Re: [CentOS] Trying to get a grasp on NTP server/client access control options

[Drew]

> --8<-- /etc/ntp.conf ---
> ...
> server 0.centos.pool.ntp.org
> server 1.centos.pool.ntp.org
> server 2.centos.pool.ntp.org
>
> ...
> restrict 0.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
> restrict 1.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
> restrict 2.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
> ...
> --8<
>
> This means roughly : "use these three public NTP servers to synchronize,
> but don't let them mess with your configuration".

No.

The "server" lines are to tell NTP what servers to query to keep it's
own clock in sync. The "restrict" lines are used to limit which ntp
clients are allowed to use your server to sync their clock and what
alterations (if any) the client can make to your server.


-- 
Drew

"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Automated Reply from Dieter Thiel

[Dieter Thiel]

Abwesenheitsnotiz:

Vielen Dank für Ihre Nachricht. Ich bin ab dem 16.08. wieder im Büro erreichbar.

In dringenden Fällen wenden Sie sich bitte an Herrn Ostermann,
Email .

Vielen Dank!


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Trying to get a grasp on NTP server/client access control options

[Niki Kovacs]

Hi,

I'm currently sinking my teeth into NTP, to build a local time server. 
So far, configuring a local NTP server and getting the clients to 
connect to it works well. Now, I'm thinking about securing the whole 
thing. BTW, I made a copy of the original ntp.conf file and started my 
own from scratch.

Right now, I have five printed books opened on the corresponding 
chapters (Carla Schroder's Linux Cookbook, RHEL 5 Unleashed, Foundations 
of CentOS, etc.) plus the same amount of online tutorials.

Right now I'm having a bit of a hard time grasping the various access 
control options. Here's a few lines from ntp's default configuration in 
CentOS :

--8<-- /etc/ntp.conf ---
...
server 0.centos.pool.ntp.org
server 1.centos.pool.ntp.org
server 2.centos.pool.ntp.org

...
restrict 0.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 1.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
restrict 2.centos.pool.ntp.org mask 255.255.255.255 nomodify notrap noquery
...
--8<

This means roughly : "use these three public NTP servers to synchronize, 
but don't let them mess with your configuration".

Now, here's something from NTP's official documentation :

You may use either a hostname or IP address on the 'server' line. You 
*must* use an IP address on the 'restrict' line.

Here's the according link to the documentation :

http://support.ntp.org/bin/view/Support/AccessRestrictions

Which leads me to the assumption that these three 'restrict' lines in 
the default ntp.conf configuration in CentOS are useless, since they 
specify hostnames, and not IP addresses. Correct me if I'm wrong.

Cheers,

Niki
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] When should LVM be used?

[Drew]

> Is there any reason to use LVM on a personal desktop install of
> CentOS? It seems to me, for my purposes, that LVM is just a pain in
> the neck -- although I've always just let CentOS set it up during the
> install in the past.  I would like to be able to use parted to resize
> partitions when I want to, and also I'd like Vector Linux to be able
> to read and write data to the CentOS partition. Would I be missing
> something by not installing LVM, or is this mostly for server purposes
> anyhow?

LVM adds flexability that regular partitioning can't.

Example 1. Say you've mounted an entire 2TB disk as /home and it's
almost full. Now you want to add another 2TB to /home. How do you?
Easiest way is with LVM. You just add the new disk into LVM's pool of
storage and expand the home partition (Logical volume) to use the new
space. Now you have a single filesystem spread across two disks.

Example 2. Now let's say that you bought a NAS device (QNAP, Drobo,
Buffalo) that does iSCSI or NFS and you want to move your data off the
two local disks. With LVM you just add the new 'disk' into the pool
then tell LVM to move existing data off the 'old' disk.

Try doing that with parted. :-P

-- 
Drew

"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] A proposed CentOS mailing list FAQ

[Akemi Yagi]

On Sat, Jul 31, 2010 at 5:06 AM, Geoff Galitz  wrote:

> Generally speaking, you have three options:
>
>  1) The centos-users mailing list.

>  2) The Centos IRC channel.

>  3) Commercial support.
>
> Insert links to mailing lists and other resources approprate

As a mailing list user, you may not be aware of the CentOS Forums...
Their FAQ & Readme can be found here:

https://www.centos.org/modules/newbb/viewforum.php?forum=47

At any rate, let's not forget about the CentOS wiki Help page:

http://wiki.centos.org/Documentation

Akemi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Redirecting PHP error messages into a log file

[Christoph Maser]

Am 31.07.2010 14:48, schrieb Keith Roberts:

> It's a bit tricky setting up PHP error logging to a seperate
> file. This works for me on 32bit, Centos 5.5 and Fedora 12,
> and previous Fedora versions.
>
> Here are my settings:
>
> SELinux disabled at boot time.

How about leaving it on and consult /var/log/audit/audit.log to see if 
selinux is interfering. I guess if there is any denial its just because 
your new logfile has the wrong context and you can easily change that 
with chcon.

+C
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] A proposed CentOS mailing list FAQ

[Bob McConnell]

Geoff Galitz wrote:
> Oops, some copyediting of my previous post and the addition of a managed 
> services option to my FAQ suggestion follows:

A couple more spelling errors to correct:

> are no guaruntees anything will be answered  or answered in a give time 

guarantees

> Insert links to mailing lists and other resources approprate

appropriate

Bob McConnell
N2SPP
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Redirecting PHP error messages into a log file

[Keith Roberts]

On Sat, 31 Jul 2010, Alexander Farber wrote:

> To: CentOS mailing list 
> From: Alexander Farber 
> Subject: [CentOS] Redirecting PHP error messages into a log file
> 
> Hello,
>
> I'm using CentOS release 5.5 x86_64 with the stock php-5.1.6-27.el5
> and would like to redirect PHP messages into /var/log/httpd/php_log
>
> First I tried adding that file name to /etc/php.ini:
> error_log = "/var/log/httpd/php_log"
> and restarted httpd, but the file didn't appear.
> I've touched it and changed owner to apache.apache,
> but that didn't help.

It's a bit tricky setting up PHP error logging to a seperate 
file. This works for me on 32bit, Centos 5.5 and Fedora 12, 
and previous Fedora versions.

Here are my settings:

SELinux disabled at boot time.

/etc/php.ini file:

; Besides displaying errors, PHP can also log errors to locations such as a 
; server-specific log, STDERR, or a location specified by the error_log
; directive found below. While errors should not be displayed on productions
; servers they should still be monitored and logging is a great way to do that.
; Default Value: Off
; Development Value: On
; Production Value: On
; 
http://www.php.net/manual/en/errorfunc.configuration.php#ini.log-errors
log_errors = ON


; Set maximum length of log_errors. In error_log information about the source is
; added. The default is 1024 and 0 allows to not apply any maximum length at 
all.
; 
http://www.php.net/manual/en/errorfunc.configuration.php#ini.log-errors-max-len
log_errors_max_len = 1024

; Do not log repeated messages. Repeated errors must occur in same file on same
; line unless ignore_repeated_source is set true.
; 
http://www.php.net/manual/en/errorfunc.configuration.php#ini.ignore-repeated-errors
ignore_repeated_errors = Off

; Ignore source of message when ignoring repeated messages. When this setting
; is On you will not log errors with repeated messages from different files or
; source lines.
; 
http://www.php.net/manual/en/errorfunc.configuration.php#ini.ignore-repeated-source
ignore_repeated_source = Off

; Log errors to specified file. PHP's default behavior is to leave this value
; empty.
; http://www.php.net/manual/en/errorfunc.configuration.php#ini.error-log
; Log errors to syslog or specified file (Event Log on NT, not valid in Windows 
95).
;error_log = syslog
error_log = /var/log/apache/php_error_log

The file permissions for my php error log are:

[r...@karsites apache]# ls -l php*
-rw-rw-rw- 1 root root 91472 2010-07-31 08:00 php_error_log
-rw-rw-rw- 1 root root 0 2008-05-29 13:30 php_error_log.skel
-rw-rw-rw- 1 root root 0 2008-05-29 13:30 php_mail_log
[r...@karsites apache]#

If the PHP error log file is not set up correctly, then PHP 
will just output the errors to the apache error log file 
instead.

HTH

Keith Roberts
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] What is the best strategy for updating CentOS from 4 to 5?

[Keith Roberts]

On Fri, 30 Jul 2010, John R Pierce wrote:

> To: CentOS mailing list 
> From: John R Pierce 
> Subject: Re: [CentOS] What is the best strategy for updating CentOS from 4 to
> 5?
>
>  On 07/30/10 10:26 PM, Todd Cary wrote:
>> No doubt I have waited just a little too long, but I think it is time to
>> upgrade before it is not supported.  My server is not heavily used
>> (mostly for viewing images) and my Admin skills are better than beginner
>> but NOT guru.
>
> backup your files, configurations, etc, wipe the system, clean install
> centos 5, restore your configurations and files.
>
> if all your user and server files are on seperate file systems from /,
> /var, /usr, then you may be able to leave them inplace as long as you're
> careful with the installer not to touch your data filesystems.

I have written a set of bash scripts to automate doing a 
fresh installation of Centos 5.5 They were originally 
written for Fedora 12, and have just finished doing a clean 
installation run using them to install Centos 5.5 on my 
laptop.

I went from F8 to F12 with these scripts, with no real 
problems.

Anybody interested in a copy of them - they will be BSD or 
similar license ?

Kind Regards,

Keith Roberts
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] When should LVM be used?

[Drew]

> Yea the default works but how is it Plain Wrong?  If it was flat out
> wrong then Upstream would not allow it.  Raid 1 disk array with one hot
> spare on a hardware raid controller under a SAN server is what you
> saying is wrong?  Case is, the array is not using /home or /var; were
> only exporting nfs luns direct attached.  What on earth and why would I
> want to have another drive for /var &/home in this case.  I'm just
> asking but not arguing.  There are cases where it works exceptionally.
> In fact my opinion is it works nice for newbies, untill they gets a lil
> experience.

I'd still want a separate partition for /var for the SAN
configuration. I've seen more then one machine brought to it's knees
by overflowing log entries.



-- 
Drew

"Nothing in life is to be feared. It is only to be understood."
--Marie Curie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] A proposed CentOS mailing list FAQ

[Geoff Galitz]

Oops, some copyediting of my previous post and the addition of a managed 
services option to my FAQ suggestion follows:




-

I prospose rephrasing the above FAQ entries in a more neutral tone:


1) What are my Centos support options?

Generally speaking, you have three options:

  1) The centos-users mailing list.
   Developers, systems administrators and end-users all contribute on 
the mailing list on a best effort basis.   Questions are answered as 
people's time and experience allow.   This is a volunteer effort and there 
are no guaruntees anything will be answered  or answered in a give time 
frame,  though we do our best  and historically are quite good.

  It is strongly recommended you search the archives first, as you can 
get an answer much faster and we can focus our time on new issues and 
projects.

  2) The Centos IRC channel.
  The channel can be found on irc.freenode.net, channel #centos

  Same ground rules as the mailing list.

  3) Commercial support.
   There are a number of commercial support providers.  They are best 
found by a search on your favorite search engine.  If you are open to not 
running your own systems then subscribing to a managed hosting provider who 
offers Centos as a platform is also a good option.  Again, refer to your 
favorite search engine. Alternatively switching  over to Redhat Enterprise 
Linux (RHEL) and purchasing a support contract is a good option.

If you require answers or support at a moment's notice, this is your best 
option.


Insert links to mailing lists and other resources approprate

I do think it is worth the effort to get this FAQ out.  Just because some 
users will ask questions without reading does not mean they all will.  More 
importantly, is it possible to get this FAQ sent to people immediately when 
they subscribe to the mailing list?  That would get us a lot of bang for the 
buck.


Just my two cents.






 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] A proposed CentOS mailing list FAQ

[Geoff Galitz]

>
> #
>
> 1. This mailing list is here for folks around the world to share knowledge
> about CentOS
> and Linux. This is not a paid tech support organization - if you want
> that, buy
> a RedHat subscription.
>
> 2. We are not here to do your job for you. If you think we should, perhaps
> you
>  should pay us. Before asking us, have you:
>   a) read the documentation (RTFM)?
>   b) checked the CentOS wiki for howtos and FAQs?
> i) , and click on "information"
> ii) 
>   c) googled for documents on the Web?
>
> 3. Many of your problems have been discussed and solved. Feel free to ask
> for a link
>  to the solution, or the discussion.
>

I prospose rephrasing the above FAQ entries in a more neutral tone:


1) What are my Centos support options?

Generally speaking, you have three options:

  1) The centos-users mailing list.
   Developers, systems administrators and end-users all contribute on 
the
   mailing list on a best effort basis.   Questions are answered as 
people's time and
   experience allow.   This is a volunteer effort and there are no 
gaurutees anything will
   be answered  or answered in a give time frame,  though we do our best 
and
   historically are quite good.

  It is strongly recommended you search the archives first, as you can 
get an answer
  much faster and we can focus our time on new issues and projects.

  2) The Centos IRC channel.
  The channel can be found on irc.freenode.net, channel #centos

  Same ground rules as the mailing list.

  3) Commercial support.
   There are number of commercial support providers.  They are best 
found
   by a search on your favorite search engine.  Alternatively switching 
over to
   Redhat Enterprise Linux (RHEL) and purchasing a support contract is a 
good
   option.

   If you require answers or support at a moment's notice, this is your 
best option.


Insert links to mailing lists and other resources approprate

Just my two cents.







 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] hplip under CentOS-5.5

[Scott Robbins]

On Fri, Jul 30, 2010 at 08:44:27AM -0400, Scott Robbins wrote:

> On Fri, Jul 30, 2010 at 08:27:33AM -0400, Scott Robbins wrote:
> > On Fri, Jul 30, 2010 at 01:20:58PM +0200, Dag Wieers wrote:
> > > >
> > > > http://home.roadrunner.com/~computertaijutsu/hplip.html
> > > 
> > > Hi Scott,
> > > 
> > > Thanks fot hat document. I modified my hplip package based on that 
> > > document and am building a 3.10.6 update package as we speak.
> > > 

Hi Dag, 
I just tested your rpm.  After uninstalling the tarball (the older
version though) and installing your rpm, scanimage -L didn't find the
scanner.  I then installed the latest version of hplip from tarball to
make sure it wasn't an hplip regression, and it discovered the scanner
without issue.  

The difference I see besides dbus is that the hplip instructions disable
hpijs, but I really don't know enough about it to know if that would
make the difference.  If you see this today (Saturday), I probably have
time to run any test you would like (but tomorrow, my wife gets back
from Europe, so I won't). 

If you feel it's better, I can take this to the rpmforge user list, but
figured I should post the information here since the thread started
here.

-- 
Scott Robbins
PGP keyID EB3467D6
( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 )
gpg --keyserver pgp.mit.edu --recv-keys EB3467D6

Cordelia: I do what I want to do. And I wear what I want to wear.
And you know what, I'll date whoever the hell I want to date... 
no matter how lame he is. 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS5.5 cannot boot

[cjzjm100]

I hava not CentOS's CD,but i had made a live-usb of debian5,when i entered its 
rescue mode ,i found it need a CD,then i entered a shell ,but i cannot find the 
fs,i donnot know how i can mount the fs,because it hadnot mount command,any 
idea?
I find CentOS had some problem:sometime there is a fs error,all icons cannot 
load ,then i tried log in the shell,it said there was fs error,however i 
rebooted the system ,everything was ok!
In all those problem,i had not do any bad thing to the system.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos