[CentOS-es] Squid sobre CentOS 5
Hola a todos, alguien me puede comentar si tienen algun servidor proxy montado sobre Centos 5. Ya que me gustaria migrar mi servidor. Además de implementarle algo acerca de control de ancho de banda ya que tengo usuarios que me estan comiendo el ancho de banda. Ustedes que me pueden recomendar y donde puedo encontrar más información. Les agradezco mucho sus comentarios. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Squid sobre CentOS 5
Hola. yo tengo un servidor squid montado sobre centos 5 desde hace 6 meses y trabaja muy bien, tambien tengo implementado apache y iptables con interfaz grafica de firestarter. en http://www.alcancelibre.org encuentras manuales sobre la implementación de squid - Mensaje original De: Alexander López Lapo [EMAIL PROTECTED] Para: centos-es@centos.org Enviado: jueves, 31 de enero, 2008 9:40:08 Asunto: [CentOS-es] Squid sobre CentOS 5 Hola a todos, alguien me puede comentar si tienen algun servidor proxy montado sobre Centos 5. Ya que me gustaria migrar mi servidor. Además de implementarle algo acerca de control de ancho de banda ya que tengo usuarios que me estan comiendo el ancho de banda. Ustedes que me pueden recomendar y donde puedo encontrar más información. Les agradezco mucho sus comentarios. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ¡Capacidad ilimitada de almacenamiento en tu correo! No te preocupes más por el espacio de tu cuenta con Correo Yahoo!: http://correo.espanol.yahoo.com/___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] PROBLEMA DE PRIVILEGIOS DE USUARIOS EN SAMBA PDC
No, he creado el usuario en la maquina, lo creo en el samba pdc. Encontre una forma de pasar el problema y es dando privilegios de acceso a las carpetas que solicitan los programas, dejando que puedan tener lectura y escritura los "usuarios autentificados" Lo de crear el usuario en la maquina, eso es lo que no quiero, de ser asi sigo trabajando con grupo de trabajo, y creando usuarios locales. Mario Ganga escribi: Hola.. Creaste el usuario en la maquina que el ocupa??? Atte. Mario Ganga Castro. On Jan 30, 2008 4:39 PM, Andre Aspe [EMAIL PROTECTED] wrote: Hola, Tengo un samba PDC, registro maquinas y usuarios que logran logearse correctamente. Todos los clientes seran winXP. Esoty haciendo las pruebas para comprobar los privilegios de usuarios segun los grupos que les asigno en el samba PDC. En el equipo que inicia sesion no tiene los privilegios necesarios para, por ejemplo: instalar programas, cambiar configuracion de las conexiones de red,Y mas problema aun, cuando ejecuto algunos programas (nuestro ERP) no lo deja por que no tiene el permiso para leer y escribir en la carpeta del SW. Es decir, inicia sesion, pero solo como un usuario restringido o invitado. Para que pueda el usuario utilizar el ERP, tengo que hacer que el usuario sea parte de "Admins. del dominio", con el consiguiente problema de que puede instalar y cambiar configuraciones del equipo a su antojo. Me gustaria lograr tener un tipo de usuario del dominio que pueda leer y escribir en las carpetas de los programas, sin ser administrador del dominio, que no pueda modificar parametros de red, ni instalar programas. Se me ocurrio mapear un grupo Usuarios avanzado del dominio, y colocarle como sid S-1-5-32-SAmbaSID-547, pero el usuario al ser agregado a este grupo, queda como un usuario igual de restringido. Alguna sugerencia??? Gracias mi netgroupmap list [EMAIL PROTECTED] ~]# net groupmap list Opers. de servidores (S-1-5-32-549) - opers_sistema Duplicadores (S-1-5-32-552) - duplicadores Usuarios avanzados (S-1-5-32-547) - usrs_avanzados Opers. de impresin (S-1-5-32-550) - opers_impresion Administradores (S-1-5-32-544) - administradores Admins. del dominio (S-1-5-21-732503632-1872658953-3798343223-512) - admins_dominio Opers. de cuentas (S-1-5-32-548) - opers_cuentas Invitados del dominio (S-1-5-21-732503632-1872658953-3798343223-514) - invitados Usuarios del dominio (S-1-5-21-732503632-1872658953-3798343223-513) - usuarios_dominio Operadores de copias (S-1-5-32-551) - opers_copias Usuarios (S-1-5-32-545) - usuarios mi smb.conf #=== Global Settings = [global] # --- Netwrok Related Options - workgroup = tremac server string = Samba PDC netbios name = rapanui hosts allow = 127. 192.168.10. # --- Domain Controller Options security = user passdb backend = tdbsam unix password sync = yes passwd program = /usr/bin/passwd %u passwd chat = *New*UNIX*password* %n\n *ReType*new*UNIX*password* %n\n *passwd:*all*authentication*tokens*updated*successfully* domain master = yes domain logons = yes time server = yes logon path = logon script = logon.cmd add user script = /usr/sbin/useradd %u add machine script = /usr/sbin/useradd -d /dev/null -g 100 -s /bin/false -c "Cuenta de mquina" -M %u delete user script = /usr/sbin/userdel %u delete group script = /usr/sbin/groupdel %g add user to group script = /usr/bin/gpasswd -a %u %g set primary group script = /usr/sbin/usermod -g %g %u delete user from group script = /usr/sbin/userdel "%u" "%g" add group script = /usr/sbin/groupadd "%g" # --- Browser Control Options local master = yes ; os level = 33 preferred master = yes #- Name Resolution --- wins support = yes # --- Printing Options - load printers = yes cups options = raw username map = /etc/samba/smbusers ; printcap name = /etc/printcap #obtain list of printers automatically on SystemV ; printcap name = lpstat ; printing = cups # --- Filesystem Options --- # # The following options can be uncommented if the filesystem supports # Extended Attributes and they are enabled (usually by the mount option # user_xattr). Thess options will let the admin store the DOS attributes # in an EA and make samba not mess with the permission bits. # # Note: these options can also be set just per share, setting them in global # makes them the default for all shares ; map archive = no ; map hidden = no ; map read > ; map system = no ; store dos attributes = yes # Share Definitions ==
[CentOS-es] SARG y reportes
Instale el sarg y me genera reportes cuando se los pido con sarg -d dd/mm/-dd/mm/. Esta bien, pero me esta dando reportes solo de las descargas y no puedo hacer que me de reportes de los sitios visitados. Ademas cuando esta generando el reporte, despues de leer el 100%, pasan unos segundos y da un mensaje en la consola: violacion de segmento Alguna recomendacion que me puedan dar?? centos 5 squid 2.6 sarg 2.2.3.1 mi sarg.conf # sarg.conf language Spanish access_log /var/log/squid/access.log graphs yes graph_days_bytes_bar_color orange title Squid - Reporte de Accesos de usuarios font_face Tahoma,Verdana,Arial header_color darkblue header_bgcolor blanchedalmond font_size 9px header_font_size 9px title_font_size 11px background_color white text_color #00 text_bgcolor lavender title_color green logo_image none logo_text # TAG:logo_text_color #Html page logo texti color. # #logo_text_color #00 # TAG:logo_image_size #Html page logo image size. # width height # #image_size 80 45 # TAG:background_image #Html page background image # #background_image none password none temporary_dir /tmp #output_dir /var/www/html/squid-reports output_dir /var/www/sarg/ONE-SHOT resolve_ip yes user_ip yes topuser_sort_field BYTES reverse user_sort_field BYTES reverse exclude_users none exclude_hosts none useragent_log none date_format u per_user_limit none lastlog 5 remove_temp_files yes index yes # TAG: index_tree date|file index_tree file # TAG: overwrite_report yes|no overwrite_report yes # TAG: records_without_userid ignore|ip|everybody records_without_userid ip # TAG: use_comma no|yes use_comma no # TAG: mail_utility mail|mailx # Mail command to use to send reports via SMTP # #mail_utility mailx #mail_utility mail topsites_num 50 topsites_sort_order CONNECT D index_sort_order D #exclude_codes /usr/local/sarg/exclude_codes # TAG: replace_index string # Replace index.html in the main index file with this string # If null index.html is used # #replace_index ?php echo str_replace(., _, $REMOTE_ADDR); echo .html; ? max_elapsed 2880 # 8 Hours # TAG: report_type type report_type topusers topsites sites_users users_sites date_time denied auth_failures site_user_time_date downloads # TAG: usertab filename usertab none # TAG: long_url yes|no # If yes, the full url is showed in report. # If no, only the site will be showed # # YES option generate very big sort files and reports. # long_url no # TAG: date_time_by bytes|elap # Date/Time reports will use bytes or elapsed time? # date_time_by elap # TAG: charset name # ISO 8859 is a full series of 10 standardized multilingual single-byte coded (8bit) # graphic character sets for writing in alphabetic languages # You can use the following charsets: #Latin1 - West European #Latin2 - East European #Latin3 - South European #Latin4 - North European #Cyrillic #Arabic #Greek #Hebrew #Latin5 - Turkish #Latin6 #Windows-1251 #Japan #Koi8-r #UTF-8 # charset Latin1 # TAG: user_invalid_char / # Records that contain invalid characters in userid will be ignored by Sarg. # user_invalid_char / # TAG: privacy yes|no privacy no # TAG: include_users user1:user2:...:usern # Reports will be generated only for listed users. # #include_users none # TAG: exclude_string string1:string2:...:stringn # Records from access.log file that contain one of listed strings will be ignored. # exclude_string none show_successful_message yes show_read_statistics yes topuser_fields NUM DATE_TIME USERID CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE user_report_fields CONNECT BYTES %BYTES IN-CACHE-OUT USED_TIME MILISEC %TIME TOTAL AVERAGE bytes_in_sites_users_report no # TAG: topuser_num n # How many users in topsites report. 0 = no limit # topuser_num 50 # TAG: site_user_time_date_type list|table # generate reports for site_user_time_date in list or table format # site_user_time_date_type table # TAG: datafile file # Save the report results in a file to populate some database # datafile none # TAG: datafile_delimiter ; # ascii character to use as a field separator in datafile # #datafile_delimiter ; # TAG: datafile_fields all # Which data fields must be in datafile # user;date;time;url;connect;bytes;in_cache;out_cache;elapsed # #datafile_fields user;date;time;url;connect;bytes;in_cache;out_cache;elapsed # TAG: datafile_url ip|name # Saves the URL as ip or name in datafile # #datafile ip # TAG: weekdays # The weekdays to take account ( Sunday-0, Saturday-6 ) # Example: #weekdays 1-3,5 # Default: weekdays 0-6 # TAG: hours # The hours to take account # Example: #hours 7-12,14,16,18-20 # Default: hours 0-23 # TAG: dansguardian_conf
Re: [CentOS-es] Problemas con Xvnc y xinetd
Por favor, que alguien me heche un cable con esto.
Gracias.
El Vie, 25 de Enero de 2008, 23:53, ArcosCom Linux User escribió:
La ventana de error que sale al intentar entrar pone el texto:
No password configured for VNC Auth
Salu2
El Vie, 25 de Enero de 2008, 23:29, ArcosCom Linux User escribió:
Hola colisteros,
resulta que estoy intentando configurar en una máquina con CentOS 5.1
lo mismo que tengo en una FC5, que es acceso por terminal a través de
Xvnc.
He puesto la misma configuración que en FC5, pero en CentOS 5.1 no
funciona.
Mi idea es poder tener acceso a través de terminales Xvnc a una
máquina. Lo que tengo hecho es:
1) Agregado el servicio vnc800 al /etc/services.
2) Preparado el servicio en /etc/xinetd.d/vnc800
3) Abierto el puerto con IPTABLES (system-config-security)
4) Editado /etc/xinetd.d/vnc800 con el siguiente contenido:
service vnc800
{
disable = no
socket_type = stream
protocol= tcp
wait= no
user= nobody
server = /usr/bin/Xvnc
server_args = -inetd -query 127.0.0.1 -geometry 800x600 -depth
16
-once -fp unix/:7100 -securitytypes=VncAuth
-passwordfile=/root/.vnc/passwd -idletimeout=300 -alwaysshared
-desktop=PC
}
5) Reiniciado xinetd.
Bien, todo parece funcionar, pero cuando desde el cliente introduzco la
contraseña parece que el servidor no sabe encontrar el fichero
/root/.vnc/passwd y sí está configurado previamente con vncpasswd.
¿Alguien podría echarme un cable para saber por qué con FC5 sí funciona
esta configuración pero con CentOS 5.1 no funciona?
Como nota adicional, indicar que el puerto es el 5901, porque en el 5900
tengo configurado el acceso normal por VNC a la máquina (a través de
xorg.conf).
Salu2
___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es
___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es
___
CentOS-es mailing list
CentOS-es@centos.org
http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] SARG y reportes
Andre Aspée wrote: Instale el sarg y me genera reportes cuando se los pido con sarg -d dd/mm/-dd/mm/. Esta bien, pero me esta dando reportes solo de las descargas y no puedo hacer que me de reportes de los sitios visitados. Ademas cuando esta generando el reporte, despues de leer el 100%, pasan unos segundos y da un mensaje en la consola: violacion de segmento Esto ocurre en máquinas de 64bits porque falta una biblioteca, la puedes obtener de la misma distro de 32 bits... ahora no recuerdo exactamente cuál falta, pero con eso lo solucionas. saludos epe ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] SARG y reportes
estoy en el mismo problema! Ing. Ernesto Pérez Estévez escribió: Andre Aspée wrote: Instale el sarg y me genera reportes cuando se los pido con sarg -d dd/mm/-dd/mm/. Esta bien, pero me esta dando reportes solo de las descargas y no puedo hacer que me de reportes de los sitios visitados. Ademas cuando esta generando el reporte, despues de leer el 100%, pasan unos segundos y da un mensaje en la consola: violacion de segmento Esto ocurre en máquinas de 64bits porque falta una biblioteca, la puedes obtener de la misma distro de 32 bits... ahora no recuerdo exactamente cuál falta, pero con eso lo solucionas. saludos epe ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Squid sobre CentOS 5
La cosa es que puedes montar tranquilamente con el squid-cache de CentOS 5.x, de pasopara la segmentación podes utilizar el HTB-GEN, estos los puedes ver en cualquiera de estos dos sitio: http://www.alcancelibre.org http://www.ecualug.org En la primera dirección estan los manuales y en el segundo sitio la sección de comos. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] AirCrack Centos 5 compilar ipwraw-ng ( para Ing. Ernesto Pérez Estévez )
disculpa Inge... pues ya me funciona la tarjeta intel 3945 de mi lap pero al intentar compilar el ipwraw-ng de da errores he buscado en foros pero nada intente con el wifislax 3.1 Live CD que ya viene con el ipwraw pero se bloquea... no se si tenga k compilar el kernel 2.6.20 en mi centos 5 para ver si puedo compilar el ipwarw... alguna opinion?? ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] Re: NoMachine NX Server
I see, thank you to all of you who has give a reply to my question. Seems this product is a 'safe' product to try :D Timothy Kesten wrote: Am Donnerstag, 31. Januar 2008 05:15 schrieb Sobari Tanuwijaya: Hi, Is there anybody ever have an experience install NoMachine NX Server on centos? Is there anything need to get special attention? NoMachine NX Server and Client works on CentOS 5 out of the box on my machines. FreeNX Version produced some problems. Especially the Client. Timothy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm
On Jan 30, 2008 5:39 PM, William L. Maltby [EMAIL PROTECTED] wrote: According to man pages for mount and nfs, *atime is not a supported mount option for NFS. *If* I read correctly. I don't agree. noatime is listed in the general section of man mount, and those options should then exist (but may be ignored) by nfs. man nfs explains the differences between v3 and v4. In Documentation/filesystems there aren't any caveats either. Anyways, we didn't change mount options when upping the kernel. regards, Bent ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ISCSI help
I am fairly new to ISCSI and SAN technology but having recently invested in the technology I am trying to find out exactly what can and can not be manipulated, filesystem wise, without requiring a reboot. I am using the inbuilt software ISCSI initiator and multipathing in CentOS 5.1. My steps so far. Create 10GB volume on SAN # iscsiadm -m session -R # fdisk /dev/mapper/mpath0 # kpartx -a /dev/mapper/mpath0 # mke2fs -j /dev/mapper/mpath0p1 # mount /dev/mapper/mpath0p1 /test-mount --works fine to here-- Now I want to extend the volume on the SAN to 15GB run fdisk and use resize2fs to extend the filesystem, is this possible without a reboot? Currently, I don't seem to be able to get fdisk to see the new disk size after extending the volume. I know this can be done using LVM if I created 2 volumes rather than extending but I am curious to know if it can be done without LVM. Any other tips about what can be done with ISCSI would be welcome. Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm
On Thu, 2008-01-31 at 12:12 +0100, Bent Terp wrote: On Jan 30, 2008 5:39 PM, William L. Maltby [EMAIL PROTECTED] wrote: According to man pages for mount and nfs, *atime is not a supported mount option for NFS. *If* I read correctly. AA TG I said this. || I don't agree. noatime is listed in the general section of man mount, and those options should then exist (but may be ignored) by nfs. man nfs explains the differences between v3 and v4. In Documentation/filesystems there aren't any caveats either. Well, although it's been a millennium, I seem to recall using that option for NFS mounts in the past. His curiosity piqued, the sleuth is irresistibly drawn into a brief diversion from his pastime to see what can be discovered!. Hmmm... from man mount Edited for readability -o Options are specified with a -o flag followed by a comma separated string of options. Some of these options are only useful when they appear in the /etc/fstab file. The following options apply to any file system that is being mounted --- (but not every file system actually honors them - e.g., the sync option today has effect only for ext2, ext3, fat, vfat and ufs): From man nfs, following Options for the nfs file system type and for the NFS4 section as well, there is no mention of (no)atime. Johnny's attempted tests, IIRC, erred when attempting to use it, but there were other options so it is not conclusive. Logical, but possibly erroneous conclusion: unsupported. However, I know that man pages can be incomplete, inaccurate and ambiguous. So what does one do? $ grep -irl atime /usr/share/system-config-nfs And as a check I didn't goofus the previous command: $ grep -irl sync /usr/share/system-config-nfs /usr/share/system-config-nfs/propertiesWindow.py /usr/share/system-config-nfs/nfsBackend.pyc /usr/share/system-config-nfs/nfsBackend.py /usr/share/system-config-nfs/nfs-export.pyc /usr/share/system-config-nfs/propertiesWindow.pyc /usr/share/system-config-nfs/nfsData.py /usr/share/system-config-nfs/nfsData.pyc /usr/share/system-config-nfs/nfs-export.py $ Ahhh... but still, maybe it's just not included in the default setup scripts. $ (cd /usr/share/doc/; grep -irl atime system-config-nfs* libnfsidmap*) $ (cd /usr/share/doc/; grep -irl sync system-config-nfs* libnfsidmap*) system-config-nfs-1.2.8/config.html $ Anyways, we didn't change mount options when upping the kernel. Still, we can't believe that an option you've never changed, and apparently worked before, and is not specifically (in)excluded as (un)supported is unsupported now. :-( I'm *not* being wise-ass, just acknowledging that sometimes all locally available (excluding read the SOURCE Luke!) references does not tell us all that we may need to know. So I go googling... and see refs all over the place that indicate noatime is being used. There are admonishments, such as no -o, separate options with commas and no spaces, etc. Maybe there is an answer in the Googlevers? Maybe support for it has been dropped (I hope not). Last, $ rpm -q --changelog nfs-utils|grep -i atime No joy in Mudville. Anyway, my curiosity has *not* been satisfied, but I've got other interests pulling at me now. BTW: man mount points out that some of the commands are only effective when invoked within the /etc/fstab. JIC. regards, Bent snip sig stuff Good luck with it. -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] VMWare 6.02 and Linux screen saver?
I have a user who freshly installed CentOS on their desktop. They also installed VMWare 6.02. When they click the mouse on their Linux desktop, the screen saver properly activates. But, when they click the mouse in their VMWare session, the Linux screen saver never activates. This has been tried for both VMWare Player and Workstation. I don't know if it makes any difference, but the VMWare Guest OS is Windows XP w/SP2. Thanks for any insight. Scott ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ISCSI help
On Jan 31, 2008 12:40 PM, Plant, Dean [EMAIL PROTECTED] wrote: I am fairly new to ISCSI and SAN technology but having recently invested in the technology I am trying to find out exactly what can and can not be manipulated, filesystem wise, without requiring a reboot. I am using the inbuilt software ISCSI initiator and multipathing in CentOS 5.1. Without a reboot of the centos, certainly; just restart the iscsi service! Without stopping the iscsi ? Probably, take a look at the iscsiadm manual. My steps so far. Create 10GB volume on SAN # iscsiadm -m session -R # fdisk /dev/mapper/mpath0 # kpartx -a /dev/mapper/mpath0 You dont need to create additional partition, just use /dev/mapper/mpath0 instead of /dev/mapper/mpath1 ! # mke2fs -j /dev/mapper/mpath0p1 # mount /dev/mapper/mpath0p1 /test-mount --works fine to here-- Now I want to extend the volume on the SAN to 15GB run fdisk and use resize2fs to extend the filesystem, is this possible without a reboot? Currently, I don't seem to be able to get fdisk to see the new disk size after extending the volume. I know this can be done using LVM if I created 2 volumes rather than extending but I am curious to know if it can be done without LVM. If you want to do the job without dismounting the ext3 partition, this is an interesting challenge. Because with LVM this is too easy :-) Any other tips about what can be done with ISCSI would be welcome. Thanks Dean ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Alain Spineux aspineux gmail com May the sources be with you ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm
On Jan 31, 2008 1:17 PM, William L. Maltby [EMAIL PROTECTED] wrote: Still, we can't believe that an option you've never changed, and apparently worked before, and is not specifically (in)excluded as (un)supported is unsupported now. :-( No I suppose not, so we went and rechecked with noatime, and the situation remains the same. /B ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm
On Jan 31, 2008 2:09 PM, Bent Terp [EMAIL PROTECTED] wrote: On Jan 31, 2008 1:17 PM, William L. Maltby [EMAIL PROTECTED] wrote: Still, we can't believe that an option you've never changed, and apparently worked before, and is not specifically (in)excluded as (un)supported is unsupported now. :-( No I suppose not, so we went and rechecked with noatime, and the situation remains the same. /B ehrmn, I meant rechecked WITHOUT noatime and nodiratime ;-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Locating the broken links
Garrick Staples wrote: I am trying cleanlinks and is cleaning lot of stuff, erasing links and empty directories, I hope it will not mess my installation, especially by doing the last. On your entire OS? Sounds like a pretty good way to break things. Yes it damaged it. I had to reinstall from scratch... Any pretty way to find broken links on the entire filesystem would be welcome however. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centosplus + priority plugin
Christopher Chan wrote: Work around below [base] name=CentOS-$releasever - Base #mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch=$basearchrepo=os baseurl=http://ftp.hostrino.com/pub/centos/$releasever/os/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 exclude=php* httpd* postgres* MySQL* mysql* perl perl-DBD-MySQL perl-DBD-Pg perl-DBI perl-suidperl unixODBC* mod_auth_mysql mod_auth_pgsql mod_perl mod_perl-devel mod_ssl priority=1 #released updates [update] name=CentOS-$releasever - Updates #mirrorlist=http://mirrorlist.centos.org/?release=$releaseverarch=$basearchrepo=updates baseurl=http://ftp.hostrino.com/pub/centos/$releasever/updates/$basearch/ gpgcheck=1 gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4 exclude=php* httpd* postgres* MySQL* mysql* perl perl-DBD-MySQL perl-DBD-Pg perl-DBI perl-suidperl unixODBC* mod_auth_mysql mod_auth_pgsql mod_perl mod_perl-devel mod_ssl priority=1 I tried changing perl to perl-* and yum check-update finally listed the perl package. yum check-update 18 packages excluded due to repository priority protections httpd.x86_64 2.0.59-1.el4s1.10.el4. centosplus httpd-manual.x86_64 2.0.59-1.el4s1.10.el4. centosplus mod_perl.x86_64 2.0.3-1.el4s1.3centosplus mod_ssl.x86_64 1:2.0.59-1.el4s1.10.el centosplus mysql.x86_64 5.0.54-1.el4.centoscentosplus mysql-devel.x86_64 5.0.54-1.el4.centoscentosplus mysql-server.x86_64 5.0.54-1.el4.centoscentosplus mysqlclient10.x86_64 3.23.58-9.2.c4 centosplus perl.x86_64 4:5.8.8-5.el4s1_2 centosplus perl-DBD-MySQL.x86_643.0008-1.el4.centoscentosplus perl-DBD-Pg.x86_64 1.49-1.el4s1 centosplus perl-DBI.x86_64 1.54-1.el4s1 centosplus perl-libwww-perl.noarch 5.805-1.1.1centosplus php.x86_64 5.1.6-3.el4s1.8centosplus php-gd.x86_645.1.6-3.el4s1.8centosplus php-ldap.x86_64 5.1.6-3.el4s1.8centosplus php-mbstring.x86_64 5.1.6-3.el4s1.8centosplus php-pear.noarch 1:1.4.11-1.el4s1.1 centosplus php-pgsql.x86_64 5.1.6-3.el4s1.8centosplus postgresql.x86_648.1.9-1.el4s1.1centosplus postgresql-devel.x86_64 8.1.9-1.el4s1.1centosplus postgresql-libs.x86_64 8.1.9-1.el4s1.1centosplus postgresql-server.x86_64 8.1.9-1.el4s1.1centosplus unixODBC.x86_64 2.2.12-1.el4s1.1 centosplus That should mostly work ... the only problem is that there might be some perl* things in centosplus that might not SPECIFICALLY be part of the new web stack and they will also be taken from the plus repo. It should not make a huge difference though. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Locating the broken links
Ioannis Vranos ha scritto: Garrick Staples wrote: I am trying cleanlinks and is cleaning lot of stuff, erasing links and empty directories, I hope it will not mess my installation, especially by doing the last. On your entire OS? Sounds like a pretty good way to break things. Yes it damaged it. I had to reinstall from scratch... Any pretty way to find broken links on the entire filesystem would be welcome however. try fslint (rpmforge repository) Regards Lorenzo Quatrini ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Where is gpg-agent?
On Sunday 27 January 2008 19:42, Mark Pryor wrote: --- Anne Wilson [EMAIL PROTECTED] wrote: The only obstacle now to running this box as the mail server is that I do read and send mail on it occasionally, while working on something. I need gpg-agent, but can't find how to get it. Is it merged into another package, or do I simply have to look at other repositories? Setup the repo below in YUM #cd /etc/yum.repos.d #wget http://centos.karan.org/kbsingh-CentOS-Extras.repo #yum install GnuPG2 --enablerepo=kbs-CentOS-Testing Hi, Mark. I only found this today, as some messages got mis-filed during the copying over to the new server. I've installed it, but I have big problems with gpg on this box. Whenever there is a signature to be checked I get runaway cpu usage and gpg has to be killed. At various times I have used different methods for stopping/starting gpg-agent. I used to use /env and /shutdown scripts under .kde. Then later I used the statement eval `gpg-agent --daemon` in .bash_profile. I've tried both methods in CentOS, but both give me these runaway problems. After a few of them kmail crashes and the trustdb gets corrupted. Maybe I should try to remove everything connected with gpg and reinstall? As to starting and stopping gpg-agent, please advise the best method to use. Anne ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Locating the broken links
Hi, Any pretty way to find broken links on the entire filesystem would be welcome however. I have a script available for this: #!/bin/bash # command line parameter would be the directory to search for i in ` find $1 -type l `; do # feststellen, ob der link noch gueltig ist oder nicht file $i | grep -q broken if [ $? -eq 0 ] ; then echo Broken link $i fi done exit Christian Volker Technical Support Engineer -- Parnell House, Barrack Square, Ballincollig, Co. Cork, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Where is gpg-agent?
On Thursday 31 January 2008 16:10, Rex Dieter wrote: Anne Wilson wrote: As to starting and stopping gpg-agent, please advise the best method to use. Here's what we use in fedora (and kde-redhat packaging): Grab gpg-agent-* scripts from: http://cvs.fedoraproject.org/viewcvs/devel/kde-settings/ Put into either (global): /etc/kde/env , /etc/kde/shutdown or (personal): ~/.kde/env , ~/.kde/shutdown Thanks, Rex. With any luck I'll be working again. :-) Anne ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Where is gpg-agent?
Anne Wilson wrote: As to starting and stopping gpg-agent, please advise the best method to use. Here's what we use in fedora (and kde-redhat packaging): Grab gpg-agent-* scripts from: http://cvs.fedoraproject.org/viewcvs/devel/kde-settings/ Put into either (global): /etc/kde/env , /etc/kde/shutdown or (personal): ~/.kde/env , ~/.kde/shutdown -- Rex ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: Where is gpg-agent?
On Thursday 31 January 2008 16:28, Anne Wilson wrote: On Thursday 31 January 2008 16:10, Rex Dieter wrote: Anne Wilson wrote: As to starting and stopping gpg-agent, please advise the best method to use. Here's what we use in fedora (and kde-redhat packaging): Grab gpg-agent-* scripts from: http://cvs.fedoraproject.org/viewcvs/devel/kde-settings/ Put into either (global): /etc/kde/env , /etc/kde/shutdown or (personal): ~/.kde/env , ~/.kde/shutdown Thanks, Rex. With any luck I'll be working again. :-) BTW - I found a stale lockfile that could have been the cause of the crashes. Things are looking up at last :-) Anne pgp0fiFx3Vza7.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: NFS problem in the latest kernel (Was: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm)
On Jan 30, 2008 4:01 PM, Akemi Yagi [EMAIL PROTECTED] wrote: On Jan 30, 2008 8:25 AM, Johnny Hughes [EMAIL PROTECTED] wrote: Joshua Baker-LePain wrote: On Wed, 30 Jan 2008 at 10:18am, Johnny Hughes wrote Bent Terp wrote: Has something changed with regard to the mount options? We use (rw,noatime,rsize=8192,wsize=8192,hard,udp,context=system_u:object_r:httpd_sys_content_t:s0) which has worked fine until now. I am trying to duplicate your options ... and noatime is not a valid option. Could you please double check the /etc/export options again so I can try to duplicate the issue. Using my standard /etc/exports on 2 i686 test platforms I have no problems at all. Here are the options I used on my test: (rw,insecure,sync,no_subtree_check) In any event, I can not duplicate the problem with an nfs export on c4 or c5 and connecting with a c5 client, regardless of the kernel using i686. One other person has reported seemingly the same nfs problem in the Scientific Linux mail list: http://listserv.fnal.gov/scripts/wa.exe?A2=ind0801L=scientific-linux-develT=0P=5427 According to this post, It only seems to affect x86_64 systems, or affects them much more noticeably than it does i386 ones. This problem does not seem to be associated with specific hardware as implied in the original thread. The person on the SciLinux mail list has Dell machines, and I was able to confirm the issue using custom built boxes. I have added a note in the bug tracker at: http://bugs.centos.org/view.php?id=2635 Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: NFS problem in the latest kernel (Was: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm)
Akemi Yagi wrote: This problem does not seem to be associated with specific hardware as implied in the original thread. The person on the SciLinux mail list has Dell machines, and I was able to confirm the issue using custom built boxes. I have added a note in the bug tracker at: http://bugs.centos.org/view.php?id=2635 Unrelated, but still kind of related, I'm only replying because of how crazy I went trying to track it down. But I had major NFS client issues on CentOS 4.5, specifically kernels after 2.6.9-55.ELsmp. Even under pretty light load, after seemingly random periods of time NFS write performance would go down 99.9%. Read performance was fine. Downgrade the kernel and it worked fine again. Eventually for servers that ran our critical apps for NFS I just upgraded them to CentOS 5.1 and there is no problems there for us at least. Spent several weeks researching the problem but never found a solution, since it took so long to reproduce(up to 24 hours typically), testing different configurations was very time consuming. And no I haven't filed any bug reports or anything as I wanted to try to narrow it down further to find the source before that. But I ran out of time, and the kernel in CentOS 5.1 seems to work fine. (migrated production systems to it about 6 weeks ago) The newer kernel didn't/does not affect the NFS servers at all, as they are all running CentOS 4.5 with 2.6.9-55.0.9.ELsmp, it's purely a client-side issue. (sorry, end rant :) ) nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Help with authenticating against Active Directory.
Hello all, I'm trying to authenticate shell login's against an MS-ADS. I don't have admin access to the ADS, but I can talk to the admins. I have gotten as far as getting authentication working, but the uid's depend on the order of login. ie: the first guy to login gets 1, the next gets 10001, etc. The problem I have with this is that I want to share the home directories via nfs, which means everyone has to have the same id. Is anyone else doing this? My smb.conf and nsswitch.conf files are below. TIA -- Milton Calnek BSc, A/Slt(Ret.) [EMAIL PROTECTED] 306-717-8737 smb.conf [global] workgroup = example_com realm = example.COM server string = %h server (Samba %v) security = ADS map to guest = Bad Password passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . log level = 2 winbind:10 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No wins server = ldap ldap ssl = no panic action = /usr/share/samba/panic-action %d idmap uid = 1-2 idmap gid = 1-2 idmap backend = ldap:ldap://ldap.example.com:3268 ldap admin dn = cn=Manager,dc=example,dc=COM ldap idmap suffix = ou=Idmap ldap suffix = dc=example,dc=COM template homedir = /home/%U template shell = /bin/bash winbind separator = + winbind use default domain = Yes winbind nested groups = Yes invalid users = root nsswitch.confpasswd: files compat winbind shadow: files compat group: files compat winbind #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files #networks: nisplus [NOTFOUND=return] files #protocols: nisplus [NOTFOUND=return] files #rpc:nisplus [NOTFOUND=return] files #ethers: nisplus [NOTFOUND=return] files #netmasks: nisplus [NOTFOUND=return] files bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:files services: files netgroup: nisplus publickey: nisplus automount: files nisplus aliases:files nisplus -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: NFS problem in the latest kernel (Was: [CentOS] MySQL issues with kernel-2.6.18-53.1.6.el5.x86_64.rpm)
On Jan 31, 2008 10:28 AM, nate [EMAIL PROTECTED] wrote: Akemi Yagi wrote: This problem does not seem to be associated with specific hardware as implied in the original thread. The person on the SciLinux mail list has Dell machines, and I was able to confirm the issue using custom built boxes. I have added a note in the bug tracker at: http://bugs.centos.org/view.php?id=2635 And no I haven't filed any bug reports or anything as I wanted to try to narrow it down further to find the source before that. But I ran out of time, and the kernel in CentOS 5.1 seems to work fine. (migrated production systems to it about 6 weeks ago) The newer kernel didn't/does not affect the NFS servers at all, as they are all running CentOS 4.5 with 2.6.9-55.0.9.ELsmp, it's purely a client-side issue. Just a note to inform that Johnny Hughes filed a bug with the upstream bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=431092 Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] About Creating a DVD iso from Cd's isos
I had tried the bash script that there is on the wiki about How to create a DVD from Cd's I got no errors during the making of the DVD but the size of the final DVD.iso is about 2.2 Gb when I look into the mirrors page a DVD iso is about 4 gb Is theiso size correct?, or I'm doing something wrong??? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] One approach to dealing with SSH brute force attacks.
James B. Byrne wrote: I am not a fan of security through obscurity. You're diluting a useful phrase. It originally referred to practices where obscurity was the _only_ source of security. As soon as you saw through the obscurity, there was no security. Of course, this means that there was no real security to begin with. Hiding telnet by changing its listening port would be security through obscurity. Changing ssh's service port is not at all the same thing. If you get past this bit of obscurity, security remains. To employ another popular phrase, it's defense in depth. The more walls you can throw up, the less stress on the final wall that stops the attack. If you don't like those arguments, the CPU usage difference should matter to you. Your system can reject (or ignore) a connection to an unused port with a lot less CPU power than it takes to reject a login attempt, especially to a cryptographically protected service. And, the post that started this says there's a 96% chance that the port rejection runs the attacker off completely, whereas a password rejection just invites another attempt. So, one TCP RST packet vs. several thousand login attempts. Which would you rather allocate CPU resources for? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help with authenticating against Active Directory.
What I did was create the users in /etc/passwd with the same username as you would find in the AD. Then, its just a matter of enabling Kerberos authentication, and using the Domain Controllers as KDC's. Maybe not what you're looking for, but its simple and effective. No samba involved. On Jan 31, 2008 3:51 PM, Milton Calnek [EMAIL PROTECTED] wrote: Hello all, I'm trying to authenticate shell login's against an MS-ADS. I don't have admin access to the ADS, but I can talk to the admins. I have gotten as far as getting authentication working, but the uid's depend on the order of login. ie: the first guy to login gets 1, the next gets 10001, etc. The problem I have with this is that I want to share the home directories via nfs, which means everyone has to have the same id. Is anyone else doing this? My smb.conf and nsswitch.conf files are below. TIA -- Milton Calnek BSc, A/Slt(Ret.) [EMAIL PROTECTED] 306-717-8737 smb.conf [global] workgroup = example_com realm = example.COM server string = %h server (Samba %v) security = ADS map to guest = Bad Password passdb backend = tdbsam passwd program = /usr/bin/passwd %u passwd chat = *Enter\snew\sUNIX\spassword:* %n\n *Retype\snew\sUNIX\spassword:* %n\n . log level = 2 winbind:10 syslog = 0 log file = /var/log/samba/log.%m max log size = 1000 dns proxy = No wins server = ldap ldap ssl = no panic action = /usr/share/samba/panic-action %d idmap uid = 1-2 idmap gid = 1-2 idmap backend = ldap:ldap://ldap.example.com:3268 ldap admin dn = cn=Manager,dc=example,dc=COM ldap idmap suffix = ou=Idmap ldap suffix = dc=example,dc=COM template homedir = /home/%U template shell = /bin/bash winbind separator = + winbind use default domain = Yes winbind nested groups = Yes invalid users = root nsswitch.confpasswd: files compat winbind shadow: files compat group: files compat winbind #hosts: db files nisplus nis dns hosts: files dns # Example - obey only what nisplus tells us... #services: nisplus [NOTFOUND=return] files #networks: nisplus [NOTFOUND=return] files #protocols: nisplus [NOTFOUND=return] files #rpc:nisplus [NOTFOUND=return] files #ethers: nisplus [NOTFOUND=return] files #netmasks: nisplus [NOTFOUND=return] files bootparams: nisplus [NOTFOUND=return] files ethers: files netmasks: files networks: files protocols: files rpc:files services: files netgroup: nisplus publickey: nisplus automount: files nisplus aliases:files nisplus -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VMWare 6.02 and Linux screen saver?
On Jan 31, 2008 4:20 AM, Scott Ehrlich [EMAIL PROTECTED] wrote: I have a user who freshly installed CentOS on their desktop. They also installed VMWare 6.02. When they click the mouse on their Linux desktop, the screen saver properly activates. But, when they click the mouse in their VMWare session, the Linux screen saver never activates. This has been tried for both VMWare Player and Workstation. I don't know if it makes any difference, but the VMWare Guest OS is Windows XP w/SP2. Forgive my confusion, but are you saying that your screen saver de-activates when you click the mouse over your Linux but not Windows? Wait, that doesn't make sense either. The screen saver should activate after your specified timeout, or if you lock the screen via a keyboard shortcut or panel launcher or navigating the system menu to lock the screen. Only the keyboard shortcut can be effective with the mouse cursor in the guest OS window because the mouse would have to move outside that window to activate the screen saver directly. Or are you talking about the guest screen saver (which also does not make sense)? For the record, while your cursor is in the VMWare guest OS window, it is disconnected from the host's responses until you either type ctrlalt or move the mouse out of the VMWare window (which you can only do if you have installed VMWare tools in the guest OS). That's normal. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centosplus + priority plugin
That should mostly work ... the only problem is that there might be some perl* things in centosplus that might not SPECIFICALLY be part of the new web stack and they will also be taken from the plus repo. It should not make a huge difference though. Actually, it did not work. I had to remove the mysql package first before I could get the yum update to run. It complained of conflicts with the mysql 4.1 package. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems to install java plugin in CentOS 5.1 x86_64
--- El Mié 30 Ene 2008, Ralph Angenendt encontró un teclado y tipeó lo siguiente: RA: Sergio Belkin wrote: RA: Hi! RA: RA: I've tried to install java plugin as is in RA: http://www.howtoforge.com/installation-guide-centos5.1-desktop-p7 but with no RA: success. RA: RA: All steps seems to go well, with no error messages, but Firefox says that RA: there is no java plugin. RA: RA: Are you using a 64bit version of CentOS? Then it won't work - Sun's java RA: plugin only works on 32bit browsers. I'm using Centos 64bit, but I have firefox 32bit installed RA: RA: If you need it, you should install firefox.i386. Yes I have it installed... RA: RA: If you already are on a 32bit system you should tell us a bit more of RA: what you did :) RA: RA: Cheers, RA: RA: Ralph RA: -- Sergio Belkin Teléfonos 15-6119-2226 // 4788-8605 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] swapping on centos 5.1
Hi all, I used to use centos 4.5 on an AMD 4800+ with 2GIG ram. Now I use centos 5.1 on AMD 6400+ with 4GIG RAM. The system responsiveness is different between the two. I noticed that centos 5.1 seems to be swapping programs out of memory at times resulting in slowness (perceived by me). I played with swappiness (/proc/sys/vm/) setting to 10, then 1 then 0. Still resulted in the same perceived slowness. Today I did swapoff -a and now the system obviously does not swap anything out all all. I thought thats what swappiness of 0 would have done. Are others experiencing this also? The perceived slowness maks the older system with less RAM and slower CPU seem faster. Any suggestions on other things to try? Jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems to install java plugin in CentOS 5.1 x86_64
--- El Vie 01 Feb 2008, Hendrik Strydom encontró un teclado y tipeó lo siguiente: HS: On Thu, 2008-01-31 at 23:51 -0200, Sergio Belkin wrote: HS: --- El Mié 30 Ene 2008, Ralph Angenendt encontró un teclado y tipeó lo HS: siguiente: HS: RA: Sergio Belkin wrote: HS: RA: Hi! HS: RA: HS: RA: I've tried to install java plugin as is in HS: RA: http://www.howtoforge.com/installation-guide-centos5.1-desktop-p7 but HS: with no RA: success. HS: RA: HS: RA: All steps seems to go well, with no error messages, but Firefox says HS: that RA: there is no java plugin. HS: RA: HS: RA: Are you using a 64bit version of CentOS? Then it won't work - Sun's HS: java RA: plugin only works on 32bit browsers. HS: HS: I'm using Centos 64bit, but I have firefox 32bit installed HS: HS: Are you sure you only have the 32 bit version installed? HS: yelp lists the 64 bit version as a dependency, and the /usr/bin/firefox HS: script checks for the existence of and runs the 64 bit version if it HS: exists. HS: HS: Does HS: rpm -q firefox HS: only return line with firefox? No Hendrik, I have installed both, but is that a problem? thanks HS: HS: Regards HS: Hendrik HS: HS: ___ HS: CentOS mailing list HS: CentOS@centos.org HS: http://lists.centos.org/mailman/listinfo/centos HS: -- Sergio Belkin Teléfonos 15-6119-2226 // 4788-8605 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Help with authenticating against Active Directory.
On Jan 31, 2008 2:51 PM, Milton Calnek [EMAIL PROTECTED] wrote: Hello all, I'm trying to authenticate shell login's against an MS-ADS. I don't have admin access to the ADS, but I can talk to the admins. I have gotten as far as getting authentication working, but the uid's depend on the order of login. ie: the first guy to login gets 1, the next gets 10001, etc. The problem I have with this is that I want to share the home directories via nfs, which means everyone has to have the same id. Don't use Samba. Microsoft Services For UNIX or 2003R2 support UNIX attributes in Active Directory. It adds a new tab in the user account properties where you can specify login shell, home directory, uid, gid. On the CentOS side use nss_ldap. This is a true single sign-on configuration with no /etc/passwd monkey business. We use it for database application auth and limited shell access. It just works, failures are rare. Configuration details are left as an exercise for the OP as I have had a long day and a couple glasses of wine -- Jeff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Problems to install java plugin in CentOS 5.1 x86_64
On Fri, 2008-02-01 at 00:46 -0200, Sergio Belkin wrote: --- El Vie 01 Feb 2008, Hendrik Strydom encontró un teclado y tipeó lo siguiente: HS: On Thu, 2008-01-31 at 23:51 -0200, Sergio Belkin wrote: HS: --- El Mié 30 Ene 2008, Ralph Angenendt encontró un teclado y tipeó lo HS: siguiente: HS: RA: Sergio Belkin wrote: HS: RA: Hi! HS: RA: HS: RA: I've tried to install java plugin as is in HS: RA: http://www.howtoforge.com/installation-guide-centos5.1-desktop-p7 but HS: with no RA: success. HS: RA: HS: RA: All steps seems to go well, with no error messages, but Firefox says HS: that RA: there is no java plugin. HS: RA: HS: RA: Are you using a 64bit version of CentOS? Then it won't work - Sun's HS: java RA: plugin only works on 32bit browsers. HS: HS: I'm using Centos 64bit, but I have firefox 32bit installed HS: HS: Are you sure you only have the 32 bit version installed? HS: yelp lists the 64 bit version as a dependency, and the /usr/bin/firefox HS: script checks for the existence of and runs the 64 bit version if it HS: exists. HS: HS: Does HS: rpm -q firefox HS: only return line with firefox? No Hendrik, I have installed both, but is that a problem? This depends how you start firefox. The /usr/bin/firefox script will always start the 64 bit version if it is installed. If contains a check that sets MOZ_LIB_DIR to use the 64 bit version: MOZ_LIB_DIR=/usr/lib if [ -x /usr/lib64/firefox-1.5.0.12/firefox-bin ] then MOZ_LIB_DIR=/usr/lib64 fi You may need to intervene here to use the 32 bit version. A simple check when firefox is running is to do: $ ps -ef | grep firefox this will return lines containing either: /usr/lib64/firefox-1.5.0.12/firefox-bin which is the 64 bit version, or /usr/lib/firefox-1.5.0.12/firefox-bin which is the 32 bit version. If you edit /usr/bin/firefox directly to prevent it from using the 64 bit version it will work for all users, but you need to redo it with every firefox update. If you copy this to for example /usr/bin/firefox32 you need to manually create a shortcut to start firefox for all affected users. (If you update the original menu entry it may well be replaced with an update - I have not tested this.) I tend to update a shortcut on the panel, which is more convenient to use. Regards Hendrik ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: rsync and swapping
Scott Silva wrote: on 1/30/2008 5:24 AM Jerry Geis spake the following: hi all, I use rsync to copy/backup ALL my stuff to another disk. When I run this seems like my machine (4 GIG ram centos 5.1) now begins to swap out more programs. Is there a way to reduce that swapping? I am running with echo 1 /proc/sys/vm/swappiness I simply mount /dev/sdc1 /mnt/backup; mkdir /mnt/backup/month.day.year then rsync -a /home /mnt/backup/mon.day.year This is approximately 102G of data. Thanks for any suggestions. Jerry Rsync's main benefit is on backups of changed files. dumping to a new destination every time makes rsync less efficient than just about every other option. Now if you made the new directory, and hardlinked the old stuff to the new directory, then rsync would shine. Yes. That's my experience, too. I do something like this twice weekly to 2 external USB drives. One drive contains backups from the most recent 2 Sunday mornings, the other drive contains two backups from Wednesday mornings. After mounting the backup drive, doing a space-available check and a couple other housekeeping chores, I do this. # (I've purposely left out a bunch of stuff to avoid being blamed when someone's system craters. ) $UD #-- Previously identified as the USB drive mount point # DT=`date +%F` #-- Today's date, for naming the backup directory: -mm-dd # # Shuffle directories so that oldest backup directory is renamed to today's date. # OD=`ls -1 $UD | head -1` #echo Renaming $UD/$OD to $UD/$DT mv $UD/$OD/ $UD/$DT touch $UD/$DT # Now, data that is only 2 weeks old will be overwritten with current data. for SD in list of directories to back up ; do rsync -ar --exclude '*.iso' --delete-excluded /$SD/* $UD/$DT/$SD done # I've used the basic outline above since Sept 13, 2006 and have found that the backup takes slightly more than half as long as when I used find and cpio. As with anything else, YMMV. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
