Re: [CentOS] use parted to create "raw paration"????
> fdisk /dev/sde > > Hit p to see the list of partitions. Press d to delete a partition. Press n > for a new partition. Or you can just use t to change the filesystem type. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What NAS device(s) do you use? And why?
> If you use any NAS (or a SAN) devices, what do you use? And I'm > referring more to larger scale network storage than your home PC or > home theater system. We're using two different products that qualify under that heading. For NAS devices, which are our primary backup medium, we use the QNAP TS-809U-RP. Not stupidly fast but for backup's they're decent. Some might argue they're SOHO but for our use, they do what we need. Now for the primary SAN at head office we use the D'Link xStack DSN-5110-10. 12 disks in 2U. We ponied up for the redundant controller model which gives us true HA. On our model we can scale up by an extra three drive chassis if we wish, giving us up to 48TB (based on 1TB SAS disks). The 5210 & 5410 will scale up to an extra six chassis giving the user up to 84TB, more if they spring for 2TB SAS disks. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Novell sale news? (OT)
> XHTML is supposed to be semantic, e. g. it indicates clearly that "this > is a quotation", "this is an abbreviation", etc. The only thing > Dreamweaver can do is put cleanly indented brackets around > everything, to make sure no search engine leafing through the page will > ever have the slightest clue about the content. Which is bad. I'm not sure what you mean exactly. XHTML is a derivative of HTML4 that conforms to the XML standard. It doesn't add anything not already present within HTML 4.01. And to the best of my knowledge there is no provision within xhtml for custom tags that give context or semantic information, that's what XML is for.. And the DIV & SPAN tags are a normal part of writing html now, the idea being to get rid of the random spew of formatting tags with the far cleaner CSS. How it impacts the search engines I wouldn't know, I'm just going based on the best practices suggested by the W3C. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Novell sale news?
> AND not a single word processor or web page building > I've seen writes them clean: I beg to differ. I've used Dreamweaver for years and while I can't speak for the latest versions, the MX version released in 2002 produced some of the cleanest (x)html I've seen. And with their tidy command you could get the code properly indented so it became easily readable. PHP/MySQL code otoh was brutally messy. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] POP3 server
> Anyway if gets the DELE command the message arrived safely to the client. Not guaranteed. DELE command can be issued on an email before the client reads the email. I've used this in the past to remove large emails from a mailbox so the client could finish downloading the rest of their email. Nothing chokes Outlook Express quite like an 8MB email being pulled down over 56kbps dialup. ;-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] POP3 server
> So, I'm wondering if it's possible to tell Dovecot to actually delete the > message when receiving a DELE command instead of marking it for deletion > after the QUIT. Nope. RFC1939 specifically states that the DELE command only *marks* the email for deletion. Once the server enters the 'update' state it will perform the deletion. The only command that can enter that state is the QUIT command. http://www.ietf.org/rfc/rfc1939.txt -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Why WOL? ( WAS: Re: Getting Wake on lan to work )
> You need to do * and you don't want it running wasting power while > you don't need it? So in summary, none of my uses. ;-) VMware covers the server side, and the client PC's go to standby mode till a timer wakes them up to scan for updates. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Intel DP55WG centos 5.5 support?
we evaluated this board but instead decided to go with the SuperMicro X8SIL-F. It doesn't support the core i5 and core i7 but it has VGA and there are Xeon parts that match the core i5 and core i7 specs. -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Coert Waagmeester Sent: Monday, October 18, 2010 5:05 AM To: CentOS mailing list Subject: [CentOS] Intel DP55WG centos 5.5 support? Hello all, I have looked around on the HCL and on other hardware sites. Do any of you have experience with Centos 5.5 64 bit on these motherboards? Regards, Coert Waagmeester ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] best practices in using shared storage for XEN Virtual Machines and auto-failover?
> What is the best way to connect a NAS / SAN to these 2 servers for > this kind of setup to work flawlessly? The NAS can export iSCSI, NFS, > SMB, etc. I'm sure I could even use ATAOE if needed Unless you want to use cluster aware filesystems I'd say NFS is your best bet. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Why WOL? ( WAS: Re: Getting Wake on lan to work )
On a semi-related subtopic, Why do I want WoL? What concrete examples are there where it's useful? I understand what it is and how it works but the "why" has eluded me. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LDAP authentication on a remote server (via ldaps://) [SOLVED]
> Well, that's simply *not* true... says the guy who, 20-30 years ago, had > to read IBM mainframe manuals I can attest to IBM manuals of that era. :-) Few years back while working for a bank I came across one of the original manuals for the IBM 4702 Branch Controller. And I thought early eServer manuals were a tough slog. ;-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] GDM could not write to you authorization file ... Please contact your system adminstrator
On Wed, Oct 6, 2010 at 6:16 AM, Brent L. Bates wrote: > This error sounds familiar. If it is the same problem I've had a couple > of times, every time it happens, I forget what it was I did the last time to > fix it. :-( After I remember, it seems almost obvious. > After some more googling I found the solution and it wasn't obvious: sudo chmod 1777 /tmp In the case I really think the error message needs some improvement. I can see where getting the permissions right on the mount points can be tricky. I hope the rest of my permissions are ok. I used the following to do the heavy lifting (cd src; tar cf - --xattrs .) | (cd dest; tar xf -) Don't remember why I chose this over a cp -R based solution, or a similar idiom using dump/restore instead of tar. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] GDM could not write to you authorization file ... Please contact your system adminstrator
There are no selinux related log messages. Tried disabling it anyway. Didn't help. On Tue, Oct 5, 2010 at 11:25 PM, cornel panceac wrote: > what happens with selinux disabled? > > -- > When one door is closed, another is open. > (Robert Nesta Marley) > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > > -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] GDM could not write to you authorization file ... Please contact your system adminstrator
I am the system administrator. I have a system that was built with a default install which resulted in everything in a single file system except for /boot wrote some scripts to split out: /home, /usr, /var, /opt, and /tmp to separate file systems/logical volumes it looks like it ought to work, There's plenty of space in all the filesystems and I can log via ssh and have write access in my home directory. Logging in via ssh did result in a new .Xauthority file being automatically created, but that did not help. Googleing around I saw a thread where the user was actually out of disk space, but before that was established somebody asked if /home was on a different filesystem from /, but what to do in that case never came up. Another google thread suggested looking in .xsession-errors, but I don't have one. I've found irrelevant ubuntu suggestions regarding ubuntu only packages. Still googleing -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] sata AHCI controllers (real and virtual)
I saw something somewhere about AHCI support requiring kernel 2.6.19 or later. But the current CentOS/RHEL stable kernels are 2.6.18 I'm trying to run CentOS/RHEL in a VirtualBox vm, which by default creates sata virtual disks with an AHCI virtual controller. These virtual machines are quite unstable, and I'm wondering if the AHCI virtual controller is the problem. I do have a real physical AHCI controller and I'm wondering if I should try it on a CentOS/RHEL 5.5 box, or if I should wait for RHEL/CentOS 6, before even attempting it. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] slightly OT: dban
> This command will take forever and ever and ever (reads against /dev/random > blocks as the kernel runs out of entropy). /dev/urandom would be better but > still not very fast. I recently came across a replacement for /dev/urandom called frandom that the author claims is 10x faster on i686 hardware. Based on my own tests within a VMware Player VM, frandom can generate 150MB/s when piped to /dev/null. Tests on writing to disk were a modest 50MB/s which is about all what my laptop's disk can handle. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vgrename, lvrename
On Sat, Sep 11, 2010 at 2:55 PM, Robert Heller wrote: > At Sat, 11 Sep 2010 13:45:55 -0600 CentOS mailing list > wrote: > Note: in the case of mkinitrd, you will need to rebuild your initrd if > you expect to actually boot the machine after renaming the volume group > and logical volumes. You'll need to *manually* mount the root and /boot > (at least) someplace (eg under /sysroot), then chroot there. Don't > forget to fix /etc/fstab and /boot/grub/grub.conf (root=...). Googling got me the command: /sbin/mkinitrd -f /boot/initrd-$(uname -r).img $(uname -r) Unfortunately this resulted in: error opening /sys/block: No such file or directory error opening /sys/block: No such file or directory The renamed root lvm filesystem is mounted on /mnt/root the /boot is in /dev/sda1 and mounted on /mnt/root/boot before doing the chroot, I tried sudo cp -a /sys/block /mnt/root/sys Even though it was done with root privilege I got a lot of read permission errors, but a lot stuff did copy, maybe I got what I need. did the mkinitrd, no errors Lets try booting from the hard drive. Hmm there's a splash screen, that's a good sign. No Joy. It's not booting and complaining about not finding stuff with the old names. Did I screw up the grub.conf edits. Just checked they are ok. It finds the volume groups with the new names then complains about the old names: Volume group "VolGroup00" not found Unable to access resume device (/dev/VolGroup00/LogVol01) Hmm. That's the old name of the swap device. There's at least one more piece of the puzzle that's missing. Lets boot up the Live CD again. And take a closer look at fstab. Looks good to me. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] vgrename, lvrename
Hi, I want to rename some volume groups and logical volumes. I was not surprised when it would not let me rename active volumes. So I booted up the system using the CentOS 5.5 LiveCD, but the LiveCD makes the logical volumes browsable using Nautilus, so they are still active and I can't rename them. Tried: /usr/sbin/lvchange -a n VolGroup00/LogVol00 but it still says: LV VolGroup00/LogVol00 in use: not deactivating Did some googling and found out that other folks have had problems with mkinitrd, but I haven't gotten that far yet. Made a wild guess and killed my nautilus process, a lot of stuff disappeared from the desktop, then reappeared along with a new nautilus process. Still googling, but haven't found anything useful so far. Any idea? -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenVPN throughput
On Mon, Aug 30, 2010 at 4:20 AM, wrote: > Last year i've been doing some experiments with openvpn. > Just as the O.P. I was curious about sustainable throughput, and was > disapointed about the results > > To obtain maximum resulst, i did: > - use two rather heavy machines (HP DL380-G6, dual quad core) > - two dedicated 10Gb-nic's > - cross-connect both nics > - DISABLE openvpn-debug (as it is VERY cpu expensive) > - raise MTU to 4K > > Bottleneck was (in my case) the openvpn-process, that was running 100% on a > single core, > While network was not saturated. > > So for max throughput, it is probably strongswan (ipsec) or hw-encryption [or > both] > What was the bandwidth when the cpu bottlenecked? Were you running a single tcp connection transferring a single file? Or, a mix of traffic with multiple tcp connections, udp traffic, etc? I'm wondering if a more complex traffic mix would get the other cpus working, and increase the total throughput. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenVPN throughput
Sounds like you need boxes with more cpu. What's the output when you type: cat /proc/cpuinfo into a shell prompt? What kind of traffic goes over the link? Lots of low bandwidth connections? A few high bandwidth connections? Lots of high bandwidth connections? Some combination of the above? Just testing a bunch of boxes with a variety of specs may give you a better answer the pondering the mysteries of the specifications. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] upgrading storage on hardware RAID 10 possible?
> Can anyone please tell me, from experience, if it's possible to > upgrade the hard drives in a RAID 10 system from 250GB HDD's to 500GB > / 750GB HDD's, while the server is running? The server runs CentOS 5.5 > x64. > (snip) > > So, I'm wondering, is it possible (and safe) to upgrade the existing > drives to larger drives in a running server? Assuming we're discussing hardware RAID then the answer is *maybe*. Some raid cards support array expansion through disk replacement and some don't. Your vendor may be correct in saying the systems doesn't, they may not. Only way to know for sure is to reviews the spec sheet of the raid controller you use and look for something along the lines of "Online Capacity Expansion" (IBM's term for the capability) or the like. I went through this exercise recently with some older IBM server's I inherited in my department. We wanted to upgrade the disk's in one server from 36's to 74's and after consulting with my vendor, and my own digging, it was determined to be impossible. The new controllers being shipped otoh do come with the capability and I've made a point of only ordering cards with the feature. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ethernet Quad
>>> Sorry to hijack this thread, but it could be relevant. >>> As matter of interest, do these cards offer lower throughput than 4x >>> single 1GB cards? > If you should use them in a PCI slot yes, not if you use them in a PCI-X > or PCI-e slot (although you could saturate a PCI-e x1 with 4 gbit ports I > think). Not with the Intel Pro 1000's. The PCIe versions require a x4 slot in the dual or quad configuration. Can't speak to the PCI-X version as I don't have any in my inventory. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] When should LVM be used?
> I understand the advantages when using a server, but my personal > computer is a Small Form Factor Dell GX270 with only one hard drive > slot. But I'll look closer into LVM options when I install on the > bigger hard drive. Thanks. Those examples actually came from situations I faced with a home PC. :) I had a small VIA Epia based PC with a 40GB internal drive that I had to expand because it didn't have enough space. I added a couple of external USB enclosures and expanded that way. Later on I ended up migrating the same data off the external enclosures and onto a QNAP I'd acquired because the USB enclosures were too small. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mirrors down?
> And it's still going. What we have here is a massive problem with the > mirrors. > > So, any *real* idea what's going on? > > mark Other then http://mirror.harvard.edu/ everything referenced in your test is showing as up. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] When should LVM be used?
On Sun, Aug 1, 2010 at 6:35 AM, JohnS wrote: > > On Sat, 2010-07-31 at 05:32 -0700, Drew wrote: >> >> I'd still want a separate partition for /var for the SAN >> configuration. I've seen more then one machine brought to it's knees >> by overflowing log entries. > --- > I can't really argue that point there. I've seen iptables do the same > as also auditd. Carefulness in log watching is the key. You check your > logs? > > John I do. Daily emails with copies of all logs and a summary disk usage statement of all partitions. I learned my lesson about log files a while back. ;-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to get a grasp on NTP server/client access control options
> --8<-- /etc/ntp.conf --- > ... > server 0.centos.pool.ntp.org > server 1.centos.pool.ntp.org > server 2.centos.pool.ntp.org > > ... > restrict 0.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery > restrict 1.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery > restrict 2.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery > ... > --8< > > This means roughly : "use these three public NTP servers to synchronize, > but don't let them mess with your configuration". No. The "server" lines are to tell NTP what servers to query to keep it's own clock in sync. The "restrict" lines are used to limit which ntp clients are allowed to use your server to sync their clock and what alterations (if any) the client can make to your server. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] When should LVM be used?
> Is there any reason to use LVM on a personal desktop install of > CentOS? It seems to me, for my purposes, that LVM is just a pain in > the neck -- although I've always just let CentOS set it up during the > install in the past. I would like to be able to use parted to resize > partitions when I want to, and also I'd like Vector Linux to be able > to read and write data to the CentOS partition. Would I be missing > something by not installing LVM, or is this mostly for server purposes > anyhow? LVM adds flexability that regular partitioning can't. Example 1. Say you've mounted an entire 2TB disk as /home and it's almost full. Now you want to add another 2TB to /home. How do you? Easiest way is with LVM. You just add the new disk into LVM's pool of storage and expand the home partition (Logical volume) to use the new space. Now you have a single filesystem spread across two disks. Example 2. Now let's say that you bought a NAS device (QNAP, Drobo, Buffalo) that does iSCSI or NFS and you want to move your data off the two local disks. With LVM you just add the new 'disk' into the pool then tell LVM to move existing data off the 'old' disk. Try doing that with parted. :-P -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] When should LVM be used?
> Yea the default works but how is it Plain Wrong? If it was flat out > wrong then Upstream would not allow it. Raid 1 disk array with one hot > spare on a hardware raid controller under a SAN server is what you > saying is wrong? Case is, the array is not using /home or /var; were > only exporting nfs luns direct attached. What on earth and why would I > want to have another drive for /var &/home in this case. I'm just > asking but not arguing. There are cases where it works exceptionally. > In fact my opinion is it works nice for newbies, untill they gets a lil > experience. I'd still want a separate partition for /var for the SAN configuration. I've seen more then one machine brought to it's knees by overflowing log entries. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ip address from range script
= $range[0]) and ($ip <= $range[1])) {
return true;
}
}
foreach ($ips as $ip) {
echo "Checking $ip!\n";
foreach ($ranges as $range) {
$rd_displaya = long2ip($range[0]);
$rd_displayb = long2ip($range[1]);
echo "Checking for $ip in $rd_displaya - $rd_displayb";
if (checkip($ip, $range) === TRUE) {
echo " Match\n";
} else {
echo " No Match\n";
}
}
}
?>
-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of
Jozsi Vadkan
Sent: Thursday, July 29, 2010 9:54 AM
To: Centos Mailing List
Subject: [CentOS] ip address from range script
TEST-A.txt: list of ip address ranges [AS/isp's in a country]
TEST-B.txt: list of ip addresses
I just need to know, if an ip in the TEST-B.txt is in a range of
TEST-A.txt
cat "TEST-A.txt"
63.31.63.0/24;9007;44536
64.65.0.0/19;9000;8263
62.64.14.0/21;9001;6852
cat "TEST-B.txt"
63.31.63.2
64.66.5.4
63.31.63.66
62.64.14.231
output:
63.31.63.0/24;9007;44536
63.31.63.2
63.31.63.66
62.64.14.0/21;9001;6852
62.64.14.231
-> so is an ip address [in TEST-B.txt] is from my country [TEST-A.txt]
or not?
thanks:\
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] To PAE or not to PAE...
