lukewarm to
>> the idea, as though it would devalue their brand.
> 
>   Such an OS, or release of an OS, would be mighty welcome to those 
> of us with early notebooks/netbooks/whatever (such as the EeePC 701). 
> 

A minimal install CD was discussed a while back, but it never got past 
the discussion stage...

http://lists.centos.org/pipermail/centos-devel/2008-November/003639.html

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[sam R]

Are you talking about this one:

http://ftp.itu.edu.tr/Mirror/CentOS/5.3/isos/i386/CentOS-5.3-i386-bin-DVD.iso

On Fri, Jul 31, 2009 at 3:05 PM, Robert Heller  wrote:

>  At Fri, 31 Jul 2009 14:56:14 +0300 CentOS mailing list 
> wrote:
>
> >
> >
> >
> > I have very basic question:
> >
> > I have downloaded *CentOS-5.3-i386-LiveCD* from CentOS website. Now I
> need
> > to install it on my Acer Laptop permanently not as a liveCD. How do I
> burn
> > it to a DVD to be able to install it by simply restarting my laptop?
>
> The CentOS Live CD are not 'install' CDs -- they don't include the
> installer or the RPMs.  You should download the CentOS install DVD and
> burn that.
>
> >
> > Thank you,
> >
> > Sam
> >
> > MIME-Version: 1.0
> >
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> >
>
> --
> Robert Heller -- 978-544-6933
> Deepwoods Software-- Download the Model Railroad System
> http://www.deepsoft.com/  -- Binaries for Linux and MS-Windows
> hel...@deepsoft.com   -- http://www.deepsoft.com/ModelRailroadSystem/
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[James B. Byrne]

Since 2004 or so, I have donated each year to the CentOS project, at
the requested rate, for each of our servers. While I never really
gave the matter any thought (fool that I am) I presumed that any
organisation that solicited funds would, at a minimum, be
incorporated, have a board of directors, duly appointed officers and
hold all corporate identity elements such as internet domain names,
brand trademarks and such as corporate property.

Evidently, my beliefs in this matter were sadly unfounded.

Now, I appreciate that whilst somewhat embarrassing, the immediate
matter is easily resolved, turning as it does on retention or
depreciation of the centos.org domain.  Presumably those who donated
bandwidth and servers to the CentOS.old project will in the main
continue to support the CentOS.new project. Equally, unless some
injury that has not yet come to light has been done to them, it
seems likely that most of the current maintainers will move their
loyalties and future technical contributions to CentOS.new.

However, having been bitten once, I feel that I must ask this more
formal question.  What steps, if any, have been taken to establish
the CentOS project as a separate legal entity distinct from any
individual contributor? What protections are being put in place to
prevent future misappropriations of donations and advertising
revenue, even if it turns out that no such thing has as yet
happened?

Sincerely,




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Ned Slider]

Boris Epstein wrote:
> 
> I found an even simplier solution - disabled SELinux. I've got a
> firewall and that is plenty.
> 

Wow, not sure I'd place all my faith in a firewall.

There is an SELinux tutorial on the Wiki that explicitly covers how to 
handle Apache serving content outside of DocumentRoot:

http://wiki.centos.org/HowTos/SELinux

Anyway, it's only one command to fix the issue - not exactly daunting.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Ron Blizzard]

On Fri, Jul 31, 2009 at 1:12 PM, Marcus Moeller wrote:
>
> But please note: CentOS itself has a clear strategy which means
> upstream compatibility. Nothing more and nothing less. No focus on
> specialized systems (which does not mean you can create a custom spin
> for an specific purpose, e.g. a CentOS netbook spin)

This is one of the reasons I chose CentOS -- specifically because it
is a Red Hat "rebuild" with upstream compatibility. Although, in my
opinion, CentOS stands on its own -- I figured it was a plus that
while I was learning CentOS I was also learning Red Hat. I first found
CentOS via Trixbox and asterisk (I'm a Nortel phone tech with interest
in asterisk). As it turns out a career change may be forced on me --
so I'm now studying to take the Red Hat Technician (or Engineering)
certification exams to augment my resume. It has been a huge head
start to have been using "Red Hat" for the past year and a half.

So, I guess, this is just a vote for keeping CentOS "as is." Although
I think community rebuild projects would be cool also.

-- 
RonB -- Using CentOS 5.3
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Marcus Moeller]

Hi,

>> My 'dream' OS has always been one where the base install was extremely
>> minimal - just enough to install the rest over the network.  Then there
>> would be a way that anyone could 'publish' their installed list of
>> repositories and packages and anyone else could duplicate that machine's
>> setup just by picking that list from a set of choices with the installer
>> dealing with the hardware differences for you.  This would eliminate
>> most of the need for custom rebuilds and respins - at least for anyone
>> with network access, and in my opinion the optimal combination of many
>> thousands of packages is something that deserves to be be crowdsourced.
>
>>   But, so far no one has done it and whenever the discussion of modified
>> CentOS respins comes up the developers have seemed pretty lukewarm to
>> the idea, as though it would devalue their brand.
>
>        Such an OS, or release of an OS, would be mighty welcome to those
> of us with early notebooks/netbooks/whatever (such as the EeePC 701).

Re-Spins are yet possible. You can take a look at the LiveCD project:

https://projects.centos.org/trac/livecd/

to learn how to spin a custom CentOS LiveCD.

But please note: CentOS itself has a clear strategy which means
upstream compatibility. Nothing more and nothing less. No focus on
specialized systems (which does not mean you can create a custom spin
for an specific purpose, e.g. a CentOS netbook spin)

IMHO CentOS is not the best choice for latest consumer hardware nor
the best desktop OS (please don't blame me for that Dag ;)

Fedora already offers a lot of spins for different (end)use(r) cases.

Best Regards
Marcus
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos convert to rhel?

[Ingemar Nilsson]

Tom Brown wrote:

> tell said managers to open the coffers and pay for support if they are 
> that worried

Well, it hasn't happened to me (yet). I just thought that it might be 
why some people seem to be somewhat worried.

Regards
Ingemar
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[P Marvin Eberly]

On Fri, 2009-07-31 at 06:59 -0700, Craig White wrote:
> On Thu, 2009-07-30 at 21:15 -0500, Johnny Hughes wrote:
> > Akemi Yagi wrote:
> > > On Thu, Jul 30, 2009 at 5:36 PM, Jim Perrin wrote:
> > >> On Thu, Jul 30, 2009 at 6:47 PM, Johnny Hughes wrote:
> > > 
> > >>> Why ... we are under no obligation to tell people how how we spend
> > >>> monies.  There are costs that are incurred for any organization.  We are
> > >>> probably going to disclose how monies are spent in the future because we
> > >>> choose to.  If you run a private organization, must you tell me how you
> > >>> spend your money?  You get an OS and can chose to donate monies or not.
> > >> We're not under any obligation to tell people how the money gets
> > >> spent, but doing so certainly goes a long way building good will. In
> > >> my opinion, a simple 'We got X monies in donations which were used to
> > >> purchase dedicated hosting, bandwidth, and various novelties for booth
> > >> and show kit' once in a while would do worlds of good for showing
> > >> people how we use the money they choose to give us.
> > >>
> > >> I don't have any legal obligation to help old ladies cross the street,
> > >> or rescue cats from trees. It's what you do because you're a good
> > >> person. Doing this in a community sense is what makes you a good
> > >> neighbor, and what helps build community reputation.
> > > 
> > > I have to agree with Jim here.  It is not legal obligation or
> > > anything. IF I am running a project and ask the community for help and
> > > I receive donations (monetary or in the form of thousands of donated
> > > hours), I would feel obliged to return back to the community.  And in
> > > doing so, I would want to disclose everything.  Once again, this is
> > > not due to any legal requirements but because I would feel the project
> > > is no longer my private toy and I owe the community.
> > > 
> > >>> We are hiding nothing ... why exactly does CentOS need to provide that
> > >>> information to you?
> > > 
> > >> Thinking that this is entirely an internal manner is a bit
> > >> short-sighted. Keeping all the problems internal doesn't solve them.
> > >> Not to speak for Dag, but judging by his blog reaction to the news,
> > >> the finance issue and lack of openness is part of what drove his
> > >> departure. If we move to adopt a slightly more open approach and
> > >> include more community efforts, I believe that we'll see a great deal
> > >> of good from it.
> > >>
> > >> It's not that we OWE the community anything. It's that we should do it
> > >> because it's how we want to be treated, and how we SHOULD deal with
> > >> them while we participate in the project.
> > > 
> > > I mostly agree with Jim.  As I wrote above, if this was my project, I
> > > would feel I *owe* the community.  But that is strictly my personal
> > > feelings.  I cannot imagine how I can ever pay back if those who
> > > donated their time ask for refund. :)
> > 
> > Actually, I agree with Jim too :)
> > 
> > We will likely do all or most of these things because we want to do so,
> > but not because we have too.
> > 
> > My point was that we wanted to give someone the benefit of the doubt
> > because we were trying to do right by him too ... now we (as a group)
> > think we need to do something differently, and we will.  Regardless of
> > what else we do, we still have to acknowledge that without Lance, there
> > would have been no CentOS at all ... and because of that we probably
> > waited to long to push this issue.  However, we did it because of good
> > intentions and hopes of someone doing the right thing, not to hide
> > anything.
> 
> totally agree and just want to add one more thing...I am very happy to
> see Johnny posting to this list. It has been a long time and I hope you
> are well.
> 
> Craig
> 
> 
  +1


-- 
P Marvin Eberly 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Beartooth]

On Fri, 31 Jul 2009 10:36:51 -0500, Les Mikesell wrote:
[] 
> My 'dream' OS has always been one where the base install was extremely
> minimal - just enough to install the rest over the network.  Then there
> would be a way that anyone could 'publish' their installed list of
> repositories and packages and anyone else could duplicate that machine's
> setup just by picking that list from a set of choices with the installer
> dealing with the hardware differences for you.  This would eliminate
> most of the need for custom rebuilds and respins - at least for anyone
> with network access, and in my opinion the optimal combination of many
> thousands of packages is something that deserves to be be crowdsourced.

>   But, so far no one has done it and whenever the discussion of modified
> CentOS respins comes up the developers have seemed pretty lukewarm to
> the idea, as though it would devalue their brand.

Such an OS, or release of an OS, would be mighty welcome to those 
of us with early notebooks/netbooks/whatever (such as the EeePC 701). 

-- 
Beartooth Staffwright, Neo-Redneck Not Quite Clueless Power User
I have precious (very precious!) little idea where up is.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Jim Perrin]

On Fri, Jul 31, 2009 at 1:07 PM, Boris Epstein wrote:

> I am running mod_security and also if the intruder gets to the shell
> level they will be able to bypass the SELinux entirely. I believe in
> security too but security should not be crippling.

Agreed, however your statement is contradictory. A person not versed
in iptables would find the default firewall crippling when attempting
to run apache. By your logic, they should disable the firewall?


-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Kenneth Porter]

--On Friday, July 31, 2009 2:07 PM -0400 Boris Epstein 
 wrote:

> I am running mod_security and also if the intruder gets to the shell
> level they will be able to bypass the SELinux entirely.

How? The selinux commands require root access. First you'd have to get a 
root escalation exploit to promote from user apache to root, and then 
disable selinux. The exploit in the linked article is stopped because it 
can't run the escalation program which was downloaded to /tmp.

> I believe in security too but security should not be crippling.

Do you also disable iptables, because a firewall is too complicated to 
configure just to run an IP service?

SELinux is just another kind of firewall, but one between 
user/process/resource triplets. As with a good network firewall, it denies 
all by default and one selectively allows the triplets that make sense for 
one's application.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[jacob]

sounds like current default apache security
 
near the begining you of httpd.conf you will find 
 

Options FollowSymLinks
AllowOverride None



Options Indexes FollowSymLinks
AllowOverride None
Order allow,deny
Allow from all


 
This effectively blocks you from sharing any directory (even aliased ones) 
unless the actual directory (no symlinks or aliases) is under /var/www. 
 
to add in exceptions put this under your alias statement.
 

Alias /test /home/test

Order allow,deny
Allow from all

 
 



From: centos-boun...@centos.org on behalf of Boris Epstein
Sent: Fri 7/31/2009 9:17 AM
To: centos@centos.org
Subject: [CentOS] Apache not liking directories outside of /var/www



Hi all,

It appears that on my nice little CentOS 5.3 machines Apache only
allows me to store content in directories which are under /var/www/

For instance, putting content in /var/www/test and defining the following alias:

Alias /test /var/www/test

then accessing it under http://hostname/test works great.

Not copy that same content to /home/test, change the alias to:

Alias /test /home/test

and you get Error 403.

Any idea why that would be?

Never had this sort of trouble anywhere, including under CentOS 5.0 and 5.1

Thanks in advance for any and all help.

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


<>___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos convert to rhel and support

[Geoff Galitz]

> 
> tell said managers to open the coffers and pay for support if they are
> that worried

Maybe they would, but there is no content on the Centos wiki on the 
commercial support page.  Considering the allegations of mishandling
of funds, I doubt any organization would donate directly Centos
at this time.

I'm not trying to be a pest about that commercial support page, but
it is frustrating.  I know the team said they would bring it up at the
next dev meeting, but I have no idea when that is/was and what may
have happened.



-geoff


-
Geoff Galitz
Blankenheim NRW, Germany
http://www.galitz.org/
http://german-way.com/blog/
/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Boris Epstein]

On Fri, Jul 31, 2009 at 12:50 PM, Jim Perrin wrote:
> On Fri, Jul 31, 2009 at 12:35 PM, Boris Epstein wrote:
>
>> I found an even simplier solution - disabled SELinux. I've got a
>> firewall and that is plenty.
>
> No. It's really not. If someone exploits apache, or php, they'll be
> coming in via port 80 or 443 which your firewall has helpfully allowed
> so that you can run your server. The vast majority of successful
> penetrations I've seen are of two types. Brute ssh attacks, and
> apache/php exloits.   If you were running mod_security, that might be
> slightly more analogous to selinux. I really don't recommend that
> people disable selinux simply because they can't be bothered to learn
> it.
>
> Real world reasons for selinux on web servers ->
> http://www.linuxjournal.com/article/9176
>
>
> --
> During times of universal deceit, telling the truth becomes a revolutionary 
> act.
> George Orwell
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

I am running mod_security and also if the intruder gets to the shell
level they will be able to bypass the SELinux entirely. I believe in
security too but security should not be crippling.

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Jim Perrin]

On Fri, Jul 31, 2009 at 12:35 PM, Boris Epstein wrote:

> I found an even simplier solution - disabled SELinux. I've got a
> firewall and that is plenty.

No. It's really not. If someone exploits apache, or php, they'll be
coming in via port 80 or 443 which your firewall has helpfully allowed
so that you can run your server. The vast majority of successful
penetrations I've seen are of two types. Brute ssh attacks, and
apache/php exloits.   If you were running mod_security, that might be
slightly more analogous to selinux. I really don't recommend that
people disable selinux simply because they can't be bothered to learn
it.

Real world reasons for selinux on web servers ->
http://www.linuxjournal.com/article/9176


-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Boris Epstein]

On Fri, Jul 31, 2009 at 12:24 PM, Filipe Brandenburger
 wrote:
>
> Hi,
>
> On Fri, Jul 31, 2009 at 12:17, Boris Epstein wrote:
> > Any idea why that would be?
>
> It's SELinux. Files exported by Apache must have context
> httpd_sys_content_t. You can use "ls -Z" to see the context of a
> certain file. You can use "chcon -R httpd_sys_content_t /home/test" to
> change the context of all the files in the /home/test directory,
> however that will not apply to new files created under that directory,
> in which case you have to add new rules using "semanage fcontext" (see
> the examples "man semanage" for help on how to do that).
>
> In general I would advise you to try to adapt your application so that
> the files that need to be seen by Apache are under /var/www, if you
> have that flexibility it will be simpler and have less chance of
> breaking in the future.
>
> HTH,
> Filipe
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

I found an even simplier solution - disabled SELinux. I've got a
firewall and that is plenty.

Thanks a lot, Filipe!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Kenneth Porter]

--On Friday, July 31, 2009 1:24 PM -0400 Filipe Brandenburger 
 wrote:

> In general I would advise you to try to adapt your application so that
> the files that need to be seen by Apache are under /var/www, if you
> have that flexibility it will be simpler and have less chance of
> breaking in the future.

IIRC, there's a policy and boolean to allow users to have web content in 
~/public_html.

If one has stuff in other locations (say, /usr/share/someapp/webcontent or 
/opt/someapp/webcontent), one could use a loopback mount to attach it to a 
subdirectory of /var/www.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache not liking directories outside of /var/www

[Filipe Brandenburger]

Hi,

On Fri, Jul 31, 2009 at 12:17, Boris Epstein wrote:
> Any idea why that would be?

It's SELinux. Files exported by Apache must have context
httpd_sys_content_t. You can use "ls -Z" to see the context of a
certain file. You can use "chcon -R httpd_sys_content_t /home/test" to
change the context of all the files in the /home/test directory,
however that will not apply to new files created under that directory,
in which case you have to add new rules using "semanage fcontext" (see
the examples "man semanage" for help on how to do that).

In general I would advise you to try to adapt your application so that
the files that need to be seen by Apache are under /var/www, if you
have that flexibility it will be simpler and have less chance of
breaking in the future.

HTH,
Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Apache not liking directories outside of /var/www

[Boris Epstein]

Hi all,

It appears that on my nice little CentOS 5.3 machines Apache only
allows me to store content in directories which are under /var/www/

For instance, putting content in /var/www/test and defining the following alias:

Alias /test /var/www/test

then accessing it under http://hostname/test works great.

Not copy that same content to /home/test, change the alias to:

Alias /test /home/test

and you get Error 403.

Any idea why that would be?

Never had this sort of trouble anywhere, including under CentOS 5.0 and 5.1

Thanks in advance for any and all help.

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Marcelo M. Garcia]

Les Mikesell wrote:
> Marcelo M. Garcia wrote:
>> Connie Sieh wrote:
 Ralph Angenendt wrote:
> Les Mikesell wrote:
>> Has anyone considered joining forces with Scientific Linux to reduce the
>>   workload and give both a more robust infrastructure?
> Yes, but the goals are rather different.
 I thought both had upstream compatibility as the main goal - and both
 seem competent enough that I wouldn't expect many problems in this
 regard.  SL also claims a secondary goal of making site customization
 easy - perhaps Centos as we know it could simply be one of those
 customizations and going forward other variations would be easy.  If the
 people doing the work aren't getting any value out of the brand name, I
 don't see the point of fragmenting the user community for what is
 essentially the same thing.
>>> I was expecting it to be the other way around.  With Centos the base and 
>>> SL a site(or something like it). In RHEL 6 I expect the distro rebuild 
>>> tools to make sites easier.  This 
>>> comment is based on the distro rebuild tools in Fedora.  We built a custom 
>>> Fedora 10 to test this idea.  These are pungi, revisor and the iso image 
>>> tool(forgot its name).
>> CentOS and Scientific Linux together would be like dream come true.
> 
> My 'dream' OS has always been one where the base install was extremely 
> minimal - just enough to install the rest over the network.  Then there 
> would be a way that anyone could 'publish' their installed list of 
> repositories and packages and anyone else could duplicate that machine's 
> setup just by picking that list from a set of choices with the installer 
> dealing with the hardware differences for you.  This would eliminate 
> most of the need for custom rebuilds and respins - at least for anyone 
> with network access, and in my opinion the optimal combination of many 
> thousands of packages is something that deserves to be be crowdsourced. 
>   But, so far no one has done it and whenever the discussion of modified 
> CentOS respins comes up the developers have seemed pretty lukewarm to 
> the idea, as though it would devalue their brand.
> 
Hi

The idea of a minimal installation is interesting. Could this be done 
with a kickstart or a installation CD? Then you download/customize with
"yum groupinstall ".

I think I didn't understand "it would devalue their brand". How could do 
it if you reaching a wider public, working with more people with (more 
or less) same goal? I would say "more" than "less". To me, as user, 
seems that you will your brand more appealing.

Besides, it seems, from the comment about the Fedora 10 tools, that the 
customization could be easier in RHEL 6.

Regards

mg.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LDAP howto using ds-base and ds-admin and related consoles

[Kwan Lowe]

On Fri, Jul 31, 2009 at 3:20 AM, Tony Molloy wrote:

> Installing centos-ds is not a problem. It's what you do after it. Especially
> for people like me who have no experience with OpenLDAP.
>
>>
>> Linux and Windows user authentication is straightforward, with GUI
>> based setup and editing.
>>
>
> With 1200 existing users to be migrated then GUI based setup and editing is
> not very useful.

I had to move about 200 Unix users from OpenLDAP to RHDS. For a brief
moment I considered just manually doing it, but reason got the better
of me.  The approach I took:

1) Exported the database from OpenLDAP. Actually, just used an
ldapsearch and pulled over all the users and groups and dropped it
into and LDIF.

2) Created a few test users on Fedora DS then ran a similar export
process. This gave me an LDIF that I could compare.

3) Next was a matter of writing a bunch of awk scripts to convert the
OpenLDAP to Fedora LDIF format. The biggest problem I had was the
password format. I don't recall much of the details exactly, but there
were some issues with the crypt method. In the end I wrote another
script that wrapped mkpasswd and then just did an update. It emailed
the users with the new password. For those without an email address
(maybe 30 or so),  it set a default password based on the username.


>
>> The default schema I use doesn't include address, company, etc., but
>> these are very easily added.  I tested with kaddressbook and a couple
>> other LDAP browsers without any glitches.
>
> I'm going through the Howto:Samba from  at the
> moment and hopefully that will get me started.
>
> But what would be nice is:
>
> 1. Howto:migtate existing NIS to CentosDS
> 2. Howto:migrate existing Samba to CentosDS

For the LDAP information itself, you could probably do a similar
thing. E.g., parse the relevant passwd, group, shadow and login files
then create an LDIF to import. OpenLDAP has a bunch of scripts to
migrate from NIS/local files also, so they would be my first step.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] (no subject)

[rray_1]

I have 2 video devices LML33 and PV155

$ lspci
06:00.0 Multimedia video controller: Zoran Corporation ZR36057PQC Video 
cutting chipset (rev 02)
07:08.0 Multimedia video controller: Brooktree Corporation Bt878 Video 
Capture (rev 11)
07:08.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture 
(rev 11)
07:09.0 Multimedia video controller: Brooktree Corporation Bt878 Video 
Capture (rev 11)
07:09.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture 
(rev 11)
07:0a.0 Multimedia video controller: Brooktree Corporation Bt878 Video 
Capture (rev 11)
07:0a.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture 
(rev 11)
07:0b.0 Multimedia video controller: Brooktree Corporation Bt878 Video 
Capture (rev 11)
07:0b.1 Multimedia controller: Brooktree Corporation Bt878 Audio Capture 
(rev 11)

$ udevinfo -q path -n /dev/video0
/class/video4linux/video0
$ udevinfo -a -p /class/video4linux/video0

Udevinfo starts with the device specified by the devpath and then
walks up the chain of parent devices. It prints for every device
found, all possible attributes in the udev rules key format.
A rule to match, can be composed by the attributes of the device
and the attributes from one single parent device.

   looking at device '/class/video4linux/video0':
 KERNEL=="video0"
 SUBSYSTEM=="video4linux"
 SYSFS{name}=="LML33_0_"
 SYSFS{dev}=="81:0"

$ udevinfo -q path -n /dev/video1
no record for 'video1' in database
$ udevinfo -q path -n /dev/video2
no record for 'video2' in database
$ udevinfo -q path -n /dev/video3
no record for 'video3' in database
$ udevinfo -q path -n /dev/video4
no record for 'video4' in database

The problem is sometimes when I boot the LML33 is /dev/video0 and 
sometimes /dev/video4
I tried a udev rule
SUBSYSTEM=="video4linux", SYSFS{name}=="LML33_0_",SYMLINK="lml33"
but it doesn't work
What do I need to do to get consistant device naming?

I am using CentOS 5.3, kernel 2.6.18-92.1.22.el5.centos.plus, and
udev-095-14.20.el5_3 package

Thanks
Richard Ray
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 53, Issue 10

[centos-announce-request]

9-0.41.el3.centos3.i386.rpm
updates/i386/RPMS/seamonkey-nspr-devel-1.0.9-0.41.el3.centos3.i386.rpm
updates/i386/RPMS/seamonkey-nss-1.0.9-0.41.el3.centos3.i386.rpm
updates/i386/RPMS/seamonkey-nss-devel-1.0.9-0.41.el3.centos3.i386.rpm

source:
updates/SRPMS/seamonkey-1.0.9-0.41.el3.centos3.src.rpm

You may update your CentOS-3 i386 installations by running the command:

yum update seamonkey

Tru
-- 
Tru Huynh (mirrors, CentOS-3 i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20090731/6ee72b59/attachment-0001.bin
 

--

Message: 4
Date: Fri, 31 Jul 2009 02:34:28 +0200
From: Tru Huynh 
Subject: [CentOS-announce] CESA-2009:1185 Critical CentOS 3 x86_64
seamonkey   - security update
To: centos-annou...@centos.org
Message-ID: <20090731003428.gf27...@sillage.bis.pasteur.fr>
Content-Type: text/plain; charset="us-ascii"

CentOS Errata and Security Advisory CESA-2009:1185

seamonkey security update for CentOS 3 x86_64:
https://rhn.redhat.com/errata/RHSA-2009-1185.html

The following updated file has been uploaded and is currently syncing to
the mirrors:

x86_64:
updates/x86_64/RPMS/seamonkey-1.0.9-0.41.el3.centos3.i386.rpm
updates/x86_64/RPMS/seamonkey-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-chat-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-devel-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-dom-inspector-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-js-debugger-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-mail-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-nspr-1.0.9-0.41.el3.centos3.i386.rpm
updates/x86_64/RPMS/seamonkey-nspr-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-nspr-devel-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-nss-1.0.9-0.41.el3.centos3.i386.rpm
updates/x86_64/RPMS/seamonkey-nss-1.0.9-0.41.el3.centos3.x86_64.rpm
updates/x86_64/RPMS/seamonkey-nss-devel-1.0.9-0.41.el3.centos3.x86_64.rpm

source:
updates/SRPMS/seamonkey-1.0.9-0.41.el3.centos3.src.rpm

You may update your CentOS-3 x86_64 installations by running the command:

yum update seamonkey

Tru
-- 
Tru Huynh (mirrors, CentOS-3 i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20090731/f61a6103/attachment-0001.bin
 

--

___
CentOS-announce mailing list
centos-annou...@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce


End of CentOS-announce Digest, Vol 53, Issue 10
***
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LDAP howto using ds-base and ds-admin and related consoles

[Tony Molloy]

On Friday 31 July 2009 16:12:12 Craig White wrote:
> On Fri, 2009-07-31 at 16:00 +0100, Tony Molloy wrote:
> > > But this all would be virtually impossible without a decent
> >
> > knowledge of
> >
> > > how LDAP works and that is regardless of whether you use CentOS-DS
> >
> > or
> >
> > > OpenLDAP.
> > >
> > > Craig
> >
> > After reading Carter's book I think i've got some idea of how LDAP
> > works. Just
> > a pity that most books/documentation seem to be about OpenLDAP so it
> > takes a
> > while to convert to Centos-DS.
>
> 
> I agree that Gerald Carter's book makes LDAP understandable.
>
> The reality is that the LDAP API is pretty much the same and you
> actually use openldap-client and nss-ldap tools even with CentOS-DS. I
> haven't used CentOS-DS but I have used Fedora-DS and it is built from
> Fedora-DS. The difference between them is setup of schema, certificates,
> ACL's/ACI's and I found once I understood OpenLDAP, that Fedora-DS was
> easy enough to use with only a few questions.
>
> I think you might want to subscribe to
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
> Craig

Allready subscribed !!

Tony

-- 

Dept. of Comp. Sci.
University of Limerick.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Les Mikesell]

Marcelo M. Garcia wrote:
> Connie Sieh wrote:
>>> Ralph Angenendt wrote:
 Les Mikesell wrote:
> Has anyone considered joining forces with Scientific Linux to reduce the
>   workload and give both a more robust infrastructure?
 Yes, but the goals are rather different.
>>> I thought both had upstream compatibility as the main goal - and both
>>> seem competent enough that I wouldn't expect many problems in this
>>> regard.  SL also claims a secondary goal of making site customization
>>> easy - perhaps Centos as we know it could simply be one of those
>>> customizations and going forward other variations would be easy.  If the
>>> people doing the work aren't getting any value out of the brand name, I
>>> don't see the point of fragmenting the user community for what is
>>> essentially the same thing.
>> I was expecting it to be the other way around.  With Centos the base and 
>> SL a site(or something like it). In RHEL 6 I expect the distro rebuild tools 
>> to make sites easier.  This 
>> comment is based on the distro rebuild tools in Fedora.  We built a custom 
>> Fedora 10 to test this idea.  These are pungi, revisor and the iso image 
>> tool(forgot its name).
> 
> CentOS and Scientific Linux together would be like dream come true.

My 'dream' OS has always been one where the base install was extremely 
minimal - just enough to install the rest over the network.  Then there 
would be a way that anyone could 'publish' their installed list of 
repositories and packages and anyone else could duplicate that machine's 
setup just by picking that list from a set of choices with the installer 
dealing with the hardware differences for you.  This would eliminate 
most of the need for custom rebuilds and respins - at least for anyone 
with network access, and in my opinion the optimal combination of many 
thousands of packages is something that deserves to be be crowdsourced. 
  But, so far no one has done it and whenever the discussion of modified 
CentOS respins comes up the developers have seemed pretty lukewarm to 
the idea, as though it would devalue their brand.

-- 
   Les Mikesell
lesmikes...@gmail.com

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LDAP howto using ds-base and ds-admin and related consoles

[Craig White]

On Fri, 2009-07-31 at 16:00 +0100, Tony Molloy wrote:
> > But this all would be virtually impossible without a decent
> knowledge of
> > how LDAP works and that is regardless of whether you use CentOS-DS
> or
> > OpenLDAP.
> >
> > Craig
> 
> After reading Carter's book I think i've got some idea of how LDAP
> works. Just 
> a pity that most books/documentation seem to be about OpenLDAP so it
> takes a 
> while to convert to Centos-DS.

I agree that Gerald Carter's book makes LDAP understandable.

The reality is that the LDAP API is pretty much the same and you
actually use openldap-client and nss-ldap tools even with CentOS-DS. I
haven't used CentOS-DS but I have used Fedora-DS and it is built from
Fedora-DS. The difference between them is setup of schema, certificates,
ACL's/ACI's and I found once I understood OpenLDAP, that Fedora-DS was
easy enough to use with only a few questions.

I think you might want to subscribe to
https://www.redhat.com/mailman/listinfo/fedora-directory-users

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LDAP howto using ds-base and ds-admin and related consoles

[Tony Molloy]

On Friday 31 July 2009 15:05:29 Craig White wrote:


> > I'm going through the Howto:Samba from  at
> > the moment and hopefully that will get me started.
> >
> > But what would be nice is:
> >
> > 1. Howto:migtate existing NIS to CentosDS
> > 2. Howto:migrate existing Samba to CentosDS
>
> 
> seriously...I don't think you are ever going to find such a beast.

True, it was a wish list after all ;-)

> There are some really good tools from padl to migrate nis to ldap (on
> Redhat/CentOS installed as part of openldap-servers package). This may
> require some amount of script-fu (perl, sed, awk, etc.) but not too
> much. Then to add the samba attributes/passwords/machine accounts will
> require a larger dose of script-fu.

I've got them and they are useful. As I said I'm going through the Howto:Samba 
now.

> But this all would be virtually impossible without a decent knowledge of
> how LDAP works and that is regardless of whether you use CentOS-DS or
> OpenLDAP.
>
> Craig

After reading Carter's book I think i've got some idea of how LDAP works. Just 
a pity that most books/documentation seem to be about OpenLDAP so it takes a 
while to convert to Centos-DS.

regards,
Tony


-- 

Dept. of Comp. Sci.
University of Limerick.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Marcelo M. Garcia]

Connie Sieh wrote:
> 
> On Thu, 30 Jul 2009, Les Mikesell wrote:
> 
>> Ralph Angenendt wrote:
>>> Les Mikesell wrote:
 Has anyone considered joining forces with Scientific Linux to reduce the
   workload and give both a more robust infrastructure?
>>> Yes, but the goals are rather different.
>> I thought both had upstream compatibility as the main goal - and both
>> seem competent enough that I wouldn't expect many problems in this
>> regard.  SL also claims a secondary goal of making site customization
>> easy - perhaps Centos as we know it could simply be one of those
>> customizations and going forward other variations would be easy.  If the
>> people doing the work aren't getting any value out of the brand name, I
>> don't see the point of fragmenting the user community for what is
>> essentially the same thing.
> 
> I was expecting it to be the other way around.  With Centos the base and 
> SL a site(or something like it). In RHEL 6 I expect the distro rebuild tools 
> to make sites easier.  This 
> comment is based on the distro rebuild tools in Fedora.  We built a custom 
> Fedora 10 to test this idea.  These are pungi, revisor and the iso image 
> tool(forgot its name).
> 
> -Connie Sieh
> 
>>> --
>>  Les Mikesell
>>lesmikes...@gmail.c

CentOS and Scientific Linux together would be like dream come true.

Regards

mg.




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] files not showing up in an nfs mounted filesysetm in timely manner

[Blackburn, Marvin]

Alan,
We set actimeo=3 and this has significantly improved our problem.
I saw this value in an HP thread and seemed reasonable.

Thanks for the heads up. 

_
"He's no failure. He's not dead yet."
William Lloyd George

-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Alan Sparks
Sent: Thursday, July 30, 2009 2:58 PM
To: CentOS mailing list
Subject: Re: [CentOS] files not showing up in an nfs mounted filesysetm
in timely manner

Blackburn, Marvin wrote:
>
> We have and nfs mount from a windows pc nfs server.  A file is created
> on the server, but can take as long as 50 seconds to become available
> on the client.
>
> We are running Centos 5.2 (final), using NFS version 3.  Is there
> anything we can do from the client side to see the file more quickly. 
> The files are very small, usually about 1k
>

Look at the "nfs" man page and consider mount options such as acdirmin,
acdirmax (or actimeo), possibly even noac in specific circumstances.
-Alan

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] DNS zone delegation

[Kenneth Porter]

--On Friday, July 31, 2009 4:54 PM +0530 Gopinath Achari 
 wrote:

>   i have configured a Master DNS server, i have also created 
> records to
> delegate a zone to child dns server But when named service is started it
> says
>
> Jul 31 14:33:30 localhost named[21581]: dns.zone:9: ignoring out-of-zone
> data (child.dns.com)



At a guess, from looking at a few hits from that search, you need an origin 
statement and don't want a fully-qualified name for the child NS record.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Somewhat OT: OpenOffice.org Headless issues as non-root user

[Sergio Belkin]

Hi,

I've installed recently OpenOffice.org 3.1 on Centos 5.3. I use OOo in
headless mode. I have no problem when running as root, but I'd prefer
run it as non-root user (oooserver user). When I run the script in
debug mode this is the output:

sh -x/tmp/ooo-headless-nonroot start
+ . /etc/rc.d/init.d/functions
++ TEXTDOMAIN=initscripts
++ umask 022
++ PATH=/sbin:/usr/sbin:/bin:/usr/bin
++ export PATH
++ '[' -z '' ']'
++ COLUMNS=80
++ '[' -z '' ']'
+++ /sbin/consoletype
++ CONSOLETYPE=pty
++ '[' -f /etc/sysconfig/i18n -a -z '' ']'
++ . /etc/profile.d/lang.sh
+++ sourced=0
+++ for langfile in /etc/sysconfig/i18n '$HOME/.i18n'
+++ '[' -f /etc/sysconfig/i18n ']'
+++ . /etc/sysconfig/i18n
 LANG=en_US.UTF-8
 SYSFONT=latarcyrheb-sun16
+++ sourced=1
+++ for langfile in /etc/sysconfig/i18n '$HOME/.i18n'
+++ '[' -f /root/.i18n ']'
+++ '[' -n '' ']'
+++ '[' 1 = 1 ']'
+++ '[' -n en_US.UTF-8 ']'
+++ export LANG
+++ '[' -n '' ']'
+++ unset LC_ADDRESS
+++ '[' -n '' ']'
+++ unset LC_CTYPE
+++ '[' -n '' ']'
+++ unset LC_COLLATE
+++ '[' -n '' ']'
+++ unset LC_IDENTIFICATION
+++ '[' -n '' ']'
+++ unset LC_MEASUREMENT
+++ '[' -n '' ']'
+++ unset LC_MESSAGES
+++ '[' -n '' ']'
+++ unset LC_MONETARY
+++ '[' -n '' ']'
+++ unset LC_NAME
+++ '[' -n '' ']'
+++ unset LC_NUMERIC
+++ '[' -n '' ']'
+++ unset LC_PAPER
+++ '[' -n '' ']'
+++ unset LC_TELEPHONE
+++ '[' -n '' ']'
+++ unset LC_TIME
+++ '[' -n '' ']'
+++ unset LC_ALL
+++ '[' -n '' ']'
+++ unset LANGUAGE
+++ '[' -n '' ']'
+++ unset LINGUAS
+++ '[' -n '' ']'
+++ unset _XKB_CHARSET
 /sbin/consoletype
+++ consoletype=pty
+++ '[' -n '' ']'
+++ '[' -n '' ']'
+++ '[' -n en_US.UTF-8 ']'
+++ case $LANG in
+++ '[' xterm = linux ']'
+++ unset SYSFONTACM SYSFONT
+++ unset sourced
+++ unset langfile
++ '[' -z '' ']'
++ '[' -f /etc/sysconfig/init ']'
++ . /etc/sysconfig/init
+++ BOOTUP=color
+++ GRAPHICAL=yes
+++ RES_COL=60
+++ MOVE_TO_COL='echo -en \033[60G'
+++ SETCOLOR_SUCCESS='echo -en \033[0;32m'
+++ SETCOLOR_FAILURE='echo -en \033[0;31m'
+++ SETCOLOR_WARNING='echo -en \033[0;33m'
+++ SETCOLOR_NORMAL='echo -en \033[0;39m'
+++ LOGLEVEL=3
+++ PROMPT=yes
+++ AUTOSWAP=no
++ '[' pty = serial ']'
++ '[' color '!=' verbose ']'
++ INITLOG_ARGS=-q
++ 
__sed_discard_ignored_files='/\(~\|\.bak\|\.orig\|\.rpmnew\|\.rpmorig\|\.rpmsave\)$/d'
+ ooffice=/opt/openoffice.org3/program/soffice.bin
+ prog='OpenOffice.org Headless'
+ pidfile=/var/run/ooo-headless/ooo-headless.pid
+ lockfile=/var/lock/subsys/ooo-headless
+ OPTIONS='-headless -nofirststartwizard -nologo -norestore -invisible
-accept=socket,host=localhost,port=2002;urp;StarOffice.Service'
+ RETVAL=0
+ case "$1" in
+ start
+ echo -n 'Starting OpenOffice.org Headless: '
Starting OpenOffice.org Headless: + su oooserver '-c
/opt/openoffice.org3/program/soffice.bin -headless -nofirststartwizard
-nologo -norestore -invisible
-accept=socket,host=localhost,port=2002;urp;StarOffice.Service
>/dev/null 2>&1 &'

End oif Output

You can see the ps output too:

root 19432  0.0  0.2   4908  1228 pts/0S+   10:46   0:00  |
 \_ su oooserver -c /opt/openoffice.org3/program/soffice.bin
-headless -nofirststartwizard -nologo -norestore -invisible
-accept=socket,host=localhost,port=2002;urp;StarOffice.Service
>/dev/null 2>&1 &
500  19433  0.0  0.2   4484  1040 ?Ss   10:46   0:00  |
 \_ bash -c  /opt/openoffice.org3/program/soffice.bin
-headless -nofirststartwizard -nologo -norestore -invisible
-accept=socket,host=localhost,port=2002;urp;StarOffice.Service
>/dev/null 2>&1 &
500  19434  6.4  5.0 100492 22520 ?Sl   10:46   0:00  |
 \_ /opt/openoffice.org3/program/soffice.bin -headless
-nofirststartwizard -nologo -norestore -invisible
-accept=socket,host=localhost,port=2002


Problem is that it fails at listening on port 2002 and it never
creates  pid file:

ls -ld /var/run/ooo-headless/
drwxr-xr-x 2 oooserver oooserver 4096 Jul 30 15:07 /var/run/ooo-headless/

Please could you help me to root as non-root user?

Thanks in advance!

-- 
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LDAP howto using ds-base and ds-admin and related consoles

[Craig White]

On Fri, 2009-07-31 at 08:20 +0100, Tony Molloy wrote:
> On Thursday 30 July 2009 19:23:24 Kwan Lowe wrote:
> > On Thu, Jul 30, 2009 at 1:03 PM, Rob Kampen
> > wrote: [snip]
> >
> > > I have read many hundreds of pages, have purchased O'reilly's LDAP System
> > > Administration but cannot seem to get my dirsrv based LDAP to function.
> > > I do understand that ds uses LDIF files to store and set things up, but
> > > seem unable to grasp the arcane entries that need to exist so I can
> > > access it with a basic LDAP client to load my users etc.
> > > Also I guess there are certain schemas that need to be used to allow
> > > basic functions to work.
> > > My wish list:
> > > linux user authentication and authorization
> > > windows user authentication and authorization (via samba?)
> > > customer contact list (name, address, company, phone numbers, email
> > > addresses)
> > > - this last one to be used by Thunderbird and my SIP phone system - both
> > > of which profess to speak LDAP
> > > I'm sure there are many small business folk that would like something
> > > like this, however I cannot find a template with all my searches, so for
> > > those of you with better LDAP and or google skills - please point me in
> > > the right direction.
> >
> 
> I'm going through the same process as Rob ( the OP ) at the moment. I want to 
> setup centos-directory server. initially I want it to replace a NIS and Samba 
> system with about 1200 existing users. 
> 
> > There's a pretty straightforward guide at HowToForge.com (search for
> > "CentOS LDAP"). It's a little dated, but works as advertised.  In a
> > nutshell the installation requires installing the centos-ds packages
> > (about 4), installing a Sun Java, and then populating the database.
> > The client side is even simpler.
> 
> Installing centos-ds is not a problem. It's what you do after it. Especially 
> for people like me who have no experience with OpenLDAP.
> 
> >
> > Linux and Windows user authentication is straightforward, with GUI
> > based setup and editing.
> >
> 
> With 1200 existing users to be migrated then GUI based setup and editing is 
> not very useful.
> 
> > The default schema I use doesn't include address, company, etc., but
> > these are very easily added.  I tested with kaddressbook and a couple
> > other LDAP browsers without any glitches.
> 
> I'm going through the Howto:Samba from  at the 
> moment and hopefully that will get me started.
> 
> But what would be nice is:
> 
> 1. Howto:migtate existing NIS to CentosDS
> 2. Howto:migrate existing Samba to CentosDS

seriously...I don't think you are ever going to find such a beast.

There are some really good tools from padl to migrate nis to ldap (on
Redhat/CentOS installed as part of openldap-servers package). This may
require some amount of script-fu (perl, sed, awk, etc.) but not too
much. Then to add the samba attributes/passwords/machine accounts will
require a larger dose of script-fu.

But this all would be virtually impossible without a decent knowledge of
how LDAP works and that is regardless of whether you use CentOS-DS or
OpenLDAP.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Craig White]

On Thu, 2009-07-30 at 21:15 -0500, Johnny Hughes wrote:
> Akemi Yagi wrote:
> > On Thu, Jul 30, 2009 at 5:36 PM, Jim Perrin wrote:
> >> On Thu, Jul 30, 2009 at 6:47 PM, Johnny Hughes wrote:
> > 
> >>> Why ... we are under no obligation to tell people how how we spend
> >>> monies.  There are costs that are incurred for any organization.  We are
> >>> probably going to disclose how monies are spent in the future because we
> >>> choose to.  If you run a private organization, must you tell me how you
> >>> spend your money?  You get an OS and can chose to donate monies or not.
> >> We're not under any obligation to tell people how the money gets
> >> spent, but doing so certainly goes a long way building good will. In
> >> my opinion, a simple 'We got X monies in donations which were used to
> >> purchase dedicated hosting, bandwidth, and various novelties for booth
> >> and show kit' once in a while would do worlds of good for showing
> >> people how we use the money they choose to give us.
> >>
> >> I don't have any legal obligation to help old ladies cross the street,
> >> or rescue cats from trees. It's what you do because you're a good
> >> person. Doing this in a community sense is what makes you a good
> >> neighbor, and what helps build community reputation.
> > 
> > I have to agree with Jim here.  It is not legal obligation or
> > anything. IF I am running a project and ask the community for help and
> > I receive donations (monetary or in the form of thousands of donated
> > hours), I would feel obliged to return back to the community.  And in
> > doing so, I would want to disclose everything.  Once again, this is
> > not due to any legal requirements but because I would feel the project
> > is no longer my private toy and I owe the community.
> > 
> >>> We are hiding nothing ... why exactly does CentOS need to provide that
> >>> information to you?
> > 
> >> Thinking that this is entirely an internal manner is a bit
> >> short-sighted. Keeping all the problems internal doesn't solve them.
> >> Not to speak for Dag, but judging by his blog reaction to the news,
> >> the finance issue and lack of openness is part of what drove his
> >> departure. If we move to adopt a slightly more open approach and
> >> include more community efforts, I believe that we'll see a great deal
> >> of good from it.
> >>
> >> It's not that we OWE the community anything. It's that we should do it
> >> because it's how we want to be treated, and how we SHOULD deal with
> >> them while we participate in the project.
> > 
> > I mostly agree with Jim.  As I wrote above, if this was my project, I
> > would feel I *owe* the community.  But that is strictly my personal
> > feelings.  I cannot imagine how I can ever pay back if those who
> > donated their time ask for refund. :)
> 
> Actually, I agree with Jim too :)
> 
> We will likely do all or most of these things because we want to do so,
> but not because we have too.
> 
> My point was that we wanted to give someone the benefit of the doubt
> because we were trying to do right by him too ... now we (as a group)
> think we need to do something differently, and we will.  Regardless of
> what else we do, we still have to acknowledge that without Lance, there
> would have been no CentOS at all ... and because of that we probably
> waited to long to push this issue.  However, we did it because of good
> intentions and hopes of someone doing the right thing, not to hide
> anything.

totally agree and just want to add one more thing...I am very happy to
see Johnny posting to this list. It has been a long time and I hope you
are well.

Craig


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] X Crashing on 64 Bit CentOS

[Paul Griffith]

On Thu, 30 Jul 2009 23:55:42 -0400, Clint Dilks  
wrote:

> Hi People,
>
> I have a user who is regularly having X Crash.  This seemed to happen
> once a month but has increased to once or twice a week.  It doesn't seem
> to be application specific.  The only information about whats causing
> the crash is from the X log.  But this doesn't really give much to go on.
>
> Backtrace:
> 0: /usr/bin/Xorg(xf86SigHandler+0x71) [0x4865b1]
> 1: /lib64/libc.so.6 [0x3475430280]
> 2: /usr/lib64/xorg/modules/libfb.so(fbCopyAreammx+0x274) [0x2b917c4dbe14]
> 3: /usr/lib64/xorg/modules/libfb.so(fbComposite+0x5db) [0x2b917c4cc65b]
> 4: /usr/lib64/xorg/modules/libxaa.so(XAAComposite+0x2ac) [0x2b917c71d94c]
> 5: /usr/bin/Xorg [0x51379d]
> 6: /usr/bin/Xorg [0x50fb54]
> 7: /usr/bin/Xorg [0x5032ef]
> 8: /usr/bin/Xorg(Dispatch+0x1ca) [0x449c9a]
> 9: /usr/bin/Xorg(main+0x44e) [0x4325ee]
> 10: /lib64/libc.so.6(__libc_start_main+0xf4) [0x347541d974]
>
> Any suggestions as to how I diagnose this further?  I have just applied
> the latest update

I would start by turning off the composite extensions! Try bumping up the 
debug/logging level!

-- 
Paul Griffith
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos convert to rhel?

[Tom Brown]

> I understand the worries. The news have reached the front page of 
> Slashdot, and thus might reach certain technically inclined managers, 
> which in turn may cause questions about contingency plans to be directed 
> at the IT staff. I have a feeling that "I have no contingency plan, 
> don't worry, the problem will be solved" is not such a good answer to 
> such queries.
>
> Thus, the worrying.
>
>
>   

tell said managers to open the coffers and pay for support if they are 
that worried

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[Anne Wilson]

On Friday 31 July 2009 13:05:52 Robert Heller wrote:
> At Fri, 31 Jul 2009 14:56:14 +0300 CentOS mailing list  
wrote:
> > I have very basic question:
> >
> > I have downloaded *CentOS-5.3-i386-LiveCD* from CentOS website. Now I
> > need to install it on my Acer Laptop permanently not as a liveCD. How do
> > I burn it to a DVD to be able to install it by simply restarting my
> > laptop?
>
> The CentOS Live CD are not 'install' CDs -- they don't include the
> installer or the RPMs.  You should download the CentOS install DVD and
> burn that.
>
And to answer the 'how-to' bit - you can burn the cd in Windows or Linux.  
Normally any burning program will have an option to 'burn an image', or 
similar.  It's not usually as obvious as a plain burn, but tucked away in a 
menu.  Now you know what you are looking for you should find it easily enough.

One thing.  Most burning applications give you the option to verify after the 
burn.   What this means is that it calculates a checksum of the original file, 
then compares with the checksum of the burned file.  It's a good idea to get 
into the habit of always setting the verify when it is available to you.

Anne
-- 
New to KDE4? - get help from http://userbase.kde.org
Just found a cool new feature?  Add it to UserBase


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos convert to rhel?

[Ingemar Nilsson]

Tom Brown wrote:

> why is everyone getting so jumpy - its only a domain name thats at 
> stake, he's been AWOL for a year or more and the project has been OK
> 
> people should worry less

I understand the worries. The news have reached the front page of 
Slashdot, and thus might reach certain technically inclined managers, 
which in turn may cause questions about contingency plans to be directed 
at the IT staff. I have a feeling that "I have no contingency plan, 
don't worry, the problem will be solved" is not such a good answer to 
such queries.

Thus, the worrying.

Regards
Ingemar

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS on Acer Laptop

[Robert Heller]

At Fri, 31 Jul 2009 14:56:14 +0300 CentOS mailing list  
wrote:

> 
> 
> 
> I have very basic question:
> 
> I have downloaded *CentOS-5.3-i386-LiveCD* from CentOS website. Now I need
> to install it on my Acer Laptop permanently not as a liveCD. How do I burn
> it to a DVD to be able to install it by simply restarting my laptop?

The CentOS Live CD are not 'install' CDs -- they don't include the
installer or the RPMs.  You should download the CentOS install DVD and
burn that.

> 
> Thank you,
> 
> Sam
> 
> MIME-Version: 1.0
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
>   
>

-- 
Robert Heller -- 978-544-6933
Deepwoods Software-- Download the Model Railroad System
http://www.deepsoft.com/  -- Binaries for Linux and MS-Windows
hel...@deepsoft.com   -- http://www.deepsoft.com/ModelRailroadSystem/
   
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS on Acer Laptop

[sam R]

I have very basic question:

I have downloaded *CentOS-5.3-i386-LiveCD* from CentOS website. Now I need
to install it on my Acer Laptop permanently not as a liveCD. How do I burn
it to a DVD to be able to install it by simply restarting my laptop?

Thank you,

Sam
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Tony Mountifield]

In article <20090730170329.ge4...@roque.1407.org>,
Rui Miguel Silva Seabra  wrote:
> If possible, maintain the centos name.
> 
> Is there a .os tld? cent.os ? :)

No:

$ host -tns com.
com name server g.gtld-servers.net.
com name server h.gtld-servers.net.
com name server i.gtld-servers.net.
com name server j.gtld-servers.net.
com name server k.gtld-servers.net.
com name server l.gtld-servers.net.
com name server m.gtld-servers.net.
com name server a.gtld-servers.net.
com name server b.gtld-servers.net.
com name server c.gtld-servers.net.
com name server d.gtld-servers.net.
com name server e.gtld-servers.net.
com name server f.gtld-servers.net.
$ host -tns os.
Host os not found: 3(NXDOMAIN)
$ 

Cheers
Tony
-- 
Tony Mountifield
Work: t...@softins.co.uk - http://www.softins.co.uk
Play: t...@mountifield.org - http://tony.mountifield.org
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Weird permission

[Stephen Harris]

On Fri, Jul 31, 2009 at 05:46:53AM -0400, Mike A. Harris wrote:
> IIRC, the "." at the end of the permissions indicates that the file has
> additional permission controls beyond the standard DAC bits, such as
> filesystem ACLs, filesystem capabilities, or other attributes.

FACLs are normally indicated by a + at the end of the permissions.

  $ ls -ld .
  drwxr-xr-x 2 sweh sweh 4096 Jul 31 06:38 ./
  
  $ setfacl -m user:named:- .
  
  $ ls -ld .
  drwxr-xr-x+ 2 sweh sweh 4096 Jul 31 06:38 ./
[note the +]

  $ getfacl .
  # file: .
  # owner: sweh
  # group: sweh
  user::rwx
  user:named:---
  group::r-x
  mask::r-x
  other::r-x

Attributes ("chattr") don't get shown by any special character
  $ ls -ld .
  drwxr-xr-x 2 sweh sweh 4096 Jul 31 06:41 ./

  $ chattr +d .

  $ ls -ld .
  drwxr-xr-x 2 sweh sweh 4096 Jul 31 06:41 ./

  $ lsattr -ad .
  --d-- .


-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] [fun] 10th annual System Administrator Appreciation Day

[kOoLiNuS]

Friday, July 31, 2009, is the 10th annual System Administrator 
Appreciation Day. On this special international day, give your System 
Administrator something that shows that you truly appreciate their hard 
work and dedication. (All day Friday, 24 hours, your local timezone).

http://www.sysadminday.com/


^___^

Thank You SysAdmins !!!




-- 
kOoLiNuS  Nicola Losito
http://claimid.com/koolinus
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] DNS zone delegation

[Gopinath Achari]

Hi,

i have configured a Master DNS server, i have also created 
records to delegate a zone to child dns server
But when named service is started it says 

Jul 31 14:33:30 localhost named[21581]: dns.zone:9: ignoring out-of-zone data 
(child.dns.com)

I am using bind-9.3.4-10.P1.el5_3.3. on CEntos 5.2

Please help. Thanks in advance. 

how to delegate the zone, is there any other configuration needed


my zone file ...

$TTL86400
@   IN  SOA dns.com. root.dns.com.  (
  1997022700 ; Serial
  28800  ; Refresh
  14400  ; Retry
  360; Expire
  86400 ); Minimum
IN  NS  dns.com.
child.dns.com.  IN  NS  ns.child.dns.com.

101 IN  PTR dns.com.
@   IN  A   192.168.1.101

ns.childIN  A   192.168.1.107
www 0   IN  A   192.168.1.101
www 0   IN  A   192.168.1.102
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Open Letter to Lance Davis

[Karanbir Singh]

On 07/31/2009 02:27 AM, Akemi Yagi wrote:
>> I don't have any legal obligation to help old ladies cross the street,
>> or rescue cats from trees. It's what you do because you're a good
>> person. Doing this in a community sense is what makes you a good
>> neighbor, and what helps build community reputation.
>
> I have to agree with Jim here.  It is not legal obligation or
> anything.

I believe thats the same point that Johnny was making - these are 
choices we have, and we would like to do this. So, not because we have 
to but because we want to.

- KB
-- 
Karanbir Singh : http://www.karan.org/  : 2522...@icq
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Weird permission

[Mike A. Harris]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

muhammad panji wrote:
> Dear all,
> I got weird permission on one of my server, when I ls -l the / i got
> permission for all directory set to "drwxr-xr-x." there are dot after
> the executable permission for others. what dot mean in permission and
> how to fix it? the actual problem is I could login via ssh but cannot
> login via winscp. any idea how to fix this? thanks in advance
> best regards,

IIRC, the "." at the end of the permissions indicates that the file has
additional permission controls beyond the standard DAC bits, such as
filesystem ACLs, filesystem capabilities, or other attributes.

Filesystem capabilities support is not present in CentOS 5, so are you
using ACLs?  What does the following show:

getfacl --tabular /*


- --
Mike A. Harris
http://mharris.ca  |  https://twitter.com/mikeaharris

-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org/

iD8DBQFKcr2K4RNf2rTIeUARAjD4AJ419R6GjtinDpsSVK/4tx4s9fhdKwCdG7DM
U+B4OIImAu7OtGi7g6FHTls=
=pfK9
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Weird permission

[Kai Schaetzl]

Muhammad panji wrote on Fri, 31 Jul 2009 14:48:29 +0700:

> I got weird permission on one of my server, when I ls -l the / i got
> permission for all directory set to "drwxr-xr-x." there are dot after
> the executable permission for others. what dot mean in permission and
> how to fix it?

I have never seen or heard of this. I would assume that is a formatting 
glitch produced by some shell login setting. It might help if you showed 
the whole output.


the actual problem is I could login via ssh but cannot
> login via winscp

Change the default WinSCP login from SFTP to SCP.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Weird permission

[muhammad panji]

Dear all,
I got weird permission on one of my server, when I ls -l the / i got
permission for all directory set to "drwxr-xr-x." there are dot after
the executable permission for others. what dot mean in permission and
how to fix it? the actual problem is I could login via ssh but cannot
login via winscp. any idea how to fix this? thanks in advance
best regards,




-- 
Muhammad Panji
http://sumodirjo.wordpress.com
http://www.kurungsiku.web.id
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LDAP howto using ds-base and ds-admin and related consoles

[Tony Molloy]

On Thursday 30 July 2009 19:23:24 Kwan Lowe wrote:
> On Thu, Jul 30, 2009 at 1:03 PM, Rob Kampen
> wrote: [snip]
>
> > I have read many hundreds of pages, have purchased O'reilly's LDAP System
> > Administration but cannot seem to get my dirsrv based LDAP to function.
> > I do understand that ds uses LDIF files to store and set things up, but
> > seem unable to grasp the arcane entries that need to exist so I can
> > access it with a basic LDAP client to load my users etc.
> > Also I guess there are certain schemas that need to be used to allow
> > basic functions to work.
> > My wish list:
> > linux user authentication and authorization
> > windows user authentication and authorization (via samba?)
> > customer contact list (name, address, company, phone numbers, email
> > addresses)
> > - this last one to be used by Thunderbird and my SIP phone system - both
> > of which profess to speak LDAP
> > I'm sure there are many small business folk that would like something
> > like this, however I cannot find a template with all my searches, so for
> > those of you with better LDAP and or google skills - please point me in
> > the right direction.
>

I'm going through the same process as Rob ( the OP ) at the moment. I want to 
setup centos-directory server. initially I want it to replace a NIS and Samba 
system with about 1200 existing users. 

> There's a pretty straightforward guide at HowToForge.com (search for
> "CentOS LDAP"). It's a little dated, but works as advertised.  In a
> nutshell the installation requires installing the centos-ds packages
> (about 4), installing a Sun Java, and then populating the database.
> The client side is even simpler.

Installing centos-ds is not a problem. It's what you do after it. Especially 
for people like me who have no experience with OpenLDAP.

>
> Linux and Windows user authentication is straightforward, with GUI
> based setup and editing.
>

With 1200 existing users to be migrated then GUI based setup and editing is 
not very useful.

> The default schema I use doesn't include address, company, etc., but
> these are very easily added.  I tested with kaddressbook and a couple
> other LDAP browsers without any glitches.

I'm going through the Howto:Samba from  at the 
moment and hopefully that will get me started.

But what would be nice is:

1. Howto:migtate existing NIS to CentosDS
2. Howto:migrate existing Samba to CentosDS

Regards,

Tony
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos



-- 

Dept. of Comp. Sci.
University of Limerick.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos