Re: [CentOS] Sendmail TLS verify=fail
Am 21.09.2010 01:28, schrieb Morten P.D. Stevens: > Hi, > > I have a small question with sendmail and tls verification. > > The tls verify fails on our internal/external sendmail servers. > > For example: > > STARTTLS=server, relay=mx1.imt-systems.com [89.146.219.60], > version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 > > STARTTLS=server, relay=acsinet12.imt-systems.com [89.146.219.42], > version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, bits=256/256 > > What's the problem? That means the server side does not know the CA of the certificate presented by the client. http://www.sendmail.org/m4/starttls.html > The sendmail tls certificate should be okay on both servers. > Does anyone know something about this issue? (verify=fail) http://www.sendmail.org/m4/starttls.html Nothing serious. Just a log note. > Thank you. > > Best regards, > > Morten Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] problem clamd via rpmforge
hello list hello centos network hello all the builder of rpm's i use clamd package via rpmforge today they are passes i use CentOS 5.5 with small system with low memory system support couple postfix/amavisd/clamd/dkimproxy/sid-milter/policyd/postgrey/dovecot2 when i restart clamd i obtain one error i quote for clarity ~]# service clamd restart Stopping Clam AntiVirus Daemon: [ OK ] Starting Clam AntiVirus Daemon: WARNING: Running on 32-bit system, and RLIMIT_DATA > 2GB, lowering to 2GB! [ OK ] what error RLIMIT_DATA > 2GB i use 1GB swap how to configure the machine to remove this error thanks for all return ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] problem clamd via rpmforge
On 09/21/2010 11:12 AM, fakessh wrote: > i use clamd package via rpmforge So, post on the rpmforge list then ? ( http://lists.rpmforge.net/ ) - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hole in 64-bit Linux kernel provides root rights
On Tue, Sep 21, 2010 at 1:45 AM, Christopher Chan wrote: > Karanbir Singh wrote: >> On 09/21/2010 12:32 AM, Christopher Chan wrote: >>> Will there be a special case for this particular issue like an early >>> release of a Centos fixed kernel instead of waiting for the powers that >>> be at Redhat? >> >> There is a kernel in the c5-testing repo ( details in the issue report ) >> that Tru put together. You should make a site specific decision on the >> impact on services local to you and go with that. >> >> We've done some basic testing with this kernel and things *seem to be* >> fine. >> > > I suppose that is in regards to the exploit itself (nevermind the rest > so long as it don't start changing bits here and there)? > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Does anyone know what this exploit does, exactly. And which 64bit kernels are vulnrable? -- Kind Regards Rudi Ahlers SoftDux Website: http://www.SoftDux.com Technical Blog: http://Blog.SoftDux.com Office: 087 805 9573 Cell: 082 554 7532 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hole in 64-bit Linux kernel provides root rights
On 09/21/2010 06:10 AM, Rudi Ahlers wrote: > Does anyone know what this exploit does, exactly. And which 64bit > kernels are vulnrable? > Yes, go read the details in the issue report posted. All centos-5 kernels are affected. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail TLS verify=fail
Update: Problem solved Solution: The old certificate was a SSL server certificate only. For TLS receiving/sending you need a certificate with SSL client and SSL server purposes. Best regards, Morten > -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of Alexander Dalloz > Sent: Tuesday, September 21, 2010 9:55 AM > To: CentOS mailing list > Subject: Re: [CentOS] Sendmail TLS verify=fail > > Am 21.09.2010 01:28, schrieb Morten P.D. Stevens: > > Hi, > > > > I have a small question with sendmail and tls verification. > > > > The tls verify fails on our internal/external sendmail servers. > > > > For example: > > > > STARTTLS=server, relay=mx1.imt-systems.com [89.146.219.60], > version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, > bits=256/256 > > > > STARTTLS=server, relay=acsinet12.imt-systems.com [89.146.219.42], > version=TLSv1/SSLv3, verify=FAIL, cipher=DHE-RSA-AES256-SHA, > bits=256/256 > > > > What's the problem? > > That means the server side does not know the CA of the certificate > presented by the client. > > http://www.sendmail.org/m4/starttls.html > > > The sendmail tls certificate should be okay on both servers. > > > Does anyone know something about this issue? (verify=fail) > > http://www.sendmail.org/m4/starttls.html > > Nothing serious. Just a log note. > > > Thank you. > > > > Best regards, > > > > Morten > > Alexander > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Need Help
Dear Sir, I have been struggling to get bold letters in informix for CentoS 4.8 and I came across your article on PCL Command Sequences and I felt you could help. I have the following declarations and print command in my informix-4gl but things don't seem to get right. BoldOn CHAR(6), BoldOff CHAR(6) LET BoldOn = ASCII 27, ASCII '&040', ASCII '&115', ASCII '&052', ASCII '&066' LET BoldOff = ASCII 27, ASCII '&040', ASCII '&115', ASCII '&048', ASCII '&066' LET BoldOn = ASCII 27,"(s4B" LET BoldOff = ASCII 27,"(s0B" PRINT COLUMN 1, BoldOn CLIPPED, " ", "TO WHOM IT MAY CONCERN", BoldOff, COLUMN 54, BoldOn CLIPPED, " ", "Ref: ", BoldOff CLIPPED, r_refno PRINT COLUMN 1, BoldOn CLIPPED, " ", "This is to certify that: ", BoldOff, r_surname, " ", r_firstname and this what I am getting: ^[(s4B TO WHOM IT MAY CONCERN^[(s0B^[(s4B Ref: ^[(s0B 9844510 ^[(s4B This is to certify that: ^[(s0B NAMONJE CAROL ^[(s4B is a registered student of the National Institute of Public Administration^[(s0B We have HP LaserJet P3005 and P3015 Printers. How can I avoid printing these charaters and instead print Bold letters ? Are there any settings I need to do in Environmental variables or CUPS settings ? Your help will highly be appreciated. Felix Mwango Mutale ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logwatch verbosity
I'm getting literally hundreds of lines in my daily logwatch (under Centos-5.5), reading --- NULL security context for user, but SELinux in permissive mode, continuing () --- These began when I started running fail2ban (with shorewall), though that is probably a coincidence. In any case, what does this line mean, and is there any way of stopping it (short of stopping selinux)? -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity ollege, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Need Help
Mwango Mutale wrote: > Dear Sir, > Um, there's men and women on this list... > > I have been struggling to get bold letters in informix for CentoS 4.8 and > I came across your article on PCL Command Sequences and I felt you could help. Don't know what article you're talking about, but I would suggest that an Informix mailing list, or perhaps even talking to Informix tech support would be a better place to look for help for that. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch verbosity
Tim, Timothy Murphy wrote: > I'm getting literally hundreds of lines in my daily logwatch > (under Centos-5.5), reading > --- > NULL security context for user, but SELinux in permissive mode, > continuing () > --- > > These began when I started running fail2ban (with shorewall), > though that is probably a coincidence. > > In any case, what does this line mean, > and is there any way of stopping it (short of stopping selinux)? > Sounds to me as though it's *not* a coincidence. Who does fail2ban run as - for us, it's root, but is it different for you? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] No live migration for xen virtual machines any more
On Tue, Sep 21, 2010 at 09:56:39AM -0500, Brian Cremeans wrote: >Hello, >I have the exact same problem after an update, and it does not work using >the xm command. >Thanks for any help you can offer. > Read the following logs on dom0: - "xm log" - dmesg - /var/log/messages After trying to migrate with xm. Hopefully that helps. -- Pasi >Brian L. Cremeans >OCCE IT > > > Hi folks, > > > > I have upgraded my CentOS RHCS cluster hosts to the recent packages, and > > now live migration of the xen virtual machines does not work any more: > > > > [r...@node ~]# clusvcadm -M vm:XenVM -m othernode > > Trying to migrate vm:XenVM to othernode...Invalid operation for resource > > > > I have googled the net but found no recent entries for that problem, > > just older posts. > > > > Has anyone had the same problem recently? If yes: is there any workaround? > > > > Any hint or help is appreciated. > > > > Does it work using "xm" command directly? > > -- Pasi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 67, Issue 7
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2010:0703 Important CentOS 5 i386 bzip2 Update (Karanbir Singh) 2. CESA-2010:0703 Important CentOS 5 x86_64 bzip2Update (Karanbir Singh) 3. CESA-2010:0703 Important CentOS 3 i386 bzip2 -security update (Tru Huynh) 4. CESA-2010:0703 Important CentOS 3 x86_64 bzip2 - security update (Tru Huynh) 5. CESA-2010:0703 Important CentOS 4 i386 bzip2 -security update (Tru Huynh) 6. CESA-2010:0703 Important CentOS 4 x86_64 bzip2 - security update (Tru Huynh) -- Message: 1 Date: Tue, 21 Sep 2010 09:46:58 + From: Karanbir Singh Subject: [CentOS-announce] CESA-2010:0703 Important CentOS 5 i386 bzip2 Update To: centos-annou...@centos.org Message-ID: <20100921094658.ga14...@chakra.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2010:0703 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2010-0703.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) i386: 6fdfb7ea9c6cb1ab0e74b52ea8d35e8a bzip2-1.0.3-6.el5_5.i386.rpm 0d3bea176de58dd70e8dcd56c36ccdbb bzip2-devel-1.0.3-6.el5_5.i386.rpm 153bdd9cf4af6ef757445c99455f52aa bzip2-libs-1.0.3-6.el5_5.i386.rpm Source: ea8d1f7d523b83eedc64c35f0f0205cc bzip2-1.0.3-6.el5_5.src.rpm -- Karanbir Singh CentOS Project { http://www.centos.org/ } irc: z00dax, #cen...@irc.freenode.net -- Message: 2 Date: Tue, 21 Sep 2010 09:46:58 + From: Karanbir Singh Subject: [CentOS-announce] CESA-2010:0703 Important CentOS 5 x86_64 bzip2 Update To: centos-annou...@centos.org Message-ID: <20100921094658.ga14...@chakra.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2010:0703 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2010-0703.html The following updated files have been uploaded and are currently syncing to the mirrors: ( md5sum Filename ) x86_64: 91cb3aa371dc2458f7aba092df8d6759 bzip2-1.0.3-6.el5_5.x86_64.rpm 2ff6e5fccc6db6bb5223f1730d4facf4 bzip2-devel-1.0.3-6.el5_5.i386.rpm e844a66355660e1700acb7f10c620aad bzip2-devel-1.0.3-6.el5_5.x86_64.rpm 2760b26ce6aefc689f79636fbca1fb4b bzip2-libs-1.0.3-6.el5_5.i386.rpm 3e81d3cdc53c8bef9a8de5205e3e3f04 bzip2-libs-1.0.3-6.el5_5.x86_64.rpm Source: ea8d1f7d523b83eedc64c35f0f0205cc bzip2-1.0.3-6.el5_5.src.rpm -- Karanbir Singh CentOS Project { http://www.centos.org/ } irc: z00dax, #cen...@irc.freenode.net -- Message: 3 Date: Tue, 21 Sep 2010 11:50:54 +0200 From: Tru Huynh Subject: [CentOS-announce] CESA-2010:0703 Important CentOS 3 i386 bzip2 - security update To: centos-annou...@centos.org Message-ID: <20100921095054.ga6...@sillage.bis.pasteur.fr> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2010:0703 bzip2 security update for CentOS 3 i386: https://rhn.redhat.com/errata/RHSA-2010-0703.html The following updated file has been uploaded and is currently syncing to the mirrors: i386: updates/i386/RPMS/bzip2-1.0.2-14.EL3.i386.rpm updates/i386/RPMS/bzip2-devel-1.0.2-14.EL3.i386.rpm updates/i386/RPMS/bzip2-libs-1.0.2-14.EL3.i386.rpm source: updates/SRPMS/bzip2-1.0.2-14.EL3.src.rpm You may update your CentOS-3 i386 installations by running the command: yum update bzip2\* Tru -- Tru Huynh (mirrors, CentOS-3 i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B -- next part -- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.centos.org/pipermail/centos-announce/attachments/20100921/bbacb2a0/attachment-0001.bin -- Message: 4 Date: Tue, 21 Sep 2010 11:52:05 +0200 From: Tru Huynh Subject: [CentOS-announce] CESA-2010:0703 Important CentOS 3 x86_64 bzip2 - security update To: centos-annou...@centos.org Message-ID: <20100921095205.gb6...@sillage.bis.pasteur.fr> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2010:0703 bzip2 security update for CentOS 3 x86_64: https://rhn.redhat.com/errata/RHSA-2010-0703.html The following update
Re: [CentOS] Hole in 64-bit Linux kernel provides root rights
On Tue, Sep 21, 2010 at 12:44 PM, Karanbir Singh wrote: > All centos-5 kernels are affected. > > - KB Here is the updated kernel source from upstream: kernel-2.6.18-194.11.4.el5.src.rpm https://rhn.redhat.com/errata/RHSA-2010-0704.html Best regards, Morten ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hole in 64-bit Linux kernel provides root rights
On 09/21/2010 05:02 PM, Morten P.D. Stevens wrote: > kernel-2.6.18-194.11.4.el5.src.rpm > https://rhn.redhat.com/errata/RHSA-2010-0704.html We just released it about 10 minutes back. Should be visible soon. - KB ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] using NUT on centos 5
On Fri, Sep 17, 2010 at 10:01:47AM -0400, Pat and Lori Boyer wrote: > I have NUT configured on a few of my CentOS servers. I compiled and > installed from source (2.4.3), so all of my nut-related files sit under > /usr/local/ups. I am using a Liebert UPS. Here's how I have it working: > > Connect a serial cable from your server to the UPS (if available; USB is an > option on some models, I think). The nut software can communicate with the > UPS via serial on a ttyS (mine is /dev/ttyS0). This server (directly > attached) must run upsd. Other servers that use the same UPS can communicate > with upsd running on the first server via upsmon. All servers must run > upsmon (this is what actually monitors the UPS). Yes, that would be, I think, straightforward. But mine uses USB, and despite the instructions with NUT, I can't figure out how to tell it which USB device to use. I'd appreciate hints on that, should anyone know. thanks for the reply, though! > > Configure ups.conf with information about your UPS (mine is liebert). The > nut docs have a list of supported hardware and the drivers that you use for > them (I use the driver 'liebert'): > > [liebert] > driver = liebert > port = /dev/ttyS0 > > At least one server attached to each UPS must run upsd. Here's my upsd.conf > (comments removed). Note that the second line uses the IP address of the LAN > interface on your server, so that other machines on the same subnet can > communicate with upsd: > > LISTEN 127.0.0.1 3493 > LISTEN 172.21.97.1 3493 > > You have to configure upsd.users to allow access to certain users (one for > each upsmon process that will communicate with upsd). This information will > be used to configure upsmon on the clients. For example, I have two servers > listed here: the local server (server1) and another server attached to the > same UPS (server2): > > [server1-ups] > password = server1-ups-pass > upsmon master > [server2-ups] > password = server2-ups-pass > upsmon slave > > Configure upsmon.conf on each client. Based on the example above, here's the > upsmon.conf for server1: > > FINALDELAY 5 > MONITOR lieb...@localhost 1 server1-ups server1-ups-pass master > > ... and the upsmon.conf for server2: > > FINALDELAY 5 > MONITOR lieb...@server1 1 server2-ups server2-ups-pass master > > Once you have ups.conf, upsd.conf, upsd.users, and upsmon.conf configured, > you can test you connections like the following: > > [r...@server1 ~]# /usr/local/ups/bin/upsc lieb...@localhost > device.mfr: Liebert > device.model: MultiLink > device.type: ups > driver.name: liebert > driver.parameter.pollinterval: 2 > driver.parameter.port: /dev/ttyS0 > driver.version: 2.4.3 > driver.version.internal: 1.02 > ups.mfr: Liebert > ups.model: MultiLink > ups.status: OL LB > > [r...@server2 ~]# /usr/local/ups/bin/upsc lieb...