[CentOS] OpenOffice.org3 Error after Software Update

2012-04-25 Thread Mark LaPierre 
Hey Y'all,

I just installed the updates recommended by Software Update.

Apr 25 19:04:43 Updated: xulrunner-10.0.4-1.el6.centos.i686
Apr 25 19:04:53 Updated: firefox-10.0.4-1.el6.centos.i686
Apr 25 19:05:03 Updated: thunderbird-10.0.4-1.el6.centos.i686
Apr 25 19:05:05 Updated: matahari-lib-0.4.4-12.el6_2.i686
Apr 25 19:05:06 Updated: matahari-agent-lib-0.4.4-12.el6_2.i686
Apr 25 19:05:09 Updated: matahari-broker-0.4.4-12.el6_2.i686
Apr 25 19:05:10 Updated: matahari-network-0.4.4-12.el6_2.i686
Apr 25 19:05:11 Updated: matahari-sysconfig-0.4.4-12.el6_2.i686
Apr 25 19:05:12 Updated: matahari-service-0.4.4-12.el6_2.i686
Apr 25 19:05:13 Updated: matahari-host-0.4.4-12.el6_2.i686
Apr 25 19:05:14 Updated: 2:libpng-1.2.49-1.el6_2.i686
Apr 25 19:05:17 Updated: openssl-1.0.0-20.el6_2.4.i686
Apr 25 19:05:21 Updated: openssl-devel-1.0.0-20.el6_2.4.i686
Apr 25 19:05:22 Updated: 2:libpng-devel-1.2.49-1.el6_2.i686
Apr 25 19:05:23 Updated: matahari-0.4.4-12.el6_2.i686

I also installed Virtual Box.
Apr 25 19:23:55 Installed: VirtualBox-4.1-4.1.12_77245_rhel6-1.i686

Now open office will not start.  It complains about not being able to 
load a library.

The application cannot be started.
loading component library failed: 
file:///usr/lib/openoffice.org3/program/../basis-link/program/i18npool.uno.so

I checked for the existence of i18npool.uno.so in the directory 
indicated.  It is there.

1. Has anyone else experienced any problems with the latest software update?

2. What course of action would you recommend to restore the operation of 
openoffice.org?

CentOS release 6.2 (Final)
Linux mushroom.patch 2.6.32-220.13.1.el6.i686 #1 SMP Tue Apr 17 22:09:08 
BST 2012 i686 i686 i386 GNU/Linux

-- 
 _
°v°
   /(_)\
^ ^  Mark LaPierre
Registerd Linux user No #267004
www.counter.li.org

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] OpenOffice.org3 Error after Software Update

2012-04-25 Thread Mark LaPierre 
Hey Y'all,

I just installed the updates recommended by Software Update.

Apr 25 19:04:43 Updated: xulrunner-10.0.4-1.el6.centos.i686
Apr 25 19:04:53 Updated: firefox-10.0.4-1.el6.centos.i686
Apr 25 19:05:03 Updated: thunderbird-10.0.4-1.el6.centos.i686
Apr 25 19:05:05 Updated: matahari-lib-0.4.4-12.el6_2.i686
Apr 25 19:05:06 Updated: matahari-agent-lib-0.4.4-12.el6_2.i686
Apr 25 19:05:09 Updated: matahari-broker-0.4.4-12.el6_2.i686
Apr 25 19:05:10 Updated: matahari-network-0.4.4-12.el6_2.i686
Apr 25 19:05:11 Updated: matahari-sysconfig-0.4.4-12.el6_2.i686
Apr 25 19:05:12 Updated: matahari-service-0.4.4-12.el6_2.i686
Apr 25 19:05:13 Updated: matahari-host-0.4.4-12.el6_2.i686
Apr 25 19:05:14 Updated: 2:libpng-1.2.49-1.el6_2.i686
Apr 25 19:05:17 Updated: openssl-1.0.0-20.el6_2.4.i686
Apr 25 19:05:21 Updated: openssl-devel-1.0.0-20.el6_2.4.i686
Apr 25 19:05:22 Updated: 2:libpng-devel-1.2.49-1.el6_2.i686
Apr 25 19:05:23 Updated: matahari-0.4.4-12.el6_2.i686

I also installed Virtual Box.
Apr 25 19:23:55 Installed: VirtualBox-4.1-4.1.12_77245_rhel6-1.i686

Now open office will not start.  It complains about not being able to 
load a library.

The application cannot be started.
loading component library failed: 
file:///usr/lib/openoffice.org3/program/../basis-link/program/i18npool.uno.so

I checked for the existence of i18npool.uno.so in the directory 
indicated.  It is there.

1. Has anyone else experienced any problems with the latest software update?

2. What course of action would you recommend to restore the operation of 
openoffice.org?

CentOS release 6.2 (Final)
Linux mushroom.patch 2.6.32-220.13.1.el6.i686 #1 SMP Tue Apr 17 22:09:08 
BST 2012 i686 i686 i386 GNU/Linux

-- 
 _
°v°
   /(_)\
^ ^  Mark LaPierre
Registerd Linux user No #267004
www.counter.li.org

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] ATA errors

2012-04-25 Thread m . roth 
We just started seeing the errors described in
 The question is,
given that we're not seeing DRDY errors, and this is showing on all four
drives, and there's no RAID, should we just turn off SMART, or is this
telling us something important, other than the bug?

   mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] pcscd fails due to hal not running - CentOS 6.2

2012-04-25 Thread Rob Kampen 
Hi list,
I have a fully updated 6.2 laptop that gives the following log message 
upon startup:

Apr 26 08:30:38 robsasus pcscd: pcscdaemon.c:506:main() pcsc-lite 1.5.2 
daemon ready.
Apr 26 08:30:38 robsasus pcscd: 
hotplug_libhal.c:490:HPRegisterForHotplugEvents() Could not initialise 
connection to hald.
Apr 26 08:30:38 robsasus pcscd: 
hotplug_libhal.c:491:HPRegisterForHotplugEvents() Normally this means 
the HAL daemon (hald) is not running or not ready.
Apr 26 08:30:38 robsasus pcscd: pcscdaemon.c:525:main() 
SVCServiceRunLoop returned
Apr 26 08:30:38 robsasus pcscd: pcscdaemon.c:531:at_exit() cleaning /var/run


so I check the /etc/rcX.d/ init files and find that pcscd is set at 
start 25 but haldaemon is start 26 - thus I guess this is why I get the 
failure message - hal does not get started until after pcscd.

if I start pcscd manually after boot all is well.

the pscsd init.d script claims it will start hal - thus I am confused - 
and at the limit of my knowledge.

If someone could enlighten me.
TIA
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] forwarding packets to service in same host without using loopback network

2012-04-25 Thread Arif Hossain 
On Thu, Apr 26, 2012 at 1:32 AM,   wrote:
> Arif Hossain wrote:
>> On Thu, Apr 26, 2012 at 1:18 AM,   wrote:
>>
>>> Are you a student?
>>
>> I'm doing my graduate studies, so i'm a student :). But i'm studying
>> theoretical physics so that does not count here :)
>
> 
>>
>> bottom line is i'm not a CS student. But i develop software :)
> 
>>> I'm at work, so I may get back to this after work.
>>
>> I should have set up some error code, and do some aborting. but I'm
>> still at prototyping stage.
>
> You *really* should have that simple error handling. It will save you
> grief (and more recompiling, this time with a bunch of printf()'s) as you
> test... and it'll be in there from the start.
>

Thank you for the advice. I'll keep that in my mind.


>      mark "um, yeah, after years of programming, I taught myself C to get
> a new job
>             in, er, 1989"
>

I first typed on a keyboard in 2000. Got my PC (With Windows Me and
blue screen of death) in 2001. I first wrote a "int main" in 2007 in
Turbo C Dos Gui(In my country that's what thrown at students in their
Programming 101 course, no wonder i got a C+ and thought programming
is the worst thing happened to mankind after superman), wrote a
"typedef struct" in 2010. Most of the developer shop's in my country
produce C# forms in Pirated VStudio. So if someone does some linux and
c for fun they pick them like crazy. Its a good thing that i can use
that money to support my education and my cute wife :).

> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos



-- 
-aft
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] forwarding packets to service in same host without using loopback network

2012-04-25 Thread m . roth 
Arif Hossain wrote:
> On Thu, Apr 26, 2012 at 1:18 AM,   wrote:
>
>> Are you a student?
>
> I'm doing my graduate studies, so i'm a student :). But i'm studying
> theoretical physics so that does not count here :)


>
> bottom line is i'm not a CS student. But i develop software :)

>> I'm at work, so I may get back to this after work.
>
> I should have set up some error code, and do some aborting. but I'm
> still at prototyping stage.

You *really* should have that simple error handling. It will save you
grief (and more recompiling, this time with a bunch of printf()'s) as you
test... and it'll be in there from the start.

  mark "um, yeah, after years of programming, I taught myself C to get
a new job
 in, er, 1989"

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] forwarding packets to service in same host without using loopback network

2012-04-25 Thread Arif Hossain 
On Thu, Apr 26, 2012 at 1:18 AM,   wrote:

> Are you a student?

I'm doing my graduate studies, so i'm a student :). But i'm studying
theoretical physics so that does
not count here :)

bottom line is i'm not a CS student. But i develop software :)

>
> I ask, because in both functions, the first thing I see is
>
>>       if (ph)
>>         {
>>           id = ntohl (ph->packet_id);
>>           printf ("hw_protocol=0x%04x hook=%u id=%u ",
>>             ntohs (ph->hw_protocol), ph->hook, id);
>>         }
>
> and you have *no* error handling if !ph. If this should never be true,
> then a) why is it in an if statement, and b) I will say, with 99.44%
> confidence, that it *will* be the case sometime, in a situation you
> haven't thought of.
>
> I'm at work, so I may get back to this after work.
>
>       mark

I should have set up some error code, and do some aborting. but I'm
still at prototyping stage.

-- 
-aft
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] forwarding packets to service in same host without using loopback network

2012-04-25 Thread m . roth 
Arif Hossain wrote:
> This question is not about linux usage. But still i think  user list
> is a good crowd for linux programmer. So here it goes.
> I have this libnetfilter_queue application which receives packets from
> kernel based on some iptables rule. Before going straight to my
> problem, i'm giving a sample workable code and other tools to set up a
> test environment so that We problem definition and possible solutions
> can be more accurate and robust.
>
> The following code describes the core functionality of the application:
>
Are you a student?

I ask, because in both functions, the first thing I see is

>   if (ph)
> {
>   id = ntohl (ph->packet_id);
>   printf ("hw_protocol=0x%04x hook=%u id=%u ",
> ntohs (ph->hw_protocol), ph->hook, id);
> }

and you have *no* error handling if !ph. If this should never be true,
then a) why is it in an if statement, and b) I will say, with 99.44%
confidence, that it *will* be the case sometime, in a situation you
haven't thought of.

I'm at work, so I may get back to this after work.

   mark
>
> #include 
> #include 
> #include 
> #include 
> #include 
> #include   /* for NF_ACCEPT */
> #include 
>
> #include 
> #define PREROUTING 0
> #define POSTROUTING 4
> #define OUTPUT 3
>
>
> /* returns packet id */
> static u_int32_t
> print_pkt (struct nfq_data *tb)
> {
>   int id = 0;
>   struct nfqnl_msg_packet_hdr *ph;
>   struct nfqnl_msg_packet_hw *hwph;
>   u_int32_t mark, ifi;
>   int ret;
>   unsigned char *data;
>
>   ph = nfq_get_msg_packet_hdr (tb);
>   if (ph)
> {
>   id = ntohl (ph->packet_id);
>   printf ("hw_protocol=0x%04x hook=%u id=%u ",
> ntohs (ph->hw_protocol), ph->hook, id);
> }
>
>   hwph = nfq_get_packet_hw (tb);
>   if (hwph)
> {
>   int i, hlen = ntohs (hwph->hw_addrlen);
>
>   printf ("hw_src_addr=");
>   for (i = 0; i < hlen - 1; i++)
>   printf ("%02x:", hwph->hw_addr[i]);
>   printf ("%02x ", hwph->hw_addr[hlen - 1]);
> }
>
>   mark = nfq_get_nfmark (tb);
>   if (mark)
> printf ("mark=%u ", mark);
>
>   ifi = nfq_get_indev (tb);
>   if (ifi)
> printf ("indev=%u ", ifi);
>
>   ifi = nfq_get_outdev (tb);
>   if (ifi)
> printf ("outdev=%u ", ifi);
>   ifi = nfq_get_physindev (tb);
>   if (ifi)
> printf ("physindev=%u ", ifi);
>
>   ifi = nfq_get_physoutdev (tb);
>   if (ifi)
> printf ("physoutdev=%u ", ifi);
>
>   ret = nfq_get_payload (tb, &data);
>   if (ret >= 0)
> printf ("payload_len=%d ", ret);
>
>   fputc ('\n', stdout);
>
>   return id;
> }
>
>
> static int
> cb (struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
> struct nfq_data *nfa, void *data)
> {
>   uint32_t ip_src, ip_dst;
>   struct in_addr s_ip;
>   struct in_addr d_ip;
>   uint16_t src_port;
>   uint16_t dst_port;
>   int verdict;
>   int id;
>   int ret;
>   unsigned char *buffer;
>   struct nfqnl_msg_packet_hdr *ph = nfq_get_msg_packet_hdr (nfa);
>   if (ph)
> {
>   id = ntohl (ph->packet_id);
>   printf ("received packet with id %d", id);
> }
>   ret = nfq_get_payload (nfa, &buffer);
>   ip_src = *((uint32_t *) (buffer + 12));
>   ip_dst = *((uint32_t *) (buffer + 16));
>   src_port = *((uint16_t *) (buffer + 20));
>   dst_port = *((uint16_t *) (buffer + 22));
>   s_ip.s_addr = (uint32_t) ip_src;
>   d_ip.s_addr = (uint32_t) ip_dst;
>   *(buffer + 26) = 0x00;
>   *(buffer + 27) = 0x00;
>   printf ( "source IP %s", inet_ntoa (s_ip));
>   printf ( "destination IP %s", inet_ntoa (d_ip));
>   printf ( "source port %d", src_port);
>   printf ( "destination port %d", dst_port);
>   if (ret)
> {
>   switch (ph->hook)
>   {
>   case PREROUTING:
> printf ( "inbound packet");
> //my_mangling_fun();
> break;
>   case OUTPUT:
> printf ( "outbound packet");
> //my_mangling_fun();
> break;
>   }
> }
>   verdict = nfq_set_verdict (qh, id, NF_ACCEPT, ret, buffer);
>   if (verdict)
> printf ( "verdict ok");
>   return verdict;
> }
>
> int
> main (int argc, char **argv)
> {
>   struct nfq_handle *h;
>   struct nfq_q_handle *qh;
>   struct nfnl_handle *nh;
>   int fd;
>   int rv;
>   char buf[4096] __attribute__ ((aligned));
>
>   printf ("opening library handle\n");
>   h = nfq_open ();
>   if (!h)
> {
>   fprintf (stderr, "error during nfq_open()\n");
>   exit (1);
> }
>
>   printf ("unbinding existing nf_queue handler for AF_INET (if
> any)\n");
>   if (nfq_unbind_pf (h, AF_INET) < 0)
>

[CentOS] forwarding packets to service in same host without using loopback network

2012-04-25 Thread Arif Hossain 
This question is not about linux usage. But still i think  user list
is a good crowd for linux programmer. So here it goes.
I have this libnetfilter_queue application which receives packets from
kernel based on some iptables rule. Before going straight to my
problem, i'm giving a sample workable code and other tools to set up a
test environment so that We problem definition and possible solutions
can be more accurate and robust.

The following code describes the core functionality of the application:


#include 
#include 
#include 
#include 
#include 
#include /* for NF_ACCEPT */
#include 

#include 
#define PREROUTING 0
#define POSTROUTING 4
#define OUTPUT 3


/* returns packet id */
static u_int32_t
print_pkt (struct nfq_data *tb)
{
  int id = 0;
  struct nfqnl_msg_packet_hdr *ph;
  struct nfqnl_msg_packet_hw *hwph;
  u_int32_t mark, ifi;
  int ret;
  unsigned char *data;

  ph = nfq_get_msg_packet_hdr (tb);
  if (ph)
{
  id = ntohl (ph->packet_id);
  printf ("hw_protocol=0x%04x hook=%u id=%u ",
  ntohs (ph->hw_protocol), ph->hook, id);
}

  hwph = nfq_get_packet_hw (tb);
  if (hwph)
{
  int i, hlen = ntohs (hwph->hw_addrlen);

  printf ("hw_src_addr=");
  for (i = 0; i < hlen - 1; i++)
printf ("%02x:", hwph->hw_addr[i]);
  printf ("%02x ", hwph->hw_addr[hlen - 1]);
}

  mark = nfq_get_nfmark (tb);
  if (mark)
printf ("mark=%u ", mark);

  ifi = nfq_get_indev (tb);
  if (ifi)
printf ("indev=%u ", ifi);

  ifi = nfq_get_outdev (tb);
  if (ifi)
printf ("outdev=%u ", ifi);
  ifi = nfq_get_physindev (tb);
  if (ifi)
printf ("physindev=%u ", ifi);

  ifi = nfq_get_physoutdev (tb);
  if (ifi)
printf ("physoutdev=%u ", ifi);

  ret = nfq_get_payload (tb, &data);
  if (ret >= 0)
printf ("payload_len=%d ", ret);

  fputc ('\n', stdout);

  return id;
}


static int
cb (struct nfq_q_handle *qh, struct nfgenmsg *nfmsg,
struct nfq_data *nfa, void *data)
{
  uint32_t ip_src, ip_dst;
  struct in_addr s_ip;
  struct in_addr d_ip;
  uint16_t src_port;
  uint16_t dst_port;
  int verdict;
  int id;
  int ret;
  unsigned char *buffer;
  struct nfqnl_msg_packet_hdr *ph = nfq_get_msg_packet_hdr (nfa);
  if (ph)
{
  id = ntohl (ph->packet_id);
  printf ("received packet with id %d", id);
}
  ret = nfq_get_payload (nfa, &buffer);
  ip_src = *((uint32_t *) (buffer + 12));
  ip_dst = *((uint32_t *) (buffer + 16));
  src_port = *((uint16_t *) (buffer + 20));
  dst_port = *((uint16_t *) (buffer + 22));
  s_ip.s_addr = (uint32_t) ip_src;
  d_ip.s_addr = (uint32_t) ip_dst;
  *(buffer + 26) = 0x00;
  *(buffer + 27) = 0x00;
  printf ( "source IP %s", inet_ntoa (s_ip));
  printf ( "destination IP %s", inet_ntoa (d_ip));
  printf ( "source port %d", src_port);
  printf ( "destination port %d", dst_port);
  if (ret)
{
  switch (ph->hook)
{
case PREROUTING:
  printf ( "inbound packet");
  //my_mangling_fun();
  break;
case OUTPUT:
  printf ( "outbound packet");
  //my_mangling_fun();
  break;
}
}
  verdict = nfq_set_verdict (qh, id, NF_ACCEPT, ret, buffer);
  if (verdict)
printf ( "verdict ok");
  return verdict;
}

int
main (int argc, char **argv)
{
  struct nfq_handle *h;
  struct nfq_q_handle *qh;
  struct nfnl_handle *nh;
  int fd;
  int rv;
  char buf[4096] __attribute__ ((aligned));

  printf ("opening library handle\n");
  h = nfq_open ();
  if (!h)
{
  fprintf (stderr, "error during nfq_open()\n");
  exit (1);
}

  printf ("unbinding existing nf_queue handler for AF_INET (if any)\n");
  if (nfq_unbind_pf (h, AF_INET) < 0)
{
  fprintf (stderr, "error during nfq_unbind_pf()\n");
  exit (1);
}

  printf ("binding nfnetlink_queue as nf_queue handler for AF_INET\n");
  if (nfq_bind_pf (h, AF_INET) < 0)
{
  fprintf (stderr, "error during nfq_bind_pf()\n");
  exit (1);
}

  printf ("binding this socket to queue '0'\n");
  qh = nfq_create_queue (h, 0, &cb, NULL);
  if (!qh)
{
  fprintf (stderr, "error during nfq_create_queue()\n");
  exit (1);
}

  printf ("setting copy_packet mode\n");
  if (nfq_set_mode (qh, NFQNL_COPY_PACKET, 0x) < 0)
{
  fprintf (stderr, "can't set packet_copy mode\n");
  exit (1);
}

  fd = nfq_fd (h);

  for (;;)
{
  if ((rv = recv (fd, buf, sizeof (buf), 0)) >= 0)

Re: [CentOS] Windows 2008R2 AD, kerberos, NFSv4

2012-04-25 Thread janice.psyop 
Hi James,

(Sorry, I was on digest mode, but have switched it off...)  Here are the
respective smb.conf and krb5.conf files.


[root@bk001 ~]# smbd -V
Version 3.5.10-0.107.el5

[root@bk001 ~]# cat /etc/samba/smb.conf

[global]
workgroup = MYCOMPANY
realm = MYCOMPANY.TV
server string = bk001 v %v
log file = /var/log/samba/log.smbd
security = ADS
client NTLMv2 auth = yes
encrypt passwords = yes
#password server = *
password server = 10.100.1.11 10.100.1.10
allow trusted domains = No
passdb backend = tdbsam
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
load printers = no
show add printer wizard = no
disable spoolss = yes
kernel oplocks = no
printing = sysv
printcap name = /dev/null
unix extensions = no
preferred master = No
local master = No
#use kerberos keytab = yes
kerberos method = system keytab
client ldap sasl wrapping = sign
idmap backend = tdb
idmap uid = 21-99
idmap gid = 21-99
idmap config MYCOMPANY: backend = rid
idmap config MYCOMPANY: base_range = 2000
idmap config MYCOMPANY: range = 2000-20
winbind use default domain = Yes
winbind nss info = template
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
log level = winbind:1 idmap:3
syslog = 1
max log size = 50
smb ports = 445
mangled names = No
client use spnego = yes
client use spnego principal = yes

[dist]
comment = share for dist
path = /array/dist
veto files = /autorun.inf/Thumbs.db/.TemporaryItems/
browseable = yes
read only = no
guest ok = yes
create mask = 0664
security mask = 0664
directory mask = 0775
force directory mode = 0775
directory security mask = 0775
map acl inherit = Yes


 [root@bk001 ~]# cat /etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = MYCOMPANY.TV
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 3d
 forwardable = true
 clockskew = 120
 default_keytab_name = FILE:/etc/krb5.keytab
 default_tkt_enctypes = des-cbc-crc rc4-hmac
 default_tgs_enctypes = des-cbc-crc rc4-hmac
 permitted_enctypes = des-cbc-crc rc4-hmac
 allow_weak_crypto = true
 udp_preference_limit = 1

[realms]
 MYCOMPANY.TV = {
  kdc = dc02.mycompany.tv:88
  kdc = dc01.mycompany.tv:88
  admin_server = dc02.mycompany.tv:749
  master_kdc = dc02.mycompany.tv
  default_domain = mycompany.tv
 }

[domain_realm]
 .mycompany.tv = MYCOMPANY.TV
 mycompany.tv = MYCOMPANY.TV

[appdefaults]
 pam = {
   debug = false
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
   krb4_convert = false
 }
 kinit = {
   ticket_lifetime = 36000
   renew_lifetime = 36000
   forwardable = true
 }


 

[root@nas002 ~]# smbd -V
Version 3.3.8-0.52.el5_5.2

[root@nas002 ~]# cat /etc/samba/smb.conf

[global]
workgroup = MYCOMPANY
realm = MYCOMPANY.TV
server string = nas002 v %v
name resolve order = host bcast wins lmhosts
security = ADS
client NTLMv2 auth = yes
encrypt passwords = yes
allow trusted domains = No
passdb backend = tdbsam
socket options = TCP_NODELAY IPTOS_LOWDELAY SO_KEEPALIVE
load printers = no
show add printer wizard = no
disable spoolss = yes
kernel oplocks = no
printing = sysv
printcap name = /dev/null
unix extensions = no
preferred master = No
local master = No
use kerberos keytab = yes
idmap backend = rid
idmap uid = 2000-20
idmap gid = 2000-20
winbind use default domain = Yes
winbind separator = +
winbind enum users = Yes
winbind enum groups = Yes
 winbind refresh tickets = yes
log file = /var/log/samba/log.smbd
max log size = 50
log level = winbind:1 idmap:1
syslog = 1
smb ports = 445
mangled names = No
client use spnego = yes


[nfs4test]
comment = Work Area
path = /array/nfs4test
veto files = /autorun.inf/Thumbs.db/.TemporaryItems/
browseable = yes
read only = yes
guest ok = yes
create mask = 0664
security mask = 0664
directory mask = 0775
force directory mode = 0775
directory security mask = 0775
map acl inherit = Yes



[root@nas002 ~]# cat /etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = MYCOMPANY.TV
 dns_lookup_realm = false
 dns

Re: [CentOS] CentOS, XFS, VirtualBox - can they just get along?

2012-04-25 Thread Emmanuel Noobadmin 
On 4/26/12, Boris Epstein  wrote:
> Hello all,
>
> I am running VirtualBox 4.1 on CentOS 6 and I got this warning that putting
> your VM's into an XFS filesystem is risky. I have also heard some rumors on
> the net to this effect. Does anyone know in more detail what's behind those
> rumors?

I came across the same warnings while looking up on using XFS as the
fs on storage nodes. IIRC it has to do with caching and flushing to
disk.

>From what I understood:

VM caches writes before sending it to the virtual disk.
Host's XFS does delay logging to address performance issue before
sending it to the HDD
HDD caches writes for performance and may not respect commands that
demand it turn off caching and flush writes.

If a power cut occurs, in the absence of a BBU HBA, it seems that it
is indeterminable if the last few writes had been committed and in
what sequence and usually means a corrupted VM.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS, XFS, VirtualBox - can they just get along?

2012-04-25 Thread Boris Epstein 
Hello all,

I am running VirtualBox 4.1 on CentOS 6 and I got this warning that putting
your VM's into an XFS filesystem is risky. I have also heard some rumors on
the net to this effect. Does anyone know in more detail what's behind those
rumors?

Thanks.

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Bob Hoffman 

On 4/25/2012 12:00 PM, m.r...@5-cent.us wrote:
> John Doe wrote:
>
>>   automatically.
>> Why not find out why you get blacklisted instead of trying to bypass it?
>> You seem to imply that it is something that will happen and often...
> It happens. It's certainly happened to me. When you're a hosting co (like
> the host I use), and have tens or hundreds of thousands of clients with
> many domains, and some are businesses or organizations that legitimately
> send out mass emailings, you're trying to catch the idiot whose machine
> got infected, it was uploaded to their hosted site, and voila, spam going
> out of your domain. *AND* the blacklisters *insist* on blocking the
> *entire* address range assigned to the hosting co, rather than the source
> IP.
>
>
I am just now getting into blacklisting by ips, but I would never do it 
that way.
The only time I have added a host to the blacklist is when it is the 
host's actual mail servers spamming me.
I had to to that with only  a few so far (like ovh).

For individuals like you speak of, I would only add their domain, not an 
ip range.

the only ones I have added ipranges for are bulk list spammers like 
constant contact and vocus and the like.

blacklisting ip blocks is fraught with danger, but in the case of an 
individual mail server for a individual person, not so bad.

I think it would be impossible to police clients as a host...I cannot 
see how you could do it. My main reason for never entertaining the idea 
of running a host company.. Give you credit for trying though.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Adam Tauno Williams 
On Wed, 2012-04-25 at 11:57 +, Prabhpal S. Mavi wrote: 
> Dear Adam Tauno Williams
> thanks for your response, i am not sure what did you advice. could you
> please explain nit more if there is any other way to do it. as sounds in
> your mail.



You can restrict senders and receivers through standard maps.  Those
maps can query just about anything you desire.


signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread m . roth 
John Doe wrote:
> From: Prabhpal S. Mavi 
>
>> i implemented something that when our smart host would become
>> blacklisted.
>> It will automatic switch to next available smart host (which is ready
>> sitting). that mean it will start relaying message through another smart
>> host automatically.
>
> Why not find out why you get blacklisted instead of trying to bypass it?
> You seem to imply that it is something that will happen and often...

It happens. It's certainly happened to me. When you're a hosting co (like
the host I use), and have tens or hundreds of thousands of clients with
many domains, and some are businesses or organizations that legitimately
send out mass emailings, you're trying to catch the idiot whose machine
got infected, it was uploaded to their hosted site, and voila, spam going
out of your domain. *AND* the blacklisters *insist* on blocking the
*entire* address range assigned to the hosting co, rather than the source
IP.

mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 86, Issue 14

2012-04-25 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CESA-2012:0518 Important CentOS 5 openssl Update (Johnny Hughes)
   2. CESA-2012:0515 Critical CentOS 5 firefox Update (Johnny Hughes)
   3. CESA-2012:0516 Critical CentOS 5 firefox Update (Johnny Hughes)
   4. CESA-2012:0516 Critical CentOS 5 thunderbird  Update
  (Johnny Hughes)
   5. CESA-2012:0518 Important CentOS 6 openssl Update (Johnny Hughes)
   6. CESA-2012:0515 Critical CentOS 6 firefox Update (Johnny Hughes)
   7. CEBA-2012:0511  CentOS 6 matahari Update (Johnny Hughes)
   8. CEBA-2012:0512  CentOS 6 aide Update (Johnny Hughes)
   9. CESA-2012:0516 Critical CentOS 6 thunderbird  Update
  (Johnny Hughes)
  10. CESA-2012:0523 Moderate CentOS 5 libpng Update (Johnny Hughes)
  11. CESA-2012:0523 Moderate CentOS 6 libpng Update (Johnny Hughes)


--

Message: 1
Date: Wed, 25 Apr 2012 01:22:21 +
From: Johnny Hughes 
Subject: [CentOS-announce] CESA-2012:0518 Important CentOS 5 openssl
Update
To: centos-annou...@centos.org
Message-ID: <20120425012221.ga5...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2012:0518 Important

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0518.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
d8e4fe4b31be6324ed03ad70d86156a3168efc55c5b06ffd4fde486feb9fe2d6  
openssl097a-0.9.7a-11.el5_8.2.i386.rpm
c65df6dec7b008e84ab414c6970fb2c409a5e00cba23a4a4350b1a716b229559  
openssl-0.9.8e-22.el5_8.3.i386.rpm
586a15a6bc19278bee19a2572bd1bc788003ff4c198431d0f4663adbb1b3184c  
openssl-0.9.8e-22.el5_8.3.i686.rpm
639974e459e9f6c0403360fc41067f48394f512d0ba5e579ea45b8992d2da168  
openssl-devel-0.9.8e-22.el5_8.3.i386.rpm
92a492519329325336183c23929df620c8f8ddfd0e82b10c57664ec6d55e7bad  
openssl-perl-0.9.8e-22.el5_8.3.i386.rpm

x86_64:
d8e4fe4b31be6324ed03ad70d86156a3168efc55c5b06ffd4fde486feb9fe2d6  
openssl097a-0.9.7a-11.el5_8.2.i386.rpm
7fa89e3ca44626a62c98bc84be77959f66a9b8eba6bbb9fd98365e74e6e103aa  
openssl097a-0.9.7a-11.el5_8.2.x86_64.rpm
586a15a6bc19278bee19a2572bd1bc788003ff4c198431d0f4663adbb1b3184c  
openssl-0.9.8e-22.el5_8.3.i686.rpm
a5492f5973452f6193a3fb6cd3249f2791c52cebd1e1d12560d2d64b256c2784  
openssl-0.9.8e-22.el5_8.3.x86_64.rpm
639974e459e9f6c0403360fc41067f48394f512d0ba5e579ea45b8992d2da168  
openssl-devel-0.9.8e-22.el5_8.3.i386.rpm
f2bd64faebbd7b5dc0124cca14b217ace539e04913f9eb266e8c2274b7dc94b8  
openssl-devel-0.9.8e-22.el5_8.3.x86_64.rpm
75c9372cf9aa77e8d245254b3696b56d6bed262f3245e8c95278a07e74ffb42c  
openssl-perl-0.9.8e-22.el5_8.3.x86_64.rpm

Source:
d152bcff32227dd08cc0495718cfd19ad3ca2e1c15011ae41dc9ef0f434d4176  
openssl097a-0.9.7a-11.el5_8.2.src.rpm
63492a08a2e0cd5277925dc88d34a85a381bd4c087787715e57645008a5bbace  
openssl-0.9.8e-22.el5_8.3.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 2
Date: Wed, 25 Apr 2012 01:27:20 +
From: Johnny Hughes 
Subject: [CentOS-announce] CESA-2012:0515 Critical CentOS 5 firefox
Update
To: centos-annou...@centos.org
Message-ID: <20120425012720.ga5...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2012:0515 Critical

Upstream details at : https://rhn.redhat.com/errata/RHSA-2012-0515.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
c2e589aadfac0a7c5977431242a268743d4a223c4da6cab73919c0af8cba3278  
firefox-10.0.4-1.el5.centos.i386.rpm
eaa1f4d40f40f2c20310a7234a80d643dfd3cf6124a38466dfe700581f166304  
xulrunner-10.0.4-1.el5_8.i386.rpm
67a66eb67a74646e261340123f32fc604ae072feb475674a86532b30deaec4e4  
xulrunner-devel-10.0.4-1.el5_8.i386.rpm

x86_64:
c2e589aadfac0a7c5977431242a268743d4a223c4da6cab73919c0af8cba3278  
firefox-10.0.4-1.el5.centos.i386.rpm
9f1a1179d341db3846865cb0c7e39a2a9e23c3e06067760ebeb07090f20ba9c0  
firefox-10.0.4-1.el5.centos.x86_64.rpm
eaa1f4d40f40f2c20310a7234a80d643dfd3cf6124a38466dfe700581f166304  
xulrunner-10.0.4-1.el5_8.i386.rpm
aa76e67d4a67b6c919176f37906b224ef0bcf4217ec2995b121528c594557cd3  
xulrunner-10.0.4-1.el5_8.x86_64.rpm
67a66eb67a74646e261340123f32fc604ae072feb475674a86532b30deaec4e4  
xulrunner-devel-10.0.4-1.el5_8.i386.rpm
f34186000619626cb784b3f7a916bddd1b7416e6b731ef04842788ca797e64fd

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Tilman Schmidt 
Am 25.04.2012 14:14, schrieb John Doe:
> From: Prabhpal S. Mavi 
> 
>> i implemented something that when our smart host would become blacklisted.
>> It will automatic switch to next available smart host [...]
> 
> Why not find out why you get blacklisted instead of trying to bypass it?

That may well prove fruitless. There are blacklists
out there which won't tell you why they list a host
or refuse to remove a host even if their reason for
listing is gone (or was never valid to begin with).

-- 
Tilman Schmidt
Phoenix Software GmbH
Bonn, Germany
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Lars Hecking 
 
> Let me rephrase that, did you explicitly select these packages or did a group 
> pull them in?

 It is a custom group that originally included kmod-bnx2. I removed it but
 according to the yum log during install, it was still pulled in by kmod-cnic.
 So I needed to remove that one as well.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Peter Kjellström 
On Wednesday 25 April 2012 12.48.43 Lars Hecking wrote:
> Peter Kjellstr??m writes:
> > On Wednesday 25 April 2012 10.53.46 Lars Hecking wrote:
> > ...
> > 
> > > > "yum remove kmod-bnx2" is suggested way to remove packages in a
> > > > dependency-
> > > > aware way.
> > >  
> > >  Slightly different situation here - I'm working off a local repo for
> > > 
> > > kickstart installations, so I don't want to install it in the first
> > > place.
> > > For that to happen, I need to exclude kmod-cnic as well or the bnx2 rpm
> > > gets pulled in anyway.
> > 
> > Interesting, are you saying that any standard install package selection
> > includes these updated drivers?
> 
>  I'm using a custom group that install pretty much everything. Ok, not
>  really everything, but about three quartes of all >6k packages. The local
>  repo is a repomanage merge of os and updates tree.

Let me rephrase that, did you explicitly select these packages or did a group 
pull them in?

/Peter

signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ldap, 2.3 primary, 2.4 secondary

2012-04-25 Thread aurfalien 

On Apr 24, 2012, at 11:34 PM, Craig White wrote:

> On Tue, 2012-04-24 at 14:40 -0400, aurfalien wrote:
>> Hi all,
>> 
>> Is it possible to use a 2.3 OpenLDAP primary while having a 2.4 OpenLDAP 
>> secondary?
>> 
>> Currently I have all at 2.3 (Centos 5) but am needing to up a remote 
>> facility to Centos 6 before doing the main facility to 6.
>> 
>> Hoping I can mix and match but it looks like I may not be able to.
>> 
>> My LDAP secondaries pull the DB over pretty frequently  so I would be doing 
>> the same thing here.
>> 
>> I would have asked the OpenLDAP list but you are much nicer to an order of 
>> magnitude, seriously.
>> 
>> Thanks in advance,
> 
> wouldn't do a bit of good to ask openldap list - they'll just tell you
> that 2.3.x is EOL
> 
> Shouldn't have any problems but I haven't tried it myself. There have
> been some issues with replication with 2.3/2.4 but I would suspect that
> if you haven't run into them with 2.3, then you're not running an overly
> complicated setup and it should work.
> 
> Craig
> 


Thanks for the reply Craig.

I had some wanky issues so for now I am running two VMs, one of Centos 5 and 
the other of 6 so that when ready, I can easily migrate.

I am hoping OpenLDAP 2.4 will push rather then pull changes.

- aurf
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] strange partitioning problem

2012-04-25 Thread Lamar Owen 
On Tuesday, April 24, 2012 05:40:50 PM Gé Weijers wrote:
> Any way you'd like. CentOS can't BOOT from a GPT partitioned device if
> the BIOS does not support it, but you can certainly use GPT on
> non-boot devices.

While I can't confirm for a drive larger than 2TB, it is not true that you 
can't boot a Linux kernel close to the one in CentOS using a GRUB similar to 
the one in CentOS from a GPT partitioned disk.  People are doing this all the 
time using bootloaders like Chameleon and PCEFI (used typically to build a 
'hackintosh'), dual-booting with Mac OS X on semi-generic PC hardware.

Here's what the GPT looks like for such a system, dual-booting Fedora 14 and 
Mac OS X (using gdisk):
[root@localhost ~]# gdisk -l /dev/sda
GPT fdisk (gdisk) version 0.8.1

Partition table scan:
  MBR: protective
  BSD: not present
  APM: not present
  GPT: present

Found valid GPT with protective MBR; using GPT.
Disk /dev/sda: 976773168 sectors, 465.8 GiB
Logical sector size: 512 bytes
Disk identifier (GUID): 1BE631E1-4E0C-4D33-9108-9F7E5EBB411A
Partition table holds up to 128 entries
First usable sector is 34, last usable sector is 976773134
Partitions will be aligned on 8-sector boundaries
Total free space is 525717 sectors (256.7 MiB)

Number  Start (sector)End (sector)  Size   Code  Name
   1  40  409639   200.0 MiB   EF00  EFI System Partition
   2  409640   386210423   184.0 GiB   AF00  Flopdinger
   3   386473984   402104319   7.5 GiB 8200  LinuxSwap
   4   402104320   484024319   39.1 GiB0700  F14
   5   484024320   861511679   180.0 GiB   0700  LinuxHome
   6   861511680   976510983   54.8 GiBAF00  Interchange
[root@localhost ~]# 

Using parted -l:
[root@localhost ~]# parted -l
Model: ATA ST9500420AS (scsi)
Disk /dev/sda: 500GB
Sector size (logical/physical): 512B/512B
Partition Table: gpt

Number  Start   EndSizeFile system Name  Flags
 1  20.5kB  210MB  210MB   fat32   EFI System Partition  boot, 
hidden
 2  210MB   198GB  198GB   hfs+Flopdinger hidden
 3  198GB   206GB  8003MB  linux-swap(v1)  LinuxSwap
 4  206GB   248GB  41.9GB  ext3F14
 5  248GB   441GB  193GB   ext3LinuxHome hidden
 6  441GB   500GB  58.9GB  hfsxInterchange   hidden


[root@localhost ~]# 

Installation of the GRUB bootloader is simple; it's installed to /dev/sda4 
instead of /dev/sda (since Chameleon is sitting in the MBR and in the EFI 
system partition):
[root@localhost ~]# cat /boot/grub/menu.lst
# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You do not have a /boot partition.  This means that
#  all kernel and initrd paths are relative to /, eg.
#  root (hd0,3)
#  kernel /boot/vmlinuz-version ro root=/dev/sda4
#  initrd /boot/initrd-[generic-]version.img
#boot=/dev/sda4
default=0
timeout=9
splashimage=(hd0,3)/boot/grub/splash.xpm.gz
hiddenmenu
title Fedora (2.6.35.14-106.fc14.x86_64)
root (hd0,3)
kernel /boot/vmlinuz-2.6.35.14-106.fc14.x86_64 ro 
root=UUID=8cda63bd-9eed-4a65-a834-138df5dca1a2 rd_NO_LUKS rd_NO_LVM rd_NO_MD 
rd_NO_DM LANG=en_US.UTF-8 SYSFONT=latarcyrheb-sun16 KEYTABLE=us rhgb quiet 
nouveau.modeset=0 rdblacklist=nouveau
initrd /boot/initramfs-2.6.35.14-106.fc14.x86_64.img

Booting a generic BIOS PC from GPT is a solved problem, just not in the 'usual' 
Linux space.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Earl Ramirez 
On 25 April 2012 07:42, Prabhpal S. Mavi wrote:

> Dear Community Friends Greetings,
>
> i work with ISP, we host email service for almost 500+ companies and 200+
> mail servers relay through my smart host.
>
> i implemented something that when our smart host would become blacklisted.
> It will automatic switch to next available smart host (which is ready
> sitting). that mean it will start relaying message through another smart
> host automatically.
>
> i think i must tell little background as well. it is actually php script
> that perform blacklist check every minute through cron. if it found that
> IP is blacklisted. It will then insert "relay host =" value in main.cf and
> reload postfix service. When IP is no more blacklisted it will then remove
> the same directive from main.cf and reload postfix.
>
> everything is working as expected. i have one question, when we reload
> postfix does it drop active SMTP session?
>
> for example lets say that remote SMTP server is delivering message to my
> postfix that has 8MB attachment. message was not fully transferred. lets
> say that 4MB was transferred. and i issued "postfix reload". will that
> connection drop or continue to deliver the mail?
>
>
> Thanks / Regards
> Prabhpal S. Mavi
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>

Postfix reload will not disrupt any connection and in your example the mail
will continue to be delivered

-- 
Kind Regards
Earl Ramirez
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread John Doe 
From: Bob Hoffman 

> On 4/25/2012 7:42 AM, Prabhpal S. Mavi wrote:
>>  i work with ISP, we host email service for almost 500+ companies and 200+
>>  mail servers relay through my smart host.
>> 
>>  i implemented something that when our smart host would become blacklisted.
>>  It will automatic switch to next available smart host (which is ready
>>  sitting). that mean it will start relaying message through another smart
>>  host automatically.
> well, as someone who has been really fighting spam lately I can say that 
> that system will definitely work out quite well and most bulk spammers 
> use something like that.
> 
> with that many companies and mail servers, I have no idea how you can 
> police them...wow

Talking about spam... the USA lost its spam crown to India...
http://nakedsecurity.sophos.com/2012/04/23/india-becomes-the-king-of-the-spammers-stealing-americas-crown/

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Bob Hoffman 
On 4/25/2012 7:42 AM, Prabhpal S. Mavi wrote:
> i work with ISP, we host email service for almost 500+ companies and 200+
> mail servers relay through my smart host.
>
> i implemented something that when our smart host would become blacklisted.
> It will automatic switch to next available smart host (which is ready
> sitting). that mean it will start relaying message through another smart
> host automatically.
well, as someone who has been really fighting spam lately I can say that 
that system will definitely work out quite well and most bulk spammers 
use something like that.

with that many companies and mail servers, I have no idea how you can 
police them...wow
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread John Doe 
From: Prabhpal S. Mavi 

> i implemented something that when our smart host would become blacklisted.
> It will automatic switch to next available smart host (which is ready
> sitting). that mean it will start relaying message through another smart
> host automatically.

Why not find out why you get blacklisted instead of trying to bypass it?
You seem to imply that it is something that will happen and often...

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] strange partitioning problem

2012-04-25 Thread Markku Kolkka 
25.4.2012 0:33, Eero Volotinen kirjoitti:
> 2012/4/25 Markku Kolkka :
>> 24.4.2012 23:52, Boris Epstein kirjoitti:
>>> Thanks! I am afraid that will still not address the issue of how I would
>>> partition the drive for the installation.
>>
>> Don't partition it at all, assign the whole drive as a LVM physical volume.
> 
> Is it really possible to boot from 18TB lvm partition? with mbr? with grub?

You missed the previous post where it was suggested to put /boot on a
memory stick. /boot on a separate device + 18TB unpartitioned device as
a PV should work.

-- 
Markku Kolkka
markku.kol...@iki.fi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Prabhpal S. Mavi 
Dear Adam Tauno Williams

thanks for your response, i am not sure what did you advice. could you
please explain nit more if there is any other way to do it. as sounds in
your mail.

Thanks

> On Wed, 2012-04-25 at 11:42 +, Prabhpal S. Mavi wrote:
>> i think i must tell little background as well. it is actually php script
>> that perform blacklist check every minute through cron. if it found that
>> IP is blacklisted. It will then insert "relay host =" value in main.cf
>> and
>> reload postfix service. When IP is no more blacklisted it will then
>> remove
>> the same directive from main.cf and reload postfix.
>
> Why not propely 'out-source' this to a Postfix map rather than modifying
> main.cf.  Dynamic modification of main.cf is *seriously* brain-damaged
> in my opinion.  Point a map at an LDAP DSA or an RDBMS database and have
> the application update *that*.  Then Postfix checks the map.  Nobody
> needs to get constantly hup'd and you aren't touching configuation files
> that *should not be writable* anyway.
>
>> everything is working as expected. i have one question, when we reload
>> postfix does it drop active SMTP session?
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>


Thanks / Regards
Prabhpal S. Mavi



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Lars Hecking 
Peter Kjellstr??m writes:
> On Wednesday 25 April 2012 10.53.46 Lars Hecking wrote:
> ...
> > > "yum remove kmod-bnx2" is suggested way to remove packages in a
> > > dependency-
> > > aware way.
> > 
> >  Slightly different situation here - I'm working off a local repo for
> > kickstart installations, so I don't want to install it in the first place.
> > For that to happen, I need to exclude kmod-cnic as well or the bnx2 rpm
> > gets pulled in anyway.
> 
> Interesting, are you saying that any standard install package selection 
> includes these updated drivers?
 
 I'm using a custom group that install pretty much everything. Ok, not
 really everything, but about three quartes of all >6k packages. The local
 repo is a repomanage merge of os and updates tree.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Adam Tauno Williams 
On Wed, 2012-04-25 at 11:42 +, Prabhpal S. Mavi wrote:
> i think i must tell little background as well. it is actually php script
> that perform blacklist check every minute through cron. if it found that
> IP is blacklisted. It will then insert "relay host =" value in main.cf and
> reload postfix service. When IP is no more blacklisted it will then remove
> the same directive from main.cf and reload postfix.

Why not propely 'out-source' this to a Postfix map rather than modifying
main.cf.  Dynamic modification of main.cf is *seriously* brain-damaged
in my opinion.  Point a map at an LDAP DSA or an RDBMS database and have
the application update *that*.  Then Postfix checks the map.  Nobody
needs to get constantly hup'd and you aren't touching configuation files
that *should not be writable* anyway.