>> I was wondering if anyone would know the cons of running a PAE kernel...? >> I have a 4GB pc and was wondering if it was worth going the PAE way to gain >> those exta 700MB... > You should use 64 bit if possible but if you're seeing 3.2GB, it's more > likely that your motherboard is not capable (I have one of those here > right now). > >> In the past, I heard that these 700MB were normally reserved for bios or >> chipset >> stuff... > It still is, even with with 64 bit. If your motherboard supports > remapping this memory with 64 bit you can use the whole 4GB. Otherwise > you're limited to 3.2: Second this. It doesn't matter if you use PAE or x86-64. Without support in the bios for remapping the lost memory you'll never recover that extra RAM. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] boot process glitch due to missing 2nd disk
> Well, they would not even let you pay for it and overnight it to you > then send the old one back for another drive so you could break even? It's > an utmost priority if you have all common hardware to keep replacement disks > on site no matter who you work for or company. Which is why you'll always find spares of the most commonly used drives & components on the shelf in my tech room at work. SCSI, SATA & even IDE. All ready to be pulled, "in the event." Master images (w/ 2 spare's pre-imaged) are kept for certain plant PC's where downtime can run in the tens of thousands of $$$, per day, when we're down. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: ?? Centos Still Broken, Red Hat won't fix ??
> And I'd still be interested (as in, genuinely curious, not skeptical) to > hear what sorts of applications benefit from optimized kernels (HPC? I/O > intense?) and what kind of performance increases one can get. I'd be interested as well. I can see HPC applications potentially benefiting but what about "real world" applications? Web, Email, Databases, App Servers, etc I'm specifically curious about it as I spent some time in Gentoo Land and optimized everything seemed to be the mantra. In my own experience the *apparent* performance difference between a system compiled as "AMD optimal" vs "Standard x86-64" was minimal to the point of being unnoticeable. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Live CD problems
Hi, I'm trying to repair a remote system using the Live CD. I have VPN access to the subnet where it lives. An onsite person is booting from cd, and running a small script I provided to tweak the default firewall rule set to allow incoming ssh, and set a password for the centos user and start sshd so far so good I can remotely access the system. the problem is the live cd environment is very fragile. I need to rebuild the contents of a couple filesystems, so I need to umount them and remount them rw. If I make a mistake in a mount command instead of giving an error message and letting me try again. The system freezes and any other ssh session freezes, ahnd will not accept any more incoming ssh connections. the only way I have found to recover is have the onsite person reboot from cd and rerun the script allowing incoming ssh again. Hmm. I should try to talk the onsite person through trying something else from the console. Argghhh!!! This is more than just an annoyance. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba and " (and maybe other characters) in paths/files
> You must be spoiled by always using GUI tools that present a pick list - no > one > would ever type all that crap every time they want to access a file. And, you > could just as well use underscores instead of spaces and get the same visual > effect AND still permit natural 'break on whitespace' command line parsing of > your shell commands. I always thought Microsoft and Apple encouraged using > spaces in filenames explicitly to make it difficult for people to continue > using > command line tools. Actually ... For someone who manages Windows systems for a living I spend quite a bit of my day at the commandline. And that's why tab completion is my friend. :-) Let's not get into the whole windows debate and "WTF is a Windows Admin doing on a Linux forum?" type of questions. :-) It's the environment I inherited, "politics," and some badly thought out projects on my predecessor's part keep Windows in the shop. I just don't tell anyone just how much linux there actually is in the shop. ;-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS MD RAID 1 on Openfiler iSCSI
>> Barring that I've had good luck with Linksys over the years. We just >> recently installed a 48port gigabit switch in the office that set us >> back around $900. Equivalent Procurve was priced at around $3000. >> > > ??? > > For $3000 I can get PoE+, 48 port gigabit + two expansion slots (empty), > vlan, QoS, routing, yada, yada. > > What are you getting for your Linksys? Model? Linksys SLM2048 SMB Smart switch. 48port gigabit + 2 SFP slots, VLAN, QoS, etc. I have to make a slight correction to my price. The equivalent Procurve we could find was the 2510G-48 which was quoted at around $1800. The $3000 I mixed up was for a Cisco managed switch. It's been one of those days. ;) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba and " (and maybe other characters) in paths/files
>> Samba can serve files with " to Linux clients. It's a Windows >> limitation not a Samba one. > > Thanks. Well that's a bit sad really... I don't if it's so much "sad" as a design choice for NTFS. In Windows/NTFS one can put spaces in a filename so the " is used as a delimiter of sorts on the command line to tell programs the spaces are part of the file/path name and not a separator between arguments. I'm bound to be flogged for saying this but to be honest, I don't see any issues with having spaces in my file names. :) I'd rather have a file named "2010 Budget Proposal for CEO Review" then 2010budgetproposalforceoreview sitting in a directory somewhere. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS MD RAID 1 on Openfiler iSCSI
>> D-Link? :-D. I had to get D-Links when money was a bit tighter but now I >> have HP Procurve 9210al switches. >> >> /me stomps on Cisco crap. > > D-Link had always been decent to me so that's what I usually go for if > available. I've heard people mentioned the HP ProCurves for many years > as really good stuff but I also thought Cisco was the industry > standard? I've heard good things about the HP Procurve's as well. Both my local vendors claim good success with them and the lifetime warrranty isn't so shabby either. Barring that I've had good luck with Linksys over the years. We just recently installed a 48port gigabit switch in the office that set us back around $900. Equivalent Procurve was priced at around $3000. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using CentOS Live CD to recover trashed RHEL system
On Thu, Jun 24, 2010 at 7:53 PM, Joseph L. Casale wrote: > > The part I'm not certain about is the grub voodoo to get the system to > boot to > > the lvm with the restored root file system. > > Look at ./etc/lvm/backup/* in your dumped files, it will show you the VG, > LV and ID. Create your new VG and LV, then edit fstab to reflect or > recreate it w/ > the same names. Just make sure fstab reflects whats actually in place. The seems to be something here that I don't get! I have booted from a cd and am running CentOS, I'm assuming my active root file system is some sort of read/write ram disk overlaid on top of the read only file system from the cd. At the moment the right terminology to express this escapes me. I have the original system disk that is corrupted. It needs at least two partitions since the boot loader does not yet understand lvm. There is a tiny ext2/3 file system that contains /boot which contains the boot loader/grub stuff. I assuming we are talking about "legacy grub" not grub2. And there is a second partition containing an lvm PV and within that is a LV containing the root file system. I do have a level 0 dump of /boot in addition to the level 0 dump of / I can restore the contents of /boot and / but things will proabably not end up in the same physical sectors. Running grub the right way should update parameter for the boot loader to first tranfer control to the right place in /boot which then accesses the right filesytem in the right PV/LV You seem to be saying that all I need to to do is tweak /etc/fstab in the root file system in the new pvn/lvm. Actually as I try to explain my current understanding things are getting clearer. It seems to me that at least one more step is required. getting a proper chroot jail environment set up so I can run a grub command to update the boot sectors on the RHEL5 system disk to transfer control to the right place in /boot and update /boot so that it can mount the right filesystem on / I'm still hoping to find complete documentation with an example of how to do this. -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Using CentOS Live CD to recover trashed RHEL system
Hi, There's a RHEL5 system somewhere across the internet with a trashed root file system. I have VPN access to the subnet where it lives. But the system is not talking to the network. The current plan is having an onsite person boot from a CentOS Live CD, copy a small script to configure networking, set a password for the centos user, start sshd, and tweak the default firewall to allow incoming ssh connections, once I have remote access to the live cd environment I'll create a new lvm logical volume, create a file system, and restore from a level 0 dump taken from a lvm snapshot just before things broke. I'm pretty confident I have all of the above under control. The part I'm not certain about is the grub voodoo to get the system to boot to the lvm with the restored root file system. I'm not certain of the vintage of the restored root file system it was built from an old RHEL5 installation cd and last updated a year or so ago. I have a CentOS 5.5 live cd .iso image staged for the onsite person to burn. Are there differences in the boot process for CentOS/RHEL 5.x versions that I have to worry about. Would it be better to try to get a closer match between the root file system and the live cd vintages. At the moment I'm googling for info on the grub incantations for changing the root file system logical volume. Any comments suggestions would be appreciated. Thanks, -- Drew Einhorn "You can see a lot by just looking." -- Yogi Berra ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP file upload limit
> I have no problem setting my upload limit ( upload_max_filesize ) to 1 > GB but for some reason 2 GB or above seems to be no go. Would anybody > know why? Could it be one of the many 32-bit vs 64-bit issues? upload_max_size is not the only variable that would affect uploading. You may also want to look at the settings for: post_max_size -- uploading files is done through the HTTP POST mechanism so this has to be at least as big as upload_max_size memory_limit -- If memory limits are enabled, this also must be larger then upload_max_size It may also be a 32bit limit as well: (from php.net) Note: PHP allows shortcuts for bit values, including K (kilo), M (mega) and G (giga). PHP will do the conversions automatically if you use any of these. Be careful not to exceed the 32 bit signed integer limit (if you're using 32bit versions) as it will cause your script to fail. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't update CENTOS - mirrore issue? or what?
Perhaps he has an invalid URL specified only for addons and not base/updates? thanks, -Drew -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Karanbir Singh Sent: Monday, May 24, 2010 3:17 PM To: CentOS mailing list Subject: Re: [CentOS] can't update CENTOS - mirrore issue? or what? On 05/20/2010 09:57 PM, Ryan Manikowski wrote: >> Could not retrieve mirrorlist >> http://mirrorlist.centos.org/?release=5&arch=i386&repo=addons error was >> [Errno 4] IOError:> resolution')> >> Error: Cannot find a valid baseurl for repo: addons > > Disable the 'addons' repo and your problem will be resolved. That sounds like a bit of very random advice, given that Dave's dns is not responding - how would disabling the addons repo have an impact on Dave's nameserver ? - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] route question
> 74.X is eth1 24.X is eth2 and 192.X is eth0 > I have iptable rules for 24.X:25 to goto 192.X:25 and port 80 also. > This works > I have iptable ruls for 74.X:25 to goto 192.X:25 and port 80 also. This > does not work. > > the default route is set for 24.X network and it seems like that is why > that network is working. > If I change the default route to 74.X then the 74.X network works and > the 24.X network stops working. This sounds more like a destination NAT issue then a routing issue. If I'm correct you have a server behind eth0 that handles traffic forwarded to it from either eth1 or eth2. So if someone types in the IP address of eth2 (or eth1) in their browser they'll get your server behind eth0. Am I correct? If so, what you want to look at is something called "destination NAT" or "port forwarding." -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing a CentOS based distro with Raid driver - Citrix XenServer
> thanks for answering, but it seemed it is quite difficult to know if a > RAID is a Fake or a real HW RAID, > my server (ie S5000PAL) is using 1068 or 1064E RAID chipset to allow > using RAID, I don't realy know > if it is either a good SW or HW RAID but my boss doesn't want me to use > Linux RAID instead of the SW RAID > provided by the system itself I have a pair of 1064's in a server at home and I can confirm they are true hardware RAID. They only support RAID 0, 1, or 10 at most though. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNSSEC
Hi, It's enabled by default if BIND is the right version nothing needs to be done. I found it kind of sad that the version of BIND that comes with the latest version of CentOS 4 is so old that it doesn't support DNSSEC. thanks, -Drew XLHost.com -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of m.r...@5-cent.us Sent: Friday, April 30, 2010 1:07 PM To: CentOS mailing list Subject: [CentOS] DNSSEC Well, folks, There's an article on slashdot, <http://tech.slashdot.org/article.pl?sid=10/04/30/1258234> Excerpt: ...the coming milestone of May 5, at 17:00 UTC - at this time DNSSEC will be rolled out across all 13 root servers. Some Internet users, especially those inside corporations and behind smaller ISPs, may experience intermittent problems. The reason is that some older networking equipment is pre-configured to block any reply to a DNS request that exceeds 512 bytes in size. DNSSEC replies are typically four times as large. --- end excerpt --- I followed the link from the story to <https://www.dns-oarc.net/oarc/services/replysizetest>, a coordinating organization, and tried their test (as root): dig +short rs.dns-oarc.net txt And see that where I work, we're not ready. Is anyone following this, and/or have a HOWTO on enabling it for CentOS? mark (need to check this at home, too) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS installation on x86 platform
> Actually it didn't read the Windows installtion CD and just boots up > from its CentOS . The windows install CD's are not like Linux ones. They only give you 3-5 seconds to "Press Enter to boot from CD" before they default to whatever device is next on the boot priority list. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 12-15 TB RAID storage recommendations
Those drives are likely fading out of the array because they aren't meant to be in arrays in the first place, Adaptec has told us that if you use consumer drives with their cards you are operating at your own risk. -Drew -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Don Krause Sent: Tuesday, April 13, 2010 3:20 PM To: CentOS mailing list Subject: Re: [CentOS] 12-15 TB RAID storage recommendations On Apr 13, 2010, at 11:57 AM, nate wrote: > John R Pierce wrote: > >> well, IF your controller totally screams and can rebuild the drives at >> wire speeds with full overlap, you'll be reading 7 * 2TB of data at >> around 100MB/sec average and writing the XOR of that to the 8th drive in >> a 8 spindle raid5 (14tb total). just reading one drive at wirespeed is >> 2000,000MB / 100MB == 20,000 seconds, or about 5.5 hours, so thats about >> the shortest it possibly could be done. > > More likely your looking at 24+ hours, because really no disk system > is going to read your SATA disks at 100MB/second. If your really lucky > perhaps you can get 10MB/second. > > With the fastest RAID controllers in the industry my own storage > array(which does heavy amounts of random I/O) averages about > 2.2MB/second for a SATA disk, with peaks at around 4MB/second. > > Our previous storage array averaged about 4-6 hours to rebuild > a RAID 5 12+1 array with 146GB 10k RPM disks, on an array that was > in excess of 90% idle. Rebuilding a 400GB SATA-I array often > took upwards of 48 hours. > > nate > > For a "real life" example, we have a 3 year old 12x 1TB SATA box using an Adaptec RAID controller, doing RAID 6 that takes about 3 days to rebuild the array each time a drive fails. Which, to date, has happened 10 times... (Fortunately, this is only a BackupPC box.) FWIW, we've not experienced a second drive failure during the rebuild process, yet. But we have had drives fail within a few weeks of each other, so it's probably going to happen one of these days.. -- Don Krause Head Systems Geek, Waver of Deceased Chickens. Optivus Proton Therapy, Inc. www.optivus.com "This message represents the official view of the voices in my head." ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SATA Switch
I know with Ubuntu if it detects Windows is installed it automatically does all of this. Never tried with CentOS because we don't use it as a desktop OS. thanks, -Drew -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of Tim Nelson Sent: Tuesday, March 30, 2010 10:22 AM To: CentOS mailing list Subject: Re: [CentOS] SATA Switch - "Matt" wrote: > Does anyone know of a front panel SATA switch? I would like to have > one drive with 'Windows 7' and another with linux on my PC but do not > want them on the same drive. There are definitely more elegant ways of doing this, specifically by configuring your bootloader properly. BUT, if you must have a physical mechanism for switching drives, see here: http://www.cooldrives.com/4posaiisw3ba.html For that kind of money, I'd spend a few hours getting (more) intimately familiar with GRUB. :-) --Tim ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Network tuning for working with very old Solaris
> FWIW, I *never* liked 3Com adapters, I never understood why they were so > popular with the PC crowd. My fiddling with PC networking goes as far back as '98 and Novell Netware 3.13/4.0. Back then I recall a lot of Netware folks telling my to buy nothing but 3Com as their networking gear was supposedly rock solid. Until Intel started releasing the Pro/100 & Pro/1000 series, 3Coms were pretty much all you found in my gear. Also helps that Linux drivers worked 'out of the box' in earlier versions (pre-6.0) of RH. ;-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Multipath and iSCSI Targets
>> Depends on the target and the setup, ideally if you have 4 NICs you >> should be using at least two different VLANs, and since you have 4 >> NICs (I assume for iSCSI only) you should use jumbo frames. > > Jumbo frames should only be used if your CPU can't keep up with the > load of 4 NICs otherwise it does add some latency to iSCSI. How much latency are we talking about? I'm looking into gigabit networks at for both home & work and while home isn't so much an issue, work could be as I'm in the planning stages of setting up a gigabit network to allow some iSCSI NAS/SAN devices to back a bunch of VMware servers that we're due to get for our next refresh. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How can I access a ZIP file that's over 2Gb?
> The problem with x86 (32-bit) is that there's two different memory limits. > The total amoumt of accessible memory is 4GB (2^32 Bytes) but the total > amount of memory per process is limited to 2GB. That means that even on 64- > bit system and more than 4GB of total memory a 32-bit process cannot > access more than that, which is why a ZIP file larger than that can cause > trouble on any system. I highly doubt that Windows will be able to > decompress that file. Depending on the tool you use (built-in unzip tool? > Winzip? Winrar? 7-zip?) you might be able to access the file and view its > contents, but you will probably fail unzipping it. Someone must not have told Windows (XP 32bit) that then. :-) I'm staring at a 6.26GB backup of my samba share that WinRAR has no problems reading & extracting files from. I also routinely burn iso images of DVD's which are around 4GB. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] compilers a security risk?
>> I don't have enough experience to assess the security issues. Does >> anyone have an opinion on this? It would be simple and feasible to >> allocate another domain as suggested above. As was stated by others the compiler itself isn't any more of a security risk then any other tool. If a hacker can get root he can just as easily upload binary packages as he can compile source. That said, I'd still recommend running a second VM as a build environment. That way if for some reason an update to those custom packages somehow horribly breaks the entire OS (don't laugh, I've seen it happen) it's only the build environment you've trashed and not the production environment. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Clustering
> When you talk about the free version are your referring to Vmware server > or is there a free version of Esxi? The website is a little misleading > with "free trail" and such. ESXi is free to use. ESX / vSphere is the paid version. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Clustering
> Thanks for the info. Looks like VM would be the way to go. I have been > looking at Vmware and virtualbox. Would you recommend Vmware over > virtualbox? > Whats your thoughts on Vmware server over esxi? > Really do not want to have to budget for Virtualization if I do not have to. I know some will disagree with me but for production I recommend sticking with VMware's ESXi product, which is free, unless you have need of some of the more advanced features which are available through paid options. The downside of offerings like Virtualbox or VMware Server, where the guest OS is hosted inside the app running on a full blown OS, is the host itself. In my experience, the smaller footprint of VMware ESX(i) reduces the amount of maintenance required as well as has minimal performance impact of the guest OS's. That said, apps like Virtualbox / WMware server do have their place. At work I routinely create virtual machines under WMware Server to experiment with new software before releasing it into the wild at work. The cost overhead of running Server on my own workstation is acceptable for testing but I wouldn't consider it for production. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Clustering
> Right know we have about 30 or so linux servers scattered through out or > district. Was looking at ways of consolidating and some sort of redundancy > would be nice. I'm in the process of going through something like that right now. The solution we're pursuing is to virtualize our existing physical servers in virtual machines and consolidating those VM's on a smaller number of larger servers. The tools we're using allow us to keep a warm copy of a VM on redundant server and if we lose an entire server we're up within 3-5min with minimal data loss. As the servers we're installing have VMware ESXi embedded in the server and storage is pulled from redundant iSCSI backends, data loss due to server failure is minimal. And as part of the backup process includes regular off-site backups of the data and VMs to another office we can, in theory, lose an entire building and still continue to function. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Clustering
>>> Just wanted to get the lists opinion on clustering and what project to >>> use. Any info would be greatly appreciated. >>> Thanks >> >> There are all types of clustering. What are you looking to do? > > I guess the main objective would be availability. We need more information then just an "Availability Cluster." What application(s) do you want to cluster? What sort of environment/budget are you working with? What objective(s) are you trying to achieve? What are your expectations of the cluster itself, beyond just high availability? -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Unable to update a CentOS 4 : urlopen error nonnumeric port: 8080
> http://mirror.centos.org/centos/4/updates/i386/repodata/repomd.xml: [Errno > 4] IOError: What's your mirrors config file look like? I'm thinking something in the url is messed up. Most likely a missing '/' after the 8080. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization software to install Windows as guest on CentOS 5 as host ?
> No no no not kvm > Vmware are the best Yes and No. Each has their own strengths and their own weaknesses. I use ESXi in production because the smaller footprint and 3rd party tools I have make management & backup exceptionally simple to use. I'm also supporting a mixed Windows / Linux shop so I already have a Windows PC that runs the management apps. Only thing I don't like is not being able to log into VM's from the console, something I can do with KVM/Xen. I'm playing around with KVM and Xen at home because the host in each case is my home PCs. I use them because I have a few tools I use as a student that only run on Windows, and my wife isn't fully converted to Linux yet. :-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization software to install Windows as guest on CentOS 5 as host ?
> I know nothing about vmware and virtualbox on this score. VMware ESX(i) has their own set of optimized drivers for disks (and Lan). Forget the names off the top but they are paravirtualised and are available for Linux & Windows. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] very large difference between df and du (10 GB, hard to believe)
> > I rebooted on the CentOS v4.8 CD #1, started "linux rescue" : > > After the reboot that would be taken care of, so that's not the issue here. My understanding of the difference between df and du was that du reports the actual size of the file while df reports the space allocated by the filesystem. So if a filesystem allocates 64KB per block and a file is only 2KB, du will report 2KB and df will report 64KB. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: free DNS service?
I believe I now know how to flush that cache and will do that, before I change the "A" record to point to the IP of the new server again. Hoping MyDomain.com will lower the TTL from 3600 to 300 for a few days, so I can do the testing/migration I need to do a lot faster. - Even if your DNS provider lowers your TTL to 300 it doesn't mean other peoples servers (like ours) are going to expire their cache that quickly. thanks, -Drew ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 8-15 TB storage: any recommendations?
>> ...that said, it's not much worse than the competetion, storage simply >> sucks ;-( > > So you are saying people dole out huge amounts of money for rubbish? > That the software raid people were and have always been right? Depends what the software raid people were saying. :) Hardware & Software RAID have their places. We use HW RAID exclusively in our shop (SMB w/ multiple sites and I'm the sole tech.) but that's because I can't always be on-site when drives die so it's nice to know I can be out of town for a few days and if a drive packs it in the RAID system in our IBM servers is plug & play. I get the alert, call our vendor, and he shows up 9am next morning with a replacement drive. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] CAT5 IP-capable rackmount KVM units?
> That may be true for the solution you know but certainly it is not true > for many solutions out there. Look for "KVM over IP". > > As a quick example, see this page: > > http://www.lindy-usa.com/kvm/extenders-listed-by-features/kvm-over-ip/ Miguel, What you're referring to is accessing the KVM box itself via IP, which the Aten does allow. What Aten *also* does is use CAT5 cable to link the KVM switch to various adapters which plug into the server(s). It's the signalling on those lines that Brian was referring to, not remotely accessing the KVM itself. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos & UPS
>> That said, I do prefer NUT because I've been using their tools for a > Hi! From where (which repo) can NUT be installed for Centos 5 ? epel has a copy of the "old stable" 2.2 branch in their repo. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos & UPS
HI Robert, Either apcupsd or NUT(network ups tools) will work. I've used both and IMO apcupsd often seems to have better support for the newer APC units then NUT does. That said, I do prefer NUT because I've been using their tools for a lot longer. I also run a mixed shop, APC & Liebert UPS's protecting virtualised CentOS & Windows Server 2003 instances, so NUT's been more flexible for me. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rhn_register
> Is this available on CentOS systems? > If so, what advantage does running it provide? As far as I know, that package is used to register your server with RedHat as part of the RedHat Network subscription system to get their updates. On a CentOS box it's pretty much pointless. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Inquiry:yum?
Yum-Arch is, I think, a red herring. Yum-Arch, according to pbone: "This package only provides the old yum-arch command from yum-2.2.2 It should be used to generate repository informations for Fedora Core < 3 and RedHat Enterprise Linux < 4." So that's not even relevent to CentOS 4 or 5 in any way. Hadi: Have you tried downloading and installing the yum package from the CentOS mirrors? -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NIS failover
> Hard to believe, but certain very well known organizations refuse to get off
> NIS for critical and secure systems.
{{citation needed}}
:-)
--
Drew
"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 486 custom kernel
> Gentoo? What do you have against the OP? Why subject him to such madness and > unnecessary pain? :D Don't be dissin my friends over at the funny farm. :-P We likes our 36hr recompiles because the cflags on our l33t boxen weren't "just right". :-) It's actually not a bad distro, just gets a bad rep because of the crazy (usually younger) ricers that seem to gravitate towards it. I use it on my MythTV boxes because of the level of customization I've done in my rigs, something I've never been able to achieve in any package oriented distro. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] AIDE or OSSEC on CentOS 5.4 x86_64?
On Sun, Nov 29, 2009 at 7:55 AM, Rob Kampen wrote: > David McGuffey wrote: > >> Starting with a fresh load and after I finish hardening the load >> following the Center for Internet Security (CIS) guidance, I'm wondering >> whether AIDE or OSSEC would be a better intrusion detection system. >> >> I installed AIDE and did a quick test of AIDE and after initializing the >> db and applying the recent cups update, I found that 1700+ files had >> changed. Those are a lot of changes to wade through to determine if >> they are legit or not. If that is all that AIDE can do, then it is not >> "manageable." >> >> Seems to me that any IDS must be tied to the yum update process so that >> one is not dealing with hundreds/thousands of changes that were brought >> in by a yum update that I choose to apply. >> >> Is OSSEC any less noisy? >> >> DaveM >> >> >> Also, check out http://ftimes.sourceforge.net/FTimes/index.shtml Even if you choose another tool, I recommend reading their paper. http://ftimes.sourceforge.net/FTimes/Papers.shtml And the related tools hashdig and XMagic are worth a look. > ___ >> CentOS mailing list >> CentOS@centos.org >> http://lists.centos.org/mailman/listinfo/centos >> >> > I run both of these on my servers. > AIDE is noisy, however it is simple to scroll through the list of files > that it shows and determine that the folders with all the changes relate to > the yum update or install that I know about. After a yum update, I run > another aide --init and cp the new db over the old one - I do this once a > week after the logrotate takes place, thus most days have only two ~ ten > files to look at. > BUT the real outcome is I get to sleep easy knowing that something will > know about every file change. > OSSEC can also be noisy but it also adds some other useful monitoring and > emails me when certain events occur. > Most of these event I know about, thus I delete the email and life is good. > The real benefit is that if the number of log messages suddenly grows I get > warned, if I get 10 tries from one IP address to dovecot using different > hostnames I get warned etc... > I get to choose the level of response, by applying my experience and > expectations to the mix. > I do not think there is any tool you can just set and forget for IDS > functions. > HTH > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > > -- Drew Einhorn ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recommend Mail Server
I know everyone else has said it but postfix is a great replacement for sendmail. Another tool I've found that I like is ssmtp. It's not a replacement for sendmail/postfix by any stretch but if you want a simple down & dirty tool to send email from an internal server to your main email server it's good. I use it on a server at home and on test rigs at work for emailing results of cron jobs to my own account. Don't know if it's available in yum as I haven't used it on a CentOS box yet. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing a PHP class
> Well that was my first try, so I tried to lookup if that lib path was
> recursive
> anyway, is it important that all files be in one directory in this path?
That won't work because, assuming we're talking about the same class
(see my prev email), the files need to be put somewhere in your
website's directory structure so they can be pulled in by the calling
script. I do something similar, without classes, on a website I've
written. I'll have a require("./framework/helpers.php"); somewhere at
the top that calls in the needed functions. The same would apply to
pulling in classes.
--
Drew
"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing a PHP class
Hi Joseph, Do you mean the graph() class by Zack Bloom?. All that's really needed is to extract the zip to it's own subdirectory in your code and use a couple of php include/require statements to pull in the files containing the class. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] php config security concern for c5
> a recent post on bugtraq hilighted an issue with how upstream has > configured apache to invoke php, namely using addhandler, which has the > behavior of matching the extension anywhere in the file. this means > that foo.php.jpg will be run as php. where this becomes an issue is web > apps that allow uploads into the webspace for images, pdfs, etc. if the > app assumes that anything.jpg is safe, this addhandler feature will > surprise it. Hi Joe, Are you sure this is limited to just CentOS? I've seen that config used before on other distro's apache configs. >From the Apache 2.x Docs: --- Care should be taken when a file with multiple extensions gets associated with both a MIME-type and a handler. This will usually result in the request being by the module associated with the handler. For example, if the .imap extension is mapped to the handler imap-file (from mod_imap) and the .html extension is mapped to the MIME-type text/html, then the file world.imap.html will be associated with both the imap-file handler and text/html MIME-type. When it is processed, the imap-file handler will be used, and so it will be treated as a mod_imap imagemap file. --- So if example.php.gif is read by apache, the AddHandler for php5-script (mod_php) will take precedence over the mime-type handler for .gif (image/gif) and the file will be treated as a php script. >From that it almost sounds like it's not a bug, just apache's own rules of precedence for handling files that match multiple extensions/mime-types. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] vsftpd question
>> Please stop being rude to the members of this list. > > I am not being rude in the least. Perhaps it is because email is so > difficult to communicate attitudes, as we all know, that you are viewing > things one way while I am saying them another. At any rate, please accept my > apologies, although I have not been rude and therefore truly have no need to > apologize. Hi Victor, The problem here, what's got people calling you rude, isn't the language of your posts to this list, it's the questions. We all have day jobs and we come on this list to ask questions to help us better complete our day job and/or our hobby. That's not to say that we expect everyone on this list to be linux experts, far from it. What we do expect is that people will have done their homework, reading the manuals/man pages, googling the problem, etc before they come to the list. To many us, myself included, you've come across as someone who hasn't done their homework before asking questions. Simple things like "How do I start MySQL at boot?" take a few minutes of reading the CentOS manual to find the answer. When you pose the question, someone answers with "read the manual" (because the answer is easy to find), and you respond with "I'm too busy to read the manual, I'll read it later", that comes across as extremely rude. It's rude because is shows disrespect for the time we take out of our day to read lists like CentOS and help others. Hope that helps. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RAIDs and JBOD?
> Lets say I have three drives "knocking" around which are all 1TB SATA > II drives but each made by a different manufacturer. I am going to > guess that these couldn't be used in a RAID 5? Or could they? They can in fact. There might be minor differences of a few sectors between the drives but md RAID will account for those by using the 'smallest' (lowest sector count) drive as the base. > However could a similar result of 2TBs of data with redundancy be > achieved with JBOD? JBOD (Just a Bunch Of Disks) has no redundancy. The redundancy enters when you assign those disks to RAID sets. > Also regarding RAID 5, three drives of data to one for parity is the > max ratio I believe? I.e. to expand this by adding another data drive, > the original parity drive would no longer cover this and another would > be required, is this correct? No. The parity will be the same size regardless of how many drives are used. > One more question about hot swappable drives, I understand that you > can create RAID arrays with and without hot swappable drives but I am > confused by this concept. I'm my experience with RAIDs I have only > every delt with a RAID 1 that has degraded. I simply set the drive as > offline, replaced it, set it to online and the RAID rebuilt itself all > without restart the server and operation was never interrupted. So we > can presume the server had hot swappable drives enabled yes? (It was a > hardware RAID). With a software RAID is this still achievable? All hot swappable drives allow you to do is replace them without having to completely shutdown the machine. In hardware raid this is often built in such that you can replace a drive without telling RAID ahead of time and it will compensate. IBM xSeries servers are a good example. Software RAID can also do this but you have to tell the RAID system that you plan to remove the drive and then tell it when you add a new drive back. Hot swapping disks is also dependent upon the drive controller supporting hotswap. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] administering an MS Windows partition under Linux
> Reinstallation repairs reinit the registry which borks all the > applications installed, so it is always better to just reinstall. Not since XP. I've done half a dozen or so "Repair" installs of XP over the last couple of years and to date I don't think I've lost an app's config due to the re-install itself. The losses of apps were usually due to any corruption of the filesystem, missing files or the app's registry entries. That said, it's always preferable in XP to start fresh if it's that bad. Sometimes you can't though. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Serious Privileges Problem: Second Post!
> Nonsense. You can't solve it either, can you? You're as stumped as the rest > of us...but arrogant, too. > V Victor, To be brutally honest, you haven't given the list the info we need to help you solve this problem. I've been following this thread and so far I'm seeing a puzzle with half the pieces missing. That said the first line of your error messages typically indicates that the script can't find the python executable pointed at by the script on the #! line. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Inquiry:Mainboard type?
EPIA is the name for the family of motherboards VIA makes in the Mini-ITX & smaller form factors. The series includes about 4-5 different processor families ranging from the old C3 's up to the Nano processor. The only way I know of to figure out which which mainboard you have is to cross reference the outputs of "cat /proc/cpuinfo" and "lspci -v " against VIA's own specs lists. You may even have to go so far as to open the unit's case to find the silk screened model number. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OFFTOPIC MAILSERVER PROBLEM WITH JAMMCONSULTING.COM Re: Free or low cost online backup?
> Your neil and webmaster addresses reject mail from sasktel.net (the > largest ISP in Saskatchewan, Canada), my own mailserver > (melvilletheatre.com), and gmail.com. > > Your mailserver definitely needs some attention and repair. Not to be an ass Frank but have you considered the mail config on your end? I had a look at your server's IP/DNS info and I'm reasonably certain it appears on my default blocklist/spamlist as well. Why? Because the IP you use appears to be assigned by your ISP to a residential DSL/Cable pool. A lot of spam filters mark emails from those ranges as automatically suspect or outright reject them. This is because the ranges marked for residential use usually have Terms of Service that prohibit running public facing services so a lot of spam filters automatically consider any email server in those ranges to be rogue. If that's not the case and you have a business grade line, I'd suggest having a chat with your ISP to get that corrected. Our company's ISP, Telus, assigns 'clean' IP blocks for the commercial grade DSL lines we have. I can't speak to GMail's issues but I have noticed that ISP's occasionally get blacklisted if their email servers get used for relaying. I had this issue several years back out west here in BC with Shaw Cable getting but on Spamhaus' RBL till they changed their email policies. You used to be able to send email with *any* sender address as long as you had a valid login with Shaw. That has since been changed. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: pager pay
> For goodness sake keep a log. > "On call" jobs often violate state and federal rules > for exempt and non-exmpt status. Mileage for the second > trip to the office should be compensated in some cases. I've checked with our Provincial & Federal laws and our "Pager Pay" setup is legal. It should also be noted I'm salaried w/ banked OT and it's my call what shifts and/or how much extra time I work. > In some cases the key is the nature of the leash. If they restrict > your travel or lifestyle there may be a problem. I do keep a log, and get it signed off on by our General Manager. In our company I am the IT department so ultimately, I have to deal with the problems anyways. My general rule of thumb is that unless it's a showstopper, I'll wait till Monday to deal with it, at which point it's back on the regular clock. And when I do go out of town, my office just has to grin and bear it till I get back. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Low End NAS hardware.
> What exactly does the home-server do that couldn't be done on the > clients connected to it, once they are running? Run Linux 24/7. :-) For what I do with my PC it's far safer to store my files on a seperate machine. I tend to tweak linux a lot (I run Gentoo) so breakage is a regular thing. I've learned through the last few crashes that backups and storing files off the PC are the best way to keep my spouse, and therefore me, happy. For some reason she gets mad when our photo collection isn't accessible on the media box. :-) -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Low End NAS hardware.
Hey, The recent discussion on NAS/SAN and the Thecus N8800 got me to thinking. Bit of background. I have an old Dual Athlon MP2800+ that I'm using for a home web/file server. It runs fine but between the noise of the various fans and it's location in the living room, I've been asked by my spouse to find a replacement for it that's smaller & quieter. Looking at the Thecus, and based on experience with Atom based Mini-ITX systems at work, I was thinking about rolling my own. My questions is, for a small home server that runs apache/php/mysql and Samba, how well do the Mini-ITX boards like the VIA C3/7 & Intel Atoms handle this sort of task? I've used VIA systems as MythTV frontends but never as file/web servers. I'd expect they'd do fine for home use but I've never tried. Thanks, -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] the ongoing wait for centos 5.4
>> "Windows 7 coming soon!!!" >> no date. no reason. Just churn. > > Windows 7 will be out on the 22nd Oct 2009. Your local computer > Shop did not try hard enough to find this out? I think the store's aim was to generate a "Cool. When?" response from clients to draw them into the store so a sales rep could schmooze more money out of the client. :) Future Shop, a large Canadian electronics retailer, does this all the time. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.4? anyone?
Jeremy Rosengren wrote: > On Thu, Oct 15, 2009 at 7:07 AM, Miguel Di Ciurcio Filho > mailto:mig...@ic.unicamp.br>> wrote: > > mbneto wrote: > > Hi, > > > > The last status (from twitter) is 2 days old with the '5.4 is baked! > > centos internal network will start syncing up today. Release ~ > soon!'. > > Any ETA? > > > > Just relax and wait, this is a _volunteer_ based project. Want a release > date? Go pay for RHEL. > > > This response is just as annoying as the request for an update. > > -- j +1 Annoying and rude. This might be why the Linux community as a whole gets such a bad rap. -Drew ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: pager pay
Like Max I don't have "pager pay" but I do get paid for call outs. My phone is fully paid for (approx $60/m) and call outs are paid at time and a half (Sunday is double time), minimum one hour. All travel time is considered call out time and mileage is eligible for $0.50/km. I'm on call 7am to 9pm Mon-Sat and I usually work 7am-5pm Mon-Fri. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 10 Year old IT Infrastructure
I'm in the position of having both the mission critical & regular servers. Our mission critical machine, an app server that runs about 90% of our business, we lease so it gets recycled every five years. For us, it's worth the extra cost to have equipment under warranty with parts guaranteed next business day and a local IBM rep who can be on-site within an hour if something goes wrong. The less critical machines we actually plan to push out to ten years if possible. Those machines, also IBM's, run our email, website, file serving, and some small web apps we've developed in house. We can tolerate downtime on those machines for a day or so while I scrounge parts. And given we don't expect to be outgrowing those machines any time quick, I can't justify the cost of new servers. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] current howto for DSL?
> A lot changes in 7 years > > Anyway, so I just fire up adsl-setup, and it should walk me through; then > run adsl-start? At that point, should I be able to browse to Verizon's > setup your account website? If the ADSL modem provides an Ethernet jack w/ DHCP then it's usually even simpler then that. Just plug your computer in, fire up the DHCP client and away you go. Both our local ISPs, Telus (ADSL) and Shaw (Cable), use that sort of setup and I've never had to touch the defaulting networking config, other then the firewall, on a linux box. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNS Serving - Why my own?
> Can anyone explain why I might want to run my own DNS Server in-house? > I have a comcast business circuit and use their DNS servers and when I > need entries, I use GoDaddy where I buy my domains. Depends on the size of your organization. My at home setup has a few PCs & CentOS boxes so it's easy enough to manage host entries through the little gateway/router that I tweaked. The company I manage IT for OTOH, has close to 50 PCs & 6-7 servers (mixed Windows & CentOS) spread across three subnets and four offices. We use Active Directory so DNS resolution of our internal hosts is important. Two of the servers are also public facing (behind firewalls) so we have DNS setup to direct internal clients to the internal IP of the server & external clients access the public IP of the server. The internal DNS saves me and the staff from having to remember the mail server's IP and can just access it via the same name as the rest of the public. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Build a Firewall (Can I learn to do this...)
If you want a simple packet filtering firewall then CentOS or one of the purpose built linux firewall distro's will suit you well. If you want more then just packet filtering, there are better options. You haven't mentioned what sort of business applications you are running. How vital to your business are those servers? Which ones are internet facing & what apps do you plan to run? Do you also plan to run the office's general internet connection through this same unit? The company I work for is in the process of replacing our aging PIX firewalls and one option we're testing, and are quite pleased with so far, is Astaro's Security Gateway products. They're linux based so use the iptables firewall but also offer more then just packet filtering. There is a cost, around $1500 for a 120, plus subscriptions for updating the signatures databases on the various filters. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
> Not quite. It is more a matter of a standard only being useful if > everyone does what it says. Picking a new location that no one > currently uses is always the worst possible choice. So are revolutions but those seem to work well on occasion. :-) >> My argument is that those same Unix admins no doubt placed it there >> because it made functional sense at the time. > > It is not a functional thing. It's a name. A name is a way to for a person to remember an object or a concept. Names can then be arranged and organized. How names are organized is important in the context of how and where the users and admins interact with them. It may not make a functional difference to apache that the website resides in /srv/www instead of /var/www but it may matter to the admin that client facing data stays away from machine files. > Linus started out with the idea of emulating Solaris/SysVr4. If that's > not what happened, it is a failing of Linux. It didn't and I wouldn't call that a failing. Linux has outgrown it's original roots and is now a full fledged operating system competing with Unix. > Aren't all files 'client facing' if the machine has a purpose? What > other reason would you have for any files? How about performance logs, access logs, and audit logs? All of which are stuff you would put in /var and I'm sure we can agree you wouldn't want the client to see those until they've been processed. So not everything faces the client. >> I agree with you on standardizing libraries but I fail to see how that >> has any relevance to where an admin should place their client facing >> files. > > Standardizing libraries would be a functional reason to embrace the LSB. > Otherwise it makes about as much sense as having a committee make up > new names for your kids. If mount points and volume sizes were also > standardized, it might be reasonable to standardize what goes where, but > they aren't and shouldn't be because the machines will differ in size > and purpose. I don't think you're understanding my argument here. I'm not arguing against library standardization, in fact I'm for it, nor am I arguing about the purpose of the LSB. What I am trying to ask is what relevance does the LSB's existence and/or library standardization have to do with the FHS, and specifically the /srv folder? As far as I'm concerned the FHS could have been written by RedHat, IBM, or Oracle and would in no way impact discussing the relevance of the /srv folder. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
The argument you're expressing, as I see it, is that there is really no difference whether or not the files are stored in /var or /srv because in the end they're bits on a disk so where in the file system they end up doesn't matter. /var was chosen years ago by Unix admins so why change it to /srv? My argument is that those same Unix admins no doubt placed it there because it made functional sense at the time. Over the years that location became a convention and therefore became an arbitrary location. The LSB is reviewing that same functional choice in light of what changes have occurred in how we use servers and they feel that it makes more functional sense to break those files out into their own tree. As far as breaking tradition from Unix, last time I checked porting an app of reasonable size over from Linux to Unix is not a simple process. The choice to put client facing files in one directory or another is a minor part, at best, of that process. I agree with you on standardizing libraries but I fail to see how that has any relevance to where an admin should place their client facing files. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
> Not likely... Storage paths are all arbitrary and if a standard has to > make up a new location that breaks existing concepts they've already > done something wrong. Times change. What worked well on Unix 20-30 years ago isn't necessarily the best way of doing things today. Websites for example have moved from static html on the arpanet & university sites to the rich multimedia content we see today. Back then the idea of a website infecting a computer was unheard of. Now an entire industry has cropped up around protecting systems from malicious content. > So far the LSB has been good at making up things > that nobody used before - not so good at getting everyone to agree to > change (and change again every time they change their minds). I've never seen an entire industry move rapidly to adopt change unless there are significant incentives to do so. And as the incentives for Linux to do so are primarily "best practices" I don't expect to see a wholesale move anytime soon. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Stupid Question (Linux antivirus)
> Will the software be used in a commercial environment? If not, then you > could use AVG from Grisoft:- > http://free.avg.com/download > I've used it for a couple of years now and haven't had any problems. > Come to think of it, it hasn't found any viruses either!?!?! Perhaps > I've been lucky, but I prefer to believe my email server is fairly good > at rejecting spam etc. I'm sorry but stay as far away from them as you can. AVG 7 was great, I used to recommend it all the time, but version 8 has become really bloated and chews through resources like no-ones business. I installed it on a dual-booted (XP/Debian) Laptop w/ 512M RAM and after upgrading from 7 to 8 my machine in XP began to lag badly. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
> So I don't see consensus here. What if my served data ist "variable > data"? An no distinction between man made or machine made is given here. > Also this might not be flexible enough for some scenarios. Is the data being stored customer facing or internal to the machine? That's the rule of thumb I see applied to what goes in /srv. In a LAMP box for example I'd expect to see the website(and site logs), database files, and POP3/IMAP spools stored in srv directories. Machine specific data like system logs and email processing spools get stored in /var. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
> I really wish RH would hop on the /srv bus. The broad distinction is > fairly easy to grasp: /var for variable data of general interest to > the machine, /srv for stuff related to a specific service. In general, > /var is machine-generated, /srv is person-generated. > > If you maintain it with $EDITOR and it's available with $DAEMON, it > goes in /srv. (How's that for a stunningly broad generalization? :-) It's not just RH/CentOS that are guilty. Last time I checked Debian does this as well. On my webserver I've just grown used to making up my own /srv/www entry and symlinking /var/www to /srv/www so the system doesn't complain when apache & related apps get updated. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS for non-tech user
The other thing is that ubuntu does some things I consider odd, and puts > some things in odd places (say, not having your web stuff under /var/www, > etc). That may be because they're aiming for compliance with the Filesystem Hierarchy Standard ( http://www.pathname.com/fhs/ ). Web related stuff goes under /srv/www. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SATA controler req
> I'm looking for a recomendation for a SATA controlers. In the range of 4-8 > ports, either PCI or PCIe (for desktop use) and/or PCI-X, PCIe (for server > use). I'd especially like it if the Linux driver was already in CentOS or > easily added. Everytime I find something interesting, a google search shows > up > either the drivers is for 2.6.30 (ie, not CentOS), someone tried it and it was > unstable, or it has a proprietary driver. Linux ATA has a good compatibility list if you're interested: http://linux-ata.org/driver-status.html#sii311x SiL 3124/3114 based units come highly recommended though I've never used them myself. That said, the SiL 3124 based boards from Addonics are on my firm's short list for a possible mass storage project. I personally like the Promise TX4 as I've never had any driver issues with >=2.6.18 kernels. The units have no BIOS so they just plug in and work. Only downside is they are only available in PCI. -- Drew "Nothing in life is to be feared. It is only to be understood." --Marie Curie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum issue with extras repo?
On Fri, Sep 11, 2009 at 3:15 AM, Ralph Angenendt wrote: > > On Thu, 2009-09-10 at 09:01 -0600, drew einhorn wrote: >> > This is related to the problem at hand how? >> > >> >> The OP has a problem resulting from mixing standard and 3rd party >> repos, and has noticed some obvious issues. > > No, he doesn't. His yum hangs. > Obviously yum hangs. It hangs because he is improperly mixing 3rd party repos with the standard configuration. Someone suggested just removing the 3rd repos, and continuing on. I don't know how long this has been going on: 1) Somewhere along the line an incompatible package from a 3rd party repo could have been installed as a result of his yum configuration. Just returning to a standard repo config. Will not uniinstall any incompatible packages. The OP should be alert to this possibility. It is a difficult problem to diagnose. We do not have good tools for this. 2) Presumably the OP had a valid reason, for mixining standard and 3rd party repos. yum-priorities is a good, but not perfect tool for mixing repos. Rather than removing all 3rd party repos the OP might want to configure yum-priorities -- Drew Einhorn ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum issue with extras repo?
On Thu, Sep 10, 2009 at 9:41 AM, Rex Dieter wrote: > drew einhorn wrote: > >> epel is not concerned about their >> compatability with other 3rd party repos. > > Please, stop the FUD. > >> And there is >> a lot of lingering animosity. Just mentioning epel in some >> places is enough to evoke a bitter response. > > and thank you so much for perpetuating the problem. > I'm sorry. Your are absolutely correct. I should not have commented on the intent of any repo developers. However the fact remains that all repos test the compatibility among the packages they distribute, and test for compatibility with packages distributed in the standard repos. They do not do as thorough a job of testing with respect to all other 3rd party repos. There are other 3rd party repos, they probably have not even heard of much less tested. I do use epel on some systems. There are packages I sometimes need that are not included in other repos. In my repo yum-priorities configurations epel either comes immediately after the standard centos repos, or it is near the end, just before "testing" versions of other repos. We really need better repository tools, when dealing with multiple 3rd party repos. It is not easy to see which packages came from which repos, much less understand compatibility issues among packages from different 3rd party repos. We would be in a better place if the repotag had survivied the repo wars. -- Drew Einhorn ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum issue with extras repo?
I should probably rewrite the following, moving some paragraphs around. But I'm done for now. On Thu, Sep 10, 2009 at 3:20 AM, Ralph Angenendt wrote: > > On Wed, 2009-09-09 at 15:09 -0600, drew einhorn wrote: >> On Wed, Sep 9, 2009 at 2:13 PM, Akemi Yagi wrote: >> > On Wed, Sep 9, 2009 at 1:02 PM, Dave Stevens wrote: >> >> As you can see below I am having a problem checking for updates. This >> >> happens repeatedly. I have to kill the process then rerun. I have >> >> tried "yum clean all" but no joy - the process hangs again on "extras" >> > I suspect it is the non-CentOS repos that are causing the hang (?). >> > >> > You might want to check that by running: >> > >> > yum update --disablerepo=\* --enablerepo=base,extras,updates >> > >> > and see if this one runs fine. >> >> This will get things back to standard repos only. >> >> But if you have already loaded an incompatible package from a >> nonstandard repo, this will not fix it. > > This is related to the problem at hand how? > The OP has a problem resulting from mixing standard and 3rd party repos, and has noticed some obvious issues. There may be much more subtle, less obvious issues. For example, a 3rd party repo, may have replaced a standard library with a version with a subtle incompatibity. It may add a bug, along with a feature necessary to support another package that it provides. It doesn't happen often. But it can and does happen. >> Rather than trying to figure out what you have and how to fix it, >> it may be easier to start over an build a new system from scratch. > > This isn't Windows. > True. But figuring out which packages came from which repo, can be difficult. There was a hotly debated repotag battle that could have mitigated the problem. The epel folks were strongly opposed. The problem becomes really nasty, when package xyz from repo A, is incompatible with package xyz from repo B. >> You can probably get the 3rd party repos to play nicer with one another >> by using yum-priorities. >> > This is related to the problem at hand how? > The OP was using packages from the standard repos, epel, and a couple other repos I never heard of for a reason that he did not share with us. yum-priorities can be used to control which packages are installed from which libraries. Count the mumber of packages on your system. Do a: rpm -qa | wc If you have subtle problem with compatability between repos. Do you want to go through all those package determine which repo each package can from and determine whether there are compatibility issues with packages from other repos? Or do you want to start over installing only packages from the centos repos that have been tested by the centos developers. Then add third party repos with yum-priorities preventing centos packages from being replaced by non centos packages, but adding needed packages and their prerequisites from 3rd party repos. >> There are techniques for finer grained management of >> compatiblity issues among repositories, that I have never >> needed to learn about. Someday this is going to sneak >> up and bite me. > > Yes, probably, but still not related to the problem at hand. > epel is careful not to replace package from the standard repos. I have no idea whether the repos other repos (I never heard of them) are as careful. epel is not concerned about their compatability with other 3rd party repos. And there is a lot of lingering animosity. Just mentioning epel in some places is enough to evoke a bitter response. I did not want to get into those issues. Sometimes the problem does get all the way down to very nasty, tangled compatibily issues among repos, and there is a solution, but it's not easy. >> Pretty sure there is a 3rd party repo page in the centos wiki. > > Yes, but you couldn't be bothered to check, could you? > > Sometimes it would be smarter to not try to help. > I'm not the one who has a problem and needs to do the research on this problem. I gave the OP a hint on where to look. > Ralph > But since you insist. Here's the wiki page on repositiories. http://wiki.centos.org/AdditionalResources/Repositories New repositories have been added since the last time I looked. I have not looked to see whether the repositories used by the OP are discussed here. And here the wiki page on yum-priorities. http://wiki.centos.org/PackageManagement/Yum/Priorities > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Drew Einhorn ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