@server1 > device.mfr: Liebert > device.model: MultiLink > device.type: ups > driver.name: liebert > driver.parameter.pollinterval: 2 > driver.parameter.port: /dev/ttyS0 > driver.version: 2.4.3 > driver.version.internal: 1.02 > ups.mfr: Liebert > ups.model: MultiLink > ups.status: OL LB > > Don't forget to add the nut software to your startup scripts and appropriate > runlevels. Hope this helps. > > Pat Boyer > > > On Tue, Sep 14, 2010 at 11:18 AM, fred smith > wrote: > > > Hi! > > > > Trying to set up NUT on Centos 5 to monitor a CyberPower 1500AVR UPS. > > > > There seem to be many documents, all of which seem to be not fully > > consistent > > with each other, and most of them aren't up to date. > > > > I'm guessing I should be using udev rather than hal, but I'm somewhat > > stumped on how to figure out what device it should be monitoring. there > > are a bunch of udev rules installed (in > > /lib/udev/rules.d/52-nut-usbups.rules) > > but it's not at all clear to me what, if anything, I'm supposed to do with > > them, or how I cause udev to see them there and do its thing. > > > > there's a document at > > http://fedoranews.org/contributors/kazutoshi_morioka/nut/ > > but it doesn't show how to do it with a USB device, only serial. > > > > so I decided to move on and see if it could be made to work without > > that understanding, using whatever I could figure out using the INSTALL > > file that comes with NUT. > > > > And that isn't geting me anywhere, so far. > > > > If anyone out there has had success at setting up NUT on Centos 5 (or RHEL) > > and can offer any advice, I'd appreciate hearing from you. > > > > Thanks in advance! > > > > -- > > Fred Smith -- > > fre...@fcshome.stoneham.ma.us- > > "For him who is able to keep you from falling and to present you before > > his > >glorious presence without fault and with great joy-- > > to the only God our Savior be glory, majesty, power and authority, > > through Jesus Christ our Lord, before all ages, now and forevermore! > > Amen." > > - Jude 1:24,25 (niv) > > ---
Re: [CentOS] multipath troubleshoot
Reboot in to the latest kernel fixed this issue. Paras. On Fri, Sep 17, 2010 at 1:19 PM, Paras pradhan wrote: > Hi, > My storage admin just assigned a Lun (fibre) to my server. Then re scanned > using > > echo "1" > /sys/class/fc_host/host5/issue_lip > > echo "1" > /sys/class/fc_host/host6/issue_lip > > I can see the scsi device using dmesg > > But mpath device are not created for this LUN > > > Pleas see below. The last 4 should be active and I think this is the problem > > Kernel: 2.6.18-164.11.1.el5xen , EL 5.5 > -- > > [r...@cvprd3 lvm]# multipathd -k > multipathd> show paths > hcil dev dev_t pri dm_st chk_st next_check > 5:0:0:0 sdb 8:16 1 [active][ready] XXX... 7/20 > 5:0:0:1 sdc 8:32 1 [active][ready] XXX... 7/20 > 5:0:0:16384 sdd 8:48 1 [active][ready] XXX... 7/20 > 5:0:0:16385 sde 8:64 1 [active][ready] XXX... 7/20 > 5:0:0:32768 sdf 8:80 1 [active][ready] XXX... 7/20 > 5:0:0:32769 sdg 8:96 1 [active][ready] XXX... 7/20 > 5:0:0:49152 sdh 8:112 1 [active][ready] XXX... 7/20 > 5:0:0:49153 sdi 8:128 1 [active][ready] XXX... 7/20 > 5:0:0:2 sdj 8:144 1 [active][ready] XXX... 7/20 > 5:0:0:16386 sdk 8:160 1 [active][ready] XXX... 7/20 > 5:0:0:32770 sdl 8:176 1 [active][ready] XXX... 7/20 > 5:0:0:49154 sdm 8:192 1 [active][ready] XXX... 7/20 > 5:0:0:3 sdn 8:208 1 [active][ready] XXX... 7/20 > 5:0:0:16387 sdo 8:224 1 [active][ready] XXX... 7/20 > 5:0:0:32771 sdp 8:240 1 [active][ready] XXX... 7/20 > 5:0:0:49155 sdq 65:0 1 [active][ready] XXX... 7/20 > 5:0:0:4 sdr 65:16 1 [active][ready] XXX... 7/20 > 5:0:0:16388 sds 65:32 1 [active][ready] XXX... 7/20 > 5:0:0:32772 sdt 65:48 1 [active][ready] XXX... 7/20 > 5:0:0:49156 sdu 65:64 1 [active][ready] XXX... 7/20 > 5:0:0:5 sdv 65:80 0 [undef] [faulty] [orphan] > 5:0:0:16389 sdw 65:96 0 [undef] [faulty] [orphan] > 5:0:0:32773 sdx 65:112 0 [undef] [faulty] [orphan] > 5:0:0:49157 sdy 65:128 0 [undef] [faulty] [orphan] > multipathd> > > Thanks in Adv > Paras. > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Kernel panic - not syncing: Attempted to kill init!
I am writing a small documentation on reason(s) : why kernel panic happen !!and possible (crisp) solution(s) googling out this error throws me very hazy solutions .. if some one could suggest the possible reasons and crispy solution it would be of great documentation help to many . one great link i found was this ( http://www.linuxquestions.org/questions/linux-software-2/explained-kernel-panic-not-syncing-attempted-to-kill- init-353920/) Thanks -- Regards Agnello D'souza ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Recompiling CentOS's stock openssl
I'm running CentOS release 4.8. For security reasons, I have to modify openssl's ssl.h in /usr/include/openssl/. That's easy. But for the new settings to take effect, I have to recompile openssl. I do have openssl-devel installed. How do I recompile? === Al ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recompiling CentOS's stock openssl
On Tue, Sep 21, 2010 at 7:17 PM, Al Sparks wrote: > I'm running CentOS release 4.8. > > For security reasons, I have to modify openssl's ssl.h in > /usr/include/openssl/. > > That's easy. But for the new settings to take effect, I have to recompile > openssl. I do have openssl-devel installed. > You need to grab the openssl source rpm then install that. Modify the spec file and add your patches, then recompile. The devel package is for building apps that link to openssl. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Recompiling CentOS's stock openssl
On Tue, Sep 21, 2010 at 04:17:54PM -0700, Al Sparks wrote: > I'm running CentOS release 4.8. > > For security reasons, I have to modify openssl's ssl.h in > /usr/include/openssl/. > > That's easy. But for the new settings to take effect, I have to recompile > openssl. I do have openssl-devel installed. > > How do I recompile? The right way to do this would be to get the openssl SRPM, create a patch against the stock sources that modifies the .h file you need to change and include that patch in the .spec file build process. You'd then generate a custom RPM that would replace the stock RPM. Of course, make sure you _really_ need to do this. You'll now need to track security changes yourself. Ray ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Zoneminder
I have a few dvr's that I am contemplating converting to Zoneminder (don't know any other app) and would prefer to use CentOS over fedora obviously but the only rpm I see exists for Fedora. I don't want the hassle of manually compiling this, as we have our own config mgmt. Anyone using this rpm (srpm recompiled) in CentOS or know of a solution that exists? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch verbosity
m.r...@5-cent.us wrote: >> I'm getting literally hundreds of lines in my daily logwatch >> (under Centos-5.5), reading >> --- >> NULL security context for user, but SELinux in permissive mode, >> continuing () >> --- >> >> These began when I started running fail2ban (with shorewall), >> though that is probably a coincidence. >> >> In any case, what does this line mean, >> and is there any way of stopping it (short of stopping selinux)? > Sounds to me as though it's *not* a coincidence. Who does fail2ban run as > - for us, it's root, but is it different for you? It is running as root, according to "ps aux | grep fail2ban". (I run it as a service "sudo service fail2ban restart".) Do you get my message (NULL security context ...)? I've no idea what this means, or what it is referring to. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Zoneminder
You can try the below like. http://rpm.pbone.net/index.php3/stat/4/idpl/6098977/dir/centos_5/com/zoneminder-1.22.3-9.el5.kb.i386.rpm.html On Wed, 2010-09-22 at 00:02 +, Joseph L. Casale wrote: > I have a few dvr's that I am contemplating converting to Zoneminder (don't > know any other app) and would prefer to use CentOS over fedora obviously > but the only rpm I see exists for Fedora. > > I don't want the hassle of manually compiling this, as we have our own config > mgmt. > > Anyone using this rpm (srpm recompiled) in CentOS or know of a solution > that exists? > > Thanks! > jlc > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch verbosity
Timothy Murphy wrote: > m.r...@5-cent.us wrote: > >>> I'm getting literally hundreds of lines in my daily logwatch >>> (under Centos-5.5), reading >>> --- >>> NULL security context for user, but SELinux in permissive mode, >>> continuing () >>> --- >>> >>> These began when I started running fail2ban (with shorewall), >>> though that is probably a coincidence. >>> >>> In any case, what does this line mean, >>> and is there any way of stopping it (short of stopping selinux)? > >> Sounds to me as though it's *not* a coincidence. Who does fail2ban run as >> - for us, it's root, but is it different for you? > > It is running as root, according to "ps aux | grep fail2ban". > (I run it as a service "sudo service fail2ban restart".) > > Do you get my message (NULL security context ...)? > I've no idea what this means, or what it is referring to. selinux. *bleah* mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Zoneminder
I have zoneminder 1.24.4 running under 5.5. The docs/support sucks. There is one comment you need to add to ./configure to get it to compile. It took me months to figure it out and find it on the zoneminder website. The best version was 1.23.3 but the current ffmpeg doesn't work with it. When I find it again, I'll post it. If you think it may be in my configure script somewhere, let me know and I'll post it. > -Original Message- > From: centos-boun...@centos.org > [mailto:centos-boun...@centos.org] On Behalf Of Joseph L. Casale > Sent: Tuesday, September 21, 2010 8:02 PM > To: 'centos@centos.org' > Subject: [CentOS] Zoneminder > > I have a few dvr's that I am contemplating converting to > Zoneminder (don't know any other app) and would prefer to use > CentOS over fedora obviously but the only rpm I see exists for Fedora. > > I don't want the hassle of manually compiling this, as we > have our own config mgmt. > > Anyone using this rpm (srpm recompiled) in CentOS or know of > a solution that exists? > > Thanks! > jlc > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Zoneminder
On 22/09/10 11:39 AM, Thomas Dukes wrote: > I have zoneminder 1.24.4 running under 5.5. The docs/support sucks. There is > one comment you need to add to ./configure to get it to compile. It took me > months to figure it out and find it on the zoneminder website. > > The best version was 1.23.3 but the current ffmpeg doesn't work with it. > > When I find it again, I'll post it. If you think it may be in my configure > script somewhere, let me know and I'll post it. > We gave up on zoneminder and moved to motion, easy to build RPM's and configure. http://www.lavrsen.dk/twiki/bin/view/Motion/WebHome ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Zoneminder
On 22/09/10 11:39 AM, Thomas Dukes wrote: > I have zoneminder 1.24.4 running under 5.5. The docs/support > sucks. There is one comment you need to add to ./configure > to get it to compile. It took me months to figure it out and > find it on the zoneminder website. ehh -- The version in RawHide will build and run under C5, with some tedious gathering and packaging of buildchain work [herr...@centos-5 zoneminder]$ rpm -q zoneminder zoneminder-1.24.2-5orc [herr...@centos-5 zoneminder]$ ls *src.rpm | grep orc | wc 28 281021 [herr...@centos-5 zoneminder]$ -- Russ herrold ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Zoneminder
>We gave up on zoneminder and moved to motion, easy to build RPM's and >configure. > >http://www.lavrsen.dk/twiki/bin/view/Motion/WebHome Looks nice, I'll sub to that list but quick last question: After a read of the docs, I get the idea it's not designed to output a continuous mpeg for each camera like a real dvr, is that true? Thanks! jlc ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] exclude mirror
how can i exclude certain mirrors from yum in centos 5? -- Among the maxims on Lord Naoshige's wall, there was this one: "Matters of great concern should be treated lightly." Master Ittei commented, "Matters of small concern should be treated seriously." (Ghost Dog : The Way of The Samurai) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] exclude mirror
>how can i exclude certain mirrors from yum in centos 5? http://lmgtfy.com/?q=yum+exclude+mirrors&l=1 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] exclude mirror
On 22/09/10 15:56, Joseph L. Casale wrote: >> how can i exclude certain mirrors from yum in centos 5? > > http://lmgtfy.com/?q=yum+exclude+mirrors&l=1 +1 Kal ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] exclude mirror
2010/9/22 Kahlil Hodgson > On 22/09/10 15:56, Joseph L. Casale wrote: > >> how can i exclude certain mirrors from yum in centos 5? > > > > http://lmgtfy.com/?q=yum+exclude+mirrors&l=1 > > +1 > thank you very much ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Zoneminder
On 22/09/10 2:39 PM, Joseph L. Casale wrote: >> We gave up on zoneminder and moved to motion, easy to build RPM's and >> configure. >> >> http://www.lavrsen.dk/twiki/bin/view/Motion/WebHome > Looks nice, I'll sub to that list but quick last question: After a read of > the docs, I > get the idea it's not designed to output a continuous mpeg for each camera > like > a real dvr, is that true? > > Thanks! > jlc > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos I admit we do not use it in that manner but it does utilize ffmepg so mpeg out is possible. I certainly have recorded video when events are triggered. Phil. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos