Re: [CentOS] CentOS and LessFS
This thread has been beat to death, so perhaps my $0.02 isn't so meaningful, but I wrote a set of rsync scripts in php that I've used for years to manage terabytes of backups going back years of time. It's called TINBackupBuddy and you can get it at http://www.effortlessis.com/thisisnotbackupbuddy/ - it is a set of scripts that allow you to manage and back up numerous hosts, called via cron on a regular, graceful failure basis, via rsync. It de-duplicates files that have not changed between backup sets, so depending on the churn on your servers, you can get an astonishing number of backups onto a single drive... I've managed backups for a rather large cluster (now over 200 schools and school districts) of data automatically, on a 24 hour basis using these scripts, for years, so they really do work. And for our development team, we recover from these backups in order to replicate reported issues, so these backups are verified numerous times per day. Get a computer with some big disks in it. (We have about 20 TB of disk space on our backups server right now) Set up TinBackupBuddy and point to the big disks, use symlinks where it makes sense. Set a few options, call bbbackup.php via cron, and you're golden. Been doing it for close to 10 years now Good luck! On 01/16/2012 03:50 PM, Hugh E Cruickshank wrote: > Hi All: > > We have been looking at implementing deduplication on a backup server. > > From what I have been able to find the available documentation is > pretty thin. I ended up trying to install LessFS on this CentOS 5.7 > box but we have now encountered problems with fuse version. > > Has anyone out there been able to get LessFS running on CentOS 5.7 and > can provide some pointers? > > If not LessFS can you suggest an alternate deduplication software? > > TIA > > Regards, Hugh > -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Activating Wireless from command line
Folks
Is there a way in CENTOS6 to define and turn on wireless from the
command line. My environment is as follows:
I'm trying to build a laptop for travel, and have KVM-guests for both
Linux Gui and Windows, using internal NAT networking. The underlying
host machine doesn't really need to be much more than a NAT provider,
and the usual command-line utilities.
When I arrive at a new location, and have the network ID and password
in hand, I don't mind executing some kind of script (on the host) to
create the connection. But when I return to that network weeks
later, it should be very easy to complete the connection. This needs
to be done in the host machine, not in the clients.
So far, I've figured out the following:
I issued the following
iwconfig wlan0 up
(Manually I issued
iwlist wlan0 scan | grep ESSID
and identified the right network
)
I then issued
wpa_passphrase {ename} "{pass-phrase}" >>
/etc/wpa_supplicant/wpa_supplicant.conf
where {ename} is the name of the network, case sensitive
and {pass-phrase} is the same as I would enter in the GUI interface,
if I wanted to use it.
What more is needed? I really want to avoid GUI interfaces if possible.
Thanks
David Kurn
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Dovecot under CentOS-6
On 01/23/2012 05:25 PM, Timothy Murphy wrote: > I've been running dovecot on a CentOS-5.7 server. > Now I'm moving over to another server running CentOS-6.2. > I thought I was running dovecot on the new server, > but in fact there was an error during the setup, > with the result that incoming mail finished up in/var/spool/mail/ > rather than in ~/Maildir , where I wanted it to go. Dovecot isn't your MTA. You also need to duplicate your sendmail/postfix service on the new host. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Dovecot under CentOS-6
I've been running dovecot on a CentOS-5.7 server. Now I'm moving over to another server running CentOS-6.2. I thought I was running dovecot on the new server, but in fact there was an error during the setup, with the result that incoming mail finished up in /var/spool/mail/ rather than in ~/Maildir , where I wanted it to go. Now I'm wondering if there is some way that I can re-direct the mail in /var/spool/mail/ so that it goes through the system as though it were just arriving? I mean, so that it gets distributed into the correct folders under ~/Maildir , as specified in .procmailrc . Any suggestions gratefully received. -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College Dublin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On 01/23/12 7:13 AM, Dotan Cohen wrote: > I believe that 5.2 still is seeing > security updates, no? 5.7 (plus anything released since 5.7) *is* the current security update to 5.2 -- john r pierceN 37, W 122 santa cruz ca mid-left coast ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNS and Reverse Adresses
Hi Götz, > My question: dose maybe someone forgot the 192.168.200.x reverse zone > files and config probably. > and can I just create a file like that for the 172.17 > hosts and adding the config for the reverse zone to my named.conf? Yes, *if* you either have the only DNS in your network (not a hierarchically lower level that gets its domains delegated from the next higher level) or the 200.168.192.in-addr.arpa domain has been delegated to you. Having the authority over the 'domainname.de' domain and hostnames that resolve to 192.168.200.x addresses does not automatically mean that you have authority over the said reverse lookup domain as well. You can check whether some other name server resolves 192.168.200.x addresses by entering dig -x 192.168.200.x If you get NXDOMAIN, there is probably either more mis-configuration around (happens frequently in my experience), or there actually is no other server that could provide reverse lookup. You can also try to check the delegation of the 200.168.192.in-addr.arpa address by issuing the command dig 200.168.192.in-addr.arpa NS The pointers you get in return (if any) should give you an indication whether you have authority to resolve reverse lookups for 192.168.200.x addresses. Again, if yours is/are the only or main authoritative DNS server(s) in the (internal) network, these considerations do not apply. Viele Grüße, Peter. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] DNS and Reverse Adresses
Hi, I do have a domain and a couple of different ip networks. E.g. domainname.de and 172.17.0.0/16 and 192.168.200.0/24 In our old dns files I only have a reverse master zone for the 172.17.-lans, but also 192.168.200.x addresses in the forward zone config. My question: dose maybe someone forgot the 192.168.200.x reverse zone files and config and can I just create a file like that for the 172.17 hosts and adding the config for the reverse zone to my named.conf? Any suggestions are welcome. Regards. Götz who has to deal with some very old horses ... :) -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzender des Aufsichtsrats: Jürgen Walter MdL Staatssekretär im Ministerium für Wissenschaft, Forschung und Kunst Baden-Württemberg Geschäftsführer: Prof. Thomas Schadt ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On Mon, Jan 23, 2012 at 18:57, wrote: > a) You should NOT, under any circumstances, be backing it up to your home > systems. You should be backing it up to a work server - there are very > serious legal implications involved here. > Thanks, but there are no customer data or other sensitive data on the server. I wouldn't dream of compromising customer data! > b) Since it's in a datacenter, presumably being hosted, you need to > contact the datacenter provider and inform them that you believe it may be > infected, and work with them to investigate - they may have an intrusion > response team far more qualified than you to investigate whether there's > been an intrusion. On the other hand, you've also got to worry about your > company's proprietary data, and what they should see, and what they should > not. > That is a good idea. There do exist professionals for this type of work, and that is the place to find them. Thanks. > As I said, a *lot* of legal issues - don't put yourself into a position > that could get you, personally, out of a job, sued, or even, as an > extreme, jailed. > Thank you for the concern. I will be cautious and not reckless! My own security is not worth that server! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
Thanks, all. I suppose that you all are right, considering that 5.2 is no longer supported. I was under the impression that this is an older but up-to-date install. This server sits in a datacenter hundreds or thousands of kilometers from anyone related to it, so I will back it all up via rsync. Do I risk my home Debian or Fedora boxes by downloading the server's files to them? Of course I won't deliberately execute any files that I download, and I won't be root, but I'd like to know if I need to take any extra precautions. Thanks! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On Mon, Jan 23, 2012 at 7:39 AM, Dotan Cohen wrote: > > It's not my box, but I may have opportunity to look at it. After going > through dmesg and messages, if I don't find anything obvious, what > should I start looking for? Forwarding on behalf of Mark whose emails are being rejected: Patrick Lists wrote: > On 23-01-12 16:13, Dotan Cohen wrote: > There is no other option than to reinstall the box with 5.7 (or whatever the latest is) and *always* update the box. I would also throw out that "specific software". Vendors who force you to stay with a version of an OS that no longer gets security updates should be avoided at all cost. And, for that matter, if it's in-house software, you managers are going to *have* to bite the bullet and spend the money to have your in-house people fix the software so that it is compatible with current releases. Beyond that, how do you *know* that it's not compatible with 5.7? Have you tried it on a 5.7 box? At least bring up a 5.7 VM and try it. If you don't have one, you really, really need to have a test system - if your managers have had development and test done on a production box, and they don't understand why this is bad, then I might recommend looking for another job, where they're not amateurs, in the worst sense of the word. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of Dotan Cohen > Sent: Monday, January 23, 2012 10:14 > To: CentOS mailing list > Subject: Re: [CentOS] Machine becoming irresponsive > > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > wrote: > > I'd have a look at why an apparently Internet-facing server is 5 > point > > releases, plus a lot of subsequent errata, behind the current 5.7 > > release level; and what resultant vulnerabilities might have been > exploited. > > > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? > No. The minor release 5.2 (exactly) is no longer getting updates, but the major release it is in (5) is up to minor release 5.7. If you are using the CentOS update mechanisms in the standard configured way, then you may already be up to 5.7, but simply do not understand the fact. "What is the versioning/release scheme of CentOS and how does it compare to the upstream vendor?" https://www.centos.org/modules/smartfaq/faq.php?faqid=34 "How do I get updates for CentOS?" https://www.centos.org/modules/smartfaq/faq.php?faqid=8 The upstream vendor has some information that may help you understand EL OS minor revisions (or point releases): "Red Hat Enterprise Linux Life Cycle" https://access.redhat.com/support/policy/updates/errata/?cid=332371 '"Red Hat Enterprise Linux Compatibility Policies"' https://access.redhat.com/kb/docs/DOC-5155 Too bad I can't find a centos FAQ pointing to these or explaining it at a CentOS level, as I am beginning to think "My ancient version of CentOS is still getting updates, right?" or "I installed X.y of CentOS is it possible to upgrade to X.(y+1) of CentOS without a full reinstall?" are becoming FAQ but keep being stated in slightly different ways. > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where should > I concentrate my efforts? I would suggest investigating the advice of those who are suggesting you look at the possibility of the box already being compromised. (as it is better to _KNOW_ for sure.) Also understanding the actual version of your system may help you. These three commands may help (if the machine is not compromised, and perhaps even if it is): rpm -qa \*release\* rpm -qa --last |head uname -r Studying for the Linux+ exam (or similar) may point you in many directions you have not yet known existed. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On Mon, Jan 23, 2012 at 9:13 AM, Dotan Cohen wrote: > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > wrote: >> I'd have a look at why an apparently Internet-facing server is 5 point >> releases, plus a lot of subsequent errata, behind the current 5.7 >> release level; and what resultant vulnerabilities might have been exploited. >> > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? No, if you were doing updates, you would be at 5.7 now. It you aren't doing updates there are well known exploits against anything earlier than 5.4 or so. > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where should > I concentrate my efforts? First you have to make sure that the tools you are going to use for diagnosis haven't been compromised. An rpm -Va is a first cut at finding files that are changed from the copies distributed. Also, if you have a known-good backup or offline system, run md5sum on netstat, top, ps, lsof, ssh and sshd and compare to the versions on this system. If it is just a software bug, it may be a program not closing files or leaking memory. Netstat or lsof should show open files and connections - if they keep going up, look for the process causing it. Top will show what is using memory. Ps will show the running processes - look for anything you don't expect to be running. If you have mysql running, try 'mysqladmin status' and see if you have many 'slow queries'. -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On 23-01-12 16:13, Dotan Cohen wrote: > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? 5.2 does not get security updates. My guess is your box has been compromised. Boot the box with a live CD/DVD and get an image of the harddisk(s) so you can analyze what happened to it. > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where should > I concentrate my efforts? There is no other option than to reinstall the box with 5.7 (or whatever the latest is) and *always* update the box. I would also throw out that "specific software". Vendors who force you to stay with a version of an OS that no longer gets security updates should be avoided at all cost. Regards, Patrick ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
Dotan Cohen wrote: > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > wrote: > >> I'd have a look at why an apparently Internet-facing server is 5 point >> releases, plus a lot of subsequent errata, behind the current 5.7 >> release level; and what resultant vulnerabilities might have been exploited. >> >> > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? > > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where should > I concentrate my efforts? > > Thanks. > > Hi Dotan, I think that you are mistaken in your belief that 5.2 is still receiving security updates. CentOS 5 is still receiving updates but to benefit from them you have to be at the latest point release, at the moment 5.7. Regards ChrisG ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
Dotan Cohen wrote: > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > wrote: >> I'd have a look at why an apparently Internet-facing server is 5 point >> releases, plus a lot of subsequent errata, behind the current 5.7 >> release level; and what resultant vulnerabilities might have been exploited. >> > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? No. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On 2012-01-23 15:13, Dotan Cohen wrote: > On Mon, Jan 23, 2012 at 16:23, Phil Schaffner > wrote: >> I'd have a look at why an apparently Internet-facing server is 5 >> point >> releases, plus a lot of subsequent errata, behind the current 5.7 >> release level; and what resultant vulnerabilities might have been >> exploited. >> > > Thanks. There are a lot of very specific software on that server that > precludes it from being updated. I believe that 5.2 still is seeing > security updates, no? > > In any case, a complete reinstall with either 5.2 or a latter version > is pretty much out of the question for now, though I will try to see > what needs to be done in that direction. In the meantime, where > should > I concentrate my efforts? > I think it has been intimated to you that the reason the system has been acting slowly is because it has already been compromised. A system acting in an unresponsive manner is a symptom that it has been compromised. You may not want to take the system offline, but you cannot trust your system to tell you anything while it is online in a compromised state. You could take a packet capture of what is going through it's network port (using a SPAN port on the switch), and analyse that for strange port activity. Otherwise, I would shut it down, make a complete copy of the hard disk having booted off a live or rescue CD and analyse the copy (you can bring the system back up while you analyse the copy, but of course you may put your other systems at risk by doing so). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
On Mon, Jan 23, 2012 at 16:23, Phil Schaffner wrote: > I'd have a look at why an apparently Internet-facing server is 5 point > releases, plus a lot of subsequent errata, behind the current 5.7 > release level; and what resultant vulnerabilities might have been exploited. > Thanks. There are a lot of very specific software on that server that precludes it from being updated. I believe that 5.2 still is seeing security updates, no? In any case, a complete reinstall with either 5.2 or a latter version is pretty much out of the question for now, though I will try to see what needs to be done in that direction. In the meantime, where should I concentrate my efforts? Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Machine becoming irresponsive
Dotan Cohen wrote on 01/23/2012 08:39 AM: > There is a CentOS 5.2 machine ... I'd have a look at why an apparently Internet-facing server is 5 point releases, plus a lot of subsequent errata, behind the current 5.7 release level; and what resultant vulnerabilities might have been exploited. Phil ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Machine becoming irresponsive
There is a CentOS 5.2 machine that is sometimes found to be offline. It runs a few websites but nothing very high traffic. I happened to notice a few days ago that before it went down, one of the sites written in PHP was throwing errors that it could not connect to the MySQL backend. Two hours later, the whole server was down and wasn't even responding to SSH. It's not my box, but I may have opportunity to look at it. After going through dmesg and messages, if I don't find anything obvious, what should I start looking for? What are the likely, common culprits and how to identify them? Is there a page of the fine manual that addresses issues like this? Thanks. -- Dotan Cohen http://gibberish.co.il http://what-is-what.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
