Re: [CentOS] CentOS 9 Stream on Workstation with Ver. 1 x86_64 cpu
Fedora Server, installed and operational. Thanks for your help! On Mon, Sep 5, 2022 at 1:00 PM Leon Fauster via CentOS wrote: > Am 05.09.22 um 17:18 schrieb Mike: > > Thanks very much for the link and your reply. > > Yes, glibc and other core parts set with specific cpu flags is precisely > > what I feared. > > I suppose it's over to debian or prep the old box for recycling. > > > > Give Fedora Linux a try ... > > -- > Leon > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 9 Stream on Workstation with Ver. 1 x86_64 cpu
Thanks very much for the link and your reply. Yes, glibc and other core parts set with specific cpu flags is precisely what I feared. I suppose it's over to debian or prep the old box for recycling. Best regards. On Mon, Sep 5, 2022 at 11:07 AM Fabian Arrotin wrote: > On 05/09/2022 16:15, Mike wrote: > > Hello All, > > > > RHEL9 deprecated version 1 x86_64 cpus. My old testbench HP workstation > > has such a version 1 cpu. I've tested install of Rocky Linux 9 and > > CentOS9Stream but no go upon reboot after install -- kernel panic. > > > > Is there a way to recompile the kernel to handle the legacy cpu after > > install -- via some other live cd, perhaps? > > > > Due to the fact I can't reboot after install, I'm not able to build a > > kernel using the following: > > https://wiki.centos.org/HowTos/Custom_Kernel > > > > Sidenote: I'd also like to include support for btrfs too, but first > things > > first. > > > > Thank you. > > To keep a long story short : don't even try :) > > Worth reading : > > https://developers.redhat.com/blog/2021/01/05/building-red-hat-enterprise-linux-9-for-the-x86-64-v2-microarchitecture-level > > So it's not only kernel but the whole userland and glibc (and others) > that would need to be recompiled, so basically rebuilding the whole > distro ... > > -- > Fabian Arrotin > The CentOS Project | https://www.centos.org > gpg key: 17F3B7A1 | twitter: @arrfab > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 9 Stream on Workstation with Ver. 1 x86_64 cpu
Hello All, RHEL9 deprecated version 1 x86_64 cpus. My old testbench HP workstation has such a version 1 cpu. I've tested install of Rocky Linux 9 and CentOS9Stream but no go upon reboot after install -- kernel panic. Is there a way to recompile the kernel to handle the legacy cpu after install -- via some other live cd, perhaps? Due to the fact I can't reboot after install, I'm not able to build a kernel using the following: https://wiki.centos.org/HowTos/Custom_Kernel Sidenote: I'd also like to include support for btrfs too, but first things first. Thank you. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND server getting DDOS
On 2022-08-03 23:20, Gordon Messmer wrote: On 8/3/22 11:08, Mark Milhollan wrote: Usually that's someone hoping to use you in a reflection attack Doesn't a reflection attack require the reflecting server to answer queries? I'd think that the server logging that the query was denied would indicate that it is not vulnerable to that type of abuse. While this is true, denial of those queries doesn't prevent that server from potentially being flooded with those queries. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package of GCC 12 on CentOS 7
On 2022-06-20 09:38, Pete Biggs wrote: On Mon, 2022-06-20 at 09:20 -0400, Mike Burger wrote: On 2022-06-20 05:03, Pete Biggs wrote: > On Mon, 2022-06-20 at 09:31 +0100, david allan finch wrote: > > Is there an rpm of GCC 12 (or at least higher than 9) available to > > download and install, or is it a case of downloading and build from > > the > > source yourself? > > > That's what Software Collections is for. > > https://www.softwarecollections.org/ > > Specifically you need one of the devtoolset collections - it goes up to > 11 which, unsurprisingly, provides gcc-11 on CentOS 7. So: > > # yum install centos-release-scl > # yum install devtoolset-11 > # scl enable devtoolset-11 bash > Pete, As David was asking about obtaining and installing GCC 12, wouldn't installing GCC 11, as noted above, leave him downlevel? He said "or at least higher than 9". P. (Note to self...reading is fundamental. D'oh!) -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package of GCC 12 on CentOS 7
On 2022-06-20 05:03, Pete Biggs wrote: On Mon, 2022-06-20 at 09:31 +0100, david allan finch wrote: Is there an rpm of GCC 12 (or at least higher than 9) available to download and install, or is it a case of downloading and build from the source yourself? That's what Software Collections is for. https://www.softwarecollections.org/ Specifically you need one of the devtoolset collections - it goes up to 11 which, unsurprisingly, provides gcc-11 on CentOS 7. So: # yum install centos-release-scl # yum install devtoolset-11 # scl enable devtoolset-11 bash and gives: # gcc -v Using built-in specs. COLLECT_GCC=gcc COLLECT_LTO_WRAPPER=/opt/rh/devtoolset-11/root/usr/libexec/gcc/x86_64-redhat-linux/11/lto-wrapper Target: x86_64-redhat-linux Configured with: ../configure --enable-bootstrap --enable-languages=c,c++,fortran,lto --prefix=/opt/rh/devtoolset-11/root/usr --mandir=/opt/rh/devtoolset-11/root/usr/share/man --infodir=/opt/rh/devtoolset-11/root/usr/share/info --with-bugurl=http://bugzilla.redhat.com/bugzilla --enable-shared --enable-threads=posix --enable-checking=release --enable-multilib --with-system-zlib --enable-__cxa_atexit --disable-libunwind-exceptions --enable-gnu-unique-object --enable-linker-build-id --with-gcc-major-version-only --with-linker-hash-style=gnu --with-default-libstdcxx-abi=gcc4-compatible --enable-plugin --enable-initfini-array --with-isl=/builddir/build/BUILD/gcc-11.2.1-20210728/obj-x86_64-redhat-linux/isl-install --enable-gnu-indirect-function --with-tune=generic --with-arch_32=x86-64 --build=x86_64-redhat-linux Thread model: posix Supported LTO compression algorithms: zlib gcc version 11.2.1 20210728 (Red Hat 11.2.1-1) (GCC) P. Pete, As David was asking about obtaining and installing GCC 12, wouldn't installing GCC 11, as noted above, leave him downlevel? -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Email Notification of updates which are available to be applied on CentOS Linux release 7.9.2009 (Core)
On 2022-02-09 11:56, Kaushal Shriyan wrote: Hi, I am running the below open source components on CentOS Linux release 7.9.2009 (Core) 1. nginx service 2. mysql service 3. php framework 4. pph-fpm service 5. composer A Dependency Manager for PHP Is there a way to notify via email if there are any new security updates available for CentOS Linux release 7.9.2009 along with the above open source components which are running? Currently, I am manually running the *yum -y update* command to update the OS along with the above open source components. I have tried for yum-updatesd - Update notifier daemon but it is not available for CentOS Linux release 7.9.2009 (Core). Thanks in advance. I look forward to hearing from you. More info:- https://linux.die.net/man/8/yum-updatesd Best Regards, Kaushal Hello, Kaushal. If you have not already done so, I suggest signing up for the Centos-Announce list at https://lists.centos.org/mailman/listinfo/centos-announce. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] log4j cve
On 2021-12-14 08:31, Steve Meier wrote: Hello Steve, Am 2021-12-14 14:14, schrieb Steve Clark: This is the standard version that comes with CentOS 7 and is the latest available as of a yum update just now. log4j-1.2.17-16.el7_4.noarch yes, that's correct, but it is abandoned nonetheless. According to the RPM's change log, Red Hat backported a fix for CVE-2017-5645. They have not done this for CVE-2019-17571 it seems. I would be very surprised if they'd do so now. Well, given that they indicated on their page for this CVE that they were still investigating the potential for the vulnerability existing in 1.2, it may happen. It would be nice if there was a log4j-2 RPM available for C7, but as of this point, I've not been been able to locate one. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] email address
I recommend unsubscribing the current address and subscribing your new address. On 2021-12-07 08:46, Wells, Roger K. [US-US] via CentOS wrote: How to change email address for this list? current: roger.k.we...@leidos.com change to: roger.k.we...@alum.mit.edu I've tried several times but so far nothing has worked. thx -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How do I download RHEL 8.3 with free license and free subscription for my production servers?
On 1/28/2021 10:40 AM, Andrew Pearce wrote: > On 2021-01-28 15:08, Turritopsis Dohrnii Teo En Ming wrote: >> Subject: How do I download RHEL 8.3 with free license and free >> subscription >> for my production servers? >> >> Good day from Singapore, >> >> I am referring to the following news articles. >> >> Article: CentOS is gone—but RHEL is now free for up to 16 production >> servers > > The start date as mentioned in the article says from the 1st of Feb. > From that article > > As of February 1, 2021, Red Hat will make RHEL available at no cost for > small-production workloads—with "small" defined as 16 systems or fewer. > This access to no-cost production RHEL is by way of the newly expanded > Red Hat Developer Subscription program, and it comes with no strings—in > Red Hat's words, "this isn't a sales program, and no sales > representative will follow up." > > Regards > > Andrew > It seems to be available now. Just log into or create a "Developer Network" account and they just showed up under my "subscriptions" tab. Once you do that it seems like it's all one account. It was confusing why I had to do a separate step. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disk choice for workstation ?
I have seen significant improvement when virtual machine disks are on their own spindle/ssd. I would add an SSD and put the VM's on it. Mike On 12/26/2020 3:20 PM, Nicolas Kovacs wrote: > Hi, > > My workstation is currently equipped with a pair of Western Digital Red 1 TB > SATA disks in a software RAID 1 setup. > > Some stuff like working with virtual machines is a bit slow, so I'm thinking > about replacing the disks by SSD. > > I'm hesitating between three different setups: > > 1) Use a relatively small SSD (120 to 240 GB) to reinstall the system on it. > Keep the two SATA disks in a RAID 1 array and mount /home on it. > > 2) Use a larger SSD (500 GB to 1 TB), install everything (including /home) on > it. Keep the two SATA disks in a RAID 1 array and mount them on /data for > storage. > > 3) Get rid of the disks and go full SSD, with a 1 TB disk. > > Any advice from the hardware gurus on this list? > > Cheers, > > Niki > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-devel] https://blog.centos.org/2020/12/future-is-centos-stream/
Would love to see this get off the ground: Gregory Kurtzer says: I am considering creating another rebuild of RHEL and may even be able to hire some people for this effort. If you are interested in helping, please join the HPCng slack (link on the website hpcng.org). Greg (original founder of CentOS) https://blog.centos.org/2020/12/future-is-centos-stream/#comment-183642 On Tue, 8 Dec 2020, Strahil Nikolov via CentOS wrote: If anyone is considering to fork CentOS 8 (I'm not talking about that "Stream"), count me in. Otherwise I will switch to openSUSE Leap. At least they are not pushing me some testing ground. Best Regards, Strahil Nikolov В 12:07 -0500 на 08.12.2020 (вт), Phelps, Matthew написа: I still haven't seen an answer to the question, "Who made this decision?" and, "How can we lobby to get it changed?" On Tue, Dec 8, 2020 at 9:06 AM Rich Bowen wrote: > The future of the CentOS Project is CentOS Stream, and over the > next > year we’ll be shifting focus from CentOS Linux, the rebuild of Red > Hat > Enterprise Linux (RHEL), to CentOS Stream, which tracks just ahead > of a > current RHEL release. CentOS Linux 8, as a rebuild of RHEL 8, will > end > at the end of 2021. CentOS Stream continues after that date, > serving as > the upstream (development) branch of Red Hat Enterprise Linux. > > Meanwhile, we understand many of you are deeply invested in CentOS > Linux > 7, and we’ll continue to produce that version through the remainder > of > the RHEL 7 life cycle. > https://access.redhat.com/support/policy/updates/errata/#Life_Cycle_Dates > > CentOS Stream will also be the centerpiece of a major shift in > collaboration among the CentOS Special Interest Groups (SIGs). This > ensures SIGs are developing and testing against what becomes the > next > version of RHEL. This also provides SIGs a clear single goal, > rather > than having to build and test for two releases. It gives the CentOS > contributor community a great deal of influence in the future of > RHEL. > And it removes confusion around what “CentOS” means in the Linux > distribution ecosystem. > > When CentOS Linux 8 (the rebuild of RHEL8) ends, your best option > will > be to migrate to CentOS Stream 8, which is a small delta from > CentOS > Linux 8, and has regular updates like traditional CentOS Linux > releases. > If you are using CentOS Linux 8 in a production environment, and > are > concerned that CentOS Stream will not meet your needs, we encourage > you > to contact Red Hat about options. > > We have an FAQ - https://centos.org/distro-faq/ - to help with your > information and planning needs, as you figure out how this shift of > project focus might affect you. > > [See also: Red Hat's perspective on this. > > https://www.redhat.com/en/blog/centos-stream-building-innovative-future-enterprise-linux > ] > > ___ > CentOS-devel mailing list > centos-de...@centos.org > https://lists.centos.org/mailman/listinfo/centos-devel > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LibreOffice locking up
> Can you reproduce the problem with this document? > > And, when the crash happened, could you still ping the computer from > another device in the network? > > Crashing hard so that only a reset helps is usually only possible with a > kernel bug or hardware issue, not something LibreOffice should be able to > do. > > Regards, > Simon > I would agree. In my experience, so called "lockups" are usually the result of the video crashing. If you can ping then try ssh to the box and do init 3 then init 5 to reset the graphics and see if that clears it. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Boot failed on latest CentOS 7 update
It appears that it is affecting multiple distributions including Debian and Ubuntu so it looks like the grub2 team messed up. See https://www.zdnet.com/article/boothole-fixes-causing-boot-problems-across-multiple-linux-distros/ Mike On 8/1/2020 6:11 PM, Marc Balmer via CentOS wrote: > > >> Am 01.08.2020 um 23:52 schrieb Leon Fauster via CentOS : >> >> Am 01.08.20 um 23:41 schrieb Kay Schenk: >>> Well misery loves company but still...just truly unfathomable! >>> Time for a change. >> >> >> I can only express my incomprehension for such statements! >> >> Stay and help. Instead running away or should I say out of the >> frying pan and into the fire? :-) > > The thing, RHEL and CentOS not properly testing updates, cost me at minimum > 3-4 full working days, plus losses at customer sites. > > This is really a huge failure of RHEL and CentOS. > > A lot of trust has been destroyed. >> >> -- >> Leon >> ___ >> CentOS mailing list >> CentOS@centos.org >> https://lists.centos.org/mailman/listinfo/centos > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] perl-Curses in C8?
Are there any repos that would have perl-Curses for CentOS 8? It was always available in epel but not anymore. Thanks, Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netfilter fails to filter traffic from a netblock?
On Sun, Apr 19, 2020 at 9:45 AM Anand Buddhdev wrote: > > Personally though, I find firewalld to be cumbersome, so I remove it > completely, and installed instead "iptables-services". > Ya, i agonized over accepting firewalld. I'm a smalltime manager who wears many hats and doesn't have alot of time to practice sysadmin skills. It took me about 5 years to get confident with iptables and go from fresh install to company firewall in one sitting. Now that I've adopted firewalld which has a wider variety of command/rule statements, I am constantly hitting "man firewall-cmd" and cannot competently recall iptables in any comprehensible way; it's like mixing Japanese and English whenever I try to communicate with a centos box firewall, heh. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Netfilter fails to filter traffic from a netblock?
Thought it might also be helpful to confirm that firewalld is not interfering in any way. what is the output of ~$# systemctl status firewalld On Sun, Apr 19, 2020 at 9:30 AM Jeffrey Walton wrote: > > On Sun, Apr 19, 2020 at 9:26 AM Anand Buddhdev wrote: > > > > On 19/04/2020 14:58, Jeffrey Walton wrote: > > > > Hi Jeffrey, > > > > > The offending host is 59.64.129.175. To err on the side of caution we > > > attempted to block the entire netblock. According to whois data, > > > that's 59.64.128.0-59.64.159.255. > > > > > > iptables -A INPUT -s 59.64.128.0/19 -p TCP -j DROP > > > > > > After reboot cpu usage is still high and access_log still shows > > > useless requests from the host: > > > > Did you actually arrange for your iptables rule to be reinstated at boot? > > > > If you just configure a rule as above, but don't save it, it will > > disappear ar reboot. > > Ugh, thanks. I did not realize the changes were only temporary. > > What is the recommended way to permanently add a ban rule? > > Thanks again. > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Script to monitor websites and generate RSS feed when they change
I just read an article (part of which is here http://www.linuxpromagazine.com/Issues/2020/230/The-sys-admin-s-daily-grind-urlwatch/(language)/eng-US ) about urlwatch. --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu On 2/24/20, 7:55 PM, "CentOS on behalf of H" wrote: Looking for the above. I have found sites where you can register the sites you are interested in - as well as yourself - but I would rather run something myself on my server to monitor websites etc which do not have RSS-feeds. Does anyone use something like this? ___ CentOS mailing list CentOS@centos.org https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.centos.org_mailman_listinfo_centos&d=DwICAg&c=3buyMx9JlH1z22L_G5pM28wz_Ru6WjhVHwo-vpeS0Gk&r=_s0N94AIK4hLWzZ1WmAPvZjr8bPWpBPPuhyNjJkGAHs&m=Psh0wPchS71VwyqP7XQS5JgxmMhjbSmNtrO7A3seEq8&s=EbjhNzuWZGSbUccCjf6s15NZQjplXkVmIHsayUqDXF0&e= ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What is /etc/subuid ?
On 2019-10-09 15:47, Valeri Galtsev wrote: Dear Experts, Could someone enlighten me about the following file: /etc/subuid ? This file appears to be owned by "setup" package. This is CentOS 7 system, and until now these files if existed were never changed. Today I have added user quite routine way, by doing /usr/sbin/groupadd -g 4500 [username] /usr/sbin/useradd -g [username] -u 4500 -c "User Name, email@domain" [username] And the file /etc/subuid changed and user was added into it: [username]:10:65536 Nothing like that was happening before. This is first time I create account after update done on Oct 3, 2019. I checked several CentOS 7 machines, basically doing this: # grep subuid /usr/sbin/useradd Binary file /usr/sbin/useradd matches And CentOS 7 machines indeed may have that file name in the useradd binary. None of CentOS 6 machines has that. I tried to do FreeBSD-ism: man /etc/subuid came empty, and realized that I'm doing FreeBSD-ism. I tried to do search on the web (did not "google", I use duckduckgo... so I "did search"), and came pretty much empty. Is it just me, or indeed something in CentOS 7 indeed changed? And what is it? Another question on the same note: how do we find out what the file is about and is used for in Linux, apart from searching on the web. (When there are surprises like the one I had today, one does like to know what this particular file is used for). Thanks in advance for your answers. A quick google search: https://lmgtfy.com/?qtype=search&q=%2Fetc%2Fsubuid yielded this as the first link: http://man7.org/linux/man-pages/man5/subuid.5.html -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Unique3 and Unique3-devel package missing from CentOS 8
>On Tue, October 8, 2019 at 7:16:51 PM <smo...@gmail.com> wrote:>On Tue, 8 Oct 2019 at 15:06, Jerry Geis wrote:>>>> These packages were in C7 - dont appear to be in C8 - not even in AppStream.>>>> How do I get them?>>They aren't in the OS, so I would look at a secondary repository like>EPEL. It doesn't look like anyone has requested them there yet so I>would open a ticket in bugzilla.redhat.com to see if the maintainer>would branch and build in EPEL.Stephen, taking the oportunity here to ask for the following missing packages:quaggastrongswantorCheers,Mike. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 8 network-scripts
On 10/4/19 12:27 PM, Jim Perrin wrote:> Why? I'd like to understand more about the use case where this is a requirement.I'd say for the sake of simplicity...Why complicate things with NM when you only need to set an IP ?The ifconfig files were great.Why is the choice, to use or not to use NM, not left the en end user ?That is the question... ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bcachefs-tools
On Thu, Jul 25, 2019 at 11:20 AM Chris Schanzle wrote: > Hi Mike, > > You say (twice) all the dependencies are installed but you didn't say > specifically what you installed. I suspect you didn't install the > corresponding -devel packages which provide the files you need for > compiling/linking software (not just running it). > Absolutely right; nice catch and thanks for helping me see it. Installing : libuuid-devel-2.23.2-59.el7_6.1.x86_64 Installing : libblkid-devel-2.23.2-59.el7_6.1.x86_64 Installing : libsodium-devel-1.0.18-1.el7.x86_64 Installing : libzstd-devel-1.4.0-1.el7.x86_64 I also needed: libscrypt-devel.x86_64 : Development files for libscrypt After make && make install it appears I've got a fresh set of problems with tooling re: function errors and notes. Time to head over to the bcachefs irc and see what it's all about. Thanks again for your guidance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bcachefs-tools
On Thu, Jul 25, 2019 at 10:45 AM Nux! wrote: > > You could try to get this slightly old rpm, save you the build troubles > (untested): > http://ftp5.gwdg.de/pub/opensuse/repositories/home:/garloff:/storage/RHEL_7/x86_64/ Thanks I may go back to this repo if I can't get it done with more current packages. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] bcachefs-tools
Hello, I want to test bachefs file system on CentOS 7. ~$ cat /etc/system-release CentOS Linux release 7.6.1810 (Core) I'm following the bcachefs howto: https://bcachefs.org/Howto/. Having a problem trying to complete make && make install of the bcache-tools. After going through all the dependencies and insuring they are installed on Cent 7, I get the following output on make && make install: Package blkid was not found in the pkg-config search path. Perhaps you should add the directory containing `blkid.pc' to the PKG_CONFIG_PATH environment variable No package 'blkid' found Package uuid was not found in the pkg-config search path. Perhaps you should add the directory containing `uuid.pc' to the PKG_CONFIG_PATH environment variable No package 'uuid' found Package libsodium was not found in the pkg-config search path. Perhaps you should add the directory containing `libsodium.pc' to the PKG_CONFIG_PATH environment variable No package 'libsodium' found Package libzstd was not found in the pkg-config search path. Perhaps you should add the directory containing `libzstd.pc' to the PKG_CONFIG_PATH environment variable No package 'libzstd' found Makefile:42: *** pkg-config error, command: pkg-config --cflags "blkid uuid liburcu libsodium zlib liblz4 libzstd". Stop. The packages are installed but I'm not certain how to satisfy pkg-config and place them in the correct path. The pkg-config man page states - ENVIRONMENT VARIABLES PKG_CONFIG_PATH A colon-separated (on Windows, semicolon-separated) list of directories to search for .pc files. The default directory will always be searched after searching the path; the default is libdir/pkgconfig:datadir/pkgconfig where libdir is the libdir for pkg-config and datadir is the datadir for pkg-config when it was installed. On my installation, the current path seems to be: ~$ pkg-config --variable pc_path pkg-config /usr/lib64/pkgconfig:/usr/share/pkgconfig ~$ echo $PKG_CONFIG_PATH <> Using locate, I do not find any of these files, so how do I properly add the packages to the path -- `blkid.pc' `uuid.pc' `libsodium.pc' `libzstd.pc' Thanks for reading and I appreciate any guidance. Best, Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alternative to laptop
https://www.asrock.com/nettop/index.asp Asrock has a series of Intel and/or AMD based mini-pc's called the DeskMini. Competes in the Intel NUC space. Plenty of power and up-to-date components, multiple ports for dual monitor and at least two ssd's, etc. I don't work for Asrock or sell their equipment. On Wed, Jul 10, 2019 at 2:52 AM H wrote: > > I am considering buying a small, and therefore easily portable, computer as > an alternative to the laptop I already have. Obviously it would not have > battery, a screen, nor a keyboard etc. but more or less be an easily portable > computing unit to move between offices where a keyboard and monitor(s) could > then be connected. I want to run CentOS 7, later CentOS 8. > > The smaller, the better, however, there are certain key features I would like > to have: > > - HDMI for 2 monitors > > - USB for keyboard > > - 2 extra USB for eg external harddisk etc. > > - both wifi and at least Gb Ethernet cable connector > > Probably at least 16 Gb of memory, capability to drive two high-resolution > monitors and whatever else might be nice such as SSD of at least 256 Gb. > > Size wise it would be nice if it were no larger than a "book", whatever size > that might be. > > Does anyone use something like the above, or know of a computer meeting the > above criteria? > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] iptables - how to block established connections with fail2ban?
On 2019-06-26 02:41, MRob wrote: I am working to a CentOS 6 server with nonstandard iptables system without rule for ACCEPT ESTABLISHED connections. All tables and chains empty (flush by legacy custom script) so only filter/INPUT chain has rules (also fail2ban chain): Chain INPUT (policy ACCEPT) target prot opt source destination f2b-postfix tcp -- 0.0.0.0/00.0.0.0/0 ACCEPT all -- 192.168.0.0/16 0.0.0.0/0 ACCEPT all -- 127.0.0.0/8 0.0.0.0/0 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:22 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:25 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:80 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:443 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:587 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:993 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:995 DROP tcp -- 0.0.0.0/00.0.0.0/0 tcp flags:0x17/0x02 Chain f2b-postfix (1 references) target prot opt source destination REJECT all -- 200.23.235.300.0.0.0/0 reject-with icmp-port-unreachable REJECT all -- 177.11.167.570.0.0.0/0 reject-with icmp-port-unreachable RETURN all -- 0.0.0.0/00.0.0.0/0 When fail2ban block a IP address, established connections are allowed to continue, but with no rule to accept established connections how is that possible? Why doesn't f2b first rule block established connections? The short answer is that the firewall rules REJECT...Fail2Ban only tells the firewall what to reject, at the point of entry. Think of it this way: Fail2Ban is the manager of a popular dance club. He determines the list of who may or may not be admitted to the club. The firewall is the guy at the door of a popular club. He's doing his job, checking IDs, checking against the list of allowed or rejected guests and acting accordingly. If the manager updates the list, it's not the door guy's job to go back through the club to find anyone who may have been admitted prior to the list having been updated. That's the job of a bouncer. If you want the door guy to also be a bouncer, you'll need to configure your Fail2Ban actions to add iptables rules which invoke DROP instead of REJECT. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postgrey not working
On 2019-06-19 04:01, Nicolas Kovacs wrote: Hi, I have a working installation of Postfix and Dovecot that works nicely. I've added SpamAssassin, which does a good job of flagging spam. Now I wanted to add greylisting to my server. Here's what I did. $ sudo yum install postgrey Increase the greylisting delay. # /etc/sysconfig/postgrey POSTGREY_OPTS="--delay=300" Edit /etc/postfix/main.cf accordingly. smtpd_recipient_restrictions = permit_mynetworks, permit_auth_destination, permit_sasl_authenticated, check_policy_service unix:/var/spool/postfix/postgrey/socket, reject Start/restart services. $ sudo systemctl enable postgrey $ sudo systemctl start postgrey $ sudo systemctl restart postfix Now Postgrey seems to be running OK. $ systemctl status postgrey ● postgrey.service - Postfix Greylisting Service Loaded: loaded (/usr/lib/systemd/system/postgrey.service; enabled; vendor preset: disabled) Active: active (running) since mer. 2019-06-19 09:39:04 CEST; 19min ago Docs: man:postgrey(8) Process: 5228 ExecStart=/usr/sbin/postgrey --unix=/var/spool/postfix/postgrey/socket --pidfile=/var/run/postgrey.pid --group=postgrey --user=postgrey --greylist-text=Greylisted for %%s seconds --daemonize $POSTGREY_OPTS (code=exited, status=0/SUCCESS) Process: 5225 ExecStartPre=/bin/rm -f /var/run/postgrey.pid (code=exited, status=0/SUCCESS) Main PID: 5229 (/usr/sbin/postg) CGroup: /system.slice/postgrey.service └─5229 /usr/sbin/postgrey --unix=/var/spool/postfix/postgrey/socket --pidfile=/var/run/p... juin 19 09:39:03 sd-100246 systemd[1]: Starting Postfix Greylisting Service... juin 19 09:39:04 sd-100246 postgrey[5229]: Process Backgrounded juin 19 09:39:04 sd-100246 postgrey[5229]: 2019/06/19-09:39:04 postgrey (type Net::Server::Multi...29) juin 19 09:39:04 sd-100246 postgrey[5229]: Binding to UNIX socket file "/var/spool/postfix/postg...et" juin 19 09:39:04 sd-100246 postgrey[5229]: Setting gid to "238 238" juin 19 09:39:04 sd-100246 systemd[1]: Started Postfix Greylisting Service. juin 19 09:39:04 sd-100246 postgrey[5229]: Setting uid to "994" The only problem is that there's no greylisting. I tried to send mails from various mail servers to this machine. Everything gets delivered immediately, and there's no greylisting action in /var/log/maillog. Did you include this line: postgrey unix - n n - - /var/spool/postfix/postgrey/socket in your /etc/postix/master.cf file? -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix and choice of RBL
On 2019-06-17 06:20, Nicolas Kovacs wrote: Hi, I'm managing several mail servers running CentOS 7, Postfix and Dovecot. SpamAssassin is filtering mail nicely, but I'm considering using RBL (blacklists) to take some load off the servers. General question to those of you who use RBL. Which lists do you recommend using? In my "reject_rbl_client" lines, I've been using: - hil.habeas.com - sbl-xml.spamhaus.org - bl.spamcop.net And in my reject_rhsbl_sender line, I have: - ds.rfc-ignorant.org Additionally, I've got Postgrey enabled, which does a really good job of weeding out the spambot desktops and such. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOs 7 i386 & PAE Kernel
On 3/6/19 1:28 PM, Johnny Hughes wrote: > On 3/6/19 6:26 AM, Mike McTernan (wavemobile) wrote: > > On 3/5/19 5:48 PM, Johnny Hughes wrote: > > Last question, if I may - Is there any specific reason why an i686 PAE > > kernel built from the main RHEL sources isn't in the AltArch i386 os- repo? > > > > Notably CentOS 6 provided both non-PAE and PAE 32-bit kernels, and > > it's that step from CentOS 6 32-bit PAE onto CentOS 7 32-bit which > > made me stumble, but okay now. > > The only reason is .. it is not included in the mainline RHEL 7 kernel source > code. Ah - I guess since mainline RHEL 7 is only 64-bit on x86 now, it doesn't have to worry about PAE vs non-PAE kernels. ... > I have no objections trying to make PAE work with that kernel .. Patches > accepted :D > > https://bugs.centos.org/view.php?id=6828 So with what I know now (thank you!) I recon the mainline 4.14 is probably a better tested path for a 32-bit x86 PAE kernel, rather than starting at RHEL 7. And since you are already building that kernel it's good news all round :-) Kind Regards, Mike -- wavemobile Warning: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. wavemobile Ltd is registered in England and Wales, Registration Number: 04780898. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOs 7 i386 & PAE Kernel
On 3/5/19 5:48 PM, Johnny Hughes wrote: > On 3/4/19 3:39 PM, Mike McTernan (wavemobile) wrote: > > Looking around, I found the following repo: > > https://mirrors.dotsrc.org/centos-altarch/7/kernel/i386/ ... > That directory (kernel/ under altarch) is basically for the armhfp main > kernel, > but we are building also for aarch64, i386 and even x86_64. Its purpose > (other than armhfp, where it is the main kernel) is mainly for IoT type > hardware (think hobby boards, embedded systems, etc that need newer > kernels for hardware support .. think things like this: > > https://www.intel.com/content/www/us/en/products/solutions/iot.html > > or > > 64 bit aarch64 bit type IoT boards, etc. > > You certainly CAN use them on anything you want and it will be maintained > as it is the main kernel for armhfp. That’s excellent, and most helpful. So that brings support for newer hardware, AND provides a PAE version which works on all my hardware nicely. This might be useful to a number of people, and it was only through looking around CentOS 7 on Raspberry Pi that I happened across the kernel repo. Might it be worth linking to the repo from the AltArch/i386 page: https://wiki.centos.org/SpecialInterestGroup/AltArch/i386 > Both of these branches / repos are NOT designed to run Enterprise type > workloads (that is why we have the main RH kernel from RHEL sources) .. Yep - wise words and duly noted, thank you. My application is small scale, so should be fine. Software is only as good as the testing anyway :-) Last question, if I may - Is there any specific reason why an i686 PAE kernel built from the main RHEL sources isn't in the AltArch i386 os- repo? Notably CentOS 6 provided both non-PAE and PAE 32-bit kernels, and it's that step from CentOS 6 32-bit PAE onto CentOS 7 32-bit which made me stumble, but okay now. Many Thanks again, Mike -- wavemobile Warning: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. wavemobile Ltd is registered in England and Wales, Registration Number: 04780898. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOs 7 i386 & PAE Kernel
Hi Gurus, I've been playing with CentOS 7's AltArch i386 builds with some good results on one machine, but can't get it to boot properly on another with a newer Bay Trail CPU. Previously CentOS 6 i386 worked on both, and that set a legacy I'd like to recreate... I *think* the problem is that the 7 kernel is non-PAE, and that has some peculiar knock on effect that prevents some PCI devices being seen, notably the device with the rootfs. CentOS 6 worked on both machines with the PAE kernel. Looking around, I found the following repo: https://mirrors.dotsrc.org/centos-altarch/7/kernel/i386/ This carries 4.14 (long term support) based -PAE kernels (as well as non-PAE) which look to fix my problem. However, I can't find any description of this repo or policy on how it is updated or the intended use. Or why PAE kernels aren't provided as an option in the 'normal' i386 CentOS 7 builds. If anyone could help explain this repo and the view on PAE for the AltArch i386 builds of CentOS 7, I would be really grateful as I can't find the info anywhere else! Kind Regards, Mike -- wavemobile Warning: The information transmitted is intended only for the person or entity to which it is addressed and may contain confidential and/or privileged material. Any review, retransmission, dissemination or other use of, or taking of any action in reliance upon, this information by persons or entities other than the intended recipient is prohibited. If you received this in error, please contact the sender immediately and delete the material from any computer. wavemobile Ltd is registered in England and Wales, Registration Number: 04780898. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] time to say good-bye to win 7 / printer is the last blocker
So far I am having smooth and functional experience with Kyocera multi-function devices. They connect easily to the main samba active directory domain controller and there is a decent Android app for wireless or network printing. PPD driver works in fedora but haven't tried with centOS yet. Scanning functionality works directly from the device interface or console so there is not much configuration needed through a client app. On Fri, Feb 22, 2019, 4:53 AM J Martin Rushton via CentOS On 22/02/2019 09:21, Pete Biggs wrote: > > On Fri, 2019-02-22 at 07:12 +0100, Ralf Prengel wrote: > >> Hallo, > >> the laptop of my wife is the last Win7 system in my network. > >> My question: > >> I need a well supported printer (MFC) with network interface, if > possible with colour printing. > >> > > > > I know this is a bit controversial since they are a bit Marmite in > > nature, but I use HP devices. They are well supported using the most > > recent hplip package - that also provides a scan to desktop > > functionality, but I tend to use the sane packages because they better > > suit how I work. > > > > P. > > > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos > > > My recent experience is that Cannon is pretty useless. You apparently > need the latest sane, which is more recent that CentOS provides. I > suppose they are good as door stops. > > I've used Samsung in the past and Linux support is poor, but just usable. > > My latest is an HP MFP M281 which so far seems to perform well and the > control interface works with Linux. I control it from the main CentOS > machine, but it is also directly access from other distros and from > Win6/Win7 laptops. > > -- > J Martin Rushton MBCS > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bare-metal backup before update--options?
Hi, Fred, On 2019-02-11 10:04, Fred Smith wrote: Hi all! I'm a "nervous nellie", I have not yet updated my 7.5 desktop to 7.6 because (1) it has an Nvidia card, and (2) I've heard of problems upgrading on top of software RAID (using RAID1 with 2 drives). I need to upgrade it to stay secure, and I want to do a bare-metal backup first (so I can put it all back as it now is, in case it explodes in my face), so I'm trying to figure out the safest way to do that. Here are the choices as I see them, I'd appreciate comments/thoughts: 1. boot from live DVD and manually reassemble the RAID array (how would I do that?) 2. degrade the array (with appropriate commands) so that it is running on just one drive, then boot a live DVD and use dd to back up that drive. 3. Other choices you can suggest? then after successfully getting a bare-metal backup, reboot it with the full RAID array and run the update. Thanks in advance! I've been a big fan of Mondo Rescue. http://www.mondorescue.org/ -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Yum refuses to install kmod-8188eu from elrepo
On 2019-01-22 11:01, Akemi Yagi wrote: On Tue, Jan 22, 2019 at 7:54 AM Marko Vojinovic wrote: I am having trouble using the realtek wifi chip in my new tp-link usb wifi dongle. Upon plugging it, the device gets registered by the kernel (in /var/log/messages), but that's about it, no network device is being created (iwconfig does not see it, nothing else works). A few google searches later I found out that this realtek chip is not supported by the kernel and requires a driver, and that the driver is packaged for C7 as kmod-8188eu in elrepo. However, yum install kmod-8188eu refuses to install it (full yum output is here: https://pastebin.com/raw/vvak6FCU ), complaining that the following dependencies cannot be met: --> Processing Dependency: kernel(wireless_send_event) = 0xa02e7e03 for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_submit_urb) = 0x74c6ac58 for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_reset_device) = 0xddd0084e for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_put_dev) = 0xf709107c for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_kill_urb) = 0xa55bf715 for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_get_dev) = 0x372a41af for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_free_urb) = 0x739aecf4 for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_control_msg) = 0xd04e3a9e for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 --> Processing Dependency: kernel(usb_alloc_urb) = 0x12a4948e for package: kmod-8188eu-4.1.4_6773.20130222-4.el7_5.elrepo.x86_64 I've never seen such output from yum before --- I'm guessing it is asking for a kernel with specific "properties", and failing to find one. What is the best way to resolve this? Is there some kernel package somewhere that matches these properties, or is there some other package that provides these features to an existing kernel, or something else? That output indicates that that kmod package is built for the EL 7.5 kernel and is not compatible with the current kernel. I suggest you file a request to have the kmod-8188eu rebuilt for EL 7.6 at http://elrepo.org/bugs/ . Akeme Another alternative may be to pull down the SRPM and run it through rpmbuild to locally create a binary package compatible with the system as it's currently installed/running. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] compiling fedora srpm on CentOS
On 2018-12-27 10:26, sthustfo wrote: I tried installing fedora grpc srpm on CentOS and ran into following error when installing srpm. I understand fedora makes use of more recent versions of openssl, glibc etc but why should this happen when installing source rpm? Any pointers/articles on how to go about building fedora srpms on CentOS? Any way out other than building directly using sources? rpm -i grpc-1.17.1-3.fc30.i686.rpm warning: grpc-1.17.1-3.fc30.i686.rpm: Header V3 RSA/SHA256 Signature, key ID cfc659b9: NOKEY error: Failed dependencies: libc.so.6(GLIBC_2.28) is needed by grpc-1.17.1-3.fc30.i686 libcrypto.so.1.1 is needed by grpc-1.17.1-3.fc30.i686 libcrypto.so.1.1(OPENSSL_1_1_0) is needed by grpc-1.17.1-3.fc30.i686 libm.so.6(GLIBC_2.29) is needed by grpc-1.17.1-3.fc30.i686 libprotobuf.so.17 is needed by grpc-1.17.1-3.fc30.i686 libssl.so.1.1 is needed by grpc-1.17.1-3.fc30.i686 libssl.so.1.1(OPENSSL_1_1_0) is needed by grpc-1.17.1-3.fc30.i686 libstdc++.so.6(GLIBCXX_3.4.20) is needed by grpc-1.17.1-3.fc30.i686 libstdc++.so.6(GLIBCXX_3.4.21) is needed by grpc-1.17.1-3.fc30.i686 The issue is that you're not installing a source RPM...rather, you're installing a 32bit binary RPM. rpm -i grpc-1.17.1-3.fc30.i686.rpm Source RPMs' filenames end in srpm and 64bit binary RPMs end in x86_64.rpm...you'll want to double check the RPM that you're trying to install, make sure that you truly want to utilize a source RPM and that if you're running a 64bit system, you install a 64bit RPM. Additionally, if you use "yum localinstall" to install the RPM, binary or source, it will work to install the prerequisite RPMs for you. Final thought...by and large, its not customary to install a source RPM but to run it through rpmbuild to build it, specifically, for your system. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VNC question
On 12/19/18 4:36 AM, isdtor wrote: > We have run into the infamous black screen problem with tigervnc under > CentOS7, which prompted me to look into how vnc is configured here. > > https://access.redhat.com/solutions/966063 > > Am I reading this correctly - root needs to set up a systemd vnc service for > every user and display individually? Compared to e.g. CentOS before 7, or > indeed any other Linux/Unix system where vnc is completely under user control? > openSUSE always spawned VNC sessions for each user through xinetd. The user did not have "control" of the sessions. Do you get a login screen? Does the screen go "black" after login? If so, in my experience, the user logging in already has a desktop session running (usually on the console). Make sure to try logging in with a user that is not already logged in. Linux can deal with multiple DIFFERENT users logged in but the desktops can only deal with one login and home directory per user. Mike, W1NR ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SFTP - Private/Public Authentication Keysets Beyond The First Set
On 12/12/18 4:40 PM, Gary Braatz wrote: > Inclusion of the -i flag and the location of the private key solved the > problem. > > Thanks Steve! > > You really don't need multiple ppk pairs for different hosts. One for all is what I do. As long as you keep the private key private you only need distribute the one public key every where you need secure identification. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kernel 3.10.0-957.el7.x86_64 + EFI on Dell server - problem
On 11/20/18 8:45 AM, Phil Wyett wrote: > On Tue, 2018-11-20 at 13:42 +, Phil Wyett wrote: > > On Tue, 2018-11-20 at 13:32 +, lejeczek via CentOS wrote: > >> hi guys > >> > >> I've one box where I just yesterday upgraded Centos. I > >> wonder if that kernel upgrade process might somewhat > >> troublesome. > >> After that upgrade UEFI boot fails with: > >> > >> Failed to set MokListRT: Invalid Parameter > >> Something has gone seriously wrong: import_mok_state() failed > >> : Invalid Parameter > >> > >> Has anybody seen that? And maybe know to fix it? > >> many thanks, L. > >> ___ > >> CentOS mailing list > >> CentOS@centos.org > >> https://lists.centos.org/mailman/listinfo/centos > > > Hi, > > > Seen similar on my RHEL 7.6 laptop and reported (locked) on bugzilla: > > > https://bugzilla.redhat.com/show_bug.cgi?id=1651592 > > > Regards > > > Phil > > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos > > Whoops, that is the one for 8 I have been added on. Bug I reported for > 7.6 (also > locked): > > https://bugzilla.redhat.com/show_bug.cgi?id=1646022 > > Regards > > Phil > Those bugs all have restricted access and I cannot see them. Mike signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Drop/Terminate data to/from source using firewalld rich rules
A bit embarrassing,I answered my own question almost a year ago on another forum. Apologies for the extra mail -- Solution: firewalld-cmd --complete-reload ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Drop/Terminate data to/from source using firewalld rich rules
I need to be able to temporarily cut off the source of network slowdowns. What I used to do: Router with 2 x NICs running slackware 14. Execute iptraf-ng, choose IP Network Monitor and sort by Byte Count. The sorted screen always seemed a bit confusing but I could usually pluck a couple of IP addresses with racing byte counts and cut all traffic to them using an iptables rule. Then if I wanted to identify the computer or device, I’d go into the dhcpd.leases file and look for the ip address and the corresponding device hostname. It was a bit of a pain, but it worked. Now: Router with 2 x NIC’s running CentOS 7. Using systemd and firewalld with 2 zones: external (internet-facing) and internal (LAN-facing). Now when I try the same thing using firewall-cmd rich rules, it won’t work. Example: [root@hello ~]# firewall-cmd --zone=external --list-rich-rules rule family="ipv4" source address="10.10.1.73/24" drop rule family="ipv4" source address="40.97.126.210" drop rule family="ipv4" source address="10.10.1.73/32" drop rule family="ipv4" source address="40.97.126.210/32" drop and [root@hello ~]# firewall-cmd --zone=internal --list-rich-rules rule family="ipv4" source address="10.10.1.73/24" drop rule family="ipv4" source address="40.97.126.210" drop rule family="ipv4" source address="10.10.1.73/32" drop It didn’t work. The traffic continued to burst away for another hour before stopping. The address (40.97.126.210) belongs to Microsoft so I’m not concerned about publishing it. What am I doing wrong with firewalld rich rules and how do I properly drop/terminate traffic to/from a specific source on the LAN? Current command - ADD rich rule to drop any traffic in zone "internal" from source ip address 10.10.1.125: firewall-cmd --permanent --zone=internal --add-rich-rule='rule family=ipv4 source address=10.10.1.125/24 drop' firewall-cmd --reload REMOVE the same rich rule above: firewall-cmd --permanent --zone=internal --remove-rich-rule='rule family=ipv4 source address=10.10.1.125/24 drop' firewall-cmd --reload Thank you for reading. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: good free email service ?
On 2018-11-10 03:22, Alice Wonder wrote: On 11/09/2018 12:07 PM, Warren Young wrote: On Nov 9, 2018, at 9:22 AM, Vic Chester wrote: https://protonmail.com/ Aside from semi-charitable organizations like that, I wouldn’t expect good free email service to exist. It’s seriously complicated to run a properly-configured email server. The last time I looked into it, there were something like 24 separate RFCs an SMTP-only server had to implement, and much of that complexity spills over into the administration side, such as DKIM setup. Then you have everything outside of the protocol such as spam filtering, blacklist/greylist/whitelist maintenance, TLS key updates, OS updates, etc. Expect to pay for what you use, either by throwing a whole lot of your own time at it or paying someone to spend that time on your behalf. Unless you’re doing this for educational or professional reasons, where the time spent is paid back handsomely, it’s probably a better trade to pay someone to handle it for you. ___ Plus there's constantly dealing with spam lists. I run my own, using postfix + dovecot + roundcube, but because I can't afford my own subnet - I end up constantly on spam blacklists when someone else on my subnet sends spam. The blacklists don't care that I've had these IP addresses for years, never spam, etc. - they just see someone on the subnet spam and they blacklist the entire subnet and you have to fill out their form to get removed, often to just be added again in a week. It's a real pain the arse. FWIW, I used to run my mail server at home, on my own private IP (through my ISP). When I moved, in May, I had to switch providers and they didn't offer static IP for home users, so I've moved my DNS and mail server to the cloud. Between the two of them, they cost me about $50/month...not cheap, but my IP isn't automatically on blacklists and I control everything, including inbound spam protection. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IBM buying RedHat
On 2018-10-30 02:46, Simon Matter wrote: On 10/29/18 1:55 AM, Simon Matter wrote: To me it seems like, if they are smart, they will try to push IBM POWER and RedHat Linux together to establish real competition in the hardware market again (and of course don't forget to keep Fedora/CentOS alive)! Er, RHEL has been running on Power for a very long time. The fastest supercomputer in the world is Power9 + RHEL. What I meant is that POWER could become a competitor for Intel/AMD based servers. We're now running AMD EPYC servers with 64Cores/128Threads and we didn't find any POWER system which could compete in this area. Also, looking at TOP500 list there are not so many POWER systems anymore. IBM could change this now. IBM's Power8 and Power9 servers run 8 threads per core, so a 24 core Power 8 server runs 192 threads, as long as the operating system can handle it, you should be fine. And if you're looking for major operations running on Power, look no farther than Google...they're a huge part of the Power consortium and run a huge farm of Power systems on Tyan boards. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] NetworkManager, multiple IPs, and selinux...
On 10/4/18 4:10 PM, Sean wrote: > Hello, > > I was wondering if any one has seen issues with selinux name_bind denials > that result from having IP:PORT bindings for services to specific IP > addresses managed on an interface under NetworkManager's control? Is selinux denying the request or the socket? Does it work with setenforce permissive? > I do realize that people will probably say stop using NetworkManager, and I > may, but the behavior is strange, and I'd like to have a better > understanding of what's going on. > > The config is like so: > > # nmcli c mod eth0 ipv4.addresses 192.168.1.10/24,192.168.1.11/24 > # nmcli c down eth0 > # nmcli c up eth0 > # getenforce > Enforcing > # systemctl start httpd > permission denied binding to 192.168.1.10:443 > > Apache has two simple IP based VHosts, site1 and site2, with different (and > correct dns records and ssl certs). I'm snipping the config because I know > the Apache config works. > > Listen 443 > > ... > > ... > > I find the denial strange. I've done some testing such as removing one > VHost's config and adding a NIC to the VM (eth1) and reconfigure to have 1 > IP on each NIC and use both Vhosts. Either way, the selinux denial > disappears and everything works. All the packaged selinux policy relating > to httpd_t and access to port 443 is correct. > > I don't doubt that if I ditched NetworkManager and went for eth0:0 and > eth0:1 for the IP interfaces, all would be well. I'd just like to see if > anyone has some input on the issue. I don't believe apache selectively binds the socket to the address, but the interface. My suspicion is that you can only bind one listener for a port to an interface and not to individual IP addresses on the same interface. If you use "virtual" interfaces to separate the IP addresses (eth0:0, eth0:1) then I would expect it to work. - Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsyslog listening on high port
On 2018-09-06 14:06, Adam Tauno Williams wrote: Attempting to lookup why rsyslogd is listening on the high port UDP/51427.Have not succeeded in what this port is used for and what directive controls what interface it binds to. [root@bedrock ~]# netstat --listen --inet --program --numeric | grep syslog udp 0 0 0.0.0.0:51427 0.0.0.0:* 66655/rsyslogd Adam, You might want to try running: lsof -i -P | grep LISTEN | grep :51427 to determine what process is actually listening to that port. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Mail has quit working
Your IP address is flagged as spam in Real Time Block Lists. Are you
using a dynamic IP address? You may have a mis-configured server that is
allowing spammers to relay through your server. Another possibility is
your system is compromised with a spambot.
Mike
On 07/24/2018 07:31 AM, TE Dukes wrote:
> OK, not sure what happened, my response was rejected by Centos:
>
> Reason: There was an error while attempting to deliver your message with
> [Subject: "RE: [CentOS] Mail has quit working"] to centos@centos.org. MTA
> p3plwbeout03-06.prod.phx3.secureserver.net received this response from the
> destination host IP - 208.100.23.70 - 554 , 554 5.7.1 Service unavailable;
> Client host [72.167.218.218] blocked using ix.dnsbl.manitu.net; Your e-mail
> service was detected by mail.ixlab.de (NiX Spam) as spamming at Tue, 24 Jul
> 2018 11:45:20 +0200. Your admin should visit
> http://www.dnsbl.manitu.net/lookup.php?value=72.167.218.218
> ..
>
> So, I'm trying a third time:
>
> On 24/07/18 13:46, Nataraj wrote:
>> Simply telnet to mailserver on port 25 and type what I've shown,
> This is pointless because he's complaining about cron and system emails
> which use the sendmail command are submitted through the pickup service,
> not port 25/smtp (in fact, if you're submitting any mail via port 25
> you're doing it wrong but that's another discussion).
>
> TE Dukes:
>
> Please do the following (lines that start with # should be run as root,
> lines that start with $ should be run as a local user):
>
> Install the mail command which is an easy interface to the sendmail
> command and thus the pickup service.
>
> # yum install mailx
> # tail -n0 -f /var/log/maillog
>
> then in another window (replace someu...@example.com with your own
> email address):
>
> $ mail -s 'Test Email' someu...@example.com <<< "This is a test"
>
> wait a minute for postfix to have a chance to process and send the
> message, then break out of the tail command and copy/paste the output
> into your reply.
>
> Then also copy and paste the output of the following:
>
> $ postconf -nf; postconf -Mf
>
> If I need any more info after that I'll let you know.
>
>
> Peter
> ___
> CentOS mailing list
> CentOS@centos.org
> https://lists.centos.org/mailman/listinfo/centos
>
> Here's the output from tail:
>
> Jul 24 07:00:21 ts130 postfix/pickup[4017]: 338CA811240E: uid=0
> from=
> Jul 24 07:00:21 ts130 postfix/cleanup[7047]: 338CA811240E:
> message-id=<20180724110021.338ca8112...@ts130.palmettodomains.com>
> Jul 24 07:00:21 ts130 postfix/qmgr[8283]: 338CA811240E:
> from=, size=461, nrcpt=1 (queue active)
> Jul 24 07:00:22 ts130 postfix/smtpd[7112]: connect from
> localhost[127.0.0.1]
> Jul 24 07:00:22 ts130 postfix/smtpd[7112]: 468E581DAB6C:
> client=localhost[127.0.0.1]
> Jul 24 07:00:22 ts130 postfix/cleanup[7047]: 468E581DAB6C:
> message-id=<20180724110021.338ca8112...@ts130.palmettodomains.com>
> Jul 24 07:00:22 ts130 postfix/qmgr[8283]: 468E581DAB6C:
> from=, size=946, nrcpt=1 (queue active)
> Jul 24 07:00:22 ts130 postfix/smtpd[7112]: disconnect from
> localhost[127.0.0.1]
> Jul 24 07:00:22 ts130 amavis[423]: (00423-02) Passed CLEAN
> {RelayedInbound}, [127.0.0.1] ->
> , Message-ID:
> <20180724110021.338ca8112...@ts130.palmettodomains.com>, mail_id:
> 8sW4ZXrbEdBD, Hits: 1.766, size: 461, queued_as: 468E581DAB6C, 1094 ms
> Jul 24 07:00:22 ts130 postfix/smtp[7049]: 338CA811240E:
> to=, relay=127.0.0.1[127.0.0.1]:10024,
> delay=1.1, delays=0.04/0/0/1.1, dsn=2.0.0, status=sent (250 2.0.0 from
> MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 468E581DAB6C)
> Jul 24 07:00:22 ts130 postfix/qmgr[8283]: 338CA811240E: removed
> Jul 24 07:00:22 ts130 dovecot: lda(tdukes):
> msgid=<20180724110021.338ca8112...@ts130.palmettodomains.com>: saved
> mail to INBOX
> Jul 24 07:00:22 ts130 postfix/local[7113]: 468E581DAB6C:
> to=, relay=local, delay=0.11,
> delays=0.03/0.01/0/0.07, dsn=2.0.0, status=sent (delivered to command:
> /usr/libexec/dovecot/dovecot-lda -f "$SENDER" -a "$RECIPIENT")
> Jul 24 07:00:22 ts130 postfix/qmgr[8283]: 468E581DAB6C: removed
> Jul 24 07:04:04 ts130 postfix/smtpd[7053]: timeout after END-OF-MESSAGE
> from localhost[127.0.0.1]
> Jul 24 07:04:04 ts130 postfix/smtpd[7053]: disconnect from
> localhost[127.0.0.1]
> Jul 24 07:05:59 ts130 postfix/qmgr[8283]: C33128410546:
> from=, size=949, nrcpt=1 (queue active)
>
> Here's the output from postconf:
>
> smtp inet n - n - - smtpd
> -o content_filter=spamassassin
> pickup unix n - n 60 1 pickup
> cle
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
Cannot get the system storage manager (ssm) to create the raid 1 array with logical volume and xfs file system in one step. Cannot find my error or omission. The 862 kernel crashes on reboot every time. I went back to simple lvm on raid and everything worked on the first try --- man page reviews and implementation complete in under 30 mins. I'm giving myself permission to let it be. :-) Tested. Confirmed. Works -- fdisk /dev/sdb primary partition partition 1 type: fd write to disk and exit. fdisk /dev/sdc primary partition partition 1 type: fd write to disk and exit. [root@localhost ~]# systemctl reboot [root@localhost ~]# mdadm --create /dev/md0 --level=1 --raid-devices=2 /dev/sdb1 /dev/sdc1 [root@localhost ~]# cat /proc/mdstat [root@localhost ~]# systemctl reboot [root@localhost ~]# ssm create --fstype xfs -p alpha -n charlie /dev/md0 /mnt/data add the following to /etc/fstab: /dev/mapper/alpha-charlie /mnt/dataxfsdefaults0 0 [root@localhost ~]# systemctl reboot copy/move/read/write/to/from /mnt/data --- yes to all. On Sat, Jul 14, 2018 at 2:25 PM Mike <1100...@gmail.com> wrote: > > /dev/lvm_pool/lvol001 and /dev/mapper/lvm_pool-lvol001 work with kernel 514. > > they don't work with kernel 862. > > the googling continues . . . ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
/dev/lvm_pool/lvol001 and /dev/mapper/lvm_pool-lvol001 work with kernel 514. they don't work with kernel 862. the googling continues . . . ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
On Sat, Jul 14, 2018 at 2:15 PM Tony Schreiner wrote: > I don't have an answer to why kernel 514 is not booting, > but what I was trying to say is: > > /dev/lvm_pool/lvol001 > and > /dev/mapper/lvm_pool-lvol001 > are both symlinks to the same /dev/dm-X device file. > You can use either name, but the one you listed was missing the volume > group name kernel 514 does boot. kernel 862 hangs/panics. I will try both entries in your example above on kernel 514 to confirm. If both work then I'll try them also on kernel 862 to see if possibly one will work. thanks for your help. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
On Sat, Jul 14, 2018 at 1:57 PM Tony Schreiner wrote: > > > > > Is that first entry /dev/mapper/lvol001 right? > I'd expect /dev/mapper/lvm_pool-lvo001 ssm list shows - /dev/lvm_pool/lvol001 When I place /dev/lvm_pool/lvol001 into /etc/fstab the computer will boot using kernel 514. Kernel 862 still hangs/panics. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
Tried -- umount -t xfs /mnt/data vgchange -a n lvm_pool vgexport lvm_pool vgimport lvm_pool Rebooted and kernel 862 still panics/hangs. Can boot into kernel 514. On Sat, Jul 14, 2018 at 1:35 PM Mike <1100...@gmail.com> wrote: > > When I change /etc/fstab from /dev/mapper/lvol001 to > /dev/lvm_pool/lvol001, kernel 3.10.0-514 will boot. > > Kernel 3.10.0-862 hangs and will not boot. > On Sat, Jul 14, 2018 at 1:20 PM Mike <1100...@gmail.com> wrote: > > > > Maybe not a good assumption afterall -- > > > > I can no longer boot using kernel 3.10.0-514 or 3.10.0-862. > > > > boot.log shows: > > > > Dependency failed for /mnt/data > > Dependency failed for Local File Systems > > Dependency failed for Mark the need to relabel after reboot. > > Dependency failed for Migrate local SELinux policy changes from the > > old store structure to the new structure. > > Dependency failed for Relabel all filesystems, if necessary. > > > > > > On Sat, Jul 14, 2018 at 12:55 PM Mike <1100...@gmail.com> wrote: > > > > > > I did the following test: > > > > > > ### > > > 1. > > > > > > Computer with Centos 7.5 installed on hard drive /dev/sda. > > > > > > Added two hard drives to the computer: /dev/sdb and /dev/sdc. > > > > > > Created a new logical volume in RAID-1 using RedHat System Storage > > > Manager: > > > > > > ssm create --fstype xfs -r 1 /dev/sdb /dev/sdc /mnt/data > > > > > > Everything works. > > > /dev/lvm_pool/lvol001 is mounted to /mnt/data. > > > Files and folders can be copied/moved, read/written on /mnt/data. > > > > > > ### > > > > > > 2. > > > > > > I erased CentOS 7.5 from /dev/sda. > > > Wrote zeros to /dev/sda using dd. > > > Reinstalled CentOS 7 on /dev/sda. > > > Completed yum update - reboot - yum install system-storage-manager. > > > > > > RedHat system storage manager listed all existing volumes on the computer: > > > > > > [root@localhost]# ssm list > > > > > > -- > > > Volume Pool Volume size FS FS size Free > > > TypeMount point > > > -- > > > /dev/cl/rootcl65.00 GB xfs 64.97 GB 63.67 GB > > > linear / > > > /dev/cl/swapcl 8.00 GB > > > linear > > > /dev/lvm_pool/lvol001 lvm_pool200.00 GB xfs 199.90 GB 184.53 GB > > > raid1 /mnt/data > > > /dev/cl/homecl 200.00 GB xfs 199.90 GB 199.87 GB > > > linear /home > > > /dev/sda1 4.00 GB xfs3.99 GB3.86 GB > > > part/boot > > > -- > > > [/CODE] > > > > > > So far, so good. The new CentOS7 install can see the logical volume. > > > > > > Mounted the volume: ssm mount -t xfs /dev/lvm_pool/lvol001 /mnt/data > > > Works. > > > cd to /mnt/data and I can see the files left on the volume from the > > > previous tests. > > > Moving/copying/read/write -- works. > > > > > > ### > > > > > > 3. Is it safe to assume when using RedHat System Storage Manager it's > > > not necessary to use the lvm commands (vgexport and vgimport) to move > > > two physical drives containing a logical volume in raid 1 from one > > > computer to another? > > > > > > Thanks for your help and guidance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
When I change /etc/fstab from /dev/mapper/lvol001 to /dev/lvm_pool/lvol001, kernel 3.10.0-514 will boot. Kernel 3.10.0-862 hangs and will not boot. On Sat, Jul 14, 2018 at 1:20 PM Mike <1100...@gmail.com> wrote: > > Maybe not a good assumption afterall -- > > I can no longer boot using kernel 3.10.0-514 or 3.10.0-862. > > boot.log shows: > > Dependency failed for /mnt/data > Dependency failed for Local File Systems > Dependency failed for Mark the need to relabel after reboot. > Dependency failed for Migrate local SELinux policy changes from the > old store structure to the new structure. > Dependency failed for Relabel all filesystems, if necessary. > > > On Sat, Jul 14, 2018 at 12:55 PM Mike <1100...@gmail.com> wrote: > > > > I did the following test: > > > > ### > > 1. > > > > Computer with Centos 7.5 installed on hard drive /dev/sda. > > > > Added two hard drives to the computer: /dev/sdb and /dev/sdc. > > > > Created a new logical volume in RAID-1 using RedHat System Storage Manager: > > > > ssm create --fstype xfs -r 1 /dev/sdb /dev/sdc /mnt/data > > > > Everything works. > > /dev/lvm_pool/lvol001 is mounted to /mnt/data. > > Files and folders can be copied/moved, read/written on /mnt/data. > > > > ### > > > > 2. > > > > I erased CentOS 7.5 from /dev/sda. > > Wrote zeros to /dev/sda using dd. > > Reinstalled CentOS 7 on /dev/sda. > > Completed yum update - reboot - yum install system-storage-manager. > > > > RedHat system storage manager listed all existing volumes on the computer: > > > > [root@localhost]# ssm list > > > > -- > > Volume Pool Volume size FS FS size Free > > TypeMount point > > -- > > /dev/cl/rootcl65.00 GB xfs 64.97 GB 63.67 GB > > linear / > > /dev/cl/swapcl 8.00 GB > > linear > > /dev/lvm_pool/lvol001 lvm_pool200.00 GB xfs 199.90 GB 184.53 GB > > raid1 /mnt/data > > /dev/cl/homecl 200.00 GB xfs 199.90 GB 199.87 GB > > linear /home > > /dev/sda1 4.00 GB xfs3.99 GB3.86 GB > > part/boot > > -- > > [/CODE] > > > > So far, so good. The new CentOS7 install can see the logical volume. > > > > Mounted the volume: ssm mount -t xfs /dev/lvm_pool/lvol001 /mnt/data > > Works. > > cd to /mnt/data and I can see the files left on the volume from the > > previous tests. > > Moving/copying/read/write -- works. > > > > ### > > > > 3. Is it safe to assume when using RedHat System Storage Manager it's > > not necessary to use the lvm commands (vgexport and vgimport) to move > > two physical drives containing a logical volume in raid 1 from one > > computer to another? > > > > Thanks for your help and guidance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ssm vs. lvm: moving physical drives and volume group to another system
Maybe not a good assumption afterall -- I can no longer boot using kernel 3.10.0-514 or 3.10.0-862. boot.log shows: Dependency failed for /mnt/data Dependency failed for Local File Systems Dependency failed for Mark the need to relabel after reboot. Dependency failed for Migrate local SELinux policy changes from the old store structure to the new structure. Dependency failed for Relabel all filesystems, if necessary. On Sat, Jul 14, 2018 at 12:55 PM Mike <1100...@gmail.com> wrote: > > I did the following test: > > ### > 1. > > Computer with Centos 7.5 installed on hard drive /dev/sda. > > Added two hard drives to the computer: /dev/sdb and /dev/sdc. > > Created a new logical volume in RAID-1 using RedHat System Storage Manager: > > ssm create --fstype xfs -r 1 /dev/sdb /dev/sdc /mnt/data > > Everything works. > /dev/lvm_pool/lvol001 is mounted to /mnt/data. > Files and folders can be copied/moved, read/written on /mnt/data. > > ### > > 2. > > I erased CentOS 7.5 from /dev/sda. > Wrote zeros to /dev/sda using dd. > Reinstalled CentOS 7 on /dev/sda. > Completed yum update - reboot - yum install system-storage-manager. > > RedHat system storage manager listed all existing volumes on the computer: > > [root@localhost]# ssm list > > -- > Volume Pool Volume size FS FS size Free > TypeMount point > -- > /dev/cl/rootcl65.00 GB xfs 64.97 GB 63.67 GB > linear / > /dev/cl/swapcl 8.00 GB > linear > /dev/lvm_pool/lvol001 lvm_pool200.00 GB xfs 199.90 GB 184.53 GB > raid1 /mnt/data > /dev/cl/homecl 200.00 GB xfs 199.90 GB 199.87 GB > linear /home > /dev/sda1 4.00 GB xfs3.99 GB3.86 GB > part/boot > -- > [/CODE] > > So far, so good. The new CentOS7 install can see the logical volume. > > Mounted the volume: ssm mount -t xfs /dev/lvm_pool/lvol001 /mnt/data > Works. > cd to /mnt/data and I can see the files left on the volume from the > previous tests. > Moving/copying/read/write -- works. > > ### > > 3. Is it safe to assume when using RedHat System Storage Manager it's > not necessary to use the lvm commands (vgexport and vgimport) to move > two physical drives containing a logical volume in raid 1 from one > computer to another? > > Thanks for your help and guidance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] ssm vs. lvm: moving physical drives and volume group to another system
I did the following test: ### 1. Computer with Centos 7.5 installed on hard drive /dev/sda. Added two hard drives to the computer: /dev/sdb and /dev/sdc. Created a new logical volume in RAID-1 using RedHat System Storage Manager: ssm create --fstype xfs -r 1 /dev/sdb /dev/sdc /mnt/data Everything works. /dev/lvm_pool/lvol001 is mounted to /mnt/data. Files and folders can be copied/moved, read/written on /mnt/data. ### 2. I erased CentOS 7.5 from /dev/sda. Wrote zeros to /dev/sda using dd. Reinstalled CentOS 7 on /dev/sda. Completed yum update - reboot - yum install system-storage-manager. RedHat system storage manager listed all existing volumes on the computer: [root@localhost]# ssm list -- Volume Pool Volume size FS FS size Free TypeMount point -- /dev/cl/rootcl65.00 GB xfs 64.97 GB 63.67 GB linear / /dev/cl/swapcl 8.00 GB linear /dev/lvm_pool/lvol001 lvm_pool200.00 GB xfs 199.90 GB 184.53 GB raid1 /mnt/data /dev/cl/homecl 200.00 GB xfs 199.90 GB 199.87 GB linear /home /dev/sda1 4.00 GB xfs3.99 GB3.86 GB part/boot -- [/CODE] So far, so good. The new CentOS7 install can see the logical volume. Mounted the volume: ssm mount -t xfs /dev/lvm_pool/lvol001 /mnt/data Works. cd to /mnt/data and I can see the files left on the volume from the previous tests. Moving/copying/read/write -- works. ### 3. Is it safe to assume when using RedHat System Storage Manager it's not necessary to use the lvm commands (vgexport and vgimport) to move two physical drives containing a logical volume in raid 1 from one computer to another? Thanks for your help and guidance. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM GUI in live CD
On 2018-05-21 4:33 pm, Miguel Gonzalez wrote: Hi, I am searching around and I can´t find any GUI LVM manager included in a Centos live CD. I am trying to resize a LVM partition in a Centos 6.9 machine with a live CD. If I need any other distro, It´s fine with me Thanks! Miguel I make no promises that it is there, but you could try system-config-lvm. If that doesn't work, the lvextend and lvreduce commands should work for you. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 7 on Dell Latitude E6500
Does this laptop have the Nvidia Quadro graphics option? If so try booting with NOMODESET. Also, if available in the BIOS turn OFF switchable graphics. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ubiquiti Model UAP-AC-PRO
> On Feb 17, 2018, at 11:09 AM, hw wrote: > > Mike Burger wrote: >>> On 2018-02-16 9:29 am, hw wrote: >>> Mike Burger wrote: >>>>> On 2018-02-16 8:16 am, hw wrote: >>>>> William Warren wrote: >>>>>> I would just buy a cloudkey and not have to bother installing the >>>>>> software >>>>>> onto your machine directly. If you do not have a power over ethernet >>>>>> switch you'll need a micro USB cable and power supply adapter to run it >>>>>> but >>>>>> after that it takes care of running your software for you you don't have >>>>>> to >>>>>> install anything on to your machine >>>>> >>>>> One would have to be insane to give the maintenance and administration of >>>>> their wireless infrastructure out of hands. >>>> >>>> The cloudkey is a device that one purchases and runs the same management >>>> software, on your network, rather than installing the software onto a >>>> Linux server...it's literally the difference between an ethernet connected >>>> (and powered, if you have a PoE switch) device running the software or >>>> running it on a full fledged computer. >>>> >>>> There's no giving of the maintenance to someone else's hands. >>> >>> You mean it´s an access point controller Ubiquity makes? Why don´t >>> they call it just that ... >> Because that's not the only function...it's the control center for your >> entire Ubiquity Ubifi network...APs, switches, routers, I guess. > > Has anyone tried it? I´d like to know if it´s more helpful than the > cli and the GUI built into their routers. > > For the lack of documentation, it hasn´t been possible to set up things > the way they should be, and nobody on their forum is able or willing to > answer questions. > > Thus Ubiquity is a dead end. I can only recommend not to buy anything > they make before they come up with decent documentation. I'm about to deploy an entire Ubiquity network in my new house, on the recommendation of someone whom I highly respect in the networking arena. I opted to purchase the CloudKey, instead of installing the RPM packages on an existing server, as my new situation won't afford me the same internet connectivity options as I've enjoyed, to this point. Given that and the fact that I'm still in dire need of migrating my (gasp) C5 installation to C7, I'm moving most of my internet server functionality to the cloud before I rebuild my existing server. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ubiquiti Model UAP-AC-PRO
On 2018-02-16 9:29 am, hw wrote: Mike Burger wrote: On 2018-02-16 8:16 am, hw wrote: William Warren wrote: I would just buy a cloudkey and not have to bother installing the software onto your machine directly. If you do not have a power over ethernet switch you'll need a micro USB cable and power supply adapter to run it but after that it takes care of running your software for you you don't have to install anything on to your machine One would have to be insane to give the maintenance and administration of their wireless infrastructure out of hands. The cloudkey is a device that one purchases and runs the same management software, on your network, rather than installing the software onto a Linux server...it's literally the difference between an ethernet connected (and powered, if you have a PoE switch) device running the software or running it on a full fledged computer. There's no giving of the maintenance to someone else's hands. You mean it´s an access point controller Ubiquity makes? Why don´t they call it just that ... Because that's not the only function...it's the control center for your entire Ubiquity Ubifi network...APs, switches, routers, I guess. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ubiquiti Model UAP-AC-PRO
On 2018-02-16 8:16 am, hw wrote: William Warren wrote: I would just buy a cloudkey and not have to bother installing the software onto your machine directly. If you do not have a power over ethernet switch you'll need a micro USB cable and power supply adapter to run it but after that it takes care of running your software for you you don't have to install anything on to your machine One would have to be insane to give the maintenance and administration of their wireless infrastructure out of hands. The cloudkey is a device that one purchases and runs the same management software, on your network, rather than installing the software onto a Linux server...it's literally the difference between an ethernet connected (and powered, if you have a PoE switch) device running the software or running it on a full fledged computer. There's no giving of the maintenance to someone else's hands. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CVE-2017-5715, CVE-2017-5753 and CVE-2017-5754
How about kernel-lt and kernel-ml? Mike On 01/04/2018 05:41 PM, Warren Young wrote: > On Jan 4, 2018, at 12:18 PM, Walter H. wrote: >> will there be updates for these CVEs for CentOS 6? > Red Hat hasn’t released them all yet. Quoting Christopher Robinson in the > thread for this here: > > https://access.redhat.com/errata/RHSA-2018:0007 > > "We will be pushing errata out as soon as they have passed our QA team's > testing. The more modern versions were easier to backport patches from > upstream, and as you progress backwards the fixes change from a backporting > exercise into a complete rewrite. We expect all packages for RHEL7 to be > available shortly, with RHEL6 following closely behind.” > > Robinson’s reply then goes into other ramifications which don’t impact CentOS > for one reason or another, except insofar as CentOS’s speed in responding to > this is gated in large part by Red Hat’s ability to respond. > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] systemctl reboot -- server not accessible after reboot
It turns out kdump.service is already enabled on the server and /etc/kdump.conf settings would report any kernel crash/error items to /var/crash. The /var/crash file/folder is empty. It leads me to think the kernel is not crashing; however, I could be wrong. I'll need to perform another test "systemctl reboot" from remote ssh session and check it one more time. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] systemctl reboot -- server not accessible after reboot
Thank you for your thoughtful responses. Very much appreciated. Good points to follow up with. Kind regards, Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] systemctl reboot -- server not accessible after reboot
On Sat, Oct 14, 2017 at 6:24 PM, Jonathan Billings wrote: > > When you say that the monitor is plugged in, and the server is unresponsive, > does that mean that the monitor doesn’t even come active? That sounds like > it might have crashed the kernel in a way that the display isn’t showing. > > You could set up kdump to catch that. You could also set up a persistent > journal (create /var/log/journal) and try again, then when you manually power > it up, check to see if anything was logged in the journal. > > If the system’s keyboard is plugged in, you could try using the magic sysrq > keys to get it to do something. (see > https://en.wikipedia.org/wiki/Magic_SysRq_key ) > Try ‘c’ to initiate a crashdump to force kdump to record a kernel dump, then > you can examine the active processes. ‘k’ or ‘g’ might clean up the display > if it’s bad. > > Also, remote syslog is always helpful for these kinds of situations, although > if the network is down when it crashes then it won’t be as helpful, which is > why I suggest looking at the journal. > > -- 1. Monitor is on but screen is blank. 2. kdump logging --- i'll follow up on that. 3. remote syslog --- i'll need to do some more rtfm. I looked at /var/log/anaconda/syslog but I can't tell which boot-up I was looking at. Seemed like everything was normal...identifying naming locating hardware/devicessystemd services starting and running. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] systemctl reboot -- server not accessible after reboot
cat /etc/centos-release: CentOS Linux release 7.4.1708 (Core) The bugzilla report does sound similar --- in one of the comments, a user reports hang-up when trying remote reboot. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] systemctl reboot -- server not accessible after reboot
On Sat, Oct 14, 2017 at 2:29 PM, Vitalino Victor wrote: > > Try: > > # shutdown -r now > I'll have to try this late one evening. It's a production Samba Active Directory Domain Controller in production so it's difficult to do this without warning to users. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] systemctl reboot -- server not accessible after reboot
Hi, Such a simple problem, but I can't figure out the cause. Supermicro server with a Xeon E3-1200 cpu. 1U entry level item. Using CentOS 7 from ~$root --- systemctl reboot Server disconnects my ssh connection and never comes back up. Go to the server and the power is on but the server is not accessible by ssh. When I connect a monitor and keyboard --- non-responsive. It's like it's in suspend mode. I push and hold the power button until the server fully powers down. Push power again and everything boots, goes to prompt, and all is well. When I try systemctl reboot directly on the server. Same problem --- does not start to login prompt. Manually power down and power up again --- works and all is well. Anyone have this problem before? I've checked all the BIOS options and I can't find anything misconfigured. Thanks for your help. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /boot partition too small
If there are many old kernels in there, you can probably remove the oldest one(s) to make room for newer ones. I've run into problems where the yum update didn't work because there wasn't enough room in /boot; my notes for updating now include removing old kernels first before running updates. --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu On 10/10/17, 9:55 AM, "CentOS on behalf of KM" wrote: First off - let me say I am not an administrator. I need to know if there is an easy way to increase my /boot partition. When I installed CentOS 6 after running 5, it was my oversight not to increase the /boot size. it's too small and I can't do yum updates. if it's not easy to actually increase it, is it safe to take a chunk in my root filesystem (like /new.boot or something) and just mount it as /boot from now on so it uses the space or is that not a good idea? I am sure I could easily copy the rpms/kernel stuff over to it and then unmounts the real /boot and mount this new area as /boot. Can you administrators let me know what you think of all this? Thanks in advance. KM ___ CentOS mailing list CentOS@centos.org https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.centos.org_mailman_listinfo_centos&d=DwIGaQ&c=3buyMx9JlH1z22L_G5pM28wz_Ru6WjhVHwo-vpeS0Gk&r=_s0N94AIK4hLWzZ1WmAPvZjr8bPWpBPPuhyNjJkGAHs&m=oiG0zd3adnkmuJP8BRsykJqAVPEQ_hXcq80Jj-Bfl_c&s=hg7Ww_cslaLQa4jGDLcy3NhAmURSXvBOW3LXB3JXCuc&e= ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Btrfs going forward, was: Errors on an SSD drive
> For SSDs all the sauce is in the firmware. If the model and firmware > were all the same, it is more likely to be a firmware bug than it is > to be a Btrfs bug. There are absolutely cases where Btrfs runs into > problems that other file systems don't, because Btrfs is designed to > detect them and others aren't. There's a reason why XFS and ext4 have > added metadata checksumming in recent versions. Hardware lies. > Firmware has bugs and it causes problems. And it can be months before > it materializes into a noticeable problem. > In my experience I have seen drives that will work flawlessly under Windows/NTFS but fail spectacularly under Linux. And EVERY time it turned out to be a firmware bug. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What RH-like on a Dell XPS 15 (9590)?
On 08/02/2017 10:55 AM, Lamar Owen wrote: > On 07/27/2017 04:16 PM, wwp wrote: >> ... >> It is as simple as unknown hardware at boot up, it's a well known issue >> w/ *Lake hardware (modern hardware) that kernel 3.x cannot handle. >> CentOS7 has a kernel which is simply not modern, unable to handle lots >> of computers sold currently. >> >> That said, there might be a way to boot, but nothing trivial and >> nothing at all I could find on the Internet, everytime it's kernel >> 4.3/4.10 minimum required. > ... > > While I know that Johnny has provided the experimental kernel (thanks, > Johnny) I would like to just briefly address this idea that the C7 > kernel is 'obviously' not going to work because 'is 3.x and must have > 4.x.' > > In EL-land, kernel versions are effectively meaningless, since > features, hardware support, bugfixes, security fixes, etc are > back-ported into the 'old and not modern' 3.10 kernel (for EL7) by > competent developers at Red Hat. An EL 3.10 kernel, such as the > current 3.10.0-514.26.2.el7.x86_64 one, may have hardware support > back-ported from a 4.x kernel that doesn't exist in the vanilla > kernel.org kernel (I'm almost certain it does, but I'm not going to > take the time to get details). > > So it is very possible that full hardware support for your hardware > could show up in a 3.10 kernel (in fact, I would expect that this > would happen, but it might not happen quickly). As you found out, > experimental kernels and non-distribution kernels can freak out > software packages, such as VMware Workstation, that only work with > certain kernels and are expecting a particular kernel version and ABI > for EL7. I've tried out a few non-standard kernels before, and if you > rely on packages that depend upon the distribution default kernel > version (as I do with kmod-nvidia from ELrepo!) that breakage can be > swift, and can derail you in a hurry, causing you to go down a rabbit > hole very quickly. So be prepared and keep your eyes open for these > issues. > > In some circles, the back-porting of features into old kernels is > controversial; but that is a business decision made as part of the EL > development and is not likely to change any time soon. YMMV. > ___ I missed some of the responses but have you tried kernel-ml for RHEL 7 yet? See http://elrepo.org/tiki/kernel-ml Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] What RH-like on a Dell XPS 15 (9590)?
I would go with Fedora or OpenSUSE latest if you want RH like on that hardware. There is nothing that unstable about them other than losing updates and maintenance after 2 years and having to upgrade. Another choice is to run Virtualbox on the Windows that shipped with the laptop and run a CentOS 7 virtual guest. If you REALLY need RHEL (CentOS) running on the hardware I would return the XPS and get a Lattitude or Precision laptop. They have much better Linux support as they tend to be more stability oriented rather than latest and greatest hardware. Mike On 07/27/2017 01:25 PM, wwp wrote: > Hello there, > > > I've just got a Dell XPS 15 (9590) at work and need to set up a stable > GNU/Linux system on it. I thought of CentOS7, but.. obviously its > kernel can't run on this hardware. > > What would you recommend? Waiting for CentOS8 is not an option unless > it's a question of few weeks. Are there respins of the CentOS7 DVDs w/ > more top-recent kernels? I'm know of Fedora 26 or course, and not > willing to switch to Ubuntu 16.10 at all. > > > Regards, > > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] logical volume is unreadable
On 2017-07-06 5:43 am, Volker wrote: Hi all, one of my lv has become completely unaccessible. Every read access results in a buffer io error: Buffer I/O error on dev dm-13, logical block 0, async page read this goes for every block in the lv. A ddrescue failed on every single block. $ lvdisplay --- Logical volume --- LV Path/dev/vg0/lv-vm-tviewer LV Namelv-vm-tviewer VG Namevg0 LV UUIDXdgHFs-RHVZ-9BAH-1ZSK-yiBX-qqf0-273CtT LV Write Accessread/write LV Creation host, time host1, 2016-02-06 14:58:19 +0100 LV snapshot status INACTIVE destination for lv-vm-tviewer_vorigin LV Status available # open 0 LV Size58.59 GiB Current LE 15000 COW-table size 5.86 GiB COW-table LE 1500 Snapshot chunk size4.00 KiB Segments 1 Allocation inherit Read ahead sectors auto - currently set to 8192 Block device 253:13 Other lv on the same volume group are healthy. In fact the whole host runs on the same vg and does not show any problems. Physical volume is a md raid1 device which is also healthy, as well as its hard disks. The faulty lv is used as the storage device for a qemu vm, which suddenly stalled when the io-errors appeared on the host. Is the any way to diagnose this problem? (centos 7) Regards .Volker Hello, Volker. Assuming that, at this point, everything that would have been running from this LV/FS is down, have you considered unmounting the filesystem and running a filesystem check against it? If it's EXT2/3/4, you can run fsck against it, if it's XFS, you can run xfs_repair against it. -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] weird SELinux denial
On 6/6/17, 1:48 PM, "Daniel Walsh" wrote: >Ok, that works then. The way I read your email indicated that setting >the boolean did not allow the access. I take it you are not running >with NIS/Yellow pages and yet you see dbus connecting to port 111? Well, previously, I didn’t have to set it, because it already was set, but the denial was still happening (apparently). NIS has been working, which makes it even more confusing. But, now that I unset it (set it to 0) and then set it back (to 1), now allow2why seems to understand that the boolean is set (whereas before it seemed to think that the boolean was not set), so I guess I’ll what the log and see what happens. Thanks! --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] weird SELinux denial
On 6/6/17, 12:38 PM, "Daniel Walsh" wrote:
>I am asking if you run it again, does it change. If the boolean is set
>the audit2why should say that the AVC is allowed.
Well, if I just run audit2why again, it always tells me the same thing.
However, I have now discovered that if I unset allow_ypbind, and then reset it
to 1, audit2why then says
type=AVC msg=audit(1496768649.872:1338): avc: denied { name_connect } for
pid=2413 comm="dbus-daemon" dest=111
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket
Was caused by:
Unknown - would be allowed by active policy
Possible mismatch between this policy and the one under which
the audit message was generated.
Possible mismatch between current in-memory boolean settings
vs. permanent ones.
---
Mike VanHorn
Senior Computer Systems Administrator
College of Engineering and Computer Science
Wright State University
265 Russ Engineering Center
937-775-5157
michael.vanh...@wright.edu
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] weird SELinux denial
It says what it is my original post; that’s the output from audit2allow –w (which is audit2why): Was caused by: The boolean allow_ypbind was set incorrectly. Description: Allow system to run with NIS Allow access by executing: # setsebool -P allow_ypbind 1 --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu On 6/6/17, 9:29 AM, "Daniel Walsh" wrote: If you run this avc though audit2why what does it say? ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] weird SELinux denial
I keep seeing this in my audit.logs:
type=AVC msg=audit(1496336600.230:6): avc: denied { name_connect } for
pid=2411 comm="dbus-daemon" dest=111
scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023
tcontext=system_u:object_r:portmap_port_t:s0 tclass=tcp_socket
Was caused by:
The boolean allow_ypbind was set incorrectly.
Description:
Allow system to run with NIS
Allow access by executing:
# setsebool -P allow_ypbind 1
The weirdness is that when I check allow_ypbind, it’s already on:
# getsebool allow_ypbind
allow_ypbind --> on
#
Does anyone with more experience with SELinux than me have any idea why this is
happening?
---
Mike VanHorn
Senior Computer Systems Administrator
College of Engineering and Computer Science
Wright State University
265 Russ Engineering Center
937-775-5157
michael.vanh...@wright.edu
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disable Top Left Hot Corner
awk one-liner found here: https://unix.stackexchange.com/a/196726 Whether it's persistent through package updates is another matter. On Fri, May 26, 2017 at 1:54 PM, Raymundo N.F. wrote: > Hello everybody. > > I have CentOS Linux release 7.3.1611 (Core ) instaled in mi PC. I want to > disable *Top Left Hot Corner* function from my OS, but i don´t want to > install the gnome-shell extension nohotcorners. I want to disable > permanently, i want to diseable from the OS with a sentences from the > command line. It is Possible?, i hope so. Thanks :D > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best practices for copying lots of files machine-to-machine
On 5/17/17, 5:27 PM, "CentOS on behalf of m.r...@5-cent.us" wrote: >Why? I just rsync'd 159G in less than one workday from one server to >another. Admittedly, we allegedly have a 1G network, but Well, I’ve don’t recall ever having to rsync more than 100G (although I am doing multiple rsyncs of about 86G as we speak), and I’ve never been able to do it with machines on their own, isolated switch (so my rsync’s are competing with everything else on the network), and it’s been a while since I’ve actually tried it multiple ways and measured it, but in my experience I’ve never see the network outperform the system bus. --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best practices for copying lots of files machine-to-machine
On 5/17/17, 12:03 PM, "CentOS on behalf of ken" wrote: >An entire filesystem (~180g) needs to be copied from one local linux >machine to another. Since both systems are on the same local subnet, >there's no need for encryption. > >I've done this sort of thing before a few times in the past in different >ways, but wanted to get input from others on what's worked best for them. If shutting the machines down is feasible, I’d put the source hard drive into the destination machine and use rsync to copy it from one drive to the other (rather than using rsync to copy from one machine to the other over the network). --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't create printers after upgrading cups
It looks like this may just be a bug upstream: https://access.redhat.com/solutions/3001891 Still trying the work-arounds. --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu On 4/26/17, 9:51 AM, "CentOS on behalf of Vanhorn, Mike" wrote: After upgrading cups on my CentOS 6 systems from version 1.4.2-72.el6 to 1.4.2-77.el6, I am no longer able to create working printers, either with lpadmin from the command line or with system-config-printer. When I try to run lpadmin, I get this simple error: [root@vlsi66 ~]# lpadmin -p newprinter -v lpd://printserver/serverqueue-E -P /path/to/ppd/thing.ppd lpadmin: Unknown [root@vlsi66 ~]# Sometimes, the printer does get created (i.e. it shows up in the output of ‘lpstat –a’ and printers.conf gets updated), but sometimes it doesn’t. If the printer does get created, then there is no new ppd in /etc/cups/ppd. If I try to create the printer using system-config-printer, I get an error of CUPS server error (adding printer newprinter) There was an error during the CUPS operation: ‘server-error-service-unavailable’. I’ve looked at file and directory permissions, and checked that cupsd is, in fact, running. There is nothing obvious in the logs, except for this, which happens at exactly the time the printer should get created: localhost - - [26/Apr/2017:09:34:01 -0400] "POST /admin/ HTTP/1.1" 401 0 - - This also occurs if I access localhost:631 from a web browser; and everything works fine up to the point of “Add Printer”, and then the web page shows and Error: box with “Unknown” (from the lpadmin command), and the 401 error shows up in the log. I can’t figure out why it would be a 401 (unauthorized), since everything else worked. Has anyone else run into this problem, where you can’t create a new printer? Thanks! --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu ___ CentOS mailing list CentOS@centos.org https://urldefense.proofpoint.com/v2/url?u=https-3A__lists.centos.org_mailman_listinfo_centos&d=DwIGaQ&c=3buyMx9JlH1z22L_G5pM28wz_Ru6WjhVHwo-vpeS0Gk&r=_s0N94AIK4hLWzZ1WmAPvZjr8bPWpBPPuhyNjJkGAHs&m=SdBWyK0ralxtI5G1OSzTjeeADs5NVHFWwz8kA03RTbQ&s=w-TSpjlVJ6DZ0WbO7V2Ji4xvYODo-TGXvpE-YIbjPrY&e= ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] can't create printers after upgrading cups
After upgrading cups on my CentOS 6 systems from version 1.4.2-72.el6 to 1.4.2-77.el6, I am no longer able to create working printers, either with lpadmin from the command line or with system-config-printer. When I try to run lpadmin, I get this simple error: [root@vlsi66 ~]# lpadmin -p newprinter -v lpd://printserver/serverqueue-E -P /path/to/ppd/thing.ppd lpadmin: Unknown [root@vlsi66 ~]# Sometimes, the printer does get created (i.e. it shows up in the output of ‘lpstat –a’ and printers.conf gets updated), but sometimes it doesn’t. If the printer does get created, then there is no new ppd in /etc/cups/ppd. If I try to create the printer using system-config-printer, I get an error of CUPS server error (adding printer newprinter) There was an error during the CUPS operation: ‘server-error-service-unavailable’. I’ve looked at file and directory permissions, and checked that cupsd is, in fact, running. There is nothing obvious in the logs, except for this, which happens at exactly the time the printer should get created: localhost - - [26/Apr/2017:09:34:01 -0400] "POST /admin/ HTTP/1.1" 401 0 - - This also occurs if I access localhost:631 from a web browser; and everything works fine up to the point of “Add Printer”, and then the web page shows and Error: box with “Unknown” (from the lpadmin command), and the 401 error shows up in the log. I can’t figure out why it would be a 401 (unauthorized), since everything else worked. Has anyone else run into this problem, where you can’t create a new printer? Thanks! --- Mike VanHorn Senior Computer Systems Administrator College of Engineering and Computer Science Wright State University 265 Russ Engineering Center 937-775-5157 michael.vanh...@wright.edu ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
Webmin used to be considered insecure, and people would scream and yell if you suggested using it. Has that changed? mark Ahh, I did not know of this. Well, I'm back to suggesting OP take a little time and get comfortable with firewall-cmd in the terminal. If we want our solid redhat clone then systemd, NetworkManager, and firewalld are soldered into the foreseeable future. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
yum (CentOS/RedHat/Fedora) By adding the Webmin repository and Jamie Cameron's key, it is possible to install & maintain the latest Webmin/Usermin versions. The following will install the latest Webmin version by adding the webmin-repo and corresponding GPG key. Yum will resolve all the necessary dependancies. Just Cut&Paste the entire text below and hit enter/return: (echo "[Webmin] name=Webmin Distribution Neutral baseurl=http://download.webmin.com/download/yum enabled=1 gpgcheck=1 gpgkey=http://www.webmin.com/jcameron-key.asc"; >/etc/yum.repos.d/webmin.repo; yum -y install webmin) ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
Nice catch, Mr. Schumacher ---> The following modules are included as standard with release 1.831 of Webmin. FirewallD firewalld.wbm.gz Configure a Linux firewall using FirewallD, by editing allowed services and ports. This is likely the right tool for the job. On Mon, Mar 27, 2017 at 5:00 PM, Michael Schumacher wrote: > Hi, > >> I recently converted my employer's firewall from pure iptabes to >> firewalld and looked for something similar, more along the lines of >> webmin, etc. > > funny, > my webmin installation on a banana-pi has webmin 1.831, which has > support for firewalld. > > I am not sure, but I believe I got it directly from www.webmin.com. > > best regards > --- > Michael Schumacher > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
I don't think it's going to give you a web-based firewall configuration tool. It does allow you to control/configure networking hardware and devices via NetworkManager, but I don't believe it goes further than that for networking. Ironically, it does provide a an ssh-like session terminal where you can get directly logged in and use firewall-cmd. :-) http://cockpit-project.org/guide/latest/feature-terminal.html On Mon, Mar 27, 2017 at 4:46 PM, Robert Moskowitz wrote: > > > On 03/27/2017 03:24 PM, Mike wrote: >> >> I recently converted my employer's firewall from pure iptabes to >> firewalld and looked for something similar, more along the lines of >> webmin, etc. >> I didn't find anything close to a match. >> In the end, it all came down to getting comfortable with >> "firewall-cmd" in the shell. > > > I have been digging and found that Fedora includes Cockpit, but I don't know > all it supports. Probably should ask over on Fedora list... > > >> >> Haven't used suricata, so nothing to add there. >> >> >> >> On Mon, Mar 27, 2017 at 3:03 PM, Robert Moskowitz >> wrote: >>> >>> Is there an Apache tool to manage firewalld on a headless server? >>> >>> I am looking forward to my next Centos project which is to replace my >>> Juniper SSG5 firewall... >>> >>> And along that line, what overlap, if any between firewalld and Suricata? >>> >>> thank you >>> >>> ___ >>> CentOS mailing list >>> CentOS@centos.org >>> https://lists.centos.org/mailman/listinfo/centos >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
I recently converted my employer's firewall from pure iptabes to firewalld and looked for something similar, more along the lines of webmin, etc. I didn't find anything close to a match. In the end, it all came down to getting comfortable with "firewall-cmd" in the shell. Haven't used suricata, so nothing to add there. On Mon, Mar 27, 2017 at 3:03 PM, Robert Moskowitz wrote: > Is there an Apache tool to manage firewalld on a headless server? > > I am looking forward to my next Centos project which is to replace my > Juniper SSG5 firewall... > > And along that line, what overlap, if any between firewalld and Suricata? > > thank you > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPv6 broken on Linode
Having used Linode and CentOS for years I have never had a problem quite like this. Sure sounds like the IPv6 is misconfigured in the DHCP server or is in use somewhere. Some things I would try are: 1. Set "Auto configure networking" in your config profile and reboot. 2. Try to assign the adddress static. 3. Ask Linode to assign you a new IPv6 4. Wait for Linode to fix the problem. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld
firewalld isn't the only thing that will prevent services from accessing the internet. I found that I needed to do a relabel before postfix could access DNS and I have seen other issues as well. Have you tried disabling the firewall to see if you can get connections to work? Then try to disable SElinux and see if that works. # netstat --inet -l -n Is the service listening on port 143? # systemctl stop firewalld Does it now work? # setenforce 0 Does it now work? Once you establish what's biting you then you can fix it. To force a relabel do # touch /.autorelabel # reboot Mike On 01/28/2017 07:11 AM, TE Dukes wrote: > >> -Original Message- >> From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Pete Biggs >> Sent: Saturday, January 28, 2017 6:02 AM >> To: centos@centos.org >> Subject: Re: [CentOS] firewalld >> >> >>> The zone apparently means something because an interface can only be on >> one. >>> Moving it to a different zone results in the same error (same >>> services/ports opened in each zone). >> The "zones" are just labels and are used to create kernel iptables. >> Each zone has a default set of open and closed ports ranging from "trusted" >> which accepts all packets to "public" which has everything closed. You can >> modify the allowed ports and services on each zone at will. >> >> Some of the zones have "special" features - "block" rejects all packets, >> "drop" drops all packets, "external" has masquerading turned on and so on. >> >> If you have a single network, then that interface will, by default, be put >> in the >> "public" zone, so most ports will be closed. That's fine, just leave it in >> that >> zone, it's just a label/container. >> >> You can list the services open in the default zone by doing >> >> firewall-cmd --list-services >> >> or for ports not services >> >> firewall-cmd --list-ports >> >> or for a different zone >> >> firewall-cmd --zone=public --list-services >> >> You can also find out which zones your interface(s) is in with >> >> firewall-cmd --get-active-zones >> >> One of the gotchas with firewalld is that the changes are made in either the >> current running iptables *or* the stored rules, not both. So if you make a >> change to the running rule set, those changes won't be kept the next time >> you restart firewalld. You can either use the ' >> --permanent' flag to set the stored rules (but it won't affect the active >> rules) >> or the '--runtime-to-permanent' flag to copy the current active rules to the >> stored ones. >> >> The bottom line is that firewalld is just another application that >> manipulates >> the kernel packet routing tables. Use something else if you prefer it - some >> of the system tools assume firewalld, but if you are aware of what's >> happening it shouldn't be an issue. >> >>> I may as well disable firewalld and let my router handle the firewall. >>> >> If you are happy that there is nothing behind your firewall that could cause >> a >> problem then that's an acceptable route. >> >> P. > Thanks, > > That's a better explanation of things than I have read so far. > > Yes, initially I wasn't adding the --permanent to the rules but I wasn't > doing really any reboots. > > I did a few --reloads so that may have gotten me. > > I have zoneminder, dns, and urbackup working. I can ssh and scp in from > work but mail is being a pain. > > Thanks > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux file permissions
This last update caused numerous services to stop working for me. I fixed them with a relabel. touch /.autorelabel reboot Try that and see... Mike On 01/23/2017 01:57 PM, Tim Smith wrote: > Hi, > > I'm trying to grant dovecot the ability to manage its socket within > the postfix spool directory. > > I have added the below to file_contexts.local : > > /var/spool/postfix/private/dovecot-auth system_u:system_r:dovecot_t:s0 > > > However, running "restorecon -v > /var/spool/postfix/private/dovecot-auth" gives me the following error > : > > restorecon: lstat(/var/spool/postfix/private/dovecot-auth) failed: > No such file or directory > > > I cannot create the socket file in advance, because dovecot manages > it, and if you "touch" the file, dovecot complains. > > Where am I going wrong ? > > Thanks ! > > Tim > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Test
The SPF record for your email provider did not match the sending systems for your domain. Possibly the IP address or DNS record changed recently at your ISP? On 01/18/2017 01:33 PM, TE Dukes wrote: > > -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Hal Wigoda > Sent: Wednesday, January 18, 2017 1:18 PM > To: CentOS mailing list > Subject: Re: [CentOS] Test > > No. > > On Wed, Jan 18, 2017 at 12:11 PM, TE Dukes > wrote: > >> Is it working? >> >> ___ >> CentOS mailing list >> CentOS@centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > Been getting these since last night > > This is an automatically generated Delivery Status Notification. > > Delivery to the following recipients failed permanently: > >* centos@centos.org > > Reason: There was an error while attempting to deliver your message with > [Subject: "Test"] to centos@centos.org. MTA > p3plsmtpa11-05.prod.phx3.secureserver.net received this response from the > destination host IP - 208.100.23.70 - 550 , 550 5.7.1 : > Recipient address rejected: Message rejected due to: SPF fail - not > authorized. Please see > http://www.openspf.net/Why?s=mfrom;id=tdu...@palmettoshopper.com;ip=68.178.2 > 52.106;r=centos@centos.org > . > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] NetworkManager vs. Firewalld vs. /etc/sysconfig/network-scripts/ifcfg-*****
I've made 3 CentOS 7 installation attempts to configure a simple firewall/router box with 2 nics. I got myself into a circular scenario where NetworkManager and firewalld and /etc/sysconfig/network-scrpts/ifcfg-* were interfering or overwriting each other. Needed to perform ifdown enp3s7 on the internal LAN nic in order to make the external internet enp2s0 reach websites and ping nameservers. After completing firewall-cmd --complete-reload the internal LAN nic would still provide private ip addresses via dhcpd server but LAN clients could not access the internet. So far these steps work to enable both nics to provide router and firewall services: 1. sysctemctl stop NetworkManager 2. systemctl disable NetworkManager 3. Create dhcp ifcfg-* for external interface. It must include a “ZONE=external” statement even though firewalld service will overwrite and erase it like this “ZONE=” Example (external/internet nic): Code: TYPE=Ethernet BOOTPROTO=dhcp NM_CONTROLLED=no DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME=enp2s0 UUID=---- DEVICE=enp2s0 ONBOOT=yes PEERDNS=yes PEERROUTES=yes IPV6_PEERDNS=yes IPV6_PEERROUTES=yes ZONE=external 4. Create static ip address ifcfg-enp3s7 for internal interface. Example (internal/LAN nic): Code: TYPE=Ethernet BOOTPROTO=static NM_CONTROLLED=no DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME=enp3s7 UUID=----xx DEVICE=enp3s7 ONBOOT=yes HWADDR=xx:xx:xx:xx:xx:xx DNS1=75.75.75.75 DNS2=75.75.76.76 IPADDR=10.10.1.1 NETMASK=255.255.255.0 PREFIX=24 GATEWAY=10.10.1.1 IPV6_PEERDNS=yes IPV6_PEERROUTES=yes IPV6_PRIVACY=no ZONE=internal 5. As said in #3, firewalld will erase the ZONE setting on the external nic configured for dhcp. The only way I've found to deal with this overwriting is to make the intended external ethernet device associated with the default zone in firewalld. When firewalld reads the empty zone reference "ZONE=" it will revert and assign the default zone I set like this --- Code: firewall-cmd --change-interface=enp2s0 --zone=external --permanent firewall-cmd --set-default-zone=external firewall-cmd --complete-reload 6. The external ethernet device won’t work (cannot ping any internet host) until you manually Deactivate it and then Reactivate it. ~# ifdown enp2s0 ~# ifup enp2s0 I didn't include my dhcpd server settings or firewalld settings for brevity. Please let me know if those would be helpful. Although the steps above work, it's definitely not ideal. If I need to reboot the routerbox remotely, I won't be able to access it again to perform the necessary ifdown/ifup routine to enable input/output/forward through the external interface. Any guidance on how to make this work is greatly appreciated. Kind regards. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Strange (?) device.map in CentOS 7 VM installations
On Thu, Jan 5, 2017 at 4:04 AM, Nikolaos Milas wrote: > On 4/1/2017 7:37 μμ, Gordon Messmer wrote: > > I don't see that on VMs that I manage. Some of the physical machines that >> I manage do have duplicates in the device.map. >> > > Thank you Gordon for your feedback! > > Can others please report the content of /boot/grub2/device.map on their > CentOS 7 (physical or virtual) installations? > On my CentOS7 installs I find dups too. Physical # this device map was generated by anaconda (hd0) /dev/sda (hd1) /dev/sda Virtual (KVM VM) # this device map was generated by anaconda (hd0) /dev/vda (hd1) /dev/vda -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: a USB barcode scanner?
On Sat, Dec 10, 2016 at 5:42 AM, Jos Vos wrote: > Hi, > > On Fri, Dec 09, 2016 at 04:02:50PM -0500, m.r...@5-cent.us wrote: > > >I'm about to go googling, but thought I'd ask here if anyone's using a > > barcode scanner with CentOS, and if so, a) what scanner are you using, > > and b) what, if any, software are you using to record what it scans? > > Most USB barcode scanners can operate in so called keyboard wedge mode > (either implicitly or explicitly via some physical switch). In that > case, you'll just see the scanned codes as keyboard input. > The USB barcode scanners I've used were detected as simple HID devices (on Debian and Fedora). Nothing but plug-and-play. And yes, it acts just like keyboard input. I don't have the model numbers handy, but I do believe one was a Symbol-brand scanner (colors in photos look about right). -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] You have not permission to view content of this location
On 2016-12-07 4:08 am, truename wrote: OS: CentosOS 7 I have installed samba + openldap + smbldap-tools + pam by: yum --enablerepo=extras install -y epel-release yum install -y smbldap-tools yum install -y samba openldap openldap-clients openldap-servers migrationtools yum install -y nss-pam* I know that smbldap-tools is a dead project, but I'm interested in it and would like research on it. I create users and groups by: sudo smbldap-groupadd -a g1 sudo smbldap-groupadd -a g2 sudo smbldap-useradd -a -P -g 1001 u1 sudo smbldap-useradd -a -P -g 1002 u1 groups u1 u1 : g1 groups u2 u2 : g2 I create shared folder: cd / sudo mkdir data sudo chown u1 /data sudo chgrp g1 /data sudo chmod ugo+rwx /data I edit /etc/samba/smb.conf: [data] comment = data path = /data valid users = u1,u2 write list = u1,u2 create mask = 0777 sync always = Yes ;hide dot files = yes ;writeable = no And then: sudo service smb restart When I open file manager and input following in location box: smb://127.0.0.1 The shared folder data is shown, I click the shared folder and input username u1 and password, I get error message: You have not permission to view content of this location The error message is Chinese in my system, I translate it into English. Thanks Silly question...what are the permissions on /data? -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] New laptop recomendation
I have been buying off-lease used Latitudes and Precision laptops for years for the sole reason that they are always Linux friendly and solidly reliable. Most of them can be ordered new with Ubuntu. Mike On 11/22/2016 10:23 AM, Tony Molloy wrote: > Hi, > > I'm recently retired from my university job. I am looking for a laptop > to run CentOS 6/7. My university was a traditional Dell site so I've > used Latitude laptops for years, currently E6500/E6510. > > Anybody got any experience of running CentOS on the newer Dell > Latitudes E5000 or E7000. These are not certified according to Redhats' > Hardware Guide. > > Alternatively Precision Workstations would do. These can be supplied > with Ubuntu installed so they run Linux. > > Thanks, > > Tony ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Power Cut
If your battery backup can handle 2 hours of runtime then it almost certainly has a network management interface. Why aren't you using it to send alerts? On Oct 30, 2016 12:05 AM, "Hadi Motamedi" wrote: > Thank you for your reply. You are correct and the ups is present there but > the battery charger can no longer bear power cuts more than two hours so I > need some means to distinguish frequent power cuts there among the system > logs. > > On Sun, Oct 30, 2016 at 12:02 AM, Eero Volotinen > wrote: > > > you could use smart ups and connect information from it to system, so it > > can shutdown system in clean way. > > > > Eero > > > > 2016-10-30 7:12 GMT+02:00 Hadi Motamedi : > > > > > Dear All > > > I am using a centos server for cdr billing and mediation device on a > > remote > > > network. I am experiencing problem that I am suspicious it comes from > > main > > > supply power cut at the remote site. The power supply to the remote > site > > > comes from battery charger that will be automatically switched in > circuit > > > under main supply power cut but cannot provide adequate power for more > > than > > > 2 hours . I am suspicious that the remote system is suffering from many > > > frequent main supply power cut . Can you please do me favor and let me > > know > > > if there is any log on my centos server that I can check to see if > there > > > would be many frequent power cut there ? > > > Thank you for your time > > > ___ > > > CentOS mailing list > > > CentOS@centos.org > > > https://lists.centos.org/mailman/listinfo/centos > > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disable hybernate/suspend in CentOS 7
On Thu, Oct 13, 2016 at 11:33 AM, Valeri Galtsev wrote: > Dear Experts, > > Could someone point me in the right direction: how can I disable > hybernate/suspend in CentOS 7? > > I get workstations for graduate students with decent amount of RAM (32 > GB), and for machines with large RAM I either do not have swap at all of > have some small (4 GB) swap. As I remember from older manuals, one has to > have at least twice amount of swap compared to physical RAM for > hybernate/suspend to work. This probably is what bit me: new Dells came > with keyboard that has sleep button, when one hits that button the machine > locks up. (it stays powered on, does not respond mouse, keyboard, does not > respond ping). > > I would like to disable that sleep button on keyboard. (I'm kind of trying > to avoid replacing keyboard with the ones that do not have "sleep" key). > Have you tried disabling power management via GRUB options? http://askubuntu.com/a/130541 > > Thanks a lot for all your help! > > Valeri > > > Valeri Galtsev > Sr System Administrator > Department of Astronomy and Astrophysics > Kavli Institute for Cosmological Physics > University of Chicago > Phone: 773-702-4247 > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- ---~~.~~--- Mike // SilverTip257 // ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS on new Thinkpads
Another 2 cents if you want it -- No Lenovo laptop experiences; only deployed some refurb desktop models --- all work well with CentOS/Fedora. I've deployed several AMD-based Toshibas over the last 2 years and think they're a good value. I've read many criticisms of their build and components quality but I've had good experiences with several different models. The battery life is average on the AMD based models. I usually pull the factory hard drive and replace it with a crucial M200 SSD. Also deployed several Dell Inspiron 5000 and 7000 models over the last 3 years and found them reliable and good performers. I purchase refurbs, install an SSD and an updated CentOS or Fedora. Good battery life, no hardware driver problems, nice HD 1920x1080 screens, external USB devices work well. On Thu, Sep 29, 2016 at 8:55 PM, Michael B Allen wrote: > Is anyone running CentOS on a newish Thinkpad? > > I have been using Linux as my primary workstation since about 97 and > it seems like using Linux as a desktop has slipped over the years. > After the Gnome desktop dumb-down, I have been nursing CentOS 6.8 on a > 5 yo Toshiba. So I was hoping that someone has some recent real-world > experience with new Thinkpads. > > So is anyone running a new Thinkpad? What model? Any problems with > wireless or suspend or the touchpad? > > It seems optical drives are gone. Do I boot the iso from USB or what's > the procedure now? > > Generally seeking new laptop advice. If Lenovo is not good is anyone > using Toshiba? > > Mike > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to move /var to another partition
> [Thomas E Dukes] > > I was about to head off to Bestbuy and pickup a 1TB SATA drive but I think > I'm going to hold off for now and use /home for the VMs. > > Thanks!! > > I find that putting the virtual machine disks on their own spindle boosts performance SIGNIFICANTLY, especially if you are using the host system for other things. Mike ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables not save rules
On Tue, 13 Sep 2016, TE Dukes wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of John R Pierce Sent: Sunday, September 11, 2016 10:44 PM To: centos@centos.org Subject: Re: [CentOS] Iptables not save rules On 9/11/2016 8:55 AM, TE Dukes wrote: I have been using ipset to blacklist badbots. Works like a champ! The only problem is if I do a system reboot, I lose the ipset and the rule. I changed /etc/sysconfig/iptables.conf to: IPTABLES_SAVE_ON_RESTART="yes" IPTABLES_SAVE_ON_STOP="yes" And followed the instructions in: https://www.centos.org/forums/viewtopic.php?t=3853 The changes are still not saved. wild guess says, you need to ... chkconfig on ipset service ipset start and when you change ipset stuff, service ipset save but I'm just guessing, I've never used ipsets. -- john r pierce, recycling bits in santa cruz [Thomas E Dukes] THANKS!! I did not realize ipset was running as a service. Been trying figure out what was wrong for a couple weeks. Only way to know is to do a reboot and see what happens. Ipset save xx apparently doesn't really do anything. Thanks, again!! John R Pierce's wild guesses are exactly right. ipset is NOT running as a "traditional" service, however: service ipset start|stop|save load and save ipsets for you automagically. Notice that it's "service ipset save" not "ipset save " as you had typed. Finally, and this is a bit of a corner case, but "service ipset save" won't work if you don't have the "ip_set" kernel module loaded, that is if your environment has the kernel modules compiled in to the kernel. See lines 123 and 124 of /etc/rc.d/init.d/ipset Easiest thing for me is to just comment out those two lines, however I need to remember to comment them out again when the ipset rpm is updated. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bind Vulnerability CVE-2016-2775
On 2016-09-01 4:34 am, James Pearson wrote: Sidharth Sharma: When we can expect Security Update for Bind Vulnerability on Centos 6.8/7.2? ISC BIND Lightweight Resolver Protocol Req Processing Dos Vulnerability: >CVE-2016-2775 See: https://access.redhat.com/security/cve/cve-2016-2775 Ouch! Affected Packages State PlatformPackage State Red Hat Enterprise Linux 5 bind97 Will not fix Red Hat Enterprise Linux 6 bindWill not fix Red Hat Enterprise Linux 5 bindWill not fix Red Hat Enterprise Linux 7 bindWill not fix -- Mike Burger http://www.bubbanfriends.org "It's always suicide-mission this, save-the-planet that. No one ever just stops by to say 'hi' anymore." --Colonel Jack O'Neill, SG1 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tcpdump loses lots of packets
Capturing 10 gigabit traffic with no packet loss at line speed is difficult at best. Make sure that you've configured the IRQ affinity properly on the sending and receiving sides to start. On Aug 14, 2016 11:52 AM, "Gordon Messmer" wrote: > On 08/14/2016 03:20 AM, Anand Buddhdev wrote: > >> The number 6882162 is exactly the number of DNS queries I am sending >> from another server (the source). The filter is seeing them. However, >> not all of them make it into the pcap file. >> > > Try specifying "ether host " and compare the pcap files. How are > you counting the number of packets in the pcap file? > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
