[CentOS-announce] CESA-2007:0860 Moderate CentOS 4 ia64 tar - security update
CentOS Errata and Security Advisory 2007:0860 https://rhn.redhat.com/errata/RHSA-2007-0860.html The following updated files have been uploaded and are currently syncing to the mirrors: ia64: updates/ia64/RPMS/tar-1.14-12.5.1.RHEL4.ia64.rpm -- Pasi Pirhonen - [EMAIL PROTECTED] - http://pasi.pirhonen.eu/ Top-postings silently ignored signature.asc Description: Digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
Re: [CentOS] Trying to understand Remote desktops
Okay, thanks for the tip! Do the freenx rpm distributions for 64-bit contain the 32-bit ones (seems like they should if they are required) or do I have to install the 32-bit rpms separately? I'm sure I can figure this one out, but if you happen to know, do tell! Timothy Selivanow wrote: On Wed, 2007-08-22 at 15:31 -0700, Liam Kirsher wrote: Well, that's concise. Thanks. Scott Moseman wrote: On 8/22/07, Liam Kirsher [EMAIL PROTECTED] wrote: It looks like FreeNX only runs on 32-bit, won't run on 64-bit kernel. Is that correct? If so, is VNC the next best alternative? # uname -srmpio Linux 2.6.9-55.0.2.EL x86_64 x86_64 x86_64 GNU/Linux # nxserver --status NX 100 NXSERVER - Version 1.5.0-60 OS (GPL) NX 110 NX Server is running NX 999 Bye ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos FreeNX might be 32bit only, but 64bit Red Hat systems are multi-lib. Both 32bit and 64bit libraries should be installed on your system. -- Liam Kirsher PGP: http://liam.numenet.com/pgp/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 10+ TB RAID experiences?
We are currently using few DS4700 without any problems at all. Management application gives us no crap:) Thanks, Finnur Tomasz Napierała wrote: On Wednesday 22 August 2007 17:31:37 Centos wrote: may I ask what kind of problem you had with IBM storages ? Regarding DS400 - many problem with management app freezing, forcing us to reset the array (sic!) With DS4300 hotswapping controllers broke whole array. Those are probably minor problems, but we never encountered such problems with 3PAR. Re, ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] UTC vs local time
Hi list I always configure my systems to use our local time (in my case /usr/share/zoneinfo/Europe/Zurich) and disable UTC. What are the differences between UTC and local time? What are their respective advantages and disadvantages? When to use UTC? cheers Simon -- XMPP: [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UTC vs local time
Simon Jolle wrote: Hi list I always configure my systems to use our local time (in my case /usr/share/zoneinfo/Europe/Zurich) and disable UTC. What are the differences between UTC and local time? What are their respective advantages and disadvantages? When to use UTC? cheers Simon Not sure if Zurich has any sort of Daylight Savings like we do here in the US but that is one good reason to use UTC. Since our clocks shift by an hour twice a year it can make log files confusing and have other side effects. Using UTC you get a standard time that never shifts. (Except for the odd leap second every so often.) Personally I use UTC on my home system and let my shell convert it to my local time zone. For servers that I manage I always use UTC to avoid the one hour shifts of DST. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UTC vs local time
Simon Jolle wrote: Hi list I always configure my systems to use our local time (in my case /usr/share/zoneinfo/Europe/Zurich) and disable UTC. What are the differences between UTC and local time? What are their respective advantages and disadvantages? When to use UTC? Always :-) You should only use local time if your machine dualboots with Windows. Windows expect the clock to be set to localtime. Mogens -- Mogens Kjaer, Carlsberg A/S, Computer Department Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark Phone: +45 33 27 53 25, Fax: +45 33 27 47 08 Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logical volume several boxes
Hi list, just for my appreciation: can I plug two harddisks already setting up with lvm into several boxes without losing my logical volume? Cheers, Kamill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Nfs service not starting
Hi, One of our servers hangs (more than 30 minutes now) when starting nfs service during boot time (after a normal reset). It's a remote server so I do not have access console here I am. What should I be looking for to understand the problem? It's using Centos 4.1 Many thanks, Daniel ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Nfs service not starting
DNS name resolution problem are often the reason of service startup problem. On 8/23/07, Daniel Teixeira [EMAIL PROTECTED] wrote: Hi, One of our servers hangs (more than 30 minutes now) when starting nfs service during boot time (after a normal reset). It's a remote server so I do not have access console here I am. What should I be looking for to understand the problem? It's using Centos 4.1 Many thanks, Daniel ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Alain Spineux aspineux gmail com May the sources be with you ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Single sign-on help requested
I have a RHEL5 Server and some dual-boot XP/CentOS 5 systems (Linux systems all 64-bit). All Linux is out-of-box, with all packages, minus international languages, installed. No patching has been done. On the server, I selected system-config-authentication and enabled LDAP for User Information, Kerberos, LDAP, and SMB for Authentication, and Shadow and MD5 Passwords, along with Authenticate system accounts by network services for Options. All machines are on an isolated LAN, with no DNS server (I could always enable and configure DNS on the server if it helps the cause). I also don't know if it matters, but the server is running the virtualization kernel (xen), but the clients are not. I only have LDAP service enabled on the server. Kerberos services are enabled on both client and server. I tweaked the LDAP and Kerberos settings using the CentOS/RH GUIs, and have the clients looking to the RH box for authentication. I also have the firewall enabled, but am letting kerberos and ldap ports through as tcp. During a login test, /var/log/messages on the client showed: lin1 gdm[pid]: nss_ldap: failed to bind to LDAP server ldap://192.168.1.100: Can't contact LDAP server lin1 gdm[pid]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)... lin1 dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://192.168.1.100: Can't contact LDAP server lin1 dbus-daemon: dss_ldap: failed to bind to LDAP server... lin1 xfs: ... During boot time, Starting system message bus: [long pause] then error messages about DB_CONFIG and /var/lib/ldap, the usual cannot find DB_CONFIG in /var/lib/ldap, showing the example.com instead of my customized ldap settings, etc. I've checked openldap.org, but I figured if the configuration appears to be simplified via an included GUI, I shouldn't have much trouble gettigns things going. Anyway, what am I missing? Anything special RH 5 is doing compared to the openldap docs? Both servers have been rebooted since adding the respective ports in the firewall. The goal is a to permit my test user, created on the server, to sit at a workstation, boot into either Linux or XP, and get their home directory. Ideally, the server only needs to consist of one account for them, which they get upon login on the workstation. I want to highly restrict _any_ third-party tools/apps/etc. I will be happy to take suggestions and leads, but I want to try and rely on what RH has provided. Thanks for any insight/help. Scott ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logical volume several boxes
Yes, at boot time linux look for any lvm volume and update kernel. The only issue I know is if 2 volumes have the same name. Regards On 8/23/07, Sokol [EMAIL PROTECTED] wrote: Hi list, just for my appreciation: can I plug two harddisks already setting up with lvm into several boxes without losing my logical volume? Cheers, Kamill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Alain Spineux aspineux gmail com May the sources be with you ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UTC vs local time
On 8/23/07, Steve Berg [EMAIL PROTECTED] wrote: Simon Jolle wrote: Hi list I always configure my systems to use our local time (in my case /usr/share/zoneinfo/Europe/Zurich) and disable UTC. What are the differences between UTC and local time? What are their respective advantages and disadvantages? When to use UTC? cheers Simon Not sure if Zurich has any sort of Daylight Savings like we do here in the US but that is one good reason to use UTC. Since our clocks shift by an hour twice a year it can make log files confusing and have other side effects. Using UTC you get a standard time that never shifts. (Except for the odd leap second every so often.) Personally I use UTC on my home system and let my shell convert it to my local time zone. For servers that I manage I always use UTC to avoid the one hour shifts of DST. My understanding of UTC is different :-). For me the only thing changing is the time the hardware/BIOS clock maintains. At boot time the kernel read the hwclock apply the local-UTC conversion if required and work only and in any case in UTC. Then application like date, ls, syslog make conversion to localtime when printing time to the user using TZ environement variable or /etc/localtime ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Alain Spineux aspineux gmail com May the sources be with you ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] UTC vs local time
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Alain Spineux On 8/23/07, Steve Berg [EMAIL PROTECTED] wrote: Simon Jolle wrote: Hi list I always configure my systems to use our local time (in my case /usr/share/zoneinfo/Europe/Zurich) and disable UTC. What are the differences between UTC and local time? What are their respective advantages and disadvantages? When to use UTC? cheers Simon Not sure if Zurich has any sort of Daylight Savings like we do here in the US but that is one good reason to use UTC. Since our clocks shift by an hour twice a year it can make log files confusing and have other side effects. Using UTC you get a standard time that never shifts. (Except for the odd leap second every so often.) Personally I use UTC on my home system and let my shell convert it to my local time zone. For servers that I manage I always use UTC to avoid the one hour shifts of DST. My understanding of UTC is different :-). For me the only thing changing is the time the hardware/BIOS clock maintains. At boot time the kernel read the hwclock apply the local-UTC conversion if required and work only and in any case in UTC. Then application like date, ls, syslog make conversion to localtime when printing time to the user using TZ environement variable or /etc/localtime I think they were talking about the representation of the UTC clock under a running Linux environment rather then how it is saved in the BIOS. It pretty much is a personal preference, I prefer local time so I don't have to do math in my head, but for most applications you can have them write their log entries in local or UTC time. Sendmail comes to mind here. DST changes don't bother me, I know when they're going to happen so it doesn't confuse me when I look at the logs, and most log analyzers that are worth the money know when to anticipate a time shift in the logs too. -Ross __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND issues, server not responding
snip not certain if you intend it to be, but your 64.135.16.15 machine is not reachable from outside. an attempt to telnet to port 53 (or 25) gets me no route to host and a traceroute ends with: 8 ge2-0.cr1.bct.fl.host.net (64.135.1.9) 34.779ms 35.102ms 35.413ms 9 ge6-1.er8.bct.fl.host.net (64.135.1.58) 34.934ms 34.219ms 35.044ms 10 sunspot.swhi.net (64.135.16.15) 34.653 ms !10 34.619 ms !10 35.739 ms !10 so, from the outside, it appears that you have a firewall block (or network configuration problem). my read is that the block is at the machine, not an edge router, so this may be the source of your problem. try doing a telnet to port 53 on 64.135.16.15 (based on past messages i think that that's the correct ipnumber) from some local machine and see what you get. if it's listening you should get a connect message (even if there are access restrictions in named.conf). if you get something else, that should give a hint on where to look. - Rick Hi Rick, Telnetting on port 53 from a machine in the same /24 gives this: [EMAIL PROTECTED] ray]$ telnet 64.135.16.15 53 Trying 64.135.16.15... telnet: connect to address 64.135.16.15: No route to host Thanks for your input. I welcome any suggestions. Kind regards, ~Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Single sign-on help requested
On Thursday 23 August 2007 14:54:12 Scott Ehrlich wrote: lin1 gdm[pid]: nss_ldap: failed to bind to LDAP server ldap://192.168.1.100: Can't contact LDAP server lin1 gdm[pid]: nss_ldap: reconnecting to LDAP server (sleeping 32 seconds)... lin1 dbus-daemon: nss_ldap: failed to bind to LDAP server ldap://192.168.1.100: Can't contact LDAP server lin1 dbus-daemon: dss_ldap: failed to bind to LDAP server... Did you check connectivity to LDAP from that machine manually? -- Tomasz Napierala System Administrator Allegro Team http://www.allegro.pl/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND issues, server not responding
big snip Michel van Deventer wrote: From what I see you have iptables 'in the way'. Try to add the following rule to iptables and then try again :) iptables -I RH-Firewall-1-INPUT -j ACCEPT -p udp --dport 53 If you like to have zone transfers or large queries done as well then you also need to open a port for tcp/53 iptables -I RH-Firewall-1-INPUT -j ACCEPT -p tcp --dport 53 (to make the changes permanent do a 'service iptables save' after adding the lines) Regards, Michel Hi Michel, Thank you! I applied the udp rule and all appears well. This server is already receiving zones correctly. The primary feeding it will not likely ever have more than 300 zones. Does that qualify as 'large queries' to the point where the tcp rule should be applied as well? Thanks again for all help offered. The community support for CentOS has solidified my confidence as having chosen CentOS as my distro of choice. Many thanks and kind regards, ~Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] BIND issues, server not responding
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ray Leventhal Sent: Thursday, August 23, 2007 10:23 AM To: CentOS mailing list Subject: Re: [CentOS] BIND issues, server not responding big snip Michel van Deventer wrote: From what I see you have iptables 'in the way'. Try to add the following rule to iptables and then try again :) iptables -I RH-Firewall-1-INPUT -j ACCEPT -p udp --dport 53 If you like to have zone transfers or large queries done as well then you also need to open a port for tcp/53 iptables -I RH-Firewall-1-INPUT -j ACCEPT -p tcp --dport 53 (to make the changes permanent do a 'service iptables save' after adding the lines) Regards, Michel Hi Michel, Thank you! I applied the udp rule and all appears well. This server is already receiving zones correctly. The primary feeding it will not likely ever have more than 300 zones. Does that qualify as 'large queries' to the point where the tcp rule should be applied as well? Thanks again for all help offered. The community support for CentOS has solidified my confidence as having chosen CentOS as my distro of choice. You only need the tcp rule if you plan on serving up zone transfers, not if plan on only requesting them. -Ross __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help with backups
Scott Ehrlich wrote: I've got a Redhat 5 server running Samba, and two dualboot CentOS 5 workstations. Until we get a better backup strategy, I'm backing up the workstations to the server via mounting a shared samba drive to /mnt. I don't know if I have interpreted exactly what you are trying to do but I have used the program rdiff-backup to backup samba directories for a 30 pc computer lab. This software allow incremental backup which was what I liked about it. I also was able to use the remote features of the software (with ssh) to backup from my samba server to another server. It worked just fine. I am doing less of that because I also backup a number of staff windows machines that are connected to our campus MS domain. I have used a product for many years (it started on mac then win) - Dantz/EMC Retrospect. This has the ability to backup linux computers. One of my reasons for going this direction is my servers have expensive scsi drives vs cheap sata drives on the Retro box. It does incremental backups and is easy to setup backups through the Retro GIU. Good luck. Denis Becker Information Technology - Engineering MN State Univ., Mankato ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hot swap SATA?
On Aug 23, 2007, at 9:08, Lamar Owen wrote: Many motherboards that have more than two SATA connectors put two on the SouthBridge's IDE-type controller, and the others on 'something else'. Usually, the 'something else' shows as a SCSI controller in Linux. How many SATA connectors are there? The User guide says they are 5 connectors, but I can only see 4. Three of them are very close to each other, and the fourth one is a little further away. Wouldn't you know it, my boot drive is connected to the one that is by itself. Maybe if it had been connected to one of the other three, it would have been /dev/sda (or / dev/sdb). Like I mentioned in my previous post, I have two hard disks and two optical drives. Here are the device names: # ls -l /dev/[cdhs][vd]* lrwxrwxrwx 1 rootroot 3 Aug 20 12:24 /dev/cdrom - hdc lrwxrwxrwx 1 rootroot 4 Aug 20 12:24 /dev/cdrom1 - scd0 lrwxrwxrwx 1 rootroot 4 Aug 20 12:24 /dev/cdwriter - scd0 lrwxrwxrwx 1 rootroot 3 Aug 20 12:24 /dev/dvd - hdc lrwxrwxrwx 1 rootroot 4 Aug 20 12:24 /dev/dvd1 - scd0 lrwxrwxrwx 1 rootroot 4 Aug 20 12:24 /dev/dvdwriter - scd0 brw-rw 1 rootdisk 3, 0 Aug 20 12:23 /dev/hda brw-rw 1 rootdisk 3, 1 Aug 20 12:23 /dev/hda1 brw-rw 1 rootdisk 3, 2 Aug 20 12:23 /dev/hda2 brw--- 1 rootdisk 22, 0 Aug 20 12:23 /dev/hdc brw-rw 1 rootdisk 8, 0 Aug 20 12:23 /dev/sda brw-rw 1 rootdisk 8, 1 Aug 20 12:23 /dev/sda1 It is strange indeed. Alfred ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND issues, server not responding
You only need the tcp rule if you plan on serving up zone transfers, not if plan on only requesting them. Well, very rare but answers that are over 512 bytes will have to be sent over tcp since the rfc 1035 mandates maximum 512 bytes for the udp payload. So tcp is not just for zone transfers only. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND issues, server not responding
Chain RH-Firewall-1-INPUT (2 references) ugh. I absolutely detest the tool behind this. This is what I do. Trusted interfaces like lo and networks go first and then packets belonging to established connections are shorted which leaves connection requests to be branched out into tcp, udp and icmp chains. Further branching can then be done as desired. Eg: If you firewall a lot of spam sources, you could test for smtp packets going to port 25 and branch those out to another chain that deals solely with the spam sources and spare other connection requests having to go through rules that they are definitely not going to match. iptables -L -n Chain INPUT (policy DROP) target prot opt source destination ACCEPT all -- 0.0.0.0/00.0.0.0/0 ACCEPT all -- 0.0.0.0/00.0.0.0/0 ACCEPT all -- 10.9.0.0/17 0.0.0.0/0 ACCEPT all -- 0.0.0.0/00.0.0.0/0 state RELATED,ESTABLISHED tcp_packets tcp -- 0.0.0.0/00.0.0.0/0 udp_packets udp -- 0.0.0.0/00.0.0.0/0 icmp_packets icmp -- 0.0.0.0/00.0.0.0/0 Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination Chain icmp_packets (1 references) target prot opt source destination ACCEPT icmp -- 0.0.0.0/00.0.0.0/0 icmp type 3 ACCEPT icmp -- 0.0.0.0/00.0.0.0/0 icmp type 11 ACCEPT icmp -- 0.0.0.0/00.0.0.0/0 icmp type 8 Chain tcp_packets (1 references) target prot opt source destination REJECT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:113 reject-with tcp-reset ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:443 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:53 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:22 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:80 state NEW ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:25 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:993 state NEW ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:143 state NEW ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:587 state NEW ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:465 state NEW ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:1194 ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 tcp dpt:21 state NEW ACCEPT tcp -- 0.0.0.0/00.0.0.0/0 state NEW tcp dpt:110 Chain udp_packets (1 references) target prot opt source destination ACCEPT udp -- 0.0.0.0/00.0.0.0/0 state NEW udp dpt:53 ACCEPT udp -- 0.0.0.0/00.0.0.0/0 udp spt:123 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] BIND issues, server not responding
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Feizhou Sent: Thursday, August 23, 2007 11:02 AM To: CentOS mailing list Subject: Re: [CentOS] BIND issues, server not responding You only need the tcp rule if you plan on serving up zone transfers, not if plan on only requesting them. Well, very rare but answers that are over 512 bytes will have to be sent over tcp since the rfc 1035 mandates maximum 512 bytes for the udp payload. So tcp is not just for zone transfers only. True, but the client will then be responsible for opening up the tcp session and since it will be EST, there is no need to define incoming SYN packets no? -Ross __ This e-mail, and any attachments thereto, is intended only for use by the addressee(s) named herein and may contain legally privileged and/or confidential information. If you are not the intended recipient of this e-mail, you are hereby notified that any dissemination, distribution or copying of this e-mail, and any attachments thereto, is strictly prohibited. If you have received this e-mail in error, please immediately notify the sender and permanently delete the original and any copy or printout thereof. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND issues, server not responding
Paul Heinlein wrote: On Thu, 23 Aug 2007, Feizhou wrote: You only need the tcp rule if you plan on serving up zone transfers, not if plan on only requesting them. Well, very rare but answers that are over 512 bytes will have to be sent over tcp since the rfc 1035 mandates maximum 512 bytes for the udp payload. So tcp is not just for zone transfers only. Note that by default Win 2003 uses a packet size of 1280 per Paul Vixie's suggestion in RFC 2671 section 4.5.1. I don't know if any other OS implementations do the same. In any event, I've found it helpful to allow up to 1280 bytes of DNS UDP traffic. Setting the limit at 512 triggers a noticable number of retries, at least in our environment. Sigh. I can see some caching servers with big scissors to apply to udp packets...if they at all issue queries that get such large replies... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND issues, server not responding
You only need the tcp rule if you plan on serving up zone transfers, not if plan on only requesting them. Well, very rare but answers that are over 512 bytes will have to be sent over tcp since the rfc 1035 mandates maximum 512 bytes for the udp payload. So tcp is not just for zone transfers only. True, but the client will then be responsible for opening up the tcp session and since it will be EST, there is no need to define incoming SYN packets no? Hmm...no idea if a stateful udp role involves tcp at all...this requires a netfilter dude to answer :-D ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to understand Remote desktops
Scott Moseman wrote on Wed, 22 Aug 2007 09:08:59 -0500: I finally took the time to install and configure FreeNX. I tried as well, but it fails for me. There's no service for it and no process with nx in the name running after I install nx and freenx. How am I supposed to know that the server is installed and working? Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] flash player on seamonkey 1.0.9 x86_64 centos 4.5
I downoaded flash9 for linux. Installed it: ls /usr/lib64/mozilla-seamonkey-1.0.9/plugins/ flashplayer.xpt libflashplayer.so libnullplugin.so However seamonkey is not doing flash yet. Does it not work in 64 bit? Did I miss something? Anyone else have flash going on amd64? I thought you put the files in the above directory and restart. Didn't work for me. Jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] flash player on seamonkey 1.0.9 x86_64 centos 4.5
On Thu, 2007-08-23 at 19:47 +0200, René Standfest wrote: Jerry Geis schrieb am 23.08.2007 19:35: I downoaded flash9 for linux. Installed it: ls /usr/lib64/mozilla-seamonkey-1.0.9/plugins/ flashplayer.xpt libflashplayer.so libnullplugin.so However seamonkey is not doing flash yet. Does it not work in 64 bit? Did I miss something? Anyone else have flash going on amd64? I thought you put the files in the above directory and restart. Didn't work for me. I have only 32 bit systems, but AFAIK the flashplayer is only 32 bit. So if you want to use it you have do install seamonkey.i386. Greets René That is correcct, Flash is 32bit only. Adobe has not gotten around to making it 64bit compatible yet. Hopefully it will be soon (less than a year). -- Timothy Selivanow [EMAIL PROTECTED] Linux System Administrator EasyStreet Online Services, Inc. http://www.easystreet.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to understand Remote desktops
Kai Schaetzl wrote: Scott Moseman wrote on Wed, 22 Aug 2007 09:08:59 -0500: I finally took the time to install and configure FreeNX. I tried as well, but it fails for me. There's no service for it and no process with nx in the name running after I install nx and freenx. How am I supposed to know that the server is installed and working? What is supposed to happen is that the client makes a passwordless ssh connection as user nx with the key from /etc/nxserver/client.id_dsa.key which you have to copy out and configure manually in the client. That connection is used to start the processes you need and pass the real login and password over the already-encrypted connection. -- Les Mikesell [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] flash player on seamonkey 1.0.9 x86_64 centos 4.5
Jerry Geis schrieb am 23.08.2007 19:35: I downoaded flash9 for linux. Installed it: ls /usr/lib64/mozilla-seamonkey-1.0.9/plugins/ flashplayer.xpt libflashplayer.so libnullplugin.so However seamonkey is not doing flash yet. Does it not work in 64 bit? Did I miss something? Anyone else have flash going on amd64? I thought you put the files in the above directory and restart. Didn't work for me. I have only 32 bit systems, but AFAIK the flashplayer is only 32 bit. So if you want to use it you have do install seamonkey.i386. Greets René ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to understand Remote desktops
On Thu, 2007-08-23 at 13:03 -0500, Les Mikesell wrote: Kai Schaetzl wrote: Scott Moseman wrote on Wed, 22 Aug 2007 09:08:59 -0500: I finally took the time to install and configure FreeNX. I tried as well, but it fails for me. There's no service for it and no process with nx in the name running after I install nx and freenx. How am I supposed to know that the server is installed and working? What is supposed to happen is that the client makes a passwordless ssh connection as user nx with the key from /etc/nxserver/client.id_dsa.key which you have to copy out and configure manually in the client. That connection is used to start the processes you need and pass the real login and password over the already-encrypted connection. Was the following page not useful enough ? : http://wiki.centos.org/HowTos/FreeNX -- Fabian Arrotin [EMAIL PROTECTED] Solution ? echo '16i[q]sa[ln0=aln100%Pln100/snlbx]sbA0D4D465452snlbxq' | dc signature.asc Description: This is a digitally signed message part ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] flash player on seamonkey 1.0.9 x86_64 centos 4.5
On Thu, 2007-08-23 at 13:35 -0400, Jerry Geis wrote: I downoaded flash9 for linux. Installed it: ls /usr/lib64/mozilla-seamonkey-1.0.9/plugins/ flashplayer.xpt libflashplayer.so libnullplugin.so However seamonkey is not doing flash yet. Does it not work in 64 bit? Did I miss something? Anyone else have flash going on amd64? I thought you put the files in the above directory and restart. Didn't work for me. Jerry Try NSPluginWrapper: http://freshmeat.net/projects/nspluginwrapper/ -Steve ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to understand Remote desktops
Fabian Arrotin wrote on Thu, 23 Aug 2007 20:26:42 +0200: Was the following page not useful enough ? : Obviously not ;-) Can anyone confirm that the NX client for Windows version 3.0 should work? The page says it's not known if 3.0 works and gives a link to an older version. But that is Linux, I want to connect from a Windows system. My connections simply get refused, as the client says. Now that I know that there is no service I'll see if I can connect to the nx user with SSH. Thanks for all the replies. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hot swap SATA?
Ok, run a 'lspci' and see if it lists two controllers. Yup, it does: # lspci | fgrep IDE 00:1f.2 IDE interface: Intel Corporation 82801H (ICH8 Family) 4 port SATA IDE Controller (rev 02) 00:1f.5 IDE interface: Intel Corporation 82801H (ICH8 Family) 2 port SATA IDE Controller (rev 02) That definitely settles it. We now return you to your regularly scheduled topic... Thanks, Alfred ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to understand Remote desktops
Kai Schaetzl wrote on Thu, 23 Aug 2007 21:31:21 +0200: Now that I know that there is no service I'll see if I can connect to the nx user with SSH. No problem to login with dsa key borrowed from nx user. I get the NXSERVER prompt. Seems to be okay. Either the passthru authentication for the system user I want to use doesn't work or the client doesn't work with this server version. I followed the wiki so far: yum install nx freenx created node.conf I skipped this part: PasswordAuthentication no AllowUsers nx as it is not necessary for now, PasswordAuthentication is allowed and all users are allowed. service sshd restart was done by yum ENABLE_PASSDB_AUTHENTICATION=1 not necessary but enabled by default, anyway. Add this newly created user to the nxserver db : did that for an existing user that I want to use for connection Then pasted the private NXSERVER key in the NX client on Windows. Enable SSL Encryption of All Traffic Didn't do that as I want to connect via port 22 only for now. I can connect from the Windows machine with SSH to the target user using password authentication and I can connect to the user nx with dsa authentication. No go with NX. Here's what the details say: NX 203 NXSSH running with pid: 3136 NX 285 Enabling check on switch command NX 285 Enabling skip of SSH config files NX 285 Setting the preferred NX options ssh: connect to host xx port 22: Connection refused Looks like it is the client? Agreed? Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tovid on centos5?
2007/8/23, Dave [EMAIL PROTECTED]: Does anyone know of an rpm for tovid for centos5? I'm trying to author some dvds and would like to use it. Hi Dave A Google Query showed no RPM for RHEL/Centos. Even for Fedora only from third-party repositories. I recommend you rebuilding http://www.deadbabylon.de/fedora/repository/source/stable/tovid-0.29-1.fc6.src.rpm on RHEL cheers Simon -- XMPP: [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] alternate port vsftpd for ftps
Does anyone here by chance know how to change the port vsftpd uses for ftps? I want to change it over to the regular FTP port due to firewall restrictions d ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Trying to understand Remote desktops
ssh: connect to host xx port 22: Connection refused Looks like it is the client? Agreed? hmmm, I'd say probably not. what about tcp wrappers maybe? just to check the client, I deleted my 2.whatever windows client, downloaded the latest windows client 3.0.0-73, and installed. it imported my previous settings, including dsa key, fired up, and authenticated. there may still be issues, but it definitely gets further than connection refused. its possible that somehow my prior settings were the crucial bit, but that would be rather weird. what does tail /var/log/secure say after your connection is refused? --Jeremy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OT: No to OOXML
Please forgive for having this post as OT. Please participate in the petition against MS OpenXML by going to: http://www.noooxml.org/petition Let's express our decision to be free from proprietary file formats. Thanks, junji aisalen.wordpress.com Linux Registered User #253162 Send instant messages to your online friends http://uk.messenger.yahoo.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to size an email server to handle 5 million emails per day
I have no idea as to how to size an email server. I was approached by a customer that wanted a single server with RAID 1 disks to handle about 5 million emails a day. In general terms, what parameters should I take into account to size the hardware specs when the average email is about 10kb, the smalles email is 2kb and the largest email is about 5meg (with attachment) thanks, -- Erick Perez ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Site down for maintenance - How is this accomplished?
Matt Arnilo S. Baluyos (Mailing Lists) wrote: Hello everyone, Although we use CentOS primarily on our servers, this query is actually more of a general networking question than something specific to CentOS. In the next week or so, we shall be migrating our in-house servers to a data center. While we're doing that, we'd like to show a Site down for maintenance message while the servers that hosts our websites (we have around 15 sites hosted btw), are down. So, how is this accomplished? While I can probably hack something on our name servers, I'm sure there are people on this list that have been doing this and could give some recommendations as to the best practices for this type of task. Keep or setup a box inhouse to show the message, when the servers are online in the data center, switch ips for the names over and then change the setup on the box to either redirect or proxy the requests to the real servers to handle incoming http requests due to cached dns entries. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] How to size an email server to handle 5 million emails perday
On second thought, are mails being delivered locally or are you relaying to Exchange (or similar)? Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Erick Perez Sent: Thursday, August 23, 2007 9:52 PM To: CentOS mailing list Subject: [CentOS] How to size an email server to handle 5 million emails perday I have no idea as to how to size an email server. I was approached by a customer that wanted a single server with RAID 1 disks to handle about 5 million emails a day. In general terms, what parameters should I take into account to size the hardware specs when the average email is about 10kb, the smalles email is 2kb and the largest email is about 5meg (with attachment) thanks, -- Erick Perez ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Site down for maintenance - How is this accomplished?
Hello everyone, Although we use CentOS primarily on our servers, this query is actually more of a general networking question than something specific to CentOS. In the next week or so, we shall be migrating our in-house servers to a data center. While we're doing that, we'd like to show a Site down for maintenance message while the servers that hosts our websites (we have around 15 sites hosted btw), are down. So, how is this accomplished? While I can probably hack something on our name servers, I'm sure there are people on this list that have been doing this and could give some recommendations as to the best practices for this type of task. Thanks in advance, Matt -- Stand before it and there is no beginning. Follow it and there is no end. Stay with the ancient Tao, Move with the present. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to size an email server to handle 5 million emails per day
Erick Perez wrote: I have no idea as to how to size an email server. I was approached by a customer that wanted a single server with RAID 1 disks to handle about 5 million emails a day. In general terms, what parameters should I take into account to size the hardware specs when the average email is about 10kb, the smalles email is 2kb and the largest email is about 5meg (with attachment) you need to define what you mean by 'handle' email.that could mean anything from a sending 1000s of copies of the same message over and over to a email hosting server at a corporation with 5000 busy users with sox requirements. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to size an email server to handle 5 million emails perday
Mike Kercher wrote: On second thought, are mails being delivered locally or are you relaying to Exchange (or similar)? It cannot possibly be used for local delivery. Do you have any idea what it takes to handle 5 million local deliveries daily? I spent over three years managing a system that delivers more than 2 million emails and handles on average 200 million smtp transactions on a daily basis and you do not use a single box for this sort of thing. Delivering 5 million emails daily with a single box has got to be an outgoing box. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] How to size an email server to handle 5 million emailsperday
Well, of the 5M, how many would be real emails? I handle over 1M on a quad xeon, but only a fraction of those are good. Mike -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Feizhou Sent: Thursday, August 23, 2007 10:43 PM To: CentOS mailing list Subject: Re: [CentOS] How to size an email server to handle 5 million emailsperday Mike Kercher wrote: On second thought, are mails being delivered locally or are you relaying to Exchange (or similar)? It cannot possibly be used for local delivery. Do you have any idea what it takes to handle 5 million local deliveries daily? I spent over three years managing a system that delivers more than 2 million emails and handles on average 200 million smtp transactions on a daily basis and you do not use a single box for this sort of thing. Delivering 5 million emails daily with a single box has got to be an outgoing box. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to size an email server to handle 5 million emailsperday
Mike Kercher wrote: Well, of the 5M, how many would be real emails? I handle over 1M on a quad xeon, but only a fraction of those are good. Heh. Yeah, I count emails as stuff that will be delivered, stuff that will hit the queue. I guess my definitions have got in the way of this one. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to size an email server to handle 5 million emails perday
are you trying to say spam bot? ;-) where? WHERE? and where is my flame thrower? Boy, am I glad that I do not fight spammers anymore... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Site down for maintenance - How is this accomplished?
On Fri, 24 Aug 2007, Matt Arnilo S. Baluyos (Mailing Lists) wrote: Hello everyone, Although we use CentOS primarily on our servers, this query is actually more of a general networking question than something specific to CentOS. In the next week or so, we shall be migrating our in-house servers to a data center. While we're doing that, we'd like to show a Site down for maintenance message while the servers that hosts our websites (we have around 15 sites hosted btw), are down. So, how is this accomplished? While I can probably hack something on our name servers, I'm sure there are people on this list that have been doing this and could give some recommendations as to the best practices for this type of task. I would have DNS for all domains point to a web server that has the following php page: = html head titleMaintenance/title /head body bgcolor=white font size=5centerMaintenance/center br centerThe server that hosts ? $_SERVER['HTTP_HOST'] ? is currently undergoing maintenance. ? $_SERVER['HTTP_HOST'] ? will return to full service as soon as possible. /center /body /html = I would also add to your httpd.conf file: = RewriteEngine on RewriteRule !^/index\.php$ /index.php [NC,L] RewriteRule !^/index\.php$ - [F] = This makes it so that anyone who connects to any URL on any of your websites will be told that the server they are connecting to is under maintenance. When you have the new server up and running, change DNS. Alternately you could place this on a server in the new location, but change the routing/NATing to temporarily deliver the addresses to the server hosting this page. If you are using SSL certificates, you will need to have them as well and create different virtualhosts, although they can all have the same DocumentRoot and web page. Hope this helps. Barry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to size an email server to handle 5 million emails perday
--- Feizhou [EMAIL PROTECTED] wrote: Mike Kercher wrote: On second thought, are mails being delivered locally or are you relaying to Exchange (or similar)? It cannot possibly be used for local delivery. Do you have any idea what it takes to handle 5 million local deliveries daily? I spent over three years managing a system that delivers more than 2 million emails and handles on average 200 million smtp transactions on a daily basis and you do not use a single box for this sort of thing. Delivering 5 million emails daily with a single box has got to be an outgoing box. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos are you trying to say spam bot? ;-) Steven Get your Art Supplies @ www.littleartstore.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to size an email server to handle 5 million emailsperday
Right, actually the box will run an AV engine with antispam then delivered to a ms exchange 2003 server (local lan), so no local mailbox is being used. oh okay. Do you plan to build the system? (the software involved) You needs will vary on how emails are dwelt with at the smtp level. How did you come by the 5 million figure? If you are really going to scan that many, you will need lots of cpu power besides really good disk i/o if you plan to use a single box to handle everything. The barracuda spam firewall 400 appliance handles my specs but i cannot get info on what hardware they run, it's a 1u raid1, linux hardened presentation but no idea of the cpu or ram. They most probably make heavy use of NVRAM or whatever they use for the memory cache of the RAID system. The service provider was once providing with two boxes from F5 for testing and its i/o was fantastic and they somehow used the RAID cache to do their guarantee of not losing any email under any circumstances. And no, it won't be used for marketing, it's inbound only. If you do get a barracuda, please be sure to bin crap that you do not reject at the smtp level. Otherwise, you will be marked as an outscatter 'spammer'. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] gparted in centos-5
Hi, somebody knows how to get gparted for centos-5? Regards Joachim Backes [EMAIL PROTECTED] University of Kaiserslautern,Computer Center [RHRK], Systems and Operations, High Performance Computing, D-67653 Kaiserslautern, PO Box 3049, Germany -- Phone: +49-631-205-2438, FAX: +49-631-205-3056 http://hlrwm.rhrk.uni-kl.de/home/staff/backes.html smime.p7s Description: S/MIME Cryptographic Signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos