Re: [CentOS-docs] Anaconda Slides Translations
Alain Reguera Delgado wrote: I tried to cover each section but don't know if they are correct at all and if I missed something. I propose you to share this work with those people before take a decision, grab opinions, things that are missing, and anything else that avoid using the theme. That would give us an idea about the version it could be used in. What do you think ? Okay, let us go for it. Do you think you could build an updated redhat artwork package? Do you need help with that? I'm trying to gather the translators later on today, so that we get updated slides. I would like to have a finished artwork on January 29th (a week from now), so there should be enough time to build an updated package and to get the correct slides. As for the slides: I (personally) want to go with slide set 2. Anyone else up for helping (especially with the redhat-artwork rpm?) Cheers, Ralph pgpZ6kFX4Gocq.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slides Translations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ralph Angenendt wrote: Alain Reguera Delgado wrote: ... What do you think ? Okay, let us go for it. Do you think you could build an updated redhat artwork package? Do you need help with that? Yes please, I really would like to do it ... How I build the redhat-artwork rpm package ? Is there some guide to do it ? what I should know ? which is the version we'll render images for ? Best Regards, - -- Alain Reguera Delgado a...@ciget.cienfuegos.cu -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFJeIRgyXxCQEoXDZARAgwMAKCoBp7XFZM5YIeZqBCTZHX9zaUdRwCggKvP qr9ABqZ7agox+6V/TqkNnMI= =5Q4C -END PGP SIGNATURE- ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slides Translations
Alain Reguera Delgado wrote: Ralph Angenendt wrote: Alain Reguera Delgado wrote: ... What do you think ? Okay, let us go for it. Do you think you could build an updated redhat artwork package? Do you need help with that? Yes please, I really would like to do it ... How I build the redhat-artwork rpm package ? Is there some guide to do it ? what I should know ? Let me take a look at that package later today, as I'm not really too sure either if there is other stuff which has to be touched. which is the version we'll render images for ? 5.3? Or what do you mean by version? Cheers, Ralph pgpcCHQIhxM0m.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slides Translations
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Ralph Angenendt wrote: Alain Reguera Delgado wrote: ... which is the version we'll render images for ? 5.3? Or what do you mean by version? Yes that's it. Some images have the word CentOS-VERSION. Do we use just CentOS-5 or CentOS-5.3 in them ? Best Regards, - -- Alain Reguera Delgado a...@ciget.cienfuegos.cu -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFJeI4lyXxCQEoXDZARAtyVAKC4H5dpA632ni6tSw7/2OHNefMsSQCfTIW1 8vOa7InHkHvCq7F+nvAkPeE= =7JeH -END PGP SIGNATURE- ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slides Translations
On Thu, Jan 22, 2009 at 7:51 AM, Ralph Angenendt ra+cen...@br-online.de wrote: It still tries to look for files under /home/al/Desktop/CentOS Can we correct that somehow? Oh, and the colors are *way* off after I rendered. See here: http://oerks.de/~ralph/broken.png - is that because of the broken image path? Yes, that's similar to what I got -- until I supplied the required /home/al thing. The background image is missing. Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slides Translations
Alain Reguera Delgado wrote: The paths are still wrong in the svg files, that has to be fixed also - except if you are able to render *all* files with the correct char sets. It still tries to look for files under /home/al/Desktop/CentOS Can we correct that somehow? Yes. I'll try to fix that before anything else. That would be really nice :) Oh, and the colors are *way* off after I rendered. See here: http://oerks.de/~ralph/broken.png - is that because of the broken image path? I think so. That should be the background image path that is broken. Good. Do I see it correctly that I only need to edit the stuff under Slides-1 and it automatically renders that text into Slides-2 also? Yes that's it. Slides-2 images use the text translations in Slides-1 plus those in Slides-2 (after Slides-1's has been applied). Okay, that helps me giving a detailed description to the translators. Please ping me when you made those changes you mentioned in your last mail. I hope they all have inkscape installed :) Cheers, Ralph pgpeEhum5grWI.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slides Translations
On Wed, Jan 21, 2009 at 1:38 PM, Akemi Yagi amy...@gmail.com wrote: On Wed, Jan 21, 2009 at 9:23 AM, Akemi Yagi amy...@gmail.com wrote: There is some problem with slide 06, but otherwise everything else looks perfect. I will get back to the troubled slide later. After some trial and error sessions, I now know that the / on the TEXT line causes the rendering to fail (this is ja). Only slide 06 has them, which is why this one did not render. Is there any known workaround? Some way to escape? Akemi ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] Anaconda Slide Translation Guide
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi, Could we organize the anaconda slide translation guide in the page: https://projects.centos.org/trac/artwork/wiki/HowToTranslateSlides It already has some some headers. Best Regards, - -- Alain Reguera Delgado a...@ciget.cienfuegos.cu -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) Comment: Using GnuPG with CentOS - http://enigmail.mozdev.org iD8DBQFJeOVYyXxCQEoXDZARAsKVAKCYZ39yu/7ifd639FyNk+Lf/mTppwCgndGi lUEKM8SfL7gizsWob+0YXro= =wZEw -END PGP SIGNATURE- ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
[CentOS-docs] Contribute to Centos wiki
I'd like to edit the HowTo/EncryptedFilesystem page the note on how to create a valid keyfile. This is not a trivial action. Creating a plaintext file in vim does not qualify as a valid password. Instead, a valid keyfile is created by doing the following: echo -n password keyfile.key which explicitly creates the file with password on the first line with an explicit newline at the end of the file. This is because cryptsetup needs a newline at the end of the keyfile. Just using a text editor like vim does not create a valid keyfile that cryptsetup can equate with a key for an encrypted volume. This addition is (at least) worth six hours of my time, so hence may be worth about that much to anyone who may read this valuable addition. This limitation on cryptsetup and crypttab is not mentioned in the crypttab nor cryptsetup manuals at all. UserName is VaheOughourlian. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Anaconda Slide Translation Guide
Alain Reguera Delgado wrote: Hi, Could we organize the anaconda slide translation guide in the page: https://projects.centos.org/trac/artwork/wiki/HowToTranslateSlides It already has some some headers. Can you check that for errors, please? Cheers, Ralph pgp0jCmelqTr2.pgp Description: PGP signature ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-virt] Best virtualization setup for Centos 5.2
On 01/22/2009 09:31 AM, Kai Schaetzl wrote: Dennis J. wrote on Wed, 21 Jan 2009 20:00:24 +0100: Doing a hdparm -t on the host system consistently gives me a result of about 70MB/sec yet in a KVM guest I get results ranging from 40MB/sec to 125MB/sec on each run. The higher results after the first run are from caching. Xen will give you just a little bit less than the host. We are using only Xen and are happy with it. If you want to use CentOS on CentOS, there's nothing that beats Xen. Absolutely stable, reliable and good performance. same results here. 5.2 guest on 5.2 rocks. I have half a dozen installations (as in physical machines), one of them including several oracle instances as VMs [*], and not a single issue. [*] no comment on oracle as VMs, please. it was not my decision. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] [GLPI #0000037] Zweirad Stadler | Neues Ticket - powernow error in Xen VM with new kernel
Anyone else getting these tickets from sysad...@zweirad-stadler.de quoting old messages to this list directly to his mailbox? Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] [GLPI #0000037] Zweirad Stadler | Neues Ticket - powernow error in Xen VM with new kernel
On Thu, Jan 22, 2009 at 3:55 PM, Phil Schaffner p.r.schaff...@ieee.orgwrote: On Thu, 2009-01-22 at 14:31 +0100, Kai Schaetzl wrote: Anyone else getting these tickets from sysad...@zweirad-stadler.de quoting old messages to this list directly to his mailbox? No. Haven't seen that particular spam technique before. Phil ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt Yes, I figured it was spam. Grant McWilliams Some people, when confronted with a problem, think I know, I'll use Windows. Now they have two problems. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-es] Problemas con SquidGuard
Estimado El propietario de las listas debe ser squid y no root. de ahi tu problema. saludos 2009/1/21 Fernando Rojas fernandoro...@eneut.org Gabriela Rodríguez escribió: Hola a todos, les cuento: Tengo un servidor centos 4 configurado como proxy y funciona muy bien el detalle es que le quiero poner el squidguard para bloquear paginas pornograficas pero no parece funcionar. A continuacion les explico lo que hice: 1. instale el squidguard via yum 2. edite el archivo squidguard.conf de acuerdo a mis directorios de blacklists y logs 3. cambie el propietario de las listas y el archivo de configuracion a root:root 4. Ejecute squidGuard -C archivodeconfiguracion.conf y creo las bd Berkeley (ok) 5. Despues agregue en el squid.conf la linea: redirect_program /usr/bin/squidGuard 6. Reinicie el servicio squid Despues probe acceder a una pagina porno de la lista negra y no me la bloquea :? entonces veo los logs del squidguard y dicen: 2007-11-13 01:19:59 [8833] init domainlist /var/lib/squidguard/blacklists/porn/domains 2007-11-13 01:19:59 [8833] loading dbfile /var/lib/squidguard/blacklists/porn/domains.db 2007-11-13 01:19:59 [8833] init urllist /var/lib/squidguard/blacklists/porn/urls 2007-11-13 01:19:59 [8833] loading dbfile /var/lib/squidguard/blacklists/porn/urls.db 2007-11-13 01:19:59 [8833] squidGuard 1.2.0 started (1194938399.402) 2007-11-13 01:19:59 [8833] squidGuard ready for requests (1194938399.408) En la documentacion dice que se puede hacer una prueba ejecutando: echo http://www.linuxparatodos.net 10.0.0.1/ http://10.0.0.1/ - - GET | squidGuard -c /etc/squid/squidguard.conf -d 2007-11-13 01:48:34 [8972] init domainlist /var/lib/squidguard/blacklists/porn/domains 2007-11-13 01:48:34 [8972] loading dbfile /var/lib/squidguard/blacklists/porn/domains.db 2007-11-13 01:48:34 [8972] init urllist /var/lib/squidguard/blacklists/porn/urls 2007-11-13 01:48:34 [8972] loading dbfile /var/lib/squidguard/blacklists/porn/urls.db 2007-11-13 01:48:34 [8972] squidGuard 1.2.0 started (1194940114.580) 2007-11-13 01:48:34 [8972] squidGuard ready for requests (1194940114.803) 2007-11-13 01:48:34 [8972] squidGuard stopped (1194940114.909) Lo cual (quiero entender) es correcto, sin embargo aun puedo entrar a los sitios de mi lista negra.. ¿Que estoy haciendo mal? ¿Que me falta?. Gracias de antemano por la ayuda que puedan ofrecerme. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ¿podrías enviar tu squid.conf? ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Suse sobre Centos
Alguno tiene algun truquito para poder instalar una maquina virtual con Suse de 32 bits, sobre un dom-0 con CentOS 5.2 de 64 bits. Lo que yo hice fue copiar a un ftp los cds de suse, y hacerle un createrepo, lo que me lo hizo bien, luego cuando fui a crear la maquina virtual, me dió error al final. Hay que hacerle alguna cosa especial?? gracias ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] dhcpd en centos 5.2
hola tengo instalado centos 5.2 en mi pc y por mas que he configurado el erchivo /etc/dhcpd.conf, no consigo que levante el servicio. me sale fallo cuando intento levantar el mismo, agradecere me puedan ayudar. _ News, entertainment and everything you care about at Live.com. Get it now! http://www.live.com/getstarted.aspx___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] dhcpd en centos 5.2
tail /var/log/messages -n 50... de seguro ahí aparece el problema. mensaje original- De: Jorge Zevallos Valdivia jorgeandr...@hotmail.com Para: centos-es@centos.org Fecha: Thu, 22 Jan 2009 09:11:18 -0500 - hola tengo instalado centos 5.2 en mi pc y por mas que he configurado el erchivo /etc/dhcpd.conf, no consigo que levante el servicio. me sale fallo cuando intento levantar el mismo, agradecere me puedan ayudar. _ News, entertainment and everything you care about at Live.com. Get it now! http://www.live.com/getstarted.aspx __ ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] problema con cifs y recurso compartido en red
Hola lista tengo hace ya un tiempo un problema con cifs al que no logro darle solución. El asunto es que administro una red que tiene tanto servidores linux como windozes. En ocasiones necesito hacer salvas o copiar actualizaciones antivirus etc desde lo servidores linux hacia carpetas compartidas en un servidor miembro w2k3. Hace un tiempo atras podia hacer esto con centos 4 perfectamente de la siguiente manera: mount -t cifs -o username=pepe,password=,ip=xx.xx.xx.xx //servidorwin/mirecursocompartido /mnt/salva luego de varias actualizaciones de centos 4 me dejo de funcionar esto dandome el siguiente error al intentar montar la carpeta compartida de windoze: mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) El anillo del kernel me muestra el siguiente error: dmesg |grep CIFS [ 2019.450723] CIFS VFS: Send error in SessSetup = -13 [ 2019.582591] CIFS VFS: cifs_mount failed w/return code = -13 verifique que esta instalado smbfs y que el modulo cifs esta cargado: lsmod |grep cifs cifs 242292 0 osea que no es problema de que el modulo no este cargado. Pensando que podia se un problema especifico de centos con cifs he probado lo mismo en ubuntu server 8.04 y continua la misma historia. Todo parece indicar que es un problema de cifs pero lo curioso es que antes no ocurria. He buscado en san google y encuentro el error comentado en algunos foros pero no encuentro la solucion.Cualquier ayuda /idea/informacion/solucion sobre este problema les estare agradecido. saludos. -- Roldan Linux User: #304024 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] problema con cifs y recurso compartido en red
Yo en CentOS 5.2 utilizo lo siguiente: /sbin/mount.cifs //192.168.2.2/fotos /nslu2/fotos/ -o user=mi_usuario,password=mi_contraseña,uid=500,gid=500 Espero te sirva. - Un Saludo Juan Garcia El jue, 22-01-2009 a las 10:25 -0500, Roldan Rodriguez escribió: Hola lista tengo hace ya un tiempo un problema con cifs al que no logro darle solución. El asunto es que administro una red que tiene tanto servidores linux como windozes. En ocasiones necesito hacer salvas o copiar actualizaciones antivirus etc desde lo servidores linux hacia carpetas compartidas en un servidor miembro w2k3. Hace un tiempo atras podia hacer esto con centos 4 perfectamente de la siguiente manera: mount -t cifs -o username=pepe,password=,ip=xx.xx.xx.xx //servidorwin/mirecursocompartido /mnt/salva luego de varias actualizaciones de centos 4 me dejo de funcionar esto dandome el siguiente error al intentar montar la carpeta compartida de windoze: mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) El anillo del kernel me muestra el siguiente error: dmesg |grep CIFS [ 2019.450723] CIFS VFS: Send error in SessSetup = -13 [ 2019.582591] CIFS VFS: cifs_mount failed w/return code = -13 verifique que esta instalado smbfs y que el modulo cifs esta cargado: lsmod |grep cifs cifs 242292 0 osea que no es problema de que el modulo no este cargado. Pensando que podia se un problema especifico de centos con cifs he probado lo mismo en ubuntu server 8.04 y continua la misma historia. Todo parece indicar que es un problema de cifs pero lo curioso es que antes no ocurria. He buscado en san google y encuentro el error comentado en algunos foros pero no encuentro la solucion.Cualquier ayuda /idea/informacion/solucion sobre este problema les estare agradecido. saludos. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] registro de ssh
Una consulta quisera saber que host se han conectado a mi pc, tengo entendido que se almacena en un log pero no se donde ni el nombre del registro haber si alguien me echa una mano necesito pork kreo q alguien estan entrando a mi host. Y una más. alguien sabe como borrar el historial de comando ingresados en la consola?? Gracias... ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] registro de ssh
borra .bash_history en tu directorio home. Para checar los ingresos no estoy seguro, pero prueba con cat /var/log/secure y busca entradas que tengan pam_unix(sshd:session) mensaje original- De: wilder deza sopo...@gammacargo.com Para: centos-es@centos.org Fecha: Thu, 22 Jan 2009 11:27:33 -0500 - Una consulta quisera saber que host se han conectado a mi pc, tengo entendido que se almacena en un log pero no se donde ni el nombre del registro haber si alguien me echa una mano necesito pork kreo q alguien estan entrando a mi host. Y una más. alguien sabe como borrar el historial de comando ingresados en la consola?? Gracias... ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] dhcpd en centos 5.2
Envía el archivo de configuración o en su defecto parte del archivo log donde aparece el error. /var/log/messages Saludos, Javier. _ De: centos-es-boun...@centos.org [mailto:centos-es-boun...@centos.org] En nombre de Jorge Zevallos Valdivia Enviado el: Jueves, 22 de Enero de 2009 09:11 a.m. Para: centos-es@centos.org Asunto: [CentOS-es] dhcpd en centos 5.2 hola tengo instalado centos 5.2 en mi pc y por mas que he configurado el erchivo /etc/dhcpd.conf, no consigo que levante el servicio. me sale fallo cuando intento levantar el mismo, agradecere me puedan ayudar. _ Get news, entertainment and everything you care about at Live.com. Check http://www.live.com/getstarted.aspx%20 it out! -- Este mensaje ha sido analizado por http://www.mailscanner.info/ MailScanner en busca de virus y otros contenidos peligrosos, y se considera que está limpio. MailScanner agradece a transtec Computers http://www.transtec.co.uk/ por su apoyo. -- Este mensaje ha sido analizado por MailScanner en busca de virus y otros contenidos peligrosos, y se considera que está limpio. For all your IT requirements visit: http://www.transtec.co.uk ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] registro de ssh
On Thu, Jan 22, 2009 at 10:27 AM, wilder deza sopo...@gammacargo.com wrote: Una consulta quisera saber que host se han conectado a mi pc, tengo entendido que se almacena en un log pero no se donde ni el nombre del registro haber si alguien me echa una mano necesito pork kreo q alguien estan entrando a mi host. Y una más. alguien sabe como borrar el historial de comando ingresados en la consola?? con el comando history -c lo borras Gracias... ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Video conferencia
Buen dia !! Estoy buscando informacion y quiero probar la video conferencia en mi centos aluna idea . Quiero implementa video conferencia para reuniones y cosas asi en un server especifico alguna idea sobre eso. gracias -- Atentamente : Hector Cuadros Prosopio . Movil :(511)995-412-884 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] tar.bz2 corrupto
Hola lista. Tengo un problema con un archivo tar.bz2 que esta corrupto, y necesito obtener información de este. Este tar.bz2 es una copia de seguridad de un home que se realizo hace unos pocos días. Hasta el momento estos son los pasos que he realizado. bzip2recover el cual me genero 10435 archivos bz2, si no estoy equivocado bz2 comprime en bloques de 900k por lo cual cada uno de esos archivoz bz2 debieran corresponder a 900k de mi archivo .tar cierto? bueno, luego de eso descomprimí, todos esos archivos bz2 lanzando la salida hacia un único tar. for i in $(seq 0 9); do bzip2 -dc rec0$i*.tar.bz2 home_recuperado.tar ; done for i in $(seq 0 2); do bzip2 -dc rec1$i*.tar.bz2 home_recuperado.tar ; done luego de quitar algunos bz2 que estaban malos, creo que fueron alrededor de 4 o 5 la operación se pudo finalizar sin problemas creando un archivo tar de 10G aprox. el problema es que ahora cuando intento extraer los archivos desde ese tar, este no funciona, me extrae unos cuantos archivos (ninguno necesario) y luego da error, copio algunas lineas: tar vxf home_recuperado.tar ... .. . cesar/.mozilla/firefox/q7e43hjp.default/compreg.dat cesar/.mozilla/firefox/q7e43hjp.default/urlclassifier3.sqlite tar: Skipping to next header tar: Archive contains obsolescent base-64 headers tar: Error exit delayed from previous errors he buscado en Internet pero no se como hacer para que me extraiga las carpetas que realmente me importan (Documents, Desktop) (Suerte que uso correo a través de imap.) Alguna idea? Saludos!! y gracias por su tiempo. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] problema con cifs y recurso compartido en red
gracias por su respuesta pero esa prueba tambien la hice y con mount.cifs me da el mismo error. estuve haciendo otras pruebas e intente montar una carpeta compartida en otro servidor windoze , esta vez un win2k server y en este caso si se monto ok... todo parece indicar que con quien no se entiende bien el cifs es con win2k3 server alguna idea de porque puede estar pasando esto.??? Solucions Informatiques JM SL escribió: Yo en CentOS 5.2 utilizo lo siguiente: /sbin/mount.cifs //192.168.2.2/fotos /nslu2/fotos/ -o user=mi_usuario,password=mi_contraseña,uid=500,gid=500 Espero te sirva. - Un Saludo Juan Garcia El jue, 22-01-2009 a las 10:25 -0500, Roldan Rodriguez escribió: Hola lista tengo hace ya un tiempo un problema con cifs al que no logro darle solución. El asunto es que administro una red que tiene tanto servidores linux como windozes. En ocasiones necesito hacer salvas o copiar actualizaciones antivirus etc desde lo servidores linux hacia carpetas compartidas en un servidor miembro w2k3. Hace un tiempo atras podia hacer esto con centos 4 perfectamente de la siguiente manera: mount -t cifs -o username=pepe,password=,ip=xx.xx.xx.xx //servidorwin/mirecursocompartido /mnt/salva luego de varias actualizaciones de centos 4 me dejo de funcionar esto dandome el siguiente error al intentar montar la carpeta compartida de windoze: mount error 13 = Permission denied Refer to the mount.cifs(8) manual page (e.g.man mount.cifs) El anillo del kernel me muestra el siguiente error: dmesg |grep CIFS [ 2019.450723] CIFS VFS: Send error in SessSetup = -13 [ 2019.582591] CIFS VFS: cifs_mount failed w/return code = -13 verifique que esta instalado smbfs y que el modulo cifs esta cargado: lsmod |grep cifs cifs 242292 0 osea que no es problema de que el modulo no este cargado. Pensando que podia se un problema especifico de centos con cifs he probado lo mismo en ubuntu server 8.04 y continua la misma historia. Todo parece indicar que es un problema de cifs pero lo curioso es que antes no ocurria. He buscado en san google y encuentro el error comentado en algunos foros pero no encuentro la solucion.Cualquier ayuda /idea/informacion/solucion sobre este problema les estare agradecido. saludos. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es -- Roldan Linux User: #304024 ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Suse sobre Centos
Carlos Moreira wrote: Alguno tiene algun truquito para poder instalar una maquina virtual con Suse de 32 bits, sobre un dom-0 con CentOS 5.2 de 64 bits. Lo que yo hice fue copiar a un ftp los cds de suse, y hacerle un createrepo, lo que me lo hizo bien, luego cuando fui a crear la maquina pero un createrepo al suse? instalarás usando HVM o paravirtualización? Supongo que será por HVM.. pero comentame más virtual, me dió error al final. Hay que hacerle alguna cosa especial?? ah y lo leíste y no me lo comentaste a mi! egoísta, dimelo, dime el error para que no te quedes sólo tú con el error ;-) saludos epe ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] registro de ssh
epe saludos -- bueno que siguieras este consejo para que no pases trabajo leyendo esto hilo de lo que estás hablando y a veces son cosas interesantes. Sería Willer, trata de no hacer top posting pues es un tanto molesto seguir el wilder deza wrote: Si gracias a todos ya tengo lo que buscaba chvr se pasaron Jorge García escribió: On Thu, Jan 22, 2009 at 10:27 AM, wilder deza sopo...@gammacargo.com wrote: Una consulta quisera saber que host se han conectado a mi pc, tengo entendido que se almacena en un log pero no se donde ni el nombre del registro haber si alguien me echa una mano necesito pork kreo q alguien estan entrando a mi host. Y una más. alguien sabe como borrar el historial de comando ingresados en la consola?? con el comando history -c lo borras Gracias... ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] tar.bz2 corrupto
César Sepúlveda wrote: Hola lista. Tengo un problema con un archivo tar.bz2 que esta corrupto, y necesito obtener información de este. Este tar.bz2 es una copia de seguridad de un home que se realizo hace unos pocos días. Te deseo suerte, trata de ver si por la lista de bzip2 te pueden ayudar más que esta que es un tanto más orientada en general a CentOS. Y a todos: es mejor tomar experiencia de este caso... los respaldos hay que verificarlos y no sólo tenerlos sino probar continuamente que ante una eventualidad se puede recuperar la información del servidor mediante simulaciones. saludos! epe ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] ¿cual es la diferencia entre mod_w orker y mod_prefork en httpd?
Contraté un vps con 256 mb y ando con problemas de optimización de uso de ram para que me ajuste, pero no me queda claro la diferencia para saber el efecto de cada uno de ellos? ¿podrían de favor explicarmelo un poco más sencillo que en [http://httpd.apache.org/docs/2.2/mod/mpm_common.html#startservers? - ../../../../redirect.php?go=http%3A%2F%2Fhttpd.apache.org%2Fdocs%2F2.2%2Fmod%2Fmpm_common.html%23startservers%3F] Gracias anticipadas. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] intranet
Pregunta tengo servidor de correo web y proxy cada uno en distinta makina. aora podria ser que esete ebox yo lo enlace con los servidores que tengo o necesariamente tendria q cambiar todo y hacer un solo servidor con los servicios que me ofrece el ebox. Solucions Informatiques JM SL escribió: ¿Conoces eBox? http://ebox-platform.com/ ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] tar.bz2 corrupto
On Thursday 22 January 2009 16:13:48 Ing. Ernesto Pérez Estévez wrote: César Sepúlveda wrote: Hola lista. Tengo un problema con un archivo tar.bz2 que esta corrupto, y necesito obtener información de este. Este tar.bz2 es una copia de seguridad de un home que se realizo hace unos pocos días. Te deseo suerte, trata de ver si por la lista de bzip2 te pueden ayudar más que esta que es un tanto más orientada en general a CentOS. Y a todos: es mejor tomar experiencia de este caso... los respaldos hay que verificarlos y no sólo tenerlos sino probar continuamente que ante una eventualidad se puede recuperar la información del servidor mediante simulaciones. saludos! epe Finalmente pude desempaquetar el tar con cpio cpio -F home_recuperado.tar -i -v Hasta el momento, no veo que me falte algún archivo de importancia :D -- Atte. César Sepúlveda B. ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] Suse sobre Centos
Ing. Ernesto Pérez Estévez escribió: Carlos Moreira wrote: Alguno tiene algun truquito para poder instalar una maquina virtual con Suse de 32 bits, sobre un dom-0 con CentOS 5.2 de 64 bits. Lo que yo hice fue copiar a un ftp los cds de suse, y hacerle un createrepo, lo que me lo hizo bien, luego cuando fui a crear la maquina pero un createrepo al suse? instalarás usando HVM o paravirtualización? Supongo que será por HVM.. pero comentame más virtual, me dió error al final. Hay que hacerle alguna cosa especial?? ah y lo leíste y no me lo comentaste a mi! egoísta, dimelo, dime el error para que no te quedes sólo tú con el error ;-) saludos epe ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es No recuerdo bien el mensaje de error, pero ahora que lo decis, si los respositorios de Suse no se crean con createrepo, tiene que venir por ahi la mano, porque era al momento de ir a consultar la direccion ftp que me daba el error. Cual es el comando que tengo que hacer sobre un centos, para crear un repositorio ftp de suse?? ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
[CentOS-es] Problemas con SquidGuard
*Adjunto les envio el archivo de configuracion de squid..gracias de antemano * Hola a todos, les cuento: Tengo un servidor centos 4 configurado como proxy y funciona muy bien el detalle es que le quiero poner el squidguard para bloquear paginas pornograficas pero no parece funcionar. A continuacion les explico lo que hice: 1. instale el squidguard via yum 2. edite el archivo squidguard.conf de acuerdo a mis directorios de blacklists y logs 3. cambie el propietario de las listas y el archivo de configuracion a root:root 4. Ejecute squidGuard -C archivodeconfiguracion.conf y creo las bd Berkeley (ok) 5. Despues agregue en el squid.conf la linea: redirect_program /usr/bin/squidGuard 6. Reinicie el servicio squid Despues probe acceder a una pagina porno de la lista negra y no me la bloquea :? entonces veo los logs del squidguard y dicen: 2007-11-13 01:19:59 [8833] init domainlist /var/lib/squidguard/blacklists/porn/domains 2007-11-13 01:19:59 [8833] loading dbfile /var/lib/squidguard/blacklists/porn/domains.db 2007-11-13 01:19:59 [8833] init urllist /var/lib/squidguard/blacklists/porn/urls 2007-11-13 01:19:59 [8833] loading dbfile /var/lib/squidguard/blacklists/porn/urls.db 2007-11-13 01:19:59 [8833] squidGuard 1.2.0 started (1194938399.402) 2007-11-13 01:19:59 [8833] squidGuard ready for requests (1194938399.408) En la documentacion dice que se puede hacer una prueba ejecutando: echo http://www.linuxparatodos.net 10.0.0.1/ - - GET | squidGuard -c /etc/squid/squidguard.conf -d 2007-11-13 01:48:34 [8972] init domainlist /var/lib/squidguard/blacklists/porn/domains 2007-11-13 01:48:34 [8972] loading dbfile /var/lib/squidguard/blacklists/porn/domains.db 2007-11-13 01:48:34 [8972] init urllist /var/lib/squidguard/blacklists/porn/urls 2007-11-13 01:48:34 [8972] loading dbfile /var/lib/squidguard/blacklists/porn/urls.db 2007-11-13 01:48:34 [8972] squidGuard 1.2.0 started (1194940114.580) 2007-11-13 01:48:34 [8972] squidGuard ready for requests (1194940114.803) 2007-11-13 01:48:34 [8972] squidGuard stopped (1194940114.909) Lo cual (quiero entender) es correcto, sin embargo aun puedo entrar a los sitios de mi lista negra.. ¿Que estoy haciendo mal? ¿Que me falta?. Gracias de antemano por la ayuda que puedan ofrecerme. squidmod.conf Description: Binary data ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] ¿cual es la diferencia entre mod_w orker y mod_prefork en httpd?
buen punto. Voy a considerarlo. Mientras tanto, al menos como cultura general y en tanto reviso este otro server ¿alguna luz de la diferencia entre worker y prefork? ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS-es] ¿cual es la diferencia entre mod_w orker y mod_prefork en httpd?
Mientras tanto, al menos como cultura general y en tanto reviso este otro server ¿alguna luz de la diferencia entre worker y prefork? Under most platforms only MPM is available, under Unix there are two options, prefork and worker. The prefork MPM forks off a number of identical Apache processes, while the worker creates multiple threads. In general, prefork is better on systems with one or two processors where the operating systems is better geared toward time slicing between multiple processes. On a system with a higher number of CPUs the threading model will probably be more effective. tomado de http://www.serverwatch.com/tutorials/article.php/3436911 y se recomienda evitar trabajar php en apache en servidores de produccion con el modelo worker (threaded) http://us.php.net/manual/en/faq.installation.php#faq.installation.apache2 ambos enlaces encontrados gracias a una pagina web donde puedes hacer busquedas y te aparecen cantidad de resultados: www.google.com :P Saludos Osvaldo pd. la explicacion esta en ingles, y la lista es en castellano, pero a mi favor tengo que las palabras a definir estaban en ingles tambien :) ___ CentOS-es mailing list CentOS-es@centos.org http://lists.centos.org/mailman/listinfo/centos-es
Re: [CentOS] Issues with Ldap client on Centos 5
Hello, On Thu, Jan 22, 2009 at 01:41, ankush grover ankushcen...@gmail.com wrote: We are running some of the Centos 5 32 bit, 5.2 64-bit systems. These systems are ldap clients and the ldap server is Windows 2003 Server. How exactly? Are you using nss_ldap to get user ids from AD? Are you authenticating to AD using LDAP? What are the lines that contain ldap in your /etc/nsswitch.conf? What are the lines that contain pam_ldap.so in your /etc/pam.d/system-auth and the other files in that directory? Sometimes 1 or 2 services on these servers sucks 100% cpu and the load becomes high on the server. Only Apache or other daemons as well? Below is an example where one the httpd process was eating 100% cpu and we took dump of this process Do you have any LDAP authentication configured in Apache? Or any other kind of authentication (PAM? System?) that might end up being served by LDAP? Do you have an application, such as a PHP application that would run inside an Apache process, that might be using LDAP? #0 0x2ad1849cd997 in ldap_chase_v3referrals () from /usr/lib64/libldap-2.3.so.0 Looks like it's getting in a loop of referrals, but it's hard to tell for sure from one backtrace only. You could try to get several backtraces and see if it's all the time in that same function, that might indicate a loop. Can you get a log of queries that the LDAP server is receiving (if it is receiving LDAP queries at all while your process is in that loop)? Can you use tcpdump to determine if you get a lot of LDAP traffic and if the traffic stops when you kill the process? Can you see what that Apache process was serving at that time, using /server-status or something like it? That might give you a clue of why the problem appeared. /etc/ldap.conf file: [...] timelimit 0 sizelimit 0 Did you try to increase those? There are 2 bugs listed on the redhat site but no solution for this problem has been provided. https://bugzilla.redhat.com/show_bug.cgi?id=222667 https://bugzilla.redhat.com/show_bug.cgi?id=474181 These do not seem related to your problem, as they report processes that hang in a deadlock, which is not your case. If that would have been your case, the process would be using 0% CPU instead of 100% CPU. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Am 22.01.2009 02:19, schrieb Amos Shapira: 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. http://www.f-prot.com/products/corporate_users/unix/ has some Linux AV products. Rainer ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
Warren Young wrote: James A. Peltier wrote: CentOS 5 requires 512MB for installation I had an EL5 install attempt fail on a VM with 512 MB of RAM. Big ugly anaconda Python stack dump type error. Upped the RAM for the VM, and it installed. You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). Cheers, Ralph pgpcHUeGImx6Q.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Adam Tauno Williams wrote: 1. Has anyone here gone though such a procedure and got good arguments against the need for anti-virus? There is no good argument against running malware detection on any sever. 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. CLAMAV works well. What do you do with clamav on a linux server? Especially: How is it run by you? What do you think it protects you against on a linux server? Curious, Ralph pgpN4uJnaN7di.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
On 1/22/09, Ralph Angenendt ra+cen...@br-online.de wrote: Warren Young wrote: James A. Peltier wrote: CentOS 5 requires 512MB for installation I had an EL5 install attempt fail on a VM with 512 MB of RAM. Big ugly anaconda Python stack dump type error. Upped the RAM for the VM, and it installed. You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). Cheers, Ralph I have CentOS5 on a dell d400 latitude with 700MHz p3 and 256MB RAM.I installed using graphical installer and http for packages. Anaconda switches on swap real early but it all works. Switching out the hd for an ssd was a huge boost in performance and battery time. mike ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thursday 22 January 2009 09:35:11 Ralph Angenendt wrote: What do you do with clamav on a linux server? Especially: How is it run by you? What do you think it protects you against on a linux server? 1 - it protects you against passing on any windows viruses to windows users 2 - it satisfied those auditors who can't think beyond what they have been told, especially if you have log proof. Logwatch's daily report: - clam-update Begin Last ClamAV update process started at Wed Jan 21 04:02:23 2009 Last Status: main.cvd is up to date (version: 49, sigs: 437972, f-level: 35, builder: sven) daily.cld is up to date (version: 8881, sigs: 56877, f-level: 38, builder: ccordes) -- clam-update End - - Clamav Begin **Unmatched Entries** Database correctly reloaded (936952 signatures) -- Clamav End - That should satisfy and auditor. Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
On Wed, Jan 21, 2009 at 6:06 PM, Mike -- EMAIL IGNORED m_d_berger_1...@yahoo.com wrote: I have an old 400mHz Dell with a 20G hard drive and 125M ram. Can I install and run CentOS on it? Depends on what you want to use it for. I have successfully run CentOS on PIIIs with as little as 256MB of memory, but with limited functionality enabled, usually as a firewall, SAMBA server and/or web server. In all cases I took care during installation to install as little software as possible, disable all unnecessary daemons and use only the command line. Brett ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Anne Wilson wrote: On Thursday 22 January 2009 09:35:11 Ralph Angenendt wrote: What do you do with clamav on a linux server? Especially: How is it run by you? What do you think it protects you against on a linux server? 1 - it protects you against passing on any windows viruses to windows users Yes, but how is it run? Hourly via cron? On which files? What does it protect against? Mind you, I'm not talking about workstations, but about servers. Ralph pgpotwFz9gh2d.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] help with udev rules needed
rra...@comcast.net wrote:
On Wed, 21 Jan 2009, Farkas Levente wrote:
rra...@comcast.net wrote:
On Wed, 21 Jan 2009, Farkas Levente wrote:
rra...@comcast.net wrote:
I am migrating from Fedora 8 to CentOS 5.2
I have usb dvd
On F8 I have /etc/udev/rules/00-my-custom.rules
BUS==scsi, SYSFS{vendor}==TSSTcorp, SYSFS{model}==CDDVDW SH-S203N
,SYMLINK=dvd,OWNER=rray
When I plug in dvd I get
$ ll /dev/scd1
lrwxrwxrwx 1 root root 3 Aug 25 08:17 /dev/scd1 - sr1
ll /dev/sr1
brw-r- 1 rray disk 11, 1 2009-01-21 12:29 /dev/sr1
Everything is ok
On C5.2 I have /etc/udev/rules/00-my-custom.rules
BUS==scsi, SYSFS{vendor}==TSSTcorp, SYSFS{model}==CDDVDW SH-S203N
,SYMLINK=dvd,OWNER=rray
When I plug in dvd I get
# ll /dev/scd0
brw-rw 1 root disk 11, 0 Jan 21 12:30 /dev/scd0
I have also tried MODE=0666 and it also has no affect
I have checked udevinfo -a -p $(udevinfo -q path -n /dev/scd0/1) on both
machines and they are the same
what's the problem?
the above rule has nothing to do with sdcX it's just create dvd symlink,
the device itself created by system udev rules.
On C5.2 the device has root:disk ownership and 660 perms
The OWNER=rray part of the udev rule appears to be ignored
How can I change the owner to rray or perms to 0666
_which_ device? scd1 or dvd!!!?
your rule is about dvd it has nothing to with scd1!
I believe I am very confused
Please ignore everything above
If I wanted to write a udev rules such that when I plugged in my usb dvd
drive, the owner of the device file is rray what might that rule look
like given udevinfo tells me these characteristics describe my dvd drive
BUS==scsi, SYSFS{vendor}==TSSTcorp, SYSFS{model}==CDDVDW SH-S203N
ACTION=add, NAME=dvd, OPTION=last_rule
or something like that
--
Levente Si vis pacem para bellum!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thu, 2009-01-22 at 12:16 +, Anne Wilson wrote: On Thursday 22 January 2009 09:35:11 Ralph Angenendt wrote: What do you do with clamav on a linux server? Especially: How is it run by you? What do you think it protects you against on a linux server? 1 - it protects you against passing on any windows viruses to windows users 2 - it satisfied those auditors who can't think beyond what they have been told, especially if you have log proof. Logwatch's daily report: - clam-update Begin Last ClamAV update process started at Wed Jan 21 04:02:23 2009 Last Status: main.cvd is up to date (version: 49, sigs: 437972, f-level: 35, builder: sven) daily.cld is up to date (version: 8881, sigs: 56877, f-level: 38, builder: ccordes) -- clam-update End - - Clamav Begin **Unmatched Entries** Database correctly reloaded (936952 signatures) -- Clamav End - That should satisfy and auditor. the above suggests that clamav signature files were updated and the database reloaded but nowhere does it suggest that any scanning of the file system occurred nor the output of such scanning which probably never occurred. What you have demonstrated is a gymnastic exercise which accomplishes little. clamd might be able to do something useful but it is not indicated above. Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
Ralph Angenendt wrote on Thu, 22 Jan 2009 10:31:20 +0100: You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). in graphics mode. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
I install many Xen domU systems with 256MB running CentOS 5.x. If you use text base installer, you should have no issues. On Thu, Jan 22, 2009 at 12:56 PM, Michael Simpson mikie.simp...@gmail.com wrote: On 1/22/09, Ralph Angenendt ra+cen...@br-online.de wrote: Warren Young wrote: James A. Peltier wrote: CentOS 5 requires 512MB for installation I had an EL5 install attempt fail on a VM with 512 MB of RAM. Big ugly anaconda Python stack dump type error. Upped the RAM for the VM, and it installed. You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). Cheers, Ralph I have CentOS5 on a dell d400 latitude with 700MHz p3 and 256MB RAM.I installed using graphical installer and http for packages. Anaconda switches on swap real early but it all works. Switching out the hd for an ssd was a huge boost in performance and battery time. mike ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thursday 22 January 2009 12:46:46 Craig White wrote: On Thu, 2009-01-22 at 12:16 +, Anne Wilson wrote: On Thursday 22 January 2009 09:35:11 Ralph Angenendt wrote: What do you do with clamav on a linux server? Especially: How is it run by you? What do you think it protects you against on a linux server? 1 - it protects you against passing on any windows viruses to windows users 2 - it satisfied those auditors who can't think beyond what they have been told, especially if you have log proof. Logwatch's daily report: - clam-update Begin Last ClamAV update process started at Wed Jan 21 04:02:23 2009 Last Status: main.cvd is up to date (version: 49, sigs: 437972, f-level: 35, builder: sven) daily.cld is up to date (version: 8881, sigs: 56877, f-level: 38, builder: ccordes) -- clam-update End - - Clamav Begin **Unmatched Entries** Database correctly reloaded (936952 signatures) -- Clamav End - That should satisfy and auditor. the above suggests that clamav signature files were updated and the database reloaded but nowhere does it suggest that any scanning of the file system occurred nor the output of such scanning which probably never occurred. What you have demonstrated is a gymnastic exercise which accomplishes little. clamd might be able to do something useful but it is not indicated above. True. As I have no windows boxes on the LAN I only run it manually, and it wasn't done on the day that that reported. The one area that I am vulnerable to is email-borne viruses, and since I am not serving those to windows boxes it is only out of curiosity that I need clamav. I'm sure there are plenty of people that can give Ralph detailed information about using it efficiently. I was merely demonstrating how easy it is to show that you keep the database up to date. You are quite right,of course, they will want to see evidence that it is scanning as well. Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Anne Wilson wrote: I'm sure there are plenty of people that can give Ralph detailed information about using it efficiently. Sorry, I do not want to know how to use clamav efficiently, I am just wondering what good clamav will do on a server, as there aren't really any hooks into file writing or reading. Sure, I can hook up clamav into my email stream or into my proxy on that machine for filtering out requests to people who use windows boxes behind those. But I do not understand which sense clamav makes on a linux server, if there are no hooks into the kernel (I know about dazuko, but a) we don't ship it and b) last time I looked at it I couldn't get it to run properly without a *huge* speed penalty). As far as I know there is no AntiVirus solution for Linux which works the same as all the solutions under Windows do. And if you do not have real time scanning on a server/workstation, an anti virus scanner doesn't do you any good, as the time frame for attacks is just too large. Either you get it on the first shot or you can just forget about it. So again: If you want to be PCI-DSS compliant - what's the use of clamav? Ralph pgpVhme9RlXAD.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thu, Jan 22, 2009 at 8:15 AM, Ralph Angenendt ra+cen...@br-online.dera%2bcen...@br-online.de wrote: Anne Wilson wrote: I'm sure there are plenty of people that can give Ralph detailed information about using it efficiently. Sorry, I do not want to know how to use clamav efficiently, I am just wondering what good clamav will do on a server, as there aren't really any hooks into file writing or reading. Sure, I can hook up clamav into my email stream or into my proxy on that machine for filtering out requests to people who use windows boxes behind those. But I do not understand which sense clamav makes on a linux server, if there are no hooks into the kernel (I know about dazuko, but a) we don't ship it and b) last time I looked at it I couldn't get it to run properly without a *huge* speed penalty). As far as I know there is no AntiVirus solution for Linux which works the same as all the solutions under Windows do. And if you do not have real time scanning on a server/workstation, an anti virus scanner doesn't do you any good, as the time frame for attacks is just too large. Either you get it on the first shot or you can just forget about it. So again: If you want to be PCI-DSS compliant - what's the use of clamav? Ralph Check out BitDefender http://www.bitdefender.com -matt http://www.sysadminvalley.com http://www.beantownhost.com http://www.linkedin.com/in/mattboston ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thu, 2009-01-22 at 14:15 +0100, Ralph Angenendt wrote: Anne Wilson wrote: I'm sure there are plenty of people that can give Ralph detailed information about using it efficiently. Sorry, I do not want to know how to use clamav efficiently, I am just wondering what good clamav will do on a server, as there aren't really any hooks into file writing or reading. Sure, I can hook up clamav into my email stream or into my proxy on that machine for filtering out requests to people who use windows boxes behind those. But I do not understand which sense clamav makes on a linux server, if there are no hooks into the kernel (I know about dazuko, but a) we don't ship it and b) last time I looked at it I couldn't get it to run properly without a *huge* speed penalty). As far as I know there is no AntiVirus solution for Linux which works the same as all the solutions under Windows do. And if you do not have real time scanning on a server/workstation, an anti virus scanner doesn't do you any good, as the time frame for attacks is just too large. Either you get it on the first shot or you can just forget about it. So again: If you want to be PCI-DSS compliant - what's the use of clamav? re: the last question, I simply don't know. I do know that I have an 'unsupported' version of Symantec Anti-Virus for Linux which came with their 'End Point Protection' package which I gather is a 'real-time' package but I am not interested in finding out what that would do to performance of the system. I also know that samba has a 'vfs' option for using clamd on your samba/Windows file server. Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
I use AVG, they have a nice and clean Real Time Scanning piece of software for Linux see http://www.grisoft.com for general info http://www.avg.com/download-7?prd=avl to download for the different flavors of Linux I use it on my Linux boxes as well as all of my Windows Clients and Servers as well, bang for buck its one of the best out and much better than that crappy Symantic brand AV john plemons ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Matt Shields wrote: On Thu, Jan 22, 2009 at 8:15 AM, Ralph Angenendt ra+cen...@br-online.dera%2bcen...@br-online.de As far as I know there is no AntiVirus solution for Linux which works the same as all the solutions under Windows do. And if you do not have real time scanning on a server/workstation, an anti virus scanner doesn't do you any good, as the time frame for attacks is just too large. Either you get it on the first shot or you can just forget about it. Check out BitDefender http://www.bitdefender.com Bitdefender for Samba which only scans stuff on network shares and Bitdefender for Mail Servers which does the same clamav and amavisd/exiscan/whatever can do. No security products which protect servers itself, just hooks into the windows world. Supports the point I tried to make :) Ralph pgpcr4xvOZOfz.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
John Plemons wrote: I use AVG, they have a nice and clean Real Time Scanning piece of software for Linux Oh. So maybe dazuko now isn't a resource hog anymore? Thanks, that is the first time I've heard about a component like that. Cheers, Ralph pgpZ9MNNThjn6.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] disable rquotad and pop
Hi all, I am trying to find out how to disable rquotad and pop (port 443) for rquotad /etc/sysconfig/nfs has it quoted out but yet it is running? How do I disable it? also what about pop? Jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OT: Infrastructure Documenting
We are moving all our (limited and badly organized) documentation to a wiki. Anyone got any examples/pointers to a hierarchy that made logical sense? We are hoping to move everything from topology to application specific notes in to the wiki. Given the size of this task, I only want to do this once:) Thanks for any reco's! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Yes, I know, it's really really embarrassing to have to ask but I'm being pushed to the wall with PCI DSS Compliance procedure (http://en.wikipedia.org/wiki/PCI_DSS) and have to either justify why we don't need to install an anti-virus or find an anti-virus to run on our CentOS 5 servers. Whatever I do - it needs to be convincing enough to make the PCI compliance guy tick the box. So: 1. Has anyone here gone though such a procedure and got good arguments against the need for anti-virus? We are going through the same thing. The initial rollout was planned for only PCI critical systems, but has been expanded to SOX and business-critical servers. Given the extreme rarity of Unix/Linux related viruses, we did question why we needed to run an AV solution at all. However, we do have shares that are accessible via Windows and Mac users, so these were targeted. Per our compliance officer, though a rigid interpretation of the PCI documentation might not require full scans of every server, or even scanning every server, we would go beyond the spec. Thus, at some point we're expecting that all servers will require some sort of AV product. 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. The AV solution we were told to use was Sophos AV. Our environment is primarily AIX with a few Linux systems. Though the Linux systems had (mostly) equivalent features to the Windows product, the AIX solution was essentially a command line driven scan similar to ClamAV. Now, SophosAV on Linux requires some kernel hooks for the on-access scan. If Sophos-compiled binaries are not available for your kernel then you'd need to build them on the machine. I.e., you'd require GCC and the kernel-dev packages. Per our security requirements (not PCI specific), we do not have compilers and dev libraries on anything but development servers. Sophos also did not have an SLA as to when new binaries would be released after a new kernel. Which leads to an interesting conundrum. The Sophos product cannot do on-demand scanning without a dev environment (and compiling elsewhere was not a documented process from Sophos). So we were left with the command line, cron driven scanner. Given that the files we would target were often temporary (e.g., uploaded documents, files to be pushed into a doc manager), it made little sense to scan daily. Instead, you'd need to script processes to watch directories and holding areas. The rest of the problems were primarily with the AIX client. Anyhoo, the AV products don't put too much load on the system, depending on your scan requirements. They can do so though. E.g., if you scan compressed files, do on demand, scan across shares, etc.. The reviewed servers run both Internet-facing web applications and internal systems, mostly using proprietary protocol for internal communications. They are being administrated remotely via IPSec VPN (and possibly in the future also OpenVPN). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] disable rquotad and pop
Rick, For rquota this shows: ps ax | grep rquota 3140 ?Ss 0:00 rpc.rquotad 15025 ?Ss 0:00 rpc.rquotad 21509 ?Ss 0:00 rpc.rquotad 21590 pts/2S+ 0:00 grep rquota grep RQUOTA /etc/sysconfig/nfs #RQUOTAD=/usr/sbin/rpc.rquotad #RQUOTAD_PORT=875 #RPCRQUOTADOPTS= so how do I stop this service? Then for port 443, netstat -ap | grep 443 gave nothing, however netstat -ap | grep https tcp0 0 localhost:58597 localhost:https TIME_WAIT - tcp 0 0 *:https The port scan I was reading led me to believe it was pop... In actuality it was https. its reporting 5 security vulnerabilites for https? I'm not sure that those are? jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SquirrelMail Sending Under Wrong Username
CentOS team... as is already bug reported and marked solved... as we await the upstream repair for this. It was reported that this was happening on CentOS 5. You likely already know, but it also happens on CentOS 4. For those unaware. It seems that SquirrelMail has an issue which allows mail to be sent out from one user on the system and it uses the from address of another user on the system. Apparently, both users need to be logged into SM at the same time. My client reported that when he sent the affected message, he received a connection lost notice. He logged in again, stated that the email was in fact sent. The recipient of that email asked what was up with the odd from address. Looking at the headers from that message, they do in fact show adifferentusern...@thisparticularservername.com. This is about the most embarrassing thing that's ever happened with my servers. Obviously the affected user is not feeling very secure. It does invite the recipient to reply to the wrong address which could be bad on so many levels (imagine having a few local law firms hosted on the same server?). I view this as a horrid security issue. If maybe the CentOS team might be so kind as to push the SquirrelMail update to the front when it's ready, that would be greatly appreciated. John Hinton ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
None... clamav, amavis, etc... are used for protecting Windows boxes behind the Linux boxes. If you aren't running any Windows hosts on the FYI, clamav also detects linux based viruses. There are linux based viruses. Rkhunter is also good to run on a linux server as well. http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses Of course if you keep your passwords secure and up to date on patches you 'should' not get any viruses on a linux box. Nothing is certain though. Its very little effort to install clamav and rkhunter. Matt ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] disable rquotad and pop
Jerry Geis wrote on Thu, 22 Jan 2009 09:22:16 -0500: for rquotad /etc/sysconfig/nfs has it quoted out but yet it is running? How do I disable it? also what about pop? service name start/stop chkconfig name off to disable starting Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] disable rquotad and pop
Jerry Geis wrote on Thu, 22 Jan 2009 09:22:16 -0500: / for rquotad /etc/sysconfig/nfs has it quoted out but yet it is running? // How do I disable it? // // also what about pop? / service name start/stop chkconfig name off to disable starting Sure I familiar with those commands, problem is there is not rquota service... SO these dont help. I did do service nfs stop I changed /etc/sysconfig/nfs removed all RQUOTAD lines and added RQUOTAD=no service nfs start however I still have an rpc.rquotad running. AHHH... What am I missing? Thanks, Jerry ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
Ralph Angenendt wrote: Warren Young wrote: James A. Peltier wrote: CentOS 5 requires 512MB for installation I had an EL5 install attempt fail on a VM with 512 MB of RAM. Big ugly anaconda Python stack dump type error. Upped the RAM for the VM, and it installed. You need a combined(!) 768MB of RAM and Swap to successfully install That's certainly the problem, thanks. I don't use swap on VMs, for fairly obvious reasons. I guess I could use file-based swap, so it's easy to turn off and recover the space after the install finishes. My VMs really don't need more than 512 MB of RAM when running. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] disable rquotad and pop
Jerry Geis wrote on Thu, 22 Jan 2009 10:45:21 -0500: first, could you please *reply* and keep in the thread and not send new messages when you reply? Sure I familiar with those commands, problem is there is not rquota service... SO these dont help. Fine. Why didn't you say so in your original request? I did do service nfs stop Do a ps ax|grep rpc then ;-) The two rpc daemons don't get killed by a stop. You have to kill it manually. Kai -- Kai Schätzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] PHP 5.2 on Centos4
Bit of an emergency as I'm told this laptop has to leave here in 15 minutes, I've gone ahead and configured, made, installed PHP 5.2 but an httpd restart still only sees the old PHP 5.0.4, I think there's a fairly simple way to get it to find the 5.2 version I've just installed but can't think what. Any help gratefully received! thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Amos Shapira wrote: 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. I highly recommend Sophos antivirus: http://www.sophos.com/products/enterprise/endpoint/security-and-control/8.0/linux/ They seem to cost more than the competition but it's because they have a better product. Glad I don't have to deal with credit card numbers anymore the security around that stuff was a pain. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Rainer Traut wrote: Am 22.01.2009 02:19, schrieb Amos Shapira: 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. http://www.f-prot.com/products/corporate_users/unix/ has some Linux AV products. And just for completeness, Symantec has AV for Linux too... it is better there than on the Windows platform, but that doesn't say much. The advantage of Symantec is that it is a well-known brand, so in some cases it can be a easy option to push through red-tape bureaucrats. -- //Morten Torstensen //Email: mor...@mortent.org //IM: morten.torsten...@gmail.com I can't listen to that much Wagner. I start getting the urge to conquer Poland. -- Woody Allen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
But again you said it, Symantic is trash With my history of machine crashes caused by their I can do it better altitude, Run don't walk from Symantic John Plemons ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
Kai Schaetzl wrote: Ralph Angenendt wrote on Thu, 22 Jan 2009 10:31:20 +0100: You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). in graphics mode. And really it is a performance question as long as you have 256M of real memory, the rest swap. Since I always make my swap 2xRAM, I am always installing on a system with at least 768Mb combined. I do not like the DIsk Druid default of putting the swap drive into the LVM partition. I always redo the partitions so that swap is its own partition. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Adam Tauno Williams wrote: 1. Has anyone here gone though such a procedure and got good arguments against the need for anti-virus? There is no good argument against running malware detection on any sever. 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. CLAMAV works well. What do you do with clamav on a linux server? You scan the server for malware. There is nothing special about LINUX here. The whole don't run services as root business is just so much noise. It isn't about protecting the *server* it is about protecting the *data* which is accesses [hopefully] by services which are *not* root. It is about the data and the clients that connect to the server. I've seen CLAMAV find malware on web servers (maybe it isn't common... because no one is checking). Someone's crappy PHP code [is there any other kind?] allows malware to get injected into, and served, from the server. No root access anywhere, or required. It isn't about protecting the OS or the system, it is about protecting the data, the applications [from exploit], and the end-users [so the server isn't an attack vector]. Assuming none of the services on you server can be exploited is just wrong headed; and the exploiter does not need to own the server (aka have root) in order to do mischief. Access to your data is probably more valuable than whacking your server. The mantra LINUX doesn't suffer from malware is just bollocks. Lots of malware is served from LINUX servers. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*. What do you think it protects you against on a linux server? against a linux server? ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ext4 in 5.3
Peter Kjellstrom wrote: I disagree. On most raid-controllers we use XFS has a significant advantage over Ext3 when it comes to large sequential writes. Ext3 gets nowhere near the bare metal performance. So, in short, I think it will be interesting to see how Ext4 performs for this. Exactly. There are differences between file systems even when using very large files sequentially. I did benchmarks on various controllers and my experience was the same: the file system does matter. -- Florin Andrei http://florin.myip.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
On Jan 22, 2009, at 11:39 AM, Robert Moskowitz r...@htt-consult.com wrote: Kai Schaetzl wrote: Ralph Angenendt wrote on Thu, 22 Jan 2009 10:31:20 +0100: You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). in graphics mode. And really it is a performance question as long as you have 256M of real memory, the rest swap. Since I always make my swap 2xRAM, I am always installing on a system with at least 768Mb combined. I do not like the DIsk Druid default of putting the swap drive into the LVM partition. I always redo the partitions so that swap is its own partition. Why is that? Old school habit or is there a real benefit? Swap performance should be equally good whether it be raw disk, raw partition, LVM logical volume or even a flat file on today's kernels, but maybe there is something I am unaware of. -Ross ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 5.3 released
Craig White wrote: seriously though, found this little tidbit which seems important to note (under known issues)... http://www.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html/Release_Notes/sect-Release_Notes-Known_Issues.html When upgrading from an earlier version of Red Hat Enterprise Linux to 5.3, you may encounter the following error: Updating : mypackage ### [ 472/1655] rpmdb: unable to lock mutex: Invalid argument Wow, that's seriously messed up. I hate it when the software is setting up traps like that. Thanks for the notice. -- Florin Andrei http://florin.myip.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thu, Jan 22, 2009 at 12:01 PM, Adam Tauno Williams awill...@whitemice.org wrote: Adam Tauno Williams wrote: 1. Has anyone here gone though such a procedure and got good arguments against the need for anti-virus? There is no good argument against running malware detection on any sever. 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. CLAMAV works well. What do you do with clamav on a linux server? You scan the server for malware. There is nothing special about LINUX here. The whole don't run services as root business is just so much noise. It isn't about protecting the *server* it is about protecting the *data* which is accesses [hopefully] by services which are *not* root. It is about the data and the clients that connect to the server. I've seen CLAMAV find malware on web servers (maybe it isn't common... because no one is checking). Someone's crappy PHP code [is there any other kind?] allows malware to get injected into, and served, from the server. No root access anywhere, or required. It isn't about protecting the OS or the system, it is about protecting the data, the applications [from exploit], and the end-users [so the server isn't an attack vector]. Assuming none of the services on you server can be exploited is just wrong headed; and the exploiter does not need to own the server (aka have root) in order to do mischief. Access to your data is probably more valuable than whacking your server. The mantra LINUX doesn't suffer from malware is just bollocks. Lots of malware is served from LINUX servers. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*. I don't know about that last sentence.. I am not familiar enough with PCI/DSS to say it protects data or protects from lawsuits. Everything else I can agree with 100%. Linux/Mac/Solaris etc are all good vectors for serving malware because they are not routinely looked at for malware (because most Unix admins think it is something that affects them.) Most malware authors learned that while they may not be able to get 'root' all they really need is normal permissions for most things because they can still open up high ports to send/recieve spam or that most systems have data at o+rw for ease of use. Does this mean that every Linux machine should have a malware detector on it that runs and scans every file? No its a matter of risk management. If you are in a high risk environment, you should know why or why not it is not in place (having other strong security measures in place with constant vigilance can be good enough or for something else it might not be.). What do you think it protects you against on a linux server? against a linux server? ? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. The Merchant of Venice ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 5.3 released
Ralph Angenendt wrote: Tim Verhoeven wrote: But I'm wondering where we need to put it ? I was thinking in either the general CentOS FAQ or in the CentOS 5 FAQ ? Anyone can think of a better place ? I don't think people will find that when it's put in the FAQ, especially if work is being done on that page (like adding to it when the first build is through, adding to it when QA found out that another complete build has to be done, add to it when translators are done). But I'm not too sure on where to prominently put it either. Remove the Stay in touch at planet centos link and put a prominent link like Stay in touch with 5.3 development on there? Cheers, Ralph Can we get a page created - say something like, CentOS-5.3 Release Status, and then worry about where to link it from, or just add a link on the front page. Once a page is created we can start adding info, and we can link to it from IRC/MLs/Forums etc. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Infrastructure Documenting
Hierarchies are as diverse and personal as they come. What is more important is to have your site be searchable. To that end you might invest in adding search tags to each document. So that you have access to them all in a flat way as well as the hierarchy. --Glenn 2009/1/23 Joseph L. Casale jcas...@activenetwerx.com: We are moving all our (limited and badly organized) documentation to a wiki. Anyone got any examples/pointers to a hierarchy that made logical sense? We are hoping to move everything from topology to application specific notes in to the wiki. Given the size of this task, I only want to do this once:) Thanks for any reco's! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- See my blog at http://snap-happy3216.blogspot.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Amos Shapira amos.shap...@gmail.com wrote: Hi All, Yes, I know, it's really really embarrassing to have to ask but I'm being pushed to the wall with PCI DSS Compliance procedure (http://en.wikipedia.org/wiki/PCI_DSS) and have to either justify why we don't need to install an anti-virus or find an anti-virus to run on our CentOS 5 servers. Whatever I do - it needs to be convincing enough to make the PCI compliance guy tick the box. So: 1. Has anyone here gone though such a procedure and got good arguments against the need for anti-virus? 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. The reviewed servers run both Internet-facing web applications and internal systems, mostly using proprietary protocol for internal communications. They are being administrated remotely via IPSec VPN (and possibly in the future also OpenVPN). Thanks, --Amos After reading all of the other replies (including the ones that pointed out that the PCI DSS requirement had changed the terminology from virus to malware), why not claim you are meeting the requirement by doing something useful like running chkrootkit or rkhunter on a regular basis? That way you would be scanning the systems for the only malware known to actually pose a threat to a Linux box. It may be a low probability of infection (as others have pointed out) but should satisfy the auditor and hopefully will just be a low cost exercise in futility as long as reasonable security policies are followed. Cheers, Dave -- Politics, n. Strife of interests masquerading as a contest of principles. -- Ambrose Bierce ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
Ross Walker wrote: On Jan 22, 2009, at 11:39 AM, Robert Moskowitz r...@htt-consult.com wrote: Kai Schaetzl wrote: Ralph Angenendt wrote on Thu, 22 Jan 2009 10:31:20 +0100: You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). in graphics mode. And really it is a performance question as long as you have 256M of real memory, the rest swap. Since I always make my swap 2xRAM, I am always installing on a system with at least 768Mb combined. I do not like the DIsk Druid default of putting the swap drive into the LVM partition. I always redo the partitions so that swap is its own partition. Why is that? Old school habit or is there a real benefit? It just feels wrong in so many ways. Why is /boot its own partition and not swap? I suspend to swap, so swap has to be as accessible as /boot? Am I going to enlarge swap at some point using LVM tools? Or shrink it? Can you even do that with a swap partition in LVM? So what ARE the values of swap in LVM? One less partition, I would think if you are going duo boot. But if not, again, where is the beef? Swap performance should be equally good whether it be raw disk, raw partition, LVM logical volume or even a flat file on today's kernels, but maybe there is something I am unaware of. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thu, Jan 22, 2009 at 12:42 PM, David G. Miller d...@davenjudy.org wrote: Amos Shapira amos.shap...@gmail.com wrote: Hi All, Yes, I know, it's really really embarrassing to have to ask but I'm being pushed to the wall with PCI DSS Compliance procedure (http://en.wikipedia.org/wiki/PCI_DSS) and have to either justify why we don't need to install an anti-virus or find an anti-virus to run on our CentOS 5 servers. Whatever I do - it needs to be convincing enough to make the PCI compliance guy tick the box. So: 1. Has anyone here gone though such a procedure and got good arguments against the need for anti-virus? 2. Alternatively - what linux anti-virus (oh, the shame of typing this word combination :() do you use which doesn't affect our systems performance too much. The reviewed servers run both Internet-facing web applications and internal systems, mostly using proprietary protocol for internal communications. They are being administrated remotely via IPSec VPN (and possibly in the future also OpenVPN). Thanks, --Amos After reading all of the other replies (including the ones that pointed out that the PCI DSS requirement had changed the terminology from virus to malware), why not claim you are meeting the requirement by doing something useful like running chkrootkit or rkhunter on a regular basis? That way you would be scanning the systems for the only malware known to actually pose a threat to a Linux box. It may be a low probability of infection (as others have pointed out) but should satisfy the auditor and hopefully will just be a low cost exercise in futility as long as reasonable security policies are followed. Any tool will require the need to have a risk assessment against it. What is the liklihood of it finding malware? How much is updated and how does it compare to other tools. These will be questions that will need to be available for auditors to know you did your due-diligence on selecting a tool. -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. The Merchant of Venice ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT: Infrastructure Documenting
In a wiki, you are typically shooting for a flat structure, and the links in the pages organically make a structure. As already said, searching is the key. In the past, with Word docs or even text files, you needed to impose a hierarchy because it made things easier to find. Now you just need to search. You might want to take a look at wikipatterns.com for some useful ideas on how to run a wiki. On Thu, Jan 22, 2009 at 9:48 AM, Joseph L. Casale jcas...@activenetwerx.com wrote: We are moving all our (limited and badly organized) documentation to a wiki. Anyone got any examples/pointers to a hierarchy that made logical sense? We are hoping to move everything from topology to application specific notes in to the wiki. Given the size of this task, I only want to do this once:) Thanks for any reco's! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 5.3 released
Ned Slider wrote: Ralph Angenendt wrote: Remove the Stay in touch at planet centos link and put a prominent link like Stay in touch with 5.3 development on there? Can we get a page created - say something like, CentOS-5.3 Release Status, and then worry about where to link it from, or just add a link on the front page. Once a page is created we can start adding info, and we can link to it from IRC/MLs/Forums etc. Sure - if everybody is fine with that ... Cheers, Ralph pgpZ6Lm26OULO.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Adam Tauno Williams wrote: What do you do with clamav on a linux server? You scan the server for malware. When? Every day via crontab? That can be much too late. Every hour? That can be much too late. Every 10 minutes? That can be much too late - and your server is busy scanning the file system. The mantra LINUX doesn't suffer from malware is just bollocks. Lots of malware is served from LINUX servers. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*. I never said LINUX doesn't suffer from malware. But clamav itself is not able to scan in real time. Looks like dazuko has gotten a bit better, I don't know about clamuko. But by just installing clamav, you gain nothing protection wise. What do you think it protects you against on a linux server? against a linux server? ? When? Ralph pgpMvZ2ycn0Oi.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2 on Centos4
John Clement wrote: Bit of an emergency as I'm told this laptop has to leave here in 15 minutes, I've gone ahead and configured, made, installed PHP 5.2 but an httpd restart still only sees the old PHP 5.0.4, I think there's a fairly simple way to get it to find the 5.2 version I've just installed but can't think what. That's an easy one: Install it correctly. Any help gratefully received! Did you remove the old one? Is the new one in the right place? Does httpd know about it? Why do you compile software on your own when you don't know how to do it correctly? Questions, questions, questions ... Ralph PS: This mail wouldn't have been that harsh had you given *any* information on what you did. But you didn't. And above is what my crystal ball told me to write. pgpmi9Ot1aoWc.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OT? File order on CentOS/Samba server
I hope someone familiar with the way Linux processes files can enlighten me on the following: I recently replaced an old Windows 2000 server with a new machine running CentOS 5.2. It uses Samba 3.2.7 to serve a network of Windows XP clients. We are a newspaper. We use Acrobat Distiller to batch-convert a folder of single-page PostScript files (for print) to a multipage PDF file (for electronic distribution). Running on a workstation, Distiller watches the folder on a Samba share and does the conversion, automatically creating bookmarks, indexes and other information. On the Windows server, Distiller processes the files by filename order: M09010901A001C.ps M09010901A002C.ps M09010901A003C.ps ... and so on. On the Linux server, Distiller processes the files in an order that seems arbitrary, for example: M09010901A021C.ps M09010901A005C.ps M09010901A015C.ps ... and so on. The order Distiller uses is NOT related to the time stamp of the files. I tried to copy the files to the watched folder one by one in the correct order; the result is the same. This creates the need to open the final PDF and reshuffle the pages by hand, which is very time consuming and prone to error. There is a workaround to this: use the runfilex script that comes with Acrobat: it can contain a list of files to convert, in the order you want. Unfortunately, this is not acceptable for us since the process then takes about 40 minutes (irrespective of platform or filesystem), instead of 3 or 4 minutes. My question is: how is the order of files determined by Linux when a particular order is not explicitly required by a program? I noted the following: I have 4 files in a folder: file1.ps, file2.ps, file3.ps, file4.ps. When I order them by date, they appear in Windows Explorer in, say, the following order: 3, 4, 1, 2 If I copy them to a new folder one by one in the order 1, 2, 3, 4, they will still appear in the order 3, 4, 1, 2 when ordered by date. So, what information is transported with the files that makes the Linux server present them to the world in this order? Does someone know a workaround to this situation or can someone point me to information about file ordering with Linux? By the way, I am using the EXT3 file system. I tried the same on a VFAT file system and the result is the same. It seems to be a Linux thing, not a file system thing. Thank you for your patience. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] lvm metadata recovery
Hi all, I am looking for a way to recover my primary VolGroup00 that has my root partition. Here is my scenario; 1 - I add an external drive to my VolGroup00 which is sdc1. 2 - I make that external drive a snapshot of my / 3 - After I remove that new volume of sdc1 using lvremove, all os fine. 4 - When I turn off the sdc1 drive, I loose my VolGroup00. If by chance, the sdc1 breaks in such a way that the system doesn't se it any more and the system happens to reboot, it will longer recognize a VolGroup00 and therefore not boot. I backed up my original /etc/lvm to /etc/lvm.backup and would like to know how I can restore it from booting to a LiveCD and simply restoring the files located in /etc/lvm.back/backup/VolGroup00 which is my original metadata config. - Brian ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT? File order on CentOS/Samba server
On Thu, 22 Jan 2009 20:28:41 + Miguel Medalha wrote: My question is: how is the order of files determined by Linux when a particular order is not explicitly required by a program? http://www.linuxforums.org/forum/linux-newbie/111044-change-order-files-directory.html I have no idea if the script posted there works or not but I found that with a quick google search. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT? File order on CentOS/Samba server
http://www.linuxforums.org/forum/linux-newbie/111044-change-order-files-directory.htm I searched Google too, and I read that page. That doesn't work for us: the Windows users won't touch anything on the server (or Linux, for that matter) and I am not there every day. The file names change constantly. I cannot use a cron job because the time at wich the original files are ready is not always the same. This is a newspaper and closure time is very, very busy. When the issue is ready, they proceed to the process I described. Thank you for answering. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT? File order on CentOS/Samba server
On Thu, 22 Jan 2009 20:46:29 + Miguel Medalha wrote: I searched Google too, and I read that page. That doesn't work for us: the Windows users won't touch anything on the server (or Linux, for that matter) and I am not there every day. The Windows users wouldn't have to know that they are touching anything on the server. If that script will in fact work and getting it to run at the appropriate time is the only problem, then set up something from the Windows box to trigger it on your server. Click the pretty icon right here. The pretty icon can set a flag or something on the server that your cron job can check for and run if present. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com DRY CLEANER BUSINESS FOR SALE ~ http://www.canadadrycleanerforsale.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
On Thu, 2009-01-22 at 21:24 +0100, Ralph Angenendt wrote: Adam Tauno Williams wrote: What do you do with clamav on a linux server? You scan the server for malware. When? Every day via crontab? That can be much too late. Every hour? That can be much too late. Every 10 minutes? That can be much too late - and your server is busy scanning the file system. Verses never??? That's just silly; your making perfect an obstacle of the good. If it finds something then you KNOW you have a problem and the time frame in which it occurred: you can then access and respond and [potentially] notify. Verses what? No knowledge? The alternative is to host the malware indefinitely in blissful ignorance - or until someone else detects and reports your server. CLAMAV, or any package, isn't THE answer, it is part of an answer. And PCI/DSS requires a server be scanned on a regular basis. Fighting against that directive just makes no sense. You should scan an entire system on some interval regardless of OS. The mantra LINUX doesn't suffer from malware is just bollocks. Lots of malware is served from LINUX servers. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*. I never said LINUX doesn't suffer from malware. But clamav itself is not able to scan in real time. Looks like dazuko has gotten a bit better, I don't know about clamuko. But by just installing clamav, you gain nothing protection wise. Yes, you gain the ability to detect a compromised server. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2 on Centos4
2009/1/22 Ralph Angenendt ra+cen...@br-online.de: John Clement wrote: Bit of an emergency as I'm told this laptop has to leave here in 15 minutes, I've gone ahead and configured, made, installed PHP 5.2 but an httpd restart still only sees the old PHP 5.0.4, I think there's a fairly simple way to get it to find the 5.2 version I've just installed but can't think what. That's an easy one: Install it correctly. Any help gratefully received! Did you remove the old one? Is the new one in the right place? Does httpd know about it? Why do you compile software on your own when you don't know how to do it correctly? Questions, questions, questions ... Ralph PS: This mail wouldn't have been that harsh had you given *any* information on what you did. But you didn't. And above is what my crystal ball told me to write. Sorry if I riled you with the lack of information, I was under pressure to get it done quickly and only asked incase someone knew the answer off the top of their head based on it being a 'normal' install just enabling a few options. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
Adam Tauno Williams wrote: What do you do with clamav on a linux server? You scan the server for malware. There is nothing special about LINUX here. The whole don't run services as root business is just so much noise. It isn't about protecting the *server* it is about protecting the *data* which is accesses [hopefully] by services which are *not* root. It is about the data and the clients that connect to the server. Yes, but the scan has to be specific for the kind of problem you want to detect. I've seen CLAMAV find malware on web servers (maybe it isn't common... because no one is checking). Someone's crappy PHP code [is there any other kind?] allows malware to get injected into, and served, from the server. That tends to be more because someone isn't doing updates than that they aren't checking. Before a scan can help you, the scanner has to know about the problem. After someone knows about the problem there will likely be an update to fix it at least as soon as a scanner that will detect it after the fact. Which makes more sense to install? No root access anywhere, or required. It isn't about protecting the OS or the system, it is about protecting the data, the applications [from exploit], and the end-users [so the server isn't an attack vector]. Assuming none of the services on you server can be exploited is just wrong headed; But expecting a scanner to know about the exploit long before the exploit is known and fixed seems misguided as well. and the exploiter does not need to own the server (aka have root) in order to do mischief. Access to your data is probably more valuable than whacking your server. The mantra LINUX doesn't suffer from malware is just bollocks. Lots of malware is served from LINUX servers. That may be true, but the exploit that allowed it to be put there may be unrelated. For example, you may have virus-laden email being transported through a Linux server that doesn't have anything else to do with it. Or you may have a samba share where windows clients can infect it. Or, someone might get access through brute-force ssh password guessing. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*. An occasional clamav scan can't hurt. What do you think it protects you against on a linux server? against a linux server? ? Doing frequent updates is what keeps you safe - and maybe turning off ssh password access. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT? File order on CentOS/Samba server
Miguel Medalha wrote: I hope someone familiar with the way Linux processes files can enlighten me on the following: I recently replaced an old Windows 2000 server with a new machine running CentOS 5.2. It uses Samba 3.2.7 to serve a network of Windows XP clients. We are a newspaper. We use Acrobat Distiller to batch-convert a folder of single-page PostScript files (for print) to a multipage PDF file (for electronic distribution). Running on a workstation, Distiller watches the folder on a Samba share and does the conversion, automatically creating bookmarks, indexes and other information. On the Windows server, Distiller processes the files by filename order: M09010901A001C.ps M09010901A002C.ps M09010901A003C.ps ... and so on. On the Linux server, Distiller processes the files in an order that seems arbitrary, for example: M09010901A021C.ps M09010901A005C.ps M09010901A015C.ps ... and so on. The order Distiller uses is NOT related to the time stamp of the files. I tried to copy the files to the watched folder one by one in the correct order; the result is the same. Programs that read directories on their own normally find files in the order that they happen to appear in the directory. In a newly created directory, that would likely be in the order that the files were added, but in existing directories, slots previously used and now free may be reused in any order and this may not be consistent across filesystem types. If you are processing on the linux side and not via samba, and your program will take a list of files on the command line instead of groveling through the directory itself, you might simply start it with a wild-card filename on the command line. The shell will sort the list as it expands it so programs see the sorted list. There is a workaround to this: use the runfilex script that comes with Acrobat: it can contain a list of files to convert, in the order you want. Unfortunately, this is not acceptable for us since the process then takes about 40 minutes (irrespective of platform or filesystem), instead of 3 or 4 minutes. That's very strange. Maybe you should look for a different tool. Won't ghostscript/psutils or OOo do this? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Antivirus for CentOS? (yuck!)
There is nothing special about LINUX here. The whole don't run services as root business is just so much noise. It isn't about protecting the *server* it is about protecting the *data* which is accesses [hopefully] by services which are *not* root. It is about the data and the clients that connect to the server. Yes, but the scan has to be specific for the kind of problem you want to detect. The presence of a malware pattern - it is pretty straight forward. I've seen CLAMAV find malware on web servers (maybe it isn't common... because no one is checking). Someone's crappy PHP code [is there any other kind?] allows malware to get injected into, and served, from the server. That tends to be more because someone isn't doing updates than that they aren't checking. This doesn't make sense. No amount of updating will protect you from a flaw in the application code / method. One can't presume that the hosted application / service is perfect. Applications are compromised much more frequently than Operating Systems which is why the fact that it is a LINUX server doesn't matter. A scanner will potentially tell you when an application has been compromised. Before a scan can help you, the scanner has to know about the problem. After someone knows about the problem there will likely be an update to fix it at least as soon as a scanner that will detect it after the fact. Which makes more sense to install? Someone is going to release an update for your local application and configuration? Emphasis on the likely in likely be an update to fix it. And a scanner doesn't detect the security flaw, it detects that the server has been breached enough to contain malicious patterns. It has nothing to do with updates; relying on being up-to-date to prove your system is secure is akin to covering it with stickers of unicorns to protect it. No root access anywhere, or required. It isn't about protecting the OS or the system, it is about protecting the data, the applications [from exploit], and the end-users [so the server isn't an attack vector]. Assuming none of the services on you server can be exploited is just wrong headed; But expecting a scanner to know about the exploit long before the exploit is known and fixed seems misguided as well. This has nothing to do with knowing about exploits in the way you are using the term exploit (as a method of exploiting a service). It is a way to know about exploits OF a server's service. The scanner doesn't need to know anything at all about how the malicious content got there - it alerts you of it's presence. and the exploiter does not need to own the server (aka have root) in order to do mischief. Access to your data is probably more valuable than whacking your server. The mantra LINUX doesn't suffer from malware is just bollocks. Lots of malware is served from LINUX servers. That may be true, but the exploit that allowed it to be put there may be unrelated. So? For example, you may have virus-laden email being transported through a Linux server that doesn't have anything else to do with it. Or you may have a samba share where windows clients can infect it. Or, someone might get access through brute-force ssh password guessing. We are talking about completely different things. I'm talking about using a scanner to indicate that a server does not contain malware patterns indicating it has been [potentially] exploited - which is an *UNEXPECTED* event. You can't perform highly specific tests for unexpected events. The entire principle of auditing is looking for the unexpected. Scanning a server for signatures is just another way to proof (not prove) that a server has not been compromised and that data accessed by the server is secure. Which is what things like PCI/DSS is about - protecting the *data*. An occasional clamav scan can't hurt. What do you think it protects you against on a linux server? against a linux server? ? Doing frequent updates is what keeps you safe - and maybe turning off ssh password access. It isn't about being safe. It is about having configuration and policies that ***tests*** the integrity of your systems; detecting malware patterns is a critical component of that. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT? File order on CentOS/Samba server
Miguel Medalha wrote: I hope someone familiar with the way Linux processes files can enlighten me on the following: ... On the Windows server, Distiller processes the files by filename order: M09010901A001C.ps M09010901A002C.ps M09010901A003C.ps Windows NTFS uses B-Tree for its directories so they are inherently alphabetically sorted. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2 on Centos4
On Thu, Jan 22, 2009 at 2:27 PM, Ralph Angenendt ra+cen...@br-online.de wrote: Why do you compile software on your own when you don't know how to do it correctly? Is PHP 5.2 available through yum for CentOS 4? If so, I'm interested, because mine's only at 5.1. Thanks, Scott ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] PHP 5.2 on Centos4
On Thu, Jan 22, 2009 at 12:14 PM, John Clement j...@m4-p.com wrote: Bit of an emergency as I'm told this laptop has to leave here in 15 minutes, I've gone ahead and configured, made, installed PHP 5.2 but an httpd restart still only sees the old PHP 5.0.4, I think there's a fairly simple way to get it to find the 5.2 version I've just installed but can't think what. php 5.0.4 has been outdated in the centos repos for AGES. I'm actually rather shocked you were still running it at all. As Ralph has already stated, you need to say how you installed 5.2, since it's not available via any centos repo. -- During times of universal deceit, telling the truth becomes a revolutionary act. George Orwell ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Support for i7 architecture?
What is the status of i7 architecture support for CentOS-5? Do the latest updates support it? -- This e-mail may contain technical information which is controlled by the United States Government, Department of State, International Traffic Arms Regulations (ITAR) (22 CFR 120-130) which requires an export license prior to sharing with foreign persons. Lacking such license, ITAR technical data is limited to US Legal Residents only. It is the responsibility of the organization and individual in control of this data to abide by US export laws. If you are not a US Legal Resident, immediately forward this e-mail to not...@hartwellcorp.com or reply to sender without reading any further. Take no other action with this e-mail until contacted. Notice: The information in this document and document itself, in whole or in part, in any form (Information) is proprietary and/or confidential property of Hartwell Corporation, Placentia, California. Hartwell Corporation and its successors and assignees retain and reserve all right, title and interest in this information in whole or in part and in all forms. This Information is provided to the original recipient only for confidential use, with the understanding that it will not be used in any manner detrimental to the interests of Hartwell Corporation, and subject to return on request. Reproduction, transmission, distribution or publication of this Information in any form, in whole or in part, for any purpose without prior written permission of Hartwell Corporation is strictly prohibited. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old Small Box
On Thu, Jan 22, 2009 at 2:58 PM, Robert Moskowitz r...@htt-consult.com wrote: Ross Walker wrote: On Jan 22, 2009, at 11:39 AM, Robert Moskowitz r...@htt-consult.com wrote: Kai Schaetzl wrote: Ralph Angenendt wrote on Thu, 22 Jan 2009 10:31:20 +0100: You need a combined(!) 768MB of RAM and Swap to successfully install CentOS 5.2 (see the release notes). in graphics mode. And really it is a performance question as long as you have 256M of real memory, the rest swap. Since I always make my swap 2xRAM, I am always installing on a system with at least 768Mb combined. I do not like the DIsk Druid default of putting the swap drive into the LVM partition. I always redo the partitions so that swap is its own partition. Why is that? Old school habit or is there a real benefit? It just feels wrong in so many ways. Why is /boot its own partition and not swap? I suspend to swap, so swap has to be as accessible as /boot? Well the only reason /boot isn't possible in LVM is because grub can't of yet handle reading LVM volumes. As soon as it can though, there will be no need for a separate /boot. Am I going to enlarge swap at some point using LVM tools? Or shrink it? Can you even do that with a swap partition in LVM? So what ARE the values of swap in LVM? One less partition, I would think if you are going duo boot. But if not, again, where is the beef? You can enlarge or shrink it if you want, remove it from swap first, but many people just create another LV and add it to the mix. I think the biggest benefit to swap on LVM is when working with software RAID1 on the main disks, where you don't need to worry about creating a special MD just for swap, md0 for /boot, md1 for LVM. Not really a beef, in my books though it's added partitioning and potentially wasted space, but disks are big these days, so what. Swap performance should be equally good whether it be raw disk, raw partition, LVM logical volume or even a flat file on today's kernels, but maybe there is something I am unaware of. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Support for i7 architecture?
On Thu, Jan 22, 2009 at 02:18:05PM -0800, Michael St. Laurent wrote: What is the status of i7 architecture support for CentOS-5? Do the latest updates support it? according to the upstream notes wait for 5.3 oh, I should not reply, nor read your mail according to your footer ;) (not a US Legal Resident nor do I have export license of whatever it is) Tru -- Tru Huynh (mirrors, CentOS-3 i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=getsearch=0xBEFA581B pgpESWjbxFzOW.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
