[CentOS-announce] CESA-2008:1036 Critical CentOS 5 i386 firefox Update
CentOS Errata and Security Advisory 2008:1036 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1036.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: firefox-3.0.5-1.el4.centos.i386.rpm nspr-4.7.3-1.el4.i386.rpm nspr-devel-4.7.3-1.el4.i386.rpm nss-3.12.2.0-1.el4.centos.i386.rpm nss-devel-3.12.2.0-1.el4.centos.i386.rpm src: firefox-3.0.5-1.el4.centos.src.rpm nspr-4.7.3-1.el4.src.rpm nss-3.12.2.0-1.el4.centos.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1036 Critical CentOS 5 x86_64 firefox Update
CentOS Errata and Security Advisory 2008:1036 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1036.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: firefox-3.0.5-1.el4.centos.x86_64.rpm nspr-4.7.3-1.el4.i386.rpm nspr-4.7.3-1.el4.x86_64.rpm nspr-devel-4.7.3-1.el4.x86_64.rpm nss-3.12.2.0-1.el4.centos.i386.rpm nss-3.12.2.0-1.el4.centos.x86_64.rpm nss-devel-3.12.2.0-1.el4.centos.x86_64.rpm src: firefox-3.0.5-1.el4.centos.src.rpm nspr-4.7.3-1.el4.src.rpm nss-3.12.2.0-1.el4.centos.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1036 Critical CentOS 4 x86_64 seamonkey Update
CentOS Errata and Security Advisory 2008:1037 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1037.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: seamonkey-1.0.9-32.el4.centos.x86_64.rpm seamonkey-chat-1.0.9-32.el4.centos.x86_64.rpm seamonkey-devel-1.0.9-32.el4.centos.x86_64.rpm seamonkey-dom-inspector-1.0.9-32.el4.centos.x86_64.rpm seamonkey-js-debugger-1.0.9-32.el4.centos.x86_64.rpm seamonkey-mail-1.0.9-32.el4.centos.x86_64.rpm src: seamonkey-1.0.9-32.el4.centos.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1037 Critical CentOS 4 i386 seamonkey Update
CentOS Errata and Security Advisory 2008:1037 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1037.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: seamonkey-1.0.9-32.el4.centos.i386.rpm seamonkey-chat-1.0.9-32.el4.centos.i386.rpm seamonkey-devel-1.0.9-32.el4.centos.i386.rpm seamonkey-dom-inspector-1.0.9-32.el4.centos.i386.rpm seamonkey-js-debugger-1.0.9-32.el4.centos.i386.rpm seamonkey-mail-1.0.9-32.el4.centos.i386.rpm src: seamonkey-1.0.9-32.el4.centos.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1021 Moderate CentOS 4 i386 enscript - security update
CentOS Errata and Security Advisory 2008:1021 https://rhn.redhat.com/errata/RHSA-2008-1021.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: enscript-1.6.1-33.el4_7.1.i386.rpm src: enscript-1.6.1-33.el4_7.1.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1021 Moderate CentOS 4 x86_64 enscript - security update
CentOS Errata and Security Advisory 2008:1021 https://rhn.redhat.com/errata/RHSA-2008-1021.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64 enscript-1.6.1-33.el4_7.1.x86_64.rpm src enscript-1.6.1-33.el4_7.1.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1023 Moderate CentOS 4 i386 pidgin - security update
CentOS Errata and Security Advisory 2008:1023 https://rhn.redhat.com/errata/RHSA-2008-1023.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: finch-2.5.2-6.el4.i386.rpm finch-devel-2.5.2-6.el4.i386.rpm libpurple-2.5.2-6.el4.i386.rpm libpurple-devel-2.5.2-6.el4.i386.rpm libpurple-perl-2.5.2-6.el4.i386.rpm libpurple-tcl-2.5.2-6.el4.i386.rpm pidgin-2.5.2-6.el4.i386.rpm pidgin-devel-2.5.2-6.el4.i386.rpm pidgin-perl-2.5.2-6.el4.i386.rpm src: pidgin-2.5.2-6.el4.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1023 Moderate CentOS 4 x86_64 pidgin - security update
CentOS Errata and Security Advisory 2008:1023 https://rhn.redhat.com/errata/RHSA-2008-1023.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: finch-2.5.2-6.el4.x86_64.rpm finch-devel-2.5.2-6.el4.x86_64.rpm libpurple-2.5.2-6.el4.x86_64.rpm libpurple-devel-2.5.2-6.el4.x86_64.rpm libpurple-perl-2.5.2-6.el4.x86_64.rpm libpurple-tcl-2.5.2-6.el4.x86_64.rpm pidgin-2.5.2-6.el4.x86_64.rpm pidgin-devel-2.5.2-6.el4.x86_64.rpm pidgin-perl-2.5.2-6.el4.x86_64.rpm src: pidgin-2.5.2-6.el4.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:0981 Moderate CentOS 4 i386 ruby - security update
CentOS Errata and Security Advisory 2008:0981 https://rhn.redhat.com/errata/RHSA-2008-0981.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: irb-1.8.1-7.el4_7.2.i386.rpm ruby-1.8.1-7.el4_7.2.i386.rpm ruby-devel-1.8.1-7.el4_7.2.i386.rpm ruby-docs-1.8.1-7.el4_7.2.i386.rpm ruby-libs-1.8.1-7.el4_7.2.i386.rpm ruby-mode-1.8.1-7.el4_7.2.i386.rpm ruby-tcltk-1.8.1-7.el4_7.2.i386.rpm src: ruby-1.8.1-7.el4_7.2.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CESA-2008:1036 Critical CentOS 4 i386 firefox Update
NOTE: This should have said CentOS-4 and not CentOS-5 initially. Johnny Hughes wrote: CentOS Errata and Security Advisory 2008:1036 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1036.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: firefox-3.0.5-1.el4.centos.i386.rpm nspr-4.7.3-1.el4.i386.rpm nspr-devel-4.7.3-1.el4.i386.rpm nss-3.12.2.0-1.el4.centos.i386.rpm nss-devel-3.12.2.0-1.el4.centos.i386.rpm src: firefox-3.0.5-1.el4.centos.src.rpm nspr-4.7.3-1.el4.src.rpm nss-3.12.2.0-1.el4.centos.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-es] respaldo y tolerancia a fallos de Dominio samba
Buenos días lista. Quisiera consultarles por cuales son las alternativas que podria implementar para tener el dominio samba replicado de manera tal que de caerse uno de los equipos pueda seguir trabajando de manera normal y con todos los datos y cuentas de usuario disponibles. Actualmente tengo: 1 pc: corriendo samba como controlador de dominio y ademas es servidor de archivos. Aproximadamente 40 cuentas 1 pc: corriendo dhcp, shorewall y squid. Quiero llegar a tener la forma de que si uno de los pc muere, siga todo funcionando. Esta inquietud me aparece hoy que tuve un corte de luz, y el servidor de ominio no levantaba por que no paso el chequeo de discos, sabia que lo tenia pendiente, pero ahora me entro el susto. Ni siquiera estan con raid estos equipos, y realmente estan realizando una tarea critica, si me quedo sin dominio es grave. Agradeceria me pudieran guiar con cuales son las herramientas que debiera utilizar o implementar para esto. Los 2 equipos corren con centos 5. Saludos ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] respaldo y tolerancia a fallos de Dominio samba
Buenos días lista. Quisiera consultarles por cuales son las alternativas que podria implementar para tener el dominio samba replicado de manera tal que de caerse uno de los equipos pueda seguir trabajando de manera normal y con todos los datos y cuentas de usuario disponibles. Actualmente tengo: 1 pc: corriendo samba como controlador de dominio y ademas es servidor de archivos. Aproximadamente 40 cuentas 1 pc: corriendo dhcp, shorewall y squid. El respaldo actualemente lo hago con rsync en un disco portatil usb, pero si se me cae el dominio el respaldo me servirá de poco Quiero llegar a tener la forma de que si uno de los pc muere, siga todo funcionando. Esta inquietud me aparece hoy que tuve un corte de luz, y el servidor de ominio no levantaba por que no paso el chequeo de discos, sabia que lo tenia pendiente, pero ahora me entro el susto. Ni siquiera estan con raid estos equipos, y realmente estan realizando una tarea critica, si me quedo sin dominio es grave. Agradeceria me pudieran guiar con cuales son las herramientas que debiera utilizar o implementar para esto. Los 2 equipos corren con centos 5. Saludos ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] detalles de openssl
On Tue, 2008-12-23 at 09:27 -0400, Esteban Saavedra L. wrote: El día 22 de diciembre de 2008 14:01, Vladimir Sanjinez vladimir.sanji...@gmail.com escribió: Hola, estoy emepezando a usra openssl para crear certificados digitales, practicamente haciendo algunas pruebas, pero me surgieron algunas interrogantes que deseo me ayuen a despejar: 1. al momento de crear un certificado se solicita informacion como: • Código de dos letras para el país. • Estado o provincia. • Ciudad. • Nombre de la empresa o razón social. • Unidad o sección. • Nombre del anfitrión. • Dirección de correo. entre otras Todo esto lo puedes configurar en el archivo openssl.cnf que generalmente debiese estar en /etc/ssl, si no esta lo puedes crear, ahora deberas buscar el nombre de las variables de cada uno de estos parametros para configurarlos a tu gusto Creo que en Centos 5.x está en /etc/pki/tls 2. a lo mejor es algo trivial pero cual es el objetivo y la funcion de cada uno de los archivos creados, cabe decir: .crt .csr .key .pem el nombre de las extensiones es un tanto subjetivo, ya que al crear o fuirmar los certificados se le pueden otrogar distintos nombres y extensiones, pero lo importantes que sepas el significado que debiese tener cada archivo: csr: es la solicitud de certificado, dicho de otra forma un certificado sin firma del CA crt: el certificado en si, con firma del CA key: la llave publica o privada Este artículo puede responder algunas de tus dudas http://www.linuxtotal.com.mx/index.php?cont=info_seyre_001 salu2 Esteban ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Sobre repositorio
Saludos Me gustaria crear un repositorio de centos5, en base, updates, extras, etc. alguien sabe como hacerlo... navego a traves de un proxy. Yoinier...___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Sobre repositorio
A mí me ha dado muy buenos resultados el paquete mrepo de Dag. http://dag.wieers.com/home-made/mrepo/ On 12/23/08, Yoinier Hernandez Nieves administra...@ltu.jovenclub.cu wrote: Saludos Me gustaria crear un repositorio de centos5, en base, updates, extras, etc. alguien sabe como hacerlo... navego a traves de un proxy. Yoinier... -- Eduardo Grosclaude Universidad Nacional del Comahue Neuquen, Argentina ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Resumen de CentOS-es, Vol 24, Env ío 26
NO QUIERO UE ME LLEGUEN MAS ESTOS MENSAJES ME TIENEN PODRIDO!!! From: centos-es-requ...@centos.org Subject: Resumen de CentOS-es, Vol 24, Envío 26 To: centos-es@centos.org Date: Tue, 23 Dec 2008 12:00:03 -0500 Envíe los mensajes para la lista CentOS-es a centos-es@centos.org Para subscribirse o anular su subscripción a través de la WEB http://lists.centos.org/mailman/listinfo/centos-es O por correo electrónico, enviando un mensaje con el texto help en el asunto (subject) o en el cuerpo a: centos-es-requ...@centos.org Puede contactar con el responsable de la lista escribiendo a: centos-es-ow...@centos.org Si responde a algún contenido de este mensaje, por favor, edite la linea del asunto (subject) para que el texto sea mas especifico que: Re: Contents of CentOS-es digest Además, por favor, incluya en la respuesta sólo aquellas partes del mensaje a las que está respondiendo. Asuntos del día: 1. respaldo y tolerancia a fallos de Dominio samba (Eduardo Aspée) 2. Re: detalles de openssl (Oscar Osta Pueyo) 3. Re: respaldo y tolerancia a fallos de Dominio samba (Black Hand) -- Message: 1 Date: Tue, 23 Dec 2008 11:29:49 -0400 From: Eduardo Aspée eas...@gmail.com Subject: [CentOS-es] respaldo y tolerancia a fallos de Dominio samba To: centos-es@centos.org Message-ID: 495103ed.4040...@gmail.com Content-Type: text/plain; charset=ISO-8859-1; format=flowed Buenos días lista. Quisiera consultarles por cuales son las alternativas que podria implementar para tener el dominio samba replicado de manera tal que de caerse uno de los equipos pueda seguir trabajando de manera normal y con todos los datos y cuentas de usuario disponibles. Actualmente tengo: 1 pc: corriendo samba como controlador de dominio y ademas es servidor de archivos. Aproximadamente 40 cuentas 1 pc: corriendo dhcp, shorewall y squid. El respaldo actualemente lo hago con rsync en un disco portatil usb, pero si se me cae el dominio el respaldo me servirá de poco Quiero llegar a tener la forma de que si uno de los pc muere, siga todo funcionando. Esta inquietud me aparece hoy que tuve un corte de luz, y el servidor de ominio no levantaba por que no paso el chequeo de discos, sabia que lo tenia pendiente, pero ahora me entro el susto. Ni siquiera estan con raid estos equipos, y realmente estan realizando una tarea critica, si me quedo sin dominio es grave. Agradeceria me pudieran guiar con cuales son las herramientas que debiera utilizar o implementar para esto. Los 2 equipos corren con centos 5. Saludos -- Message: 2 Date: Tue, 23 Dec 2008 15:51:59 +0100 From: Oscar Osta Pueyo oostap.lis...@gmail.com Subject: Re: [CentOS-es] detalles de openssl To: centos-es@centos.org Message-ID: 1230043919.4122.4.ca...@oscaro.tibet.local Content-Type: text/plain; charset=utf-8 On Tue, 2008-12-23 at 09:27 -0400, Esteban Saavedra L. wrote: El día 22 de diciembre de 2008 14:01, Vladimir Sanjinez vladimir.sanji...@gmail.com escribió: Hola, estoy emepezando a usra openssl para crear certificados digitales, practicamente haciendo algunas pruebas, pero me surgieron algunas interrogantes que deseo me ayuen a despejar: 1. al momento de crear un certificado se solicita informacion como: ? Código de dos letras para el país. ? Estado o provincia. ? Ciudad. ? Nombre de la empresa o razón social. ? Unidad o sección. ? Nombre del anfitrión. ? Dirección de correo. entre otrasTodo esto lo puedes configurar en el archivo openssl.cnf que generalmente debiese estar en /etc/ssl, si no esta lo puedes crear, ahora deberas buscar el nombre de las variables de cada uno de estos parametros para configurarlos a tu gusto Creo que en Centos 5.x está en /etc/pki/tls2. a lo mejor es algo trivial pero cual es el objetivo y la funcion de cada uno de los archivos creados, cabe decir: .crt .csr .key .pem el nombre de las extensiones es un tanto subjetivo, ya que al crear o fuirmar los certificados se le pueden otrogar distintos nombres y extensiones, pero lo importantes que sepas el significado que debiese tener cada archivo: csr: es la solicitud de certificado, dicho de otra forma un certificado sin firma del CA crt: el certificado en si, con firma del CA key: la llave publica o privada Este artículo puede responder algunas de tus dudas http://www.linuxtotal.com.mx/index.php?cont=info_seyre_001 salu2 Esteban pr?a parte Se ha borrado un adjunto en formato HTML... URL: http://lists.centos.org/pipermail/centos-es/attachments/20081223/f9986e98/attachment-0001.html -- Message: 3 Date: Tue, 23 Dec 2008 11:50:03 -0500 From: Black Hand yo...@blackhandchronicles.homeip.net Subject: Re: [CentOS-es] respaldo y tolerancia a fallos de Dominio samba To: centos-es
Re: [CentOS] CentOS, PHP, Basic GIS
At 23:44 -0800 22/12/08, Michael A. Peters wrote: Thanks for any suggestions. I may try to find a GIS for dummies type book, though I've generally not been fond of dummy books, I kind of feel like one when it comes to GIS. Hi Michael, If you get no satisfactory answers here, you might try talking to the Antiquist group (http://www.antiquist.org/ and http://groups.google.com/group/antiquist) who work extensively with GIS and open source tools. Regards Simon ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS, PHP, Basic GIS
Dear Micheal, are there any good reasons not to use a normal cartesian grid? I can no tremember any GIS software that can use haxagonal tiles as a raster. Anyway, there is quite a lot of GIS software that you can obtain via EPEL [http://fedoraproject.org/wiki/EPEL]. In case you want to publish geographical informations, do yourself a favor and use some of the many excellent tools out there, have a look at http://www.osgeo.org. A good part of the world's leading open source GIS people works on those projects. Some, trying to summarize: If you want to keep your data on a database, go with PostgreSQL and PostGIS or SQLLite with it's spatial extensions. If you want to work with desktop applications, have a look at QGIS and, at a more advanced level, GRASS. If you want to publish your data on the web and feel more inclibned to PHP then to JAVA have a look at MapServer for creating the rendered images of your geographical data and to OpenLayers or Mapbender or eventulally p-mapper for publishing the rendered images on the web. These are the tools that we been are using here for years and your can go any distance with them. Regards, Peter Michael A. Peters wrote: I have no experience with GIS whatsoever. I really know squat about it. I'm currently working on a project to plot locality data for wildlife on a map of Shasta County. This is for a new herpetological club that hopes to track strength of our local herp populations, since it seems evident that in the last 20 years we lost one species of frog and are close to losing another (probably less than 100 left and they don't seem to be successfully breeding) and the declines were known, but the extent of the declines was not known well enough until it was too late. We want to try and prevent that with other species in our county by keeping records of where they currently are and where they use to be but are no longer found. When we see what appears to be shrinking range, we can investigate and if need be, request surveys by wildlife management before it is too late. Basically - the data will be plotted as a grid of regular hexagons. When locality information (museum record or photo voucher record in our own database) exists, the hexagon the record sits in gets drawn a pretty color (depending on type and age of records). I have it working on a raster (jpg) map where I guessed the latitude/longitude borders - working well enough with sample data that I know my php code works, but while it is ballpark accurate I need to do it with maps of known values. Quick and dirty option - obtain (possibly pay for) a large (at least 2k pixels wide) raster map with known lat/lon borders that has the county outline, major lakes and rivers, nothing else. The maps could be made and then resized for web view. The major problem with that model is that drawing colored hexagons near the county border and near rivers will make it more difficult to see them, thus making it harder to interpret the map. What I would prefer to do - Draw my data hexagons on a blank slate [ via imagecreate(width,height) function), then draw the county border on top of that, and then on top of that either draw the lakes/rivers and/or basic topographical lines. My preference obviously includes getting data sets for those things (county border, lakes/rivers, topography) in a format that I can parse with php to draw them with gd. My county does have some GIS data available: http://www.shastagis.co.shasta.ca.us/gissearch/search_new.aspx I don't have a clue how to get that data into format useful for drawing with gd via php. Anyone have experience with this? Can anyone recommend a (preferably free) Linux GIS program that works on CentOS that could potentially convert data files into format useful for drawing with gd? I don't need to get fancy with zoom, rotate, etc. capabilities - just a basic static flat map output. Thanks for any suggestions. I may try to find a GIS for dummies type book, though I've generally not been fond of dummy books, I kind of feel like one when it comes to GIS. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Dott. Peter Hopfgartner R3 GIS Srl - GmbH Via Johann Kravogl-Str. 2 I-39012 Meran/Merano (BZ) Email: peter.hopfgart...@r3-gis.com Tel. : +39 0473 494949 Fax : +39 0473 069902 www : http://www.r3-gis.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cluster - ip address lost when service stopped
Fabio Macchi wrote: -Original Message- From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf Of A Linux Fanatic Sent: martedì 23 dicembre 2008 06:08 To: CentOS mailing list Subject: Re: [CentOS] cluster - ip address lost when service stopped Fabio Macchi wrote: Hi all, I'm trying to setup a cluster of 2 machines with Centos 5.2 to host a postfix+spamassassin+clamav+mailscanner service. Below cluster software versions rgmanager.i386 2.0.38-2.el5_2.1 installed cman.i386 2.0.84-2.el5_2.2 installed Every machine (hp blade server ) has 4 interfaces, bounded in this way: Eth0, eth1 - bond0 - connection for public service ( 10.0.181.x ) Eth2,eth3 - bond1 - connection for intra-cluster communication ( 192.168.44.x ) bond0 Link encap:Ethernet HWaddr 00:21:5A:48:DA:BE inet addr:10.0.181.41 Bcast:10.0.181.255 Mask:255.255.255.0 inet6 addr: fe80::221:5aff:fe48:dabe/64 Scope:Link UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:85 errors:0 dropped:0 overruns:0 frame:0 TX packets:86 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:12963 (12.6 KiB) TX bytes:9144 (8.9 KiB) bond1 Link encap:Ethernet HWaddr 00:1F:29:6D:7D:08 inet addr:192.168.44.41 Bcast:192.168.44.255 Mask:255.255.255.0 inet6 addr: fe80::21f:29ff:fe6d:7d08/64 Scope:Link UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:29 errors:0 dropped:0 overruns:0 frame:0 TX packets:223 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4612 (4.5 KiB) TX bytes:31746 (31.0 KiB) Then I've created a new Mail service with these local resources: - Ip address 10.0.181.3 - Script /etc/rc.d/init.d/MailScanner - GFS file system on a SAN Service start, but the problem is that, when I stop the service, external ip address is removed from bond0. Hi Fabio, Could you please attach the following files: /etc/sysconfig/network-scripts/ifcfg-bond0 /etc/sysconfig/network-scripts/ifcfg-bond1 /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth1 /etc/sysconfig/network-scripts/ifcfg-eth2 /etc/sysconfig/network-scripts/ifcfg-eth3 /etc/cluster/cluster.conf And external ip address is removed from bond0. - I assume here external IP is 10.0.181.41, right? Thanks Gowrishankar Rajaiyan | A Linux Fanatic. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Hi Gowrishankar, requested files attached; you well understand, I mean ip 10.0.181.41 disappear ( below the output from ifconfig after I tried to stop the service) bond0 Link encap:Ethernet HWaddr 00:21:5A:48:DA:BE inet6 addr: fe80::221:5aff:fe48:dabe/64 Scope:Link UP BROADCAST RUNNING MASTER MULTICAST MTU:1500 Metric:1 RX packets:52958 errors:0 dropped:0 overruns:0 frame:0 TX packets:7844 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:0 RX bytes:4915061 (4.6 MiB) TX bytes:4936239 (4.7 MiB) Tks Fabio Hi Fabio First, issue the command: $ rpm -qf /sbin/ifup It will respond with a line of text starting with either initscripts or sysconfig, followed by some numbers. This is the package that provides your network initialization scripts. Next, to determine if your installation supports bonding, issue the command: $ grep ifenslave /sbin/ifup If this returns any matches, then your initscripts or sysconfig has support for bonding. Ref: http://www.linuxfoundation.org/en/Net:Bonding Try configuring ifcfg-bondX using the contents described in the above link. Thanks Gowrishankar Rajaiyan | A Linux Fanatic. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UDEV rule allow users to unmount USB stick
On Mon, Dec 22, 2008 at 7:56 PM, Philip Manuel p...@zomojo.com wrote: snip Are we talking about USB Memory here? If so, I have not seen this issue. I've never used USB Memory while logged in as root. I'm using CentOS 5 (32 bit). snip Yes the usb stick/memory mounts correctly, but then they are not allowed to unmount it, using for example umount /media/device We are using Centos5.2 64bit I see that you are using 64 bit, I'm using 32 bit, but I doubt that this would work differently, between the 2 versions of the OS. As Mark (mhr) wrote, if you use GNOME, just right click the icon, to unmount the USB stick. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Fwd: Unable to connect to printer; will retry in 30 seconds...: Connection timed out
Hi, Thanks evryone for giving your support. I downlaoded cups rpm from Centos 4.7 and updated on CentOS 4.5 . But, problem still exists. Now, May I know Can I download cups from Cent OS 3.6 and install on CentOS 4.5? The reason for that is , On Cent OS 3.6, it worked perfectly. Hope to hear from you. -- Forwarded message -- From: Mark Snyder m...@jmktdis.com Date: Fri, Dec 19, 2008 at 1:38 AM Subject: Re: [CentOS] Unable to connect to printer; will retry in 30 seconds...: Connection timed out To: CentOS mailing list centos@centos.org Indunil Jayasooriya wrote: Hi ALL, I recently withed from CentOS 3 X server to CentOS 4.5. It works fine other than printers. there are many printers connected to it. We have configured the commnad printconf queue type is Networked UNIX (LPD) Some times, we will be able to print , But, some times, We will NOT be able to print. We can ping its ip address. Even, when we can't print, We can ping its ip address. When we check logs , we see something like this. [Job 888] Unable to connect to printer; will retry in 30 seconds...: Connection timed out snip Hope to hear form you. We have a CentOS 4.x server at a hosting facility that currently has 73 printers defined on various protocols (socket, ipp, lpd) which can see extensive delays in print jobs. We are seeing the same error in our logs. As a work around for this issue you can do a cupsdisable then a cupsenable for the effected printer which should clear the delay and start it working again, provided that you can ping the printer and the printer itself is not causing the problem. If that does not fix it try doing a service cups restart. Mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Thank you Indunil Jayasooriya ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash Script for Beginners! oh dear :'(
For those interested here is an updated version of my script but still
no luck :(
#!/bin/bash
rm -f ./found_files
touch ./found_files
find . -exec grep -q $1 '{}' \; -print ./found_files
i=1
while [ $i -le `wc -l found_files` ] ; do
line=`head -$i found_files | tail -1`
grep -iv $1 $line $line.new
rm $line
mv $line.new $line
i=`expr $i + 1`
done
2008/12/23 James Bensley jwbens...@gmail.com:
Hey guys,
I'm a bit of a beginner (understatement!) with shell scripting and
seek help! I am setting up our new squid proxy. Its working a treat
and squidGuard is the icing on the cake. But, I am trying to write a
shell script to search through our black list category's for
squidGuard and remove the parsed value;
Scenario:
/some/directory/where/blacklist/is/stored contains about 40-50 folders
called, adult, gambling, banking, warez etc. There is a folder for
each blocking category (and in each folder is two files, urls and
domains, standard stuff for web filtering!)
I have a script to search through
/some/directory/where/blacklist/is/stored and look at each text file
trying to find someblockedsite.com and remove it. This is as far as I
have got:
machine:/blacklistdir# sh ./find_files blockedsite.com
find_files is as follows:
#!/bin/bash
rm -f ./found_files
touch ./found_files
find . -exec grep -q $1 '{}' \; -print ./found_files
i=1
while [ $i -le `wc -l ./found_files` ] ; do
grep -iv $1 $2 $2.new This is where I am stuck, I have put
$2 but I want to be reading each line of text from found_files?
rm $2
mv $2.new $2
done
But I am totally stuck! My questions to this awesome list are: can
someone help my with my script? And, if so, can you explain to me how
you have achieved your solution?
Thanks a lot for reading guys n gals its greatly appreciated.
Regards,
James.
-BEGIN GEEK CODE BLOCK-
Version: 3.1
GIT/MU/U dpu s: a-- C++$ U+ L++ B- P+ E? W+++$ N K W++ O M++$ V-
PS+++ PE++ Y+ PGP t 5 X+ R- tv+ b+ DI D+++ G+ e(+) h--(++) r++ z++
--END GEEK CODE BLOCK--
--
-BEGIN GEEK CODE BLOCK-
Version: 3.1
GIT/MU/U dpu s: a-- C++$ U+ L++ B- P+ E? W+++$ N K W++ O M++$ V-
PS+++ PE++ Y+ PGP t 5 X+ R- tv+ b+ DI D+++ G+ e(+) h--(++) r++ z++
--END GEEK CODE BLOCK--
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash Script for Beginners! oh dear :'(
Scenario:
/some/directory/where/blacklist/is/stored contains about 40-50 folders
called, adult, gambling, banking, warez etc. There is a folder for
each blocking category (and in each folder is two files, urls and
domains, standard stuff for web filtering!)
I have a script to search through
/some/directory/where/blacklist/is/stored and look at each text file
trying to find someblockedsite.com and remove it. This is as far as I
have got:
machine:/blacklistdir# sh ./find_files blockedsite.com
find_files is as follows:
#!/bin/bash
rm -f ./found_files
touch ./found_files
find . -exec grep -q $1 '{}' \; -print ./found_files
i=1
while [ $i -le `wc -l ./found_files` ] ; do
grep -iv $1 $2 $2.new This is where I am stuck, I have put
$2 but I want to be reading each line of text from found_files?
rm $2
mv $2.new $2
done
Something like this?
find . -exec grep -q $1 '{}' \; -print | while read BLOCKFILE; do
grep -iv $1 $BLOCKFILE $BLOCKFILE.new
mv -f $BLOCKFILE.new $BLOCKFILE
done
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
[CentOS] Security advice, please
My LAN is behind a Netgear router, which does NAT. On the CentOS server I have fail2ban running. This morning my router reported 3 different IPs attempting to send UDP packets to port 38950, Since each address is only seen 4-5 times, I presume that fail2ban took over after that. GRC reports that ports are stealthed (port 143 was open, but is now closed), but then: Unsolicited Packets: RECEIVED (FAILED) — Your system's personal security countermeasures unwisely attempted to probe us in response to our probes. While some users believe that tracking down the source of Internet probes is useful, experience indicates that there is little to gain and potentially much to lose. The wisest course of action is to simulate nonexistence — which your system has failed to do. Your counter-probes immediately reveal your system's presence and location on the Internet. So, two questions really. First, what should I be looking for on the router, to turn off this 'tracking down' activity? Then, I want to read from my own IMAP server when I'm away from home. Is there a better way than opening port 143? Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
Then, I want to read from my own IMAP server when I'm away from home. Is there a better way than opening port 143? The easiest would be if you had a fixed external IP and only allow it; but I guess that won't be the case. Maybe using an other port than 143? But I don't think that would fool port scanners. Or you could firewall everything and try port knocking to open it on demand and let you go through... JD ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
On 12/23/08, Anne Wilson cannewil...@googlemail.com wrote: My LAN is behind a Netgear router, which does NAT. On the CentOS server I have fail2ban running. This morning my router reported 3 different IPs attempting to send UDP packets to port 38950, Since each address is only seen 4-5 times, I presume that fail2ban took over after that. GRC reports that ports are stealthed (port 143 was open, but is now closed), but then: Try www.auditmypc.com or nmap-online.com rather than grc to look for open ports So, two questions really. First, what should I be looking for on the router, to turn off this 'tracking down' activity? Maybe your router is sending host / port unreachable icmp messages. You could try to see what is actually happening using wireshark on another computer from outside your LAN Then, I want to read from my own IMAP server when I'm away from home. Is there a better way than opening port 143? ssh tunnelling? fwknop? (if you want all ports to appear closed) http://cipherdyne.org/fwknop/ mike ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash Script for Beginners! oh dear :'(
James Bensley schrieb:
For those interested here is an updated version of my script but still
no luck :(
#!/bin/bash
rm -f ./found_files
touch ./found_files
find . -exec grep -q $1 '{}' \; -print ./found_files
i=1
while [ $i -le `wc -l found_files` ] ; do
line=`head -$i found_files | tail -1`
grep -iv $1 $line $line.new
rm $line
mv $line.new $line
i=`expr $i + 1`
done
How about following:
#/bin/sh
DIRECTORY=/root.dir.path.of.the.blacklists
PATTERN=$1
if [ ${PATTERN} = ]; then
echo parameter missing - stop
exit 1
fi
if [ ! -d ${DIRECTORY} ]; then
echo directory missing - stop
exit 1
fi
while read LINE; do
echo pattern found in ${LINE}: erasing [${PATTERN}]
sed -i s/.*${PATTERN}.*//; /^$/d ${LINE}
done (grep -rl ${PATTERN} ${DIRECTORY})
exit 0
Greetings
Alexander
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
Anne Wilson wrote on Tue, 23 Dec 2008 13:06:01 +: My LAN is behind a Netgear router, which does NAT. On the CentOS server I have fail2ban running. This morning my router reported 3 different IPs attempting to send UDP packets to port 38950, which is per se nothing to worry about and there's no connection to IMAP that you mention in the rest of your mail. Since each address is only seen 4-5 times, I presume that fail2ban took over after that. I doubt you have it checking port 38950, do you? And the fail2ban doesn't run on your router. So, there is no connection. GRC reports What is that? So, two questions really. First, what should I be looking for on the router, to turn off this 'tracking down' activity? You may want to ask the GRC developer what he means by that. Then, I want to read from my own IMAP server when I'm away from home. Is there a better way than opening port 143? You can VPN to your router and then use your LAN like normal. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UDEV rule allow users to unmount USB stick
Lanny Marcus wrote: On Mon, Dec 22, 2008 at 8:46 PM, MHR mhullr...@gmail.com wrote: On Mon, Dec 22, 2008 at 4:19 PM, Philip Manuel p...@zomojo.com wrote: I'm trying to understand why a normal user is not allowed to unmount their USB stick? I think it is most likely a udev rule. does anyone know ? If I understand this correctly, it's a mount/umount rule - normal users cannot run root commands. They are written to disallow normal users from performing root tasks. However, if you are using gnome, you can use the gnome-umount command (which is the equivalent of right-clicking the icon and selecting Unmount). I suspect there is a similar analogue in KDE. Good explanation Mark. I use GNOME and I have zero problems with this. Lanny Mark's assumption was correct. In KDE, the right-click menu item is Safely remove. I find it interesting, though, that root can manually mount a USB drive from the command line and any user can safely remove it via KDE. For example, I have this line in my fstab for a backup hard drive LABEL=OT3 /media/OT3 ext3 noauto,user,rw Normally, it's mounted and unmounted by the backup script but I discovered that if root manually mounts it [r...@mavis ~]# mount /media/OT3 [r...@mavis ~]# mount snip /dev/sda1 on /media/OT3 type ext3 (rw,noexec,nosuid,nodev) [r...@mavis ~]# And I try to unmount it as my normal user, I run into the behavior that is spelled out in the man page: [...@mavis ~]$ umount /media/OT3 umount: only root can unmount LABEL=OT3 from /media/OT3 [...@mavis ~]$ However, I CAN unmount it using KDE. --*USUALLY*-- Occasionally, the desktop icon will indicate unmounted but either attempting to mount the drive or manually examining /etc/mtab reveals that the drive is stll mounted. If one is to believe the mount man page, there is/are 1 or 2 bug(s) here. So, Mark, KDE has a true analogue only if GNOME is similarly broken. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing RHEL5.3
Alain PORTAL wrote: Hi, As I can start X on Centos 5.2, can somebody explain me how to install RHEL 5.3 pre-release or give me a pointer that explain how to do? ftp://ftp.redhat.com/pub/redhat/linux/beta/RHEL5.3/ I should want to know if I'll can install Centos 5.3 ;-) Regards, Alain -- Les pages de manuel Linux en français http://manpagesfr.free.fr/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos 1. wait for a public beta 2. get a RHN account and download immediately. There is some more info here https://www.redhat.com/archives/rhelv5-announce/2008-October/msg0.html Betas are not meant for production machines BTW or for upgrades to the final version. Regards, Vandaman. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS, PHP, Basic GIS
Peter Hopfgartner wrote:
Dear Micheal,
are there any good reasons not to use a normal cartesian grid? I can no
tremember any GIS software that can use haxagonal tiles as a raster.
What I'm doing at the moment - I input the width of the map, max/min
lon/lat - it calculates the height of the map needed for pixels for to
have the same pixel/kilometer ratio both north/south and east/west.
Another php function converts lat/lon coordinates to x/y coordinates
that are oriented like gd wants them:
function getsquarelocation($lon, $lat, $maxlon, $minlon, $maxlat,
$minlat, $width, $height) {
$x = $width * (($lon - $minlon) / ($maxlon - $minlon));
$y = $height * (($maxlat - $lat) / ($maxlat - $minlat));
return array(x=round($x),y=round($y));
}
Obviously there's a little distortion but not much-
Sample data points in google earth:
http://homepage.mac.com/mpeters/misc/500flags.png
Same data points in my script:
http://homepage.mac.com/mpeters/misc/500flags2.png
They look like they have the same spacial relationship to me.
So I am using cartesian coordinates, I just feed the output of that
function to another function that finds the data points for the gd
imagefilledpolygon and the hexagons are created. I actually have the
hexagons overlap a tiny bit (2 pixels) to prevent a possible 1 pixel
space between them from rounding issues.
I think I may have found what I need - I found some articles on parsing
e00 files into arrays that I can then use to draw them with gd. Now the
only issue is the e00 files I have have *too* much information - they
are statewide - so I need to figure out which datasets in the files are
the ones I want ,,,
I may just write a shell script that parses the e00 file and turns the
data sets into php include files. There may be some scripts out there
that already do a similar thing I can steal, as e00 seems fairly common
and has been around awhile.
Anyway, there is quite a lot of GIS software that you can obtain via
EPEL [http://fedoraproject.org/wiki/EPEL].
In case you want to publish geographical informations, do yourself a
favor and use some of the many excellent tools out there, have a look at
http://www.osgeo.org. A good part of the world's leading open source GIS
people works on those projects.
Some, trying to summarize: If you want to keep your data on a database,
go with PostgreSQL and PostGIS or SQLLite with it's spatial extensions.
If you want to work with desktop applications, have a look at QGIS and,
at a more advanced level, GRASS.
If you want to publish your data on the web and feel more inclibned to
PHP then to JAVA have a look at MapServer for creating the rendered
images of your geographical data and to OpenLayers or Mapbender or
eventulally p-mapper for publishing the rendered images on the web.
These are the tools that we been are using here for years and your can
go any distance with them.
Thank you! I will look into those.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
John Doe wrote: Then, I want to read from my own IMAP server when I'm away from home. Is there a better way than opening port 143? The easiest would be if you had a fixed external IP and only allow it; but I guess that won't be the case. Maybe using an other port than 143? But I don't think that would fool port scanners. Yes it will fool the port scanners. On my centos server at a colo (er, not really my server, it's a xen virtual host on someone elses server, but it feels like mine - I love xen) I was seeing literally hundreds of attacks on the ssh port within a day of setting it up. I changed the port to one 1024 and I haven't seen a single attack since. If someone wants to attack your specific server, they'll do a full port scan and find what you have regardless of what ports you are using - but the vast majority of scripts don't because it takes longer to do a full port scan, machines run by people smart enough to change the port usually are run by people who have a clue, very often do not have a lot of users (machines that service a lot of users really need to use the standard ports) and thus are not as likely to have a brute force attack work. So the few extra hosts they find via full port scan isn't worth the time it takes, that time is better spent scanning for people without a clue who are running on the default port. I suspect a lot of scripts don't even bother to scan, they probably just try to connect and move to the next IP when they get a port closed. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
Michael Simpson wrote: GRC reports that ports are stealthed Try www.auditmypc.com or nmap-online.com rather than grc to look for open ports What advantages do they have, in your opinion? there a better way than opening port 143? ssh tunnelling? I agree, though the default CentOS sshd configuration requires some tightening down to trust it on Internet-facing servers, IMHO: 1. In /etc/ssh/sshd_config, set PasswordAuthentication no. No matter how good your password, it isn't as good as using keys. Remember, forwarding ssh opens it to pounding 24x7 from any of the millions on zombie boxes on the Internet. 2. On the machine(s) that you want to allow logins from, run ssh-keygen -t rsa to generate a key pair, if you haven't already. Then copy the contents of ~/.ssh/id-rsa.pub into ~/.ssh/authorized_keys on your home server. These keys are used to authenticate the remote system, in lieu of a password or physical token. You could put these keys on a USB stick instead, if you didn't want to keep them permanently on the remote hosts. 3. Disable SSHv1 protocol support in /etc/ssh/sshd_config: Protocol 2, not Protocol 2,1. SSHv1 has known weaknesses. Boggles my mind that it's still enabled by default 4. Same file, set PermitRootLogin no if it isn't already. (Aside: I also like to set up sudo with one account allowed to do anything, then lock the root account, so the only way to get root access is to log in as a regular user then sudo up, reducing the risk of passwordless keys.) Having done all this, you're ready to allow remote access: 5. In your router, forward a high-numbered port to 22 on the server. If it's not smart enough to use different port numbers on either side, you can change the sshd configuration so it listens on a different port instead. I like to use 22022 for this. This is *not* security through obscurity. It's simply a way to reduce the amount of log spam you have to dig through when monitoring your system's behavior. Everything that appears in your logs should be *interesting*. Constant port knocking from worms and script kiddies is not interesting. In case you've not done ssh tunelling, Anne, the command that does what you want, having done all the above is: $ ssh -p22022 -L10143:my.server.com:143 a...@my.server.com This sets up port 10143 on the local system to be redirected through the ssh session to the IMAP port on your home server. You don't want to redirect 143 to 143 because that would require you to run ssh as root. It also prevents you from using this on a system that itself has an IMAP server. With the tunnel up, you can set up your mail client to connect to port 10143 on localhost, and you'll be looking at your remote mail server. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Raid1 -- Raid5
Mariusz wrote: Did you ask your vendor / manufacturer of the raid layer ? What did they say ? no, i haven't asked yet, but i'm going to do it. Maybe i should use dd command (create image all logical disk to another disk) and add new 3rd disk, create raid 5 volume and after restore system from dd image? Most vendors have their own way of doing raid type convertions and will expect the metadata to move in specific ways, so depending on the hba, you really are better off backing up the data elsewhere, perhaps remove one of the raid-1 disks, create a raid5 in degraded mode move the data over, and add the older disk as hotspare. But then again, that depends on how the hba does these things. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Firefox loses plugins, anyone else? Bug? Known?
On Mon, 2008-12-22 at 18:49 -0500, William L. Maltby wrote: SYNOPSIS: Bug between Firefox and gnome-default-applications-properties somewhere. When FF is set to check to see if it is the default browser and it is not and the user selects Yes to make it the default, FF writes the full path to the /usr/lib instance in the command and sets the preferred browser to Custom. This causes the symptoms that have been seen, including the truncation of pluginreg.dat. If the user responds No when FF asks if it should be the default browser, the settings that were selected in gnome-default-applications-properties hold and the adverse symptoms are not seen. WORKAROUND: tell firefox No or to _not_ check to see if it is the default browser after running gnome-default-applications-properties and selecting it there. CONCLUSION: The gnome-default-applications-properties apparently gets the binary in /usr/bin while FF itself bypasses this binary and goes directly to the /usr/lib/ firefox instance. In this case the adverse symptoms are seen. Bug somewhere, I presume FF since the gnome-default-applications-properties settings work OK and it accesses the binary in /usr/bin. More detail that you ever wanted to know follows. snip BTW, I forgot to pull a basic check, so here it is. $ rpm -qf /usr/lib/firefox-3.0.5/firefox /usr/bin/firefox firefox-3.0.5-1.el5.centos.i386 firefox-3.0.5-1.el5.centos.i386 -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
On 12/23/08, Warren Young war...@etr-usa.com wrote: Michael Simpson wrote: GRC reports that ports are stealthed Try www.auditmypc.com or nmap-online.com rather than grc to look for open ports What advantages do they have, in your opinion? they're not grc auditmypc has been mentioned as an alternative to grc or sygate (after acquisition by symantec) personally, i use nmap to scan my systems so nmap-online seems a reasonable way of doing this if you don't have access to an external box/colo server i am lucky to have a very lightly loaded production webserver at my disposal for this. mike ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Firefox loses plugins, anyone else? Bug? Known?
On 2008-12-22, 23:49 GMT, William L. Maltby wrote: I presume this completes the triage process? Now, who reports I hope this bug is publicly visible https://bugzilla.redhat.com/show_bug.cgi?id=471193 otherwise just yes, IMHO (and it is not official statement by RH Gecko developers) whole business of Firefox checking being a default browser is unhappy relict of Windows browser wars and it should be eliminated in the Linux FF altogether. I don't know if it happens though. Matěj ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CESA-2008:1036 Critical CentOS 4 x86_64 firefox Update
NOTE: this should have said CentOS-4 and not CentOS-5 initially. Johnny Hughes wrote: CentOS Errata and Security Advisory 2008:1036 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1036.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: firefox-3.0.5-1.el4.centos.x86_64.rpm nspr-4.7.3-1.el4.i386.rpm nspr-4.7.3-1.el4.x86_64.rpm nspr-devel-4.7.3-1.el4.x86_64.rpm nss-3.12.2.0-1.el4.centos.i386.rpm nss-3.12.2.0-1.el4.centos.x86_64.rpm nss-devel-3.12.2.0-1.el4.centos.x86_64.rpm src: firefox-3.0.5-1.el4.centos.src.rpm nspr-4.7.3-1.el4.src.rpm nss-3.12.2.0-1.el4.centos.src.rpm signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] How to setup LaTeX to support Chinese on CentOS 5
Hi all, Would anyone with prior experience guide me to config LaTeX to support Chinese, or give me some reference. I am currently using CentOS 5.2 on my laptop. I am pleased to provide any information needed. Many thanks! Xiaobo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Firefox loses plugins, anyone else? Bug? Known?
On Tue, 2008-12-23 at 16:49 +0100, Matej Cepl wrote: On 2008-12-22, 23:49 GMT, William L. Maltby wrote: I presume this completes the triage process? Now, who reports I hope this bug is publicly visible https://bugzilla.redhat.com/show_bug.cgi?id=471193 It is. otherwise just yes, IMHO (and it is not official statement by RH Gecko developers) whole business of Firefox checking being a default browser is unhappy relict of Windows browser wars and it should be eliminated in the Linux FF altogether. I don't know if it happens though. Although related, the bug report itself only references warning messages, not the destruction of the pluginreg.dat. Since that bug is severity level of medium, and the destruction of the pluginreg.dat s/b much higher, IMO, I think an additional bug report is warranted. This is because using the check if FF is default ... causes loss of functionality, which may be critical to the user. In my case, there are $$ making-related activities that I _must_ (well, you know what's important to me is always more important than what's important to anyone else ;-) be able to rely upon. So, what think ye knave? Shall we/you/I open a new bug and reference the one you referenced? That depends on if we think it will do any good. I don't like to waste my/your/our time if the probability of some positive result is low. A further possible gotcha exists in the gnome command setup as well. If the user selects Custom and references the /usr/lib/firefox-3.* instance of the browser, rather than the /usr/bin/firefox (as would happen if the user just selects FF in the gnome preferences), they get the same adverse results of trashing pluginreg.dat when a T'bird link causes the launch of FF. ISTM that some kind of fix to prevent this should also be done, or at least some warning if the /usr/lib instance is entered in the command box. Hm, that might be asking too much though. Repeating, IMO this is a severity greater than medium. Matěj snip sig stuff Thanks for your time, interest and invaluable assistance to me in resolving this issue. -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Security advice, please
On Tuesday 23 December 2008 15:38:17 Warren Young wrote: Michael Simpson wrote: First, thanks to all who replied. I'll try to remember and consider all that has been said. GRC reports that ports are stealthed Try www.auditmypc.com or nmap-online.com rather than grc to look for open ports What advantages do they have, in your opinion? there a better way than opening port 143? ssh tunnelling? I agree, though the default CentOS sshd configuration requires some tightening down to trust it on Internet-facing servers, IMHO: 1. In /etc/ssh/sshd_config, set PasswordAuthentication no. No matter how good your password, it isn't as good as using keys. Remember, forwarding ssh opens it to pounding 24x7 from any of the millions on zombie boxes on the Internet. I use ssh with keys from this laptop over the LAN for updates etc. :-) 2. On the machine(s) that you want to allow logins from, run ssh-keygen -t rsa to generate a key pair, if you haven't already. Then copy the contents of ~/.ssh/id-rsa.pub into ~/.ssh/authorized_keys on your home server. These keys are used to authenticate the remote system, in lieu of a password or physical token. You could put these keys on a USB stick instead, if you didn't want to keep them permanently on the remote hosts. This is done for this laptop, but I'll set the netbook up the same way before taking it on holiday. 3. Disable SSHv1 protocol support in /etc/ssh/sshd_config: Protocol 2, not Protocol 2,1. SSHv1 has known weaknesses. Boggles my mind that it's still enabled by default I think that's done, but I'll check 4. Same file, set PermitRootLogin no if it isn't already. It is (Aside: I also like to set up sudo with one account allowed to do anything, then lock the root account, so the only way to get root access is to log in as a regular user then sudo up, reducing the risk of passwordless keys.) Having done all this, you're ready to allow remote access: 5. In your router, forward a high-numbered port to 22 on the server. If it's not smart enough to use different port numbers on either side, you can change the sshd configuration so it listens on a different port instead. I like to use 22022 for this. This is *not* security through obscurity. It's simply a way to reduce the amount of log spam you have to dig through when monitoring your system's behavior. Everything that appears in your logs should be *interesting*. Constant port knocking from worms and script kiddies is not interesting. In case you've not done ssh tunelling, Anne, the command that does what you want, having done all the above is: $ ssh -p22022 -L10143:my.server.com:143 a...@my.server.com This sets up port 10143 on the local system to be redirected through the ssh session to the IMAP port on your home server. You don't want to redirect 143 to 143 because that would require you to run ssh as root. It also prevents you from using this on a system that itself has an IMAP server. With the tunnel up, you can set up your mail client to connect to port 10143 on localhost, and you'll be looking at your remote mail server. Thanks for the detailed how-to. I was feeling somewhat nervous of yet another system to learn, but I should be fine with this. I'll set it up over Christmas, all being well, though I may end up having to ask more questions. Providing I can persuade my son-in-law to add the netbook's MAC to his router I should be able to test from his network. Thanks again Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 46, Issue 10
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than Re: Contents of CentOS-announce digest... Today's Topics: 1. CESA-2008:1036 Critical CentOS 5 i386 firefox Update (Johnny Hughes) 2. CESA-2008:1036 Critical CentOS 5 x86_64 firefox Update (Johnny Hughes) 3. CESA-2008:1036 Critical CentOS 4 x86_64 seamonkey Update (Johnny Hughes) 4. CESA-2008:1037 Critical CentOS 4 i386 seamonkey Update (Johnny Hughes) 5. CESA-2008:1021 Moderate CentOS 4 i386 enscript- security update (Johnny Hughes) 6. CESA-2008:1021 Moderate CentOS 4 x86_64 enscript - security update (Johnny Hughes) 7. CESA-2008:1023 Moderate CentOS 4 i386 pidgin - security update (Johnny Hughes) 8. CESA-2008:1023 Moderate CentOS 4 x86_64 pidgin- security update (Johnny Hughes) 9. CESA-2008:0981 Moderate CentOS 4 i386 ruby- security update (Johnny Hughes) 10. CESA-2008:0981 Moderate CentOS 4 x86_64 ruby - security update (Johnny Hughes) 11. CESA-2008:1036 Critical CentOS 4 i386 firefox Update (Johnny Hughes) 12. CESA-2008:1036 Critical CentOS 4 x86_64 firefox Update (Johnny Hughes) -- Message: 1 Date: Tue, 23 Dec 2008 08:55:59 -0600 From: Johnny Hughes joh...@centos.org Subject: [CentOS-announce] CESA-2008:1036 Critical CentOS 5 i386 firefox Update To: CentOS-Announce centos-annou...@centos.org Message-ID: 4950fbff.9000...@centos.org Content-Type: text/plain; charset=iso-8859-1 CentOS Errata and Security Advisory 2008:1036 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1036.html The following updated files have been uploaded and are currently syncing to the mirrors: i386: firefox-3.0.5-1.el4.centos.i386.rpm nspr-4.7.3-1.el4.i386.rpm nspr-devel-4.7.3-1.el4.i386.rpm nss-3.12.2.0-1.el4.centos.i386.rpm nss-devel-3.12.2.0-1.el4.centos.i386.rpm src: firefox-3.0.5-1.el4.centos.src.rpm nspr-4.7.3-1.el4.src.rpm nss-3.12.2.0-1.el4.centos.src.rpm -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos-announce/attachments/20081223/9c0b154f/attachment-0001.bin -- Message: 2 Date: Tue, 23 Dec 2008 08:56:07 -0600 From: Johnny Hughes joh...@centos.org Subject: [CentOS-announce] CESA-2008:1036 Critical CentOS 5 x86_64 firefox Update To: CentOS-Announce centos-annou...@centos.org Message-ID: 4950fc07.4010...@centos.org Content-Type: text/plain; charset=iso-8859-1 CentOS Errata and Security Advisory 2008:1036 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1036.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: firefox-3.0.5-1.el4.centos.x86_64.rpm nspr-4.7.3-1.el4.i386.rpm nspr-4.7.3-1.el4.x86_64.rpm nspr-devel-4.7.3-1.el4.x86_64.rpm nss-3.12.2.0-1.el4.centos.i386.rpm nss-3.12.2.0-1.el4.centos.x86_64.rpm nss-devel-3.12.2.0-1.el4.centos.x86_64.rpm src: firefox-3.0.5-1.el4.centos.src.rpm nspr-4.7.3-1.el4.src.rpm nss-3.12.2.0-1.el4.centos.src.rpm -- next part -- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 251 bytes Desc: OpenPGP digital signature Url : http://lists.centos.org/pipermail/centos-announce/attachments/20081223/62142174/attachment-0001.bin -- Message: 3 Date: Tue, 23 Dec 2008 09:04:31 -0600 From: Johnny Hughes joh...@centos.org Subject: [CentOS-announce] CESA-2008:1036 Critical CentOS 4 x86_64 seamonkey Update To: CentOS-Announce centos-annou...@centos.org Message-ID: 4950fdff.8050...@centos.org Content-Type: text/plain; charset=iso-8859-1 CentOS Errata and Security Advisory 2008:1037 Upstream details at : https://rhn.redhat.com/errata/RHSA-2008-1037.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: seamonkey-1.0.9-32.el4.centos.x86_64.rpm seamonkey-chat-1.0.9-32.el4.centos.x86_64.rpm seamonkey-devel-1.0.9-32.el4.centos.x86_64.rpm seamonkey-dom-inspector-1.0.9-32.el4.centos.x86_64.rpm seamonkey-js-debugger-1.0.9-32.el4.centos.x86_64.rpm seamonkey-mail-1.0.9-32.el4.centos.x86_64.rpm src: seamonkey-1.0.9-32.el4.centos.src.rpm -- next part -- A non-text attachment was scrubbed... Name: signature.asc
Re: [CentOS] CentOS, PHP, Basic GIS
Michael A. Peters wrote: Basically - the data will be plotted as a grid of regular hexagons. When locality information (museum record or photo voucher record in our own database) exists, the hexagon the record sits in gets drawn a pretty color (depending on type and age of records). mashup's with google maps are easy to do, and there are plenty of examples and resources out there that let you work with them in most mainstream languages - I am sure php code exists too. Is that a route you considered ? - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing RHEL5.3
Le mardi 23 décembre 2008, Vandaman a écrit : 1. wait for a public beta Are you sure beta can be public ? 2. get a RHN account and download immediately. I just remember that I had an old RHN account, since RH7.0 as I remember. I reactivated it and I'm waiting for more information. There is some more info here https://www.redhat.com/archives/rhelv5-announce/2008-October/msg0.html Betas are not meant for production machines BTW or for upgrades to the final version. I know, I just want to test it as I can't start X with 5.2. Regards, Alain -- Les pages de manuel Linux en français http://manpagesfr.free.fr/ signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UDEV rule allow users to unmount USB stick
On Tue, Dec 23, 2008 at 6:39 AM, Robert kerp...@sbcglobal.net wrote: Mark's assumption was correct. In KDE, the right-click menu item is Safely remove. I find it interesting, though, that root can manually mount a USB drive from the command line and any user can safely remove it via KDE. From what I can see, this does not happen in Gnome because Gnome doesn't recognize a manually mounted USB drive at all. If I plug in a USB drive, then use the right-click Unmount to unmount it, then mount it as root, Gnome does not see it (!) and does not post the icon for it. It shows up in df and most other command line utilities, and I can see it in nautilus as well (duh - it's mounted on a fixed mount point!), but Gnome doesn't see it the same way. So, no, Gnome isn't broken the same way as KDE, it's different :-) mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing RHEL5.3
Alain PORTAL wrote: Le mardi 23 décembre 2008, Vandaman a écrit : 1. wait for a public beta Are you sure beta can be public ? Pre Release Beta's are public. Point release ones are not. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing RHEL5.3
Alain PORTAL alain.por...@free.fr wrote: 1. wait for a public beta Are you sure beta can be public ? Just google for Red Hat Releases RHEL 4 Public Beta. I'm not saying that this is the case here but you need to either have a RHN account with entitlements or to wait for a public beta (which may be unlikely for a point release). I know, I just want to test it as I can't start X with 5.2. If you are having problems with 5.2 then address these problems immediately without waiting for 5.3. How do you address them? File bugs or ask questions relating to your existing problem but 5.3 beta is unable to solve them automagically for you. Regards, Vandaman. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] regarding vpn server for 1500 clients
Bernard 'Tux' Lheureux wrote: Matt wrote: I have to build vpn server for 1500 clients. No encryption necessary. can anyone please recommend me vpn server. Have you looked at Mikrotik.com router OS? It has PPTP server. Very fast and easy to setup But PPTP is very weak in terms of security... IPsec or SSL VPNs should be used to ensure security on the VPN connections The OP did not want per packet encryption. Did not even want per packet authentication. Just tunneling. ERGO something like PPTP. Of course if the Linux implementation of the PPTP server is so ineffcient (written in PERL), that you have to buy a PPTP server, now you have to compare it to an IPsec or SSLVPN server. I have never liked the SSLvpn architecture. Never really liked the SSL handshake; just too chatty. I wear my biases quite plainly on my arm sleeve (I chaired the IPsec workgroup during the time the RFCs came out). You want security, go with IPsec. Even ESP NULL gives you per packet authentication and thus proof of server and client. Just pay the price for IKE, which I never liked. Part of the reason I invented HIP Of course if the OP goes with an SSL application, and moves away from tunneling, then YES just go with SSL on the server and add an SSL acceleration board. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] regarding vpn server for 1500 clients
Robert Moskowitz wrote: I have never liked the SSLvpn architecture. Never really liked the SSL handshake; just too chatty. I wear my biases quite plainly on my arm sleeve (I chaired the IPsec workgroup during the time the RFCs came out). You want security, go with IPsec. Even ESP NULL gives you per packet authentication and thus proof of server and client. Just pay the price for IKE, which I never liked. Part of the reason I invented HIP But ssl vpns work though just about any firewall/proxy/nat that already permit https. Traversing those can be painful or impossible for ipsec. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] regarding vpn server for 1500 clients
Les Mikesell wrote: Robert Moskowitz wrote: I have never liked the SSLvpn architecture. Never really liked the SSL handshake; just too chatty. I wear my biases quite plainly on my arm sleeve (I chaired the IPsec workgroup during the time the RFCs came out). You want security, go with IPsec. Even ESP NULL gives you per packet authentication and thus proof of server and client. Just pay the price for IKE, which I never liked. Part of the reason I invented HIP But ssl vpns work though just about any firewall/proxy/nat that already permit https. Traversing those can be painful or impossible for ipsec. The problem is NATs (so speaks a co-author of RFC 1918!). SSL vpns tunnel networking over Transport. Gee I wonder why that works through NATs? Part of the NAT traversal mess contributed to my drive for HIP which the actual developers realized needed a different ESP mode: BEET. Of course even HIP needs ICE to find things out there and to be found ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] regarding vpn server for 1500 clients
Robert Moskowitz wrote: I have never liked the SSLvpn architecture. Never really liked the SSL handshake; just too chatty. I wear my biases quite plainly on my arm sleeve (I chaired the IPsec workgroup during the time the RFCs came out). You want security, go with IPsec. Even ESP NULL gives you per packet authentication and thus proof of server and client. Just pay the price for IKE, which I never liked. Part of the reason I invented HIP But ssl vpns work though just about any firewall/proxy/nat that already permit https. Traversing those can be painful or impossible for ipsec. The problem is NATs (so speaks a co-author of RFC 1918!). SSL vpns tunnel networking over Transport. Gee I wonder why that works through NATs? Or, given the near-universal use of NATs, you have to wonder about the viability of anything that doesn't traverse them gracefully. Part of the NAT traversal mess contributed to my drive for HIP which the actual developers realized needed a different ESP mode: BEET. Of course even HIP needs ICE to find things out there and to be found I'm not sure what any of those acronyms means, but the other problem with IPsec is that the usual tools don't provide an interface for routing and they need some other mechanism to decide what goes through them. On Ciscos I've always set up GRE tunnels to get something the routing protocols can see, then crypto-mapped the GRE packets. Is there a common computer implementation that would mesh with this? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] PHP 5.2.x rpm for Centos 5? (any news)
I've searched the archives and found a post last march about a rpm version of php for centos. Any news about it? Is it still in testing? Any known issues? Where do I get it? Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
On Tue, Dec 23, 2008 at 9:48 PM, mbneto mbn...@gmail.com wrote: I've searched the archives and found a post last march about a rpm version of php for centos. Any news about it? Is it still in testing? Any known issues? Where do I get it? Why need php 5.2.x on CentOS while php 5.1.x works like a charm ? If you really need php 5.2.x so you not need CentOS 5.x lolz -- http://vnoss.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] regarding vpn server for 1500 clients
Les Mikesell wrote: Robert Moskowitz wrote: I have never liked the SSLvpn architecture. Never really liked the SSL handshake; just too chatty. I wear my biases quite plainly on my arm sleeve (I chaired the IPsec workgroup during the time the RFCs came out). You want security, go with IPsec. Even ESP NULL gives you per packet authentication and thus proof of server and client. Just pay the price for IKE, which I never liked. Part of the reason I invented HIP But ssl vpns work though just about any firewall/proxy/nat that already permit https. Traversing those can be painful or impossible for ipsec. The problem is NATs (so speaks a co-author of RFC 1918!). SSL vpns tunnel networking over Transport. Gee I wonder why that works through NATs? Or, given the near-universal use of NATs, you have to wonder about the viability of anything that doesn't traverse them gracefully. Part of the NAT traversal mess contributed to my drive for HIP which the actual developers realized needed a different ESP mode: BEET. Of course even HIP needs ICE to find things out there and to be found I'm not sure what any of those acronyms means, For HIP (Host Identity Protocol) check out RFCs 4423 adn 5202 - 5207. For BEET (Bound End to End Transport), it is an Internet Draft: www.ietf.org/*internet*-*draft*s/*draft*-nikander-esp-*beet*-mode-09.txt ESP has challenges going through a NAT as the outer IP addresses of the tunnel are bound to the Security Association. With BEET, that is removed, the outer IP addresses are not used in calcuating the authentication. More differences than that, but in a nutshell... BEET is now part of the 2.6.27 kernel. I want to finish some testing then get a bug report into Redhat to get them to add it to the 2.6.18 kernel for RHEL/Centos 5. but the other problem with IPsec is that the usual tools don't provide an interface for routing and they need some other mechanism to decide what goes through them. This has always been my issue with IPsec tunnels. What to use and do you know if what you want secured is? Thus the policy always is all or nothing; very broken per the RFC. FreeSWAN tried doing it better, but kind of sputtered out (Hugh really wanted to do it right). This was thus another issue I had with tunnel mode over transport that led to BEET mode. On Ciscos I've always set up GRE tunnels to get something the routing protocols can see, then crypto-mapped the GRE packets. Is there a common computer implementation that would mesh with this? No. At least that I know of. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] UDEV rule allow users to unmount USB stick
Lanny Marcus wrote: On Mon, Dec 22, 2008 at 7:56 PM, Philip Manuel p...@zomojo.com wrote: snip Are we talking about USB Memory here? If so, I have not seen this issue. I've never used USB Memory while logged in as root. I'm using CentOS 5 (32 bit). snip Yes the usb stick/memory mounts correctly, but then they are not allowed to unmount it, using for example umount /media/device We are using Centos5.2 64bit I see that you are using 64 bit, I'm using 32 bit, but I doubt that this would work differently, between the 2 versions of the OS. As Mark (mhr) wrote, if you use GNOME, just right click the icon, to unmount the USB stick. You are correct we could use konqueror, we use kde, to unmount but if a CD/DVD is mounted correctly to allow a user to unmount why can't a USB memory device ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] network interface
Hi all How can I bring up eth0:2 only ifconfig eth0:2 up is not working I have to use service network restart But it restarts all network interfaces that I don't want Thank you Send instant messages to your online friends http://uk.messenger.yahoo.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] regarding vpn server for 1500 clients
Robert Moskowitz wrote: but the other problem with IPsec is that the usual tools don't provide an interface for routing and they need some other mechanism to decide what goes through them. This has always been my issue with IPsec tunnels. What to use and do you know if what you want secured is? Thus the policy always is all or nothing; very broken per the RFC. FreeSWAN tried doing it better, but kind of sputtered out (Hugh really wanted to do it right). This was thus another issue I had with tunnel mode over transport that led to BEET mode. On Ciscos I've always set up GRE tunnels to get something the routing protocols can see, then crypto-mapped the GRE packets. Is there a common computer implementation that would mesh with this? No. At least that I know of. Seems odd that no one does it that way. How do you set up redundant tunnel routes as failovers for dedicated circuits if you can't run routing protocols through the tunnels? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] network interface
Hi all How can I bring up eth0:2 only ifconfig eth0:2 up is not working I have to use service network restart But it restarts all network interfaces that I don't want I believe you have to have eth0 up for that to work. You can add ONPARENT=no to the other virtual interfaces to keep them from starting on a service network restart. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
if you want newer php you should add remi repo...http://blog.famillecollet.com/pages/Config-en M - Original Message - From: mbneto To: CentOS mailing list Sent: Tuesday, December 23, 2008 9:48 PM Subject: [CentOS] PHP 5.2.x rpm for Centos 5? (any news) I've searched the archives and found a post last march about a rpm version of php for centos. Any news about it? Is it still in testing? Any known issues? Where do I get it? Thanks. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] tripwire on centos 5
Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? M. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
Actually, PHP 5.1.x is getting really old and unfortunately some packages (like Zend Framework, phpMyAdmin) are using the newer features available only in 5.2.x branch. I sure need CentOS 5.x for all other stability and security features, and since CentOS 6 should appear only in 2010 I must have an intermediate solution. Why need php 5.2.x on CentOS while php 5.1.x works like a charm ? If you really need php 5.2.x so you not need CentOS 5.x lolz -- http://vnoss.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] network interface
On Tue, Dec 23, 2008 at 4:19 PM, adrian kok adriankok2...@yahoo.com.hk wrote: Hi all How can I bring up eth0:2 only ifconfig eth0:2 up is not working wouldn't it be 'ifup eth0:2' ? -Bob ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] network interface
adrian kok wrote: Hi all How can I bring up eth0:2 only ifconfig eth0:2 up is not working have you tried ifup eth0:2 ? I have to use service network restart But it restarts all network interfaces that I don't want Thank you Send instant messages to your online friends http://uk.messenger.yahoo.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tripwire on centos 5
On Tue, 2008-12-23 at 22:58 +0100, Mariusz wrote: Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? I've never used it anywhere. But I learned from watching the list to google first. tripwire site:centos.org That gave about 175 hits. Maybe that will help you too? M. snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tripwire on centos 5
On Tue, Dec 23, 2008 at 4:58 PM, Mariusz settl...@atp-czesci.pl wrote: Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? I usually hate giving advice for B when folks ask for A, however aide provides much the same functionality as tripwire, and is built into centos5 by default. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tripwire on centos 5
i checked google.. but i found only on centos 4, my question was: on centos 5, so please don't be malicious ;) M - Original Message - From: William L. Maltby centos4b...@triad.rr.com To: CentOS mailing list centos@centos.org Sent: Tuesday, December 23, 2008 11:16 PM Subject: Re: [CentOS] tripwire on centos 5 On Tue, 2008-12-23 at 22:58 +0100, Mariusz wrote: Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? I've never used it anywhere. But I learned from watching the list to google first. tripwire site:centos.org That gave about 175 hits. Maybe that will help you too? M. snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Missing CentOS 4.7 update?
Vandaman wrote: Unless I'm mistaken, does it look like Centos 4.7 is missing an update released on December 3rd 2008? Upstream details :- http://rhn.redhat.com/errata/RHBA-2008-0989.html An updated tmpwatch package that fixes various bugs is now available. The tmpwatch utility recursively searches through specified directories and removes files which have not been accessed in a specified period of time. tmpwatch is typically enabled and configured to clean up directories used for temporarily holding files, such as, for example, the /tmp directory. This updated tmpwatch package includes fixes for the following bugs: * tmpwatch unnecessarily reported a No such file or directory error whenever a file was deleted before tmpwatch accessed it. In this updated package, tmpwatch correctly no longer reports such errors, thus resolving the issue. snip Regards, Vandaman. That is part of the fasttrack repo and not part of the main RHN (or CenetOS repo). I will build it soon, but it we don't build fasttrack for every CentOS version (ie, not for C5 for example). signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tripwire on centos 5
Jim Perrin wrote: On Tue, Dec 23, 2008 at 4:58 PM, Mariusz settl...@atp-czesci.pl wrote: Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? I usually hate giving advice for B when folks ask for A, however aide provides much the same functionality as tripwire, and is built into centos5 by default. In this instance, +1 for Jim's advice (the advice that is, not Jim!) I believe tripwire is now a commercial product and the open source version is no longer developed (although I'm not 100% sure on that). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tripwire on centos 5
ok, thank you, i will check it M - Original Message - From: Jim Perrin jper...@gmail.com To: CentOS mailing list centos@centos.org Sent: Tuesday, December 23, 2008 11:20 PM Subject: Re: [CentOS] tripwire on centos 5 On Tue, Dec 23, 2008 at 4:58 PM, Mariusz settl...@atp-czesci.pl wrote: Does anybody use tripwire on centos 5? Has anybody checked that: http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4 on centos5? I usually hate giving advice for B when folks ask for A, however aide provides much the same functionality as tripwire, and is built into centos5 by default. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] drbd 8.3.0 is out
Rainer Traut wrote: Am 19.12.2008 11:29, schrieb Ian Forde: On Fri, 2008-12-19 at 10:20 +0100, Rainer Traut wrote: Hi, is this the right place to ask for updated -extras- packages? this seems to be the successor of the 8.2.x branch and contains various bugfixes. Uhhh... this was *just* released... that's a little quick to be asking, isn't it? ;) I'm pretty sure I won't be using this in production until it's at least at 8.2.3 or so... You mean 8.3.3? Yeah you're right, drbd is really really fundamental. But the extras repo is already missing 8.2.7 which was left out. And even 8.2.7 has some bugs fixed not until 8.3.0. It (8.2.7) isn't left out as much as REAL LIFE has intruded. I will be maintaining the 8.0.x and 8.2.x branches updated for C5 and the 7.x and 8.2.x branches for C4 ... CentOS is an Enterprise distro, if you want cutting edge, see Fedora :D And 8.2.8's release date seems unknown if not unsure. Of course, that's not to say that testing packages won't be produced at some point. After all, wasn't there some overlap of 8.1.x and 8.2 packages? If there's something to test I will do... signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
Mbneto wrote on Tue, 23 Dec 2008 18:02:57 -0400: I sure need CentOS 5.x for all other stability and security features, and since CentOS 6 should appear only in 2010 I must have an intermediate solution. There are one or two people that provide repos with 5.2.x, just google. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
On Tue, 2008-12-23 at 22:39 +0100, Mariusz wrote: if you want newer php you should add remi repo...http://blog.famillecollet.com/pages/Config-en Or you could just get it from the testing repo, and then BOTHER REPORTING WHETHER OR NOT IT WORKS so that it can FINALLY get out of testing. -- Ignacio Vazquez-Abrams ivazquez...@gmail.com PLEASE don't CC me; I'm already subscribed signature.asc Description: This is a digitally signed message part ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] tripwire on centos 5
On Tue, 2008-12-23 at 23:23 +0100, Mariusz wrote: i checked google.. but i found only on centos 4, my question was: on centos 5, so please don't be malicious ;) I didn't hink I was being malicious. I looked again and found lots of combinations of CentOS 5 and tripwire. Most would not have helped you, but the ones I looked at mentioned ways to build from source, mentioned that it was not being made available from upstream on CentOS 5 and also recommended some of the same packages that other responders mentioned in this thread. Short summary: what you have been told in this thread was already available in CentOS list archives and forum postings. M snip sig stuff -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT SOLVED... sort of] Firefox loses plugins, anyone else? Bug? Known?
I figured I better post a SOLVED for this. In the main thread it is still open as to whether a new bug should be posted. Short form: don't have FF check and set itself as default browser, rather run gnome-default-applications-properties and select the firefox icon rather than Custom command. On Tue, 2008-12-23 at 10:58 -0500, William L. Maltby wrote: On Mon, 2008-12-22 at 18:49 -0500, William L. Maltby wrote: SYNOPSIS: Bug between Firefox and gnome-default-applications-properties somewhere. When FF is set to check to see if it is the default browser and it is not and the user selects Yes to make it the default, FF writes the full path to the /usr/lib instance in the command and sets the preferred browser to Custom. This causes the symptoms that have been seen, including the truncation of pluginreg.dat. If the user responds No when FF asks if it should be the default browser, the settings that were selected in gnome-default-applications-properties hold and the adverse symptoms are not seen. WORKAROUND: tell firefox No or to _not_ check to see if it is the default browser after running gnome-default-applications-properties and selecting it there. CONCLUSION: The gnome-default-applications-properties apparently gets the binary in /usr/bin while FF itself bypasses this binary and goes directly to the /usr/lib/ firefox instance. In this case the adverse symptoms are seen. Bug somewhere, I presume FF since the gnome-default-applications-properties settings work OK and it accesses the binary in /usr/bin. More detail that you ever wanted to know follows. snip BTW, I forgot to pull a basic check, so here it is. $ rpm -qf /usr/lib/firefox-3.0.5/firefox /usr/bin/firefox firefox-3.0.5-1.el5.centos.i386 firefox-3.0.5-1.el5.centos.i386 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash Script for Beginners! oh dear :'(
On 2008-12-23, 12:15 GMT, James Bensley wrote:
find . -exec grep -q $1 '{}' \; -print ./found_files
I think you can have only one action (either -exec or -print),
but not sure about it. Anyway, my first instinct when things are
getting to be more complicated is to use while cycle, like this:
find . |while read FILE ; do
if grep $FILE '{}' /dev/null 21 ; then
echo $FILE ./found_files
fi
done
Matěj
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing RHEL5.3
On 2008-12-23, 18:05 GMT, Vandaman wrote: If you are having problems with 5.2 then address these problems immediately without waiting for 5.3. How do you address them? File bugs or ask questions relating to your existing problem but 5.3 beta is unable to solve them automagically for you. I am a bug triager for RH Desktop team and I told Alan that it is most likely his problems will be solved automagically (well, through hard work of Dave Airlie) in 5.3. Unfortunately, Beta is not available. He has to wait until CentOS 5.3 happens. Matěj Cepl ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Bash Script for Beginners! oh dear :'(
On Tue, Dec 23, 2008 at 4:34 PM, Matej Cepl mc...@redhat.com wrote:
On 2008-12-23, 12:15 GMT, James Bensley wrote:
find . -exec grep -q $1 '{}' \; -print ./found_files
I think you can have only one action (either -exec or -print),
but not sure about it. Anyway, my first instinct when things are
getting to be more complicated is to use while cycle, like this:
find . |while read FILE ; do
if grep $FILE '{}' /dev/null 21 ; then
echo $FILE ./found_files
fi
done
I don't think the '{}' construct for 'find' will work on the other
side of a pipe
mhr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
Kai Schaetzl wrote: There are one or two people that provide repos with 5.2.x, just google. please consider using the php from c5-testing, so it can make it into the main repo's and thereby be a lot easier for everyone. -- Karanbir Singh : http://www.karan.org/ : 2522...@icq ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] network interface
use ifup eth0:2 On Wednesday 24 December 2008 02:59, Barry Brimer wrote: Hi all How can I bring up eth0:2 only ifconfig eth0:2 up is not working I have to use service network restart But it restarts all network interfaces that I don't want I believe you have to have eth0 up for that to work. You can add ONPARENT=no to the other virtual interfaces to keep them from starting on a service network restart. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Regards, Gopinath M Network Admin Signal Networks Pvt. Ltd. Bangalore - 01 Smile it increases your face value ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)
I am running the c5-testing RPM of PHP 5.2.6 on CentOS 5.2 x86_64. This has Zend Framework 1.7 on top (and PostgreSQL 8.3 underneath). All works fine. On Wed, Dec 24, 2008 at 04:04:45AM +, Karanbir Singh wrote: Kai Schaetzl wrote: There are one or two people that provide repos with 5.2.x, just google. please consider using the php from c5-testing, so it can make it into the main repo's and thereby be a lot easier for everyone. -- Karanbir Singh : http://www.karan.org/ : 2522...@icq ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Joyeux Noel
Merry Christmas everyone. Ian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
