RE: [CentOS] Can't get .htaccess to work

2008-04-20 Thread Pam Astor 

> >> That you got a server error is good.> > > Here are the last two log file 
> >> entries for that httpd request:> > you want to look in the *error* log if 
> >> you look for errors!> > > > I could not access the site,> > which means 
> >> exactly what? ;-)
> >  
> > OK, starting from scratch this morning,
> > here is the .htaccess file I am using which is inside of the
> > /home/LinuxAccountName/www directory:
> >  
> >  
> > Options NoneAuthName 
> > "UserNameIUsedToCreatePasswordWith"AuthType BasicAuthUserFile 
> > /home/LinuxAccountName/.htpasswdRequire valid-user
> > www above refers to the root or web directory - the lowest or first or base
> > directory that is web accessable.
> > And, this is the error I am getting from my httpd error log for this domain:
> >  
> > [Sun Apr 20 07:47:40 2008] [alert] [client 75.46.110.14] 
> > /home/LinuxAccountName/.htaccess:  
> Remove the  tag.. a .htaccess file is placed inside a 
>  tag for the folder it is in automatically..
> 
> Consequentially, your .htaccess looks like this to apache:
> 
>   
>   ...
>   
> 

Thanks,

OK I removed the directory tag & got a different error, now the contents of 
.htaccess file is this:

Options None
AuthName "UserNameCreatedFor.htpasswd"
AuthType Basic
AuthUserFile /home/user/.htpasswd
Require valid-user

Error log for my request is here:

[Sun Apr 20 19:57:05 2008] [alert] [client 12.34.567.89] 
/home/user/www/.htaccess: Options not allowed here

And error I got in web browser is here:

Internal Server Error
The server encountered an internal error or misconfiguration and was unable 
to complete your request.


_
Use video conversation to talk face-to-face with Windows Live Messenger.
http://www.windowslive.com/messenger/connect_your_way.html?ocid=TXT_TAGLM_WL_Refresh_messenger_video_042008___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] init script numbers

2008-04-20 Thread Clint Dilks 

Joseph L. Casale wrote:

How does chkconfig determine what number to give to a link when you turn a 
service on?

Thanks!
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

  

Hi In the start up scripts you will see this line
# chkconfig: 2345 10 90

This particular example (network) strats by default in 2345 S10 K90

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] What is wrong with yum?

2008-04-20 Thread Johnny Hughes 

Olaf Mueller wrote:

Hello,

in my CentOS-Base.repo file there is a line
baseurl=http://mirror.centos.org/centos/$releasever/updates/$basearch
and yum update said 'nothing to do'. Then I change this line to
baseurl=http://mirror.centos.org/centos/5.1/updates/i386 and yum
updates firefox, squid, sos and so on. That happens on two of my
computers, reproducible.

Does yum sometimes forget it's release version?



Changing to 5.1 instead of 5 (which is the default) will result in not 
getting updates when we move to 5.2.


The fact that is says nothing to do can be caused by cached metadata 
(and shifting from $releasever to 5.1 will cause that to download over 
again).


yum clean metadata

 then

yum upgrade

might be better to try.

Also PLEASE REMEMBER ... $releasever is not 5.1 or 5.2 .. it is 5.





signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] New firewall, need mac changed

2008-04-20 Thread Joseph L. Casale 
>I hope that helps and is useful ...
>
>  -rak-

Thanks, this looks like what I needed!
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Logrotate problem after start of DST

2008-04-20 Thread Bernd Bartmann 
On Sun, Apr 20, 2008 at 6:06 PM, Jay Leafey wrote:
> Bernd Bartmann wrote:
> > Now after another reboot nothing is logged at all anymore :-((
> > syslogd and klogd are running but nothing gets written to any logfile.
>
>  Don't know if it was related, but I had a similar problem at about the same
> time, syslog was running but no messages.  With nothing in the logs it's
> tough to troubleshoot!
>
>  After perusing the audit logs (not controlled by syslogd) I found where it
> was complaining about the security context on /etc/services.   It appeared
> that the context had been munged right around the DST change, so I used
> 'restorecon -v /etc/services'  to fix it.  Restarted syslog afterwards and
> everything seems fine.
>
>  Hope your's is that easy to fix!

Thanks! Indeed it seems to be SElinux related. In the meantime I did:

touch /.autorelabel
reboot

After the reboot everything is working normally again.

Best regards,
Bernd.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Logrotate problem after start of DST

2008-04-20 Thread Jay Leafey 

Bernd Bartmann wrote:

On Sun, Apr 20, 2008 at 11:06 AM, Bernd Bartmann
<[EMAIL PROTECTED]> wrote:

Hi,

 since the start of the daylight savings time my server has a problem
 with the log files. Sunday night the log files get rotated correctly,
 i.e. /var/log/messages gets /var/log.messages.1, /var/log/messages.1
 get /var/log/messages.2, ... The problem now is that after log
 rotation new messages do no go to /var/log/messages, but to the
 rotated file. As DST started 3 weeks, the latest log entries now go to
 /var/log/messages.3. This happens to all other log files too. Even
 after rebooting the server new log entries go to /var/log/messages.3
 instead of /var/log/messages.

 Any ideas why this happens and how to fix this problem?


Now after another reboot nothing is logged at all anymore :-((
syslogd and klogd are running but nothing gets written to any logfile.

Best regards,
Bernd.


Don't know if it was related, but I had a similar problem at about the 
same time, syslog was running but no messages.  With nothing in the logs 
it's tough to troubleshoot!


After perusing the audit logs (not controlled by syslogd) I found where 
it was complaining about the security context on /etc/services.   It 
appeared that the context had been munged right around the DST change, 
so I used 'restorecon -v /etc/services'  to fix it.  Restarted syslog 
afterwards and everything seems fine.


Hope your's is that easy to fix!
--
Jay Leafey - Memphis, TN
[EMAIL PROTECTED]


smime.p7s
Description: S/MIME Cryptographic Signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Securing SSH

2008-04-20 Thread Chris 'Chipper' Chiapusio 

On Tue, Apr 15, 2008 at 10:29:16AM -0700, Tim Alberts wrote:

Ned Slider wrote:



Tim Alberts wrote:
So I setup ssh on a server so I could do some work from home and I think 
the second I opened it every sorry monkey from around the world has been 
trying every account name imaginable to get into the system.


What's a good way to deal with this?



The Wiki has an article here on just this:

http://wiki.centos.org/HowTos/Network/SecuringSSH

I've been experimenting with the iptables filtering with the recent module, 
but I have not yet had success.  I do have my default policy to reject with 
icmp and I've read the note that the default should be DROP.  Is this the 
problem?




I use the following iptables rules to halt the hammering:


/sbin/iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
--update --seconds 60 --hitcount 3 -j DROP
/sbin/iptables -A INPUT -p tcp --dport 22 -m state --state NEW -m recent
--set


note wrapping of commands.

Chip

--
--
 Warning 
This e-mail message, without warrant or warning, and despite US law as set
forth in the Foreign Intelligence Surveillance Act of 1978, may be subject
to monitoring by the United States National Security Agency and/or the
Department of Defense. Information contained in this message may be used
against any senders or recipients, now or in the future, in a public trial
or secret tribunal.
  Please encrypt anything important.
   PGP Key: http://wwwkeys.pgp.net:11371/pks/lookup?op=get&search=0x6CFA486D
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Can't get .htaccess to work

2008-04-20 Thread Morten Nilsen 

Pam Astor wrote:

That you got a server error is good.> > > Here are the last two log file entries for that httpd 
request:> > you want to look in the *error* log if you look for errors!> > > > I could not 
access the site,> > which means exactly what? ;-)
 
OK, starting from scratch this morning,

here is the .htaccess file I am using which is inside of the
/home/LinuxAccountName/www directory:
 
 
Options NoneAuthName "UserNameIUsedToCreatePasswordWith"AuthType BasicAuthUserFile /home/LinuxAccountName/.htpasswdRequire valid-user

www above refers to the root or web directory - the lowest or first or base
directory that is web accessable.
And, this is the error I am getting from my httpd error log for this domain:
 
[Sun Apr 20 07:47:40 2008] [alert] [client 75.46.110.14] /home/LinuxAccountName/.htaccess: 

Remove the  tag.. a .htaccess file is placed inside a 
 tag for the folder it is in automatically..


Consequentially, your .htaccess looks like this to apache:


...



--
Cheers,
Morten
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 38, Issue 9

2008-04-20 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CESA-2008:0222 Critical CentOS 5 i386 firefox Update
  (Karanbir Singh)
   2. CESA-2008:0222 Critical CentOS 5 x86_64 firefox   Update
  (Karanbir Singh)


--

Message: 1
Date: Sat, 19 Apr 2008 14:20:35 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2008:0222 Critical CentOS 5 i386
firefox Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2008:0222 Critical

Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0222.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

i386:
4379799fe0774963f4ce58e1143ecd78  firefox-1.5.0.12-15.el5.centos.i386.rpm
46887c550eb005138abfc1beb55605cc  firefox-devel-1.5.0.12-15.el5.centos.i386.rpm

Source:
e30461f5b1481b4a03820adf0f96476b  firefox-1.5.0.12-15.el5.centos.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

Message: 2
Date: Sat, 19 Apr 2008 14:20:37 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2008:0222 Critical CentOS 5 x86_64
firefox Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2008:0222 Critical

Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-0222.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

x86_64:
27c5f0ba71e3777f6189d654082fa860  firefox-1.5.0.12-15.el5.centos.i386.rpm
b763e54ee9cb560f87e787276e066f01  firefox-1.5.0.12-15.el5.centos.x86_64.rpm
77e0a94ee60bd56186343348106c67d2  firefox-devel-1.5.0.12-15.el5.centos.i386.rpm
5bab86c7afac95364f31fd74da3900bc  
firefox-devel-1.5.0.12-15.el5.centos.x86_64.rpm

Source:
e30461f5b1481b4a03820adf0f96476b  firefox-1.5.0.12-15.el5.centos.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

___
CentOS-announce mailing list
[EMAIL PROTECTED]
http://lists.centos.org/mailman/listinfo/centos-announce


End of CentOS-announce Digest, Vol 38, Issue 9
**
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Can't get .htaccess to work

2008-04-20 Thread Pam Astor 

> That you got a server error is good.> > > Here are the last two log file 
> entries for that httpd request:> > you want to look in the *error* log if you 
> look for errors!> > > > I could not access the site,> > which means exactly 
> what? ;-)
 
OK, starting from scratch this morning,
here is the .htaccess file I am using which is inside of the
/home/LinuxAccountName/www directory:
 
 
Options NoneAuthName 
"UserNameIUsedToCreatePasswordWith"AuthType BasicAuthUserFile 
/home/LinuxAccountName/.htpasswdRequire valid-user
www above refers to the root or web directory - the lowest or first or base
directory that is web accessable.
And, this is the error I am getting from my httpd error log for this domain:
 
[Sun Apr 20 07:47:40 2008] [alert] [client 75.46.110.14] 
/home/LinuxAccountName/.htaccess: http://www.windowslive.com/skydrive/overview.html?ocid=TXT_TAGLM_WL_Refresh_skydrive_packup_042008___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] New firewall, need mac changed

2008-04-20 Thread Richard Karhuse 
On Sat, Apr 19, 2008 at 3:53 PM, Joseph L. Casale <[EMAIL PROTECTED]>
wrote:

> >Modify /etc/sysconfig/network-scripts/ifcfg-ethX and remove the HWADDR
> >line if you have one, and add a MACADDR with the mac address you want
> >to use.
> >
> >Beware, some network cards may protest having the mac address changed,
> >and using both HWADDR and MACADDR can cause issues. See
> >/usr/share/doc/initscripts-*/sysconfig.txt for details.
>
> Jim,
> I appreciate the confirmation, that was the method I was going to use. I
> am only unsure about what *could* happen with the HWADDR in there, can
> eth{n} now maybe bind to a different nic under some circumstance?
>
> How can I always force the nic in question to use this script?
>
> Thank you!
> jlc
>   
>


Here is an outline of what I do to "lock-down" interfaces -- which relies
mainly on using a fairly new feature "udev":

   /etc/modprobe.conf:  make sure the lines --

  alias eth? 

   are in the correct order, e.g.:

  alias eth0 e1000
  alias eth1 e1000
  alias eth2 tg3

/etc/udev/rules.d/:  create network rules file (if needed) and
 add lines that associate a given NIC to its eth? interface.
 Use "udevinfo -a -p /sys/class/net/eth?" to get various
 features or attributes to find the NIC that you want to call
 eth.  [Note: this seems to change from release to
 release, so this is a little general.]  You might want to put
 lines like:

   Kernel==eth?  ID==:03:02.0 Name=eth0
   Kernel==eth?  ID==:03:02.1 Name=eth1

  or

Kernel==eth?  Sys{vendor}==0x8086 Sys{device}==0x032a Name=eth0
Kernel==eth?  Sys{vendor}==0x8086 Sys{device}==0x1079 Name=eth1

/etc/sysconfig/network-scripts/ifcfg-eth:

 As other have suggested, now put MACADDR= into these files with the
 desired MAC address that you want the interface to be set to and
 delete the HWADDR.

Now, reboot, test and repeat as needed:-):-) ...

I hope that helps and is useful ...

  -rak-

Note:  I just checked a Fedora 8 box and some of the above has
changed -- udev is the way to go, but be advised that this feature
appears to be evolving and changing -- hopefully for the better!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Logrotate problem after start of DST

2008-04-20 Thread Bernd Bartmann 
On Sun, Apr 20, 2008 at 11:06 AM, Bernd Bartmann
<[EMAIL PROTECTED]> wrote:
> Hi,
>
>  since the start of the daylight savings time my server has a problem
>  with the log files. Sunday night the log files get rotated correctly,
>  i.e. /var/log/messages gets /var/log.messages.1, /var/log/messages.1
>  get /var/log/messages.2, ... The problem now is that after log
>  rotation new messages do no go to /var/log/messages, but to the
>  rotated file. As DST started 3 weeks, the latest log entries now go to
>  /var/log/messages.3. This happens to all other log files too. Even
>  after rebooting the server new log entries go to /var/log/messages.3
>  instead of /var/log/messages.
>
>  Any ideas why this happens and how to fix this problem?

Now after another reboot nothing is logged at all anymore :-((
syslogd and klogd are running but nothing gets written to any logfile.

Best regards,
Bernd.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Logrotate problem after start of DST

2008-04-20 Thread Bernd Bartmann 
Hi,

since the start of the daylight savings time my server has a problem
with the log files. Sunday night the log files get rotated correctly,
i.e. /var/log/messages gets /var/log.messages.1, /var/log/messages.1
get /var/log/messages.2, ... The problem now is that after log
rotation new messages do no go to /var/log/messages, but to the
rotated file. As DST started 3 weeks, the latest log entries now go to
/var/log/messages.3. This happens to all other log files too. Even
after rebooting the server new log entries go to /var/log/messages.3
instead of /var/log/messages.

Any ideas why this happens and how to fix this problem?

Thanks in advance,
Bernd.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos