Re: [CentOS] Freeradius, openldap and TLS (thread breaking)
Thanks for your reply re. TLS On Fri, 15 Apr 2016, Patrick Laimbock wrote: > It's unclear what you mean. I saw a new message on the ML and responded to > it. Where did this 'threading breaking' take place? My mistake; apologies to to other list members. I had replied to an existing message, to grab the list address with a minimum number of keystrokes. I had forgotten that my mailer would automatically include the Message-ID header in hidden In-Reply-To: and References: mail headers. Mailman (used by the CentOS list archives) creates message threads first by In-Reply-To and then by Subject headers. This caused my message to be grouped with the existing messages about "mount bind problem" in https://lists.centos.org/pipermail/centos/2016-April/thread.html (per e.g. https://www.mail-archive.com/mailman-users@python.org/msg62609.html) The mail client Thunderbird appears to use a different algorithm; in that, I see your message (this one I'm replying to) in the original "mount bind" thread, while in the archive I see it in a separate thread. Andrew ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Freeradius, openldap and TLS
We have a freeradius server using LDAP authentication against openldap. We have had freeradius-3.0.4-6 on CentOS 7 successfully communicating with openldap-servers-2.3.43 on CentOS 5. We need some features in freeradius-3.0.12. When I build that on CentOS 6, it initially works, but then develops TLS errors. We can search and authenticate against the LDAP server with Apache, and with ldapsearch using ldaps:// URLs and with start_tls. If I ask the freeradius community, I am told unequivocally to use OpenSSL not NSS. (currently, radiusd is finding the server CA certificate in /etc/raddb/certs/cert8.db but the client certificate in a PEM file after looking in cert8.db first) Is this possible with the standard CentOS builds, and if so, is there a tutorial or examples anywhere ? If not, has anyone solved this problem ? -- Andrew Daviel, TRIUMF, Canada ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Skype on CentOS
On Thu, 6 Aug 2015, Liam O'Toole wrote: On 2015-08-06, Digimer li...@alteeve.ca wrote: If you're not stuck on CentOS 5... It would be nice, as that's what we're still using in production. That article seems unnecessarily complicated, at least as far as CentOS 6 and 7 are concerned. Skype is in the nux-dextop repository (which repository is mentioned in the article), so a simple 'yum install skype' will do the trick. Thanks. I missed that - hadn't heard of nux-dextop - but I did find a specfile. Skype works, but not sending video. I see that the nux RPM installs libv4l.i686 which I was missing, but that didn't help. I've installed xawtv.i686 and removed xawtv.x86_64 so I can see that 32-bit video is working, but still not in Skype. It shows the graphic card, but doesn't actually send. If I plug in my infrared camera on USB, that works, but at TRIUMF I want to use the installed Sony PTZ cameras, not some cheap USB thing. -- Andrew Daviel, TRIUMF, Canada ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Skype on CentOS
I have Skype 2.1.0 running on CentOS 5, but it does not support video. At various times I have tried to install or run more recent versions on CentOS 5 and CentOS 6, but generally they fail for some reason, e.g. library requirements. We would like to run Skype in some conference rooms, for business reasons e.g. job interviews where some participants don't have access to more professional solutions, and as I recall Microsoft shut down gateways to H323. Does anyone have a good procedure for running Skype on CentOS ? E.g. does it run natively on CentOS 7 ? Or will it run with a custom LD_LIBRARY_PATH, as does Mozilla ? Or will it run inside a virtual machine, or with Wine ? We have video capture cards using V4L2 that work with e.g. SeeVoghRN, xawtv and, I think, Ekiga. -- Andrew Daviel, TRIUMF, Canada Tel. +1 (604) 222-7376 (Pacific Time) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disable SSLv3 in sendmail in CentOS 5
On Thu, 16 Apr 2015, Paul Heinlein wrote: On Thu, 16 Apr 2015, Andrew Daviel wrote: RedHat released sendmail-8.13.8-10.el5_11.src.rpm which includes sendmail-8.13.8-ssl-opts.patch which adds support for disabling SSLv3 and SSLv2 in sendmail.cf But as far as I can see there is no support in sendmail.mc - I can't see how to compile sendmail.mc to get the required line ServerSSLOptions in sendmail.cf Does anyone know how to do this ? At the end of sendmail.mc, after the MAILER macros, add a LOCAL_CONFIG, e.g,, LOCAL_CONFIG O ClientSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 O ServerSSLOptions=+SSL_OP_NO_SSLv2 +SSL_OP_NO_SSLv3 +SSL_OP_CIPHER_SERVER_PREFERENCE Thanks. That was too obvious; I should have read more documentation. The generic advisory said to add those lines to the LOCAL_CONFIG section of my sendmail.mc, but I didn't have a LOCAL_CONFIG section, so I assumed it was referring to a newer version of sendmail. Meanwhile, I made a patch for sendmail-cf and sendmail-doc back-ported from sendmail-8.15.1, if anyone's interested. Andrew ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Disable SSLv3 in sendmail in CentOS 5
RedHat released sendmail-8.13.8-10.el5_11.src.rpm which includes sendmail-8.13.8-ssl-opts.patch which adds support for disabling SSLv3 and SSLv2 in sendmail.cf But as far as I can see there is no support in sendmail.mc - I can't see how to compile sendmail.mc to get the required line ServerSSLOptions in sendmail.cf Does anyone know how to do this ? -- Andrew Daviel, TRIUMF, Canada Tel. +1 (604) 222-7376 (Pacific Time) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Dual boot with Windows 8.1, UEFI
(apologies for the length - there are questions at the end...)
I've been running Linux for 20 years, and done a lot of dual-boots. I know
that's old-school now, but I run Linux 95% of the time yet don't want to
lose a Windows system I've paid for - but I've never tried removing it
from a system and reinstalling the same licenced copy inside a virtual machine.
I bought a new laptop back in April this year, after trying to check
online for Linux certification to match what was in the local stores.
There's so many models and variants that's almost impossible, but I found
various HP Pavilion 14 in www.ubuntu.com/certification
and a couple of HP EliteBook in hardware.redhat.com/laptop.
So I bought an HP Pavilion 14-n228ca TouchSmart Notebook,
which came with Windows 8.1 installed.
So I start off doing what I've done on previous occasions - get into the
BIOS, change the boot order, boot a CentOS 6 installation CD as used on
my desktop, go into rescue mode and look at the partitions. Normally I'd
use fdisk, but that says it doesn't understand GPT and I should use
parted. There's 5 partitions, so I use resizefs to shrink the main NTFS
data partition, then delete the partition and recreate it shorter at the
same start location. Then reboot the CD into install mode, create a
Linux partition in the free space, and install CentOS, which adds a
choice of Other in grub.conf to boot Windows.
Then I boot CentOS and finish the install - a couple of glitches; it needs
a kernel parameter iommu=soft to get the USB mouse to work
(nommu_map_single overflow messages), and it needs a firmware file
rt3290.bin for the RT3290 WiFi chip to work (submitted bug 1133288).
Then I try to boot into Windows. From GRUB, I get a screen windows boot
manager with an error message file \Boot\BCD - missing or contains
errors.
The boot sequence is a bit weird compared to what I'm used to - this is my
first machine with UEFI. The BIOS has a UEFI boot order and a legacy boot
order, which has to be enabled. UEFI takes precedence. With legacy
enabled, F9 gives a boot menu with
OS boot Manager
Boot from EFI file
Notebook hard drive
Internal CD/DVD ROM Drive
Notebook hard drive takes me to GRUB.
EFI file takes me walkabout on a Windows file system with folders like
HP, Boot, Windows and what looks like hundreds of locale files -
maybe I can boot in Turkish.
OS boot Manager takes me to an HP/Windows system recovery screen with
various options - continue, troubleshoot, turn off.
continue goes to a splash screen like attempting to repair which
fails. troubleshoot has a command prompt option. That's running Windows
cmd.exe in one of the other partitions, mounted as X:
In that, I find commands chkdsk, diskpart, bootrec, bcdedit etc.
To cut an even longer story short, I did something like:
X:\ diskpart
diskpart select disk 0
diskpart select partition 4 (the NTFS system one)
diskpart set id=ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
X:\ bcdedit /set {default} device partition=C:
X:\ bcdedit /set {default} osdevice partition=C:
X:\ bootrec /rebuildbcd
After doing that, the system partition appears as C:, passes chkdsk, and
the system boots successfully into Windows.
3 questions:
- what should I have done instead to create a dual-boot system on this
hardware (the above is ridiculous and took hours of trials and research)
- how can I make CentOS boot by default (since there is a valid EFI
record for Windows 8, that seems to take preference unless I hit F9 at
boot and manually select the disk)
- is it possible to make CentOS boot via EFI rather than from the legacy
partition boot record ?
- how can I make Windows boot from GRUB ? (I tried
bcdedit /export C:\Boot\BCD, but that did not help - or I have the
wrong file or syntax)
Some documentation refers to a tool in Windows 8 called EasyBCD, but I
can't find it in my system.
--
Andrew Daviel, TRIUMF, Canada
Tel. +1 (604) 222-7376 (Pacific Time)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