> everything is working as expected. i have one question, when we reload
> postfix does it drop active SMTP session?



signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Does SMTP Connection Drop When Posfix Reload is Issued ?

2012-04-25 Thread Prabhpal S. Mavi 
Dear Community Friends Greetings,

i work with ISP, we host email service for almost 500+ companies and 200+
mail servers relay through my smart host.

i implemented something that when our smart host would become blacklisted.
It will automatic switch to next available smart host (which is ready
sitting). that mean it will start relaying message through another smart
host automatically.

i think i must tell little background as well. it is actually php script
that perform blacklist check every minute through cron. if it found that
IP is blacklisted. It will then insert "relay host =" value in main.cf and
reload postfix service. When IP is no more blacklisted it will then remove
the same directive from main.cf and reload postfix.

everything is working as expected. i have one question, when we reload
postfix does it drop active SMTP session?

for example lets say that remote SMTP server is delivering message to my
postfix that has 8MB attachment. message was not fully transferred. lets
say that 4MB was transferred. and i issued "postfix reload". will that
connection drop or continue to deliver the mail?


Thanks / Regards
Prabhpal S. Mavi



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Peter Kjellström 
On Wednesday 25 April 2012 10.53.46 Lars Hecking wrote:
...
> > "yum remove kmod-bnx2" is suggested way to remove packages in a
> > dependency-
> > aware way.
> 
>  Slightly different situation here - I'm working off a local repo for
> kickstart installations, so I don't want to install it in the first place.
> For that to happen, I need to exclude kmod-cnic as well or the bnx2 rpm
> gets pulled in anyway.

Interesting, are you saying that any standard install package selection 
includes these updated drivers?

/Peter


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Ned Slider 
On 25/04/12 10:45, Peter Kjellström wrote:
> On Tuesday 24 April 2012 16.05.26 Ned Slider wrote:
>
> ...
>> In the meantime (as a workaround), just grab the missing firmware and
>> place it in the appropriate directory.
>
> No, in the meantime don't install kmod-bnx2 unless you need it, it's not meant
> as a general update for the kernel provided bnx2.
>

Agreed.

My workaround was assuming that one actually *needs* the updated driver.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Lars Hecking 

> >  Looks like a vanilla kernel bug.
> > 
> >   http://lkml.org/lkml/2012/4/17/268
> 
> What you're hitting is similar but not the same. You installed an rpm that 
> redhat built for a few new NICs as part of their DUP (Driver Update Program):
 
 ACK.

> "yum remove kmod-bnx2" is suggested way to remove packages in a dependency-
> aware way.

 Slightly different situation here - I'm working off a local repo for kickstart
 installations, so I don't want to install it in the first place. For that
 to happen, I need to exclude kmod-cnic as well or the bnx2 rpm gets pulled
 in anyway.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] High load

2012-04-25 Thread John Doe 
From: Kaushal Shriyan 

> Is there a way to nail down the issue of high load on a server basically
> trying to understand the reason behind high load at a specific time period.
> I use top command but it does not have history.

Maybe adapt something like this to your needs:
while :; do LOAD=`cat /proc/loadavg | cut -f1 -d'.'`; if [ $LOAD -gt 3 ]; then 
ps auxfw > /tmp/ps.`date +"%s"`; sleep 60; fi; sleep 10; done

JD
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Peter Kjellström 
On Tuesday 24 April 2012 16.05.26 Ned Slider wrote:
> On 24/04/12 15:56, Lars Hecking wrote:
> > Peter Kjellstr??m writes:
> >> On Monday 23 April 2012 17.54.33 Lars Hecking wrote:
...
> >>> bnx2: Can't load firmware file "bnx2/bnx2-mips-09-6.2.1b.fw"
> >> 
> >> This is because you have the kmod-bnx2 package which contains a newer
> >> driver (2.2.1) but not a complete set of firmwares (two out of five
> >> files missing).>> 
...
> >> This machine is using the normal bnx2 driver (2.1.11) for which there is
> >> a
> >> complete set of firmwares (provided by the kernel-firmware package).
> >> 
> >   Spot on - the working machine did not have kmod-bnx2 installed.
> >> 
> >> If you don't need the 2.2.1 driver I suggest you remove the kmod-bnx2
> >> package from the first machine and fall back to the driver in the normal
> >> kernel package.
> >> 
> >   Installing without kmod-bnx2 worked, and I also had to get rid of
> >   kmod-cnic, which /tmp/yum.log listed as requiring kmod-bnx2.
> 
> This is fixed in RHEL6.3 (beta) where the kernel-firmware package
> contains the latest firmware that you are missing above:

To be clear, there is no bug/problem in the kernel-firmware package in 6.2. 
This thread is about the behaviour of a driver update (kmod-bnx2) with its own 
(incomplete) set of firmware. As you point out, 6.3 will have the new driver 
and its firmware.

...
> In the meantime (as a workaround), just grab the missing firmware and
> place it in the appropriate directory.

No, in the meantime don't install kmod-bnx2 unless you need it, it's not meant 
as a general update for the kernel provided bnx2.

/Peter


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Latest 6.2 kernel is broken

2012-04-25 Thread Peter Kjellström 
On Tuesday 24 April 2012 15.56.09 Lars Hecking wrote:
> Peter Kjellstr??m writes:
> > On Monday 23 April 2012 17.54.33 Lars Hecking wrote:
> > >  I just kickstarted a new machine with the latest CentOS 6.2 files,
> > > 
> > > including kernel 2.6.32-220.13.1.el6.x86_64. It came up without network
> > > interfaces.
> > > 
> > >  dmesg says:
> > > bnx2: Can't load firmware file "bnx2/bnx2-mips-09-6.2.1b.fw"
> > 
> > This is because you have the kmod-bnx2 package which contains a newer
> > driver (2.2.1) but not a complete set of firmwares (two out of five files
> > missing).
>  Looks like a vanilla kernel bug.
> 
>   http://lkml.org/lkml/2012/4/17/268

What you're hitting is similar but not the same. You installed an rpm that 
redhat built for a few new NICs as part of their DUP (Driver Update Program):

 https://rhn.redhat.com/errata/RHEA-2012-0503.html

Afaict, they say not to use it for other NICs. In your case a non listed NIC 
broke because that package lacked some firmware.

That is, the problem is crystal clear, bug in the kmod-bnx2 package (but it 
could be claimed to be a documented limitation...).

> > This machine is using the normal bnx2 driver (2.1.11) for which there is a
> > complete set of firmwares (provided by the kernel-firmware package).
> 
>  Spot on - the working machine did not have kmod-bnx2 installed.
> 
> > If you don't need the 2.2.1 driver I suggest you remove the kmod-bnx2
> > package from the first machine and fall back to the driver in the normal
> > kernel package.
> 
>  Installing without kmod-bnx2 worked, and I also had to get rid of
> kmod-cnic, which /tmp/yum.log listed as requiring kmod-bnx2.

"yum remove kmod-bnx2" is suggested way to remove packages in a dependency-
aware way.

/Peter

signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos