[CentOS] Strange situation with openssl and kernel
Hello, On a VM guest (running under KVM) with CentOS 5.8, I yesterday strangely got the following (see below). The server runs apache/php/squirrelmail/postfix/dovecot/openldap and it is a production server. Do you advise to do some particular file system checks or other settings? Any other advice? Such errors have not appeared in the past. Thanks, Nick System info: = [root@vmail log]# parted -l Error: Unable to open /dev/md0 - unrecognised disk label. Model: Unknown (unknown) Disk /dev/vda: 623GB Sector size (logical/physical): 512B/512B Partition Table: msdos Number Start End SizeType File system Flags 1 32.3kB 107MB 107MB primary ext3 boot 2 107MB 85.9GB 85.8GB primary lvm 3 85.9GB 623GB 537GB primary lvm [root@vmail log]# [root@vmail log]# df -h FilesystemSize Used Avail Use% Mounted on /dev/mapper/VolGroup00-LogVol00 560G 72G 460G 14% / /dev/vda1 99M 20M 75M 21% /boot tmpfs 1.5G 0 1.5G 0% /dev/shm [root@vmail log]# [root@vmail log]# [root@vmail log]# uname -a Linux vmail.noa.gr 2.6.18-308.4.1.el5 #1 SMP Tue Apr 17 17:08:00 EDT 2012 x86_64 x86_64 x86_64 GNU/Linux [root@vmail log]# [root@vmail log]# [root@vmail log]# vgdisplay --- Volume group --- VG Name VolGroup00 System ID Formatlvm2 Metadata Areas2 Metadata Sequence No 5 VG Access read/write VG Status resizable MAX LV0 Cur LV2 Open LV 2 Max PV0 Cur PV2 Act PV2 VG Size 579.84 GB PE Size 32.00 MB Total PE 18555 Alloc PE / Size 18555 / 579.84 GB Free PE / Size 0 / 0 VG UUID fDg7W8-xe04-7OpQ-tFLe-Sioh-G2jb-dOuLGa [root@vmail log]# lvdisplay --- Logical volume --- LV Name/dev/VolGroup00/LogVol00 VG NameVolGroup00 LV UUID2Q26xO-HIdJ-UXAR-0zAM-yYFq-ysqu-bEs8J8 LV Write Accessread/write LV Status available # open 1 LV Size577.88 GB Current LE 18492 Segments 2 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 252:0 --- Logical volume --- LV Name/dev/VolGroup00/LogVol01 VG NameVolGroup00 LV UUIDCeb2Qe-tnNk-te6R-cxdm-p0cK-SieL-0mqhHW LV Write Accessread/write LV Status available # open 1 LV Size1.97 GB Current LE 63 Segments 1 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 252:1 = /var/log/messages: May 2 20:48:24 vmail nrpe[25864]: Error: Could not complete SSL handshake. 5 May 2 20:48:24 vmail nrpe[25866]: Error: Could not complete SSL handshake. 5 May 2 21:00:31 vmail nrpe[26106]: Error: Could not complete SSL handshake. 5 May 2 21:20:34 vmail nrpe[2]: Error: Could not complete SSL handshake. 5 May 2 21:21:32 vmail nrpe[26686]: Could not read request from client, bailing out... May 2 21:21:32 vmail nrpe[26686]: INFO: SSL Socket Shutdown. May 2 21:43:11 vmail kernel: INFO: task fail2ban-server:2589 blocked for more than 120 seconds. May 2 21:45:32 vmail kernel: echo 0 /proc/sys/kernel/hung_task_timeout_secs disables this message. May 2 21:45:32 vmail kernel: fail2ban-serv D 0 2589 1 2590 2585 (NOTLB) May 2 21:47:25 vmail kernel: 8100a6625ea8 0082 2acbd000 1000 May 2 21:47:53 vmail kernel: ff9ca6854280 0009 8100a65f8040 8100581f20c0 May 2 21:47:54 vmail kernel: 17f236120882 0465 8100a65f8228 May 2 21:47:54 vmail kernel: Call Trace: May 2 21:47:55 vmail kernel: [80063c63] __mutex_lock_slowpath+0x60/0x9b May 2 21:47:55 vmail kernel: [80063cad] .text.lock.mutex+0xf/0x14 May 2 21:47:55 vmail kernel: [80013ed6] generic_file_llseek+0x2a/0x8b May 2 21:47:55 vmail kernel: [8002563b] sys_lseek+0x40/0x60 May 2 21:47:58 vmail kernel: [8005d229] tracesys+0x71/0xe0 May 2 21:47:58 vmail kernel: [8005d28d] tracesys+0xd5/0xe0 May 2 21:47:58 vmail kernel: May 2 22:42:53 vmail nrpe[29199]: Could not read request from client, bailing out... May 2 22:42:53 vmail nrpe[29199]: INFO: SSL Socket Shutdown. May 2 22:42:53 vmail nrpe[29201]: Could not read request from client, bailing out... May 2 22:42:53 vmail
Re: [CentOS] SELinux prevents my PHP script from sending mail
On Wednesday 02 May 2012, Alan M. Evans wrote: Hello all... I maintain an amateurish email list for my wife's website on my CentOS 6 server. Once-a-month, she sends mail to mylista...@mydomain.com and the /etc/aliases file redirects that to my script: mylistaddr: | /usr/bin/php-cgi /var/www/html/mydomain/email-cgi.php The script, in turn, reads the recipient addresses out of a DB and composes and sends the mails. This all worked great until this month's mailing. Now sendmail just bounces the mail back 554 5.3.0 unknown mailer error 255. When I see programs complaining about unknown conditions, I usually suspect SELinux first, and sure enough... setenforce 0 then everything works like a charm. I wonder what changed between last month and this month? Anyway, I checked the audit.log file and found the relevant AVC denials. I created a local policy (audit2allow) to circumvent the denials, which helpfully prevented the denial messages in audit.log. But the maillist script still fails identically as long as SELinux is enforcing. And now nothing shows up in audit.log. So SELinux is preventing sendmail from calling my maillist script and not reporting the reason. How do I go about figuring out what's broken and how to fix it? Do you have the httpd_can_sendmail boolean on? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Firefox10-stuck with sync
Dear All, Since RHEL/Centos went to Firefox10, I have about 50 users who have sync-pop-ups. Does anyone knows a quick and very dirty way to get rid of sync all together? I searched the Mozilla Forum, but found no clean Linux-solution, without me having to log in to every account and run about:config. I was thinking like adding something to prefs.js I cannot believe Firefox included this kind of feature without a very big OFF-button. The world is twisted. Is nobody thinking of sysadmins these days? ( not that I consider myself a true sysadmin ) Thanks very much for any advise. greetings, J. -- Johan Vermeulen IT-medewerker Caw De Kempen johan.vermeu...@cawdekempen.be 0479.82.01.41 Opensource Software is the future. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Can only login as root
I have a strange problem on a CentOS-5.8 machine. I can only login as root. If I try to login with one of the user's names, it hangs for a long time. I thought it hung forever, but I just found that I do login after su tim after 5 minutes. It seems that the problem lies in repeated messages in /var/log/messages --- May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server ldap://www.gayleard.com/: Can't contact LDAP server May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... --- The openldap server is not running, and I don't see why this authentication is being sought. There is nothing in /etc/pam.d/su or /etc/pam.d/login or /etc/ssh/sshd_config to suggest that ldap needs to be invoked, unless it is a part of system-auth . -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College Dublin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can only login as root
On Thu, 2012-05-03 at 13:47 +0100, Timothy Murphy wrote: I have a strange problem on a CentOS-5.8 machine. I can only login as root. If I try to login with one of the user's names, it hangs for a long time. I thought it hung forever, but I just found that I do login after su tim after 5 minutes. It seems that the problem lies in repeated messages in /var/log/messages --- May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server ldap://www.gayleard.com/: Can't contact LDAP server May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... --- The openldap server is not running, and I don't see why this authentication is being sought. There is nothing in /etc/pam.d/su or /etc/pam.d/login or /etc/ssh/sshd_config to suggest that ldap needs to be invoked, unless it is a part of system-auth . Have you also checked /etc/nsswitch.conf? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
On Thu, 2012-05-03 at 10:33 +0100, Colin Coles wrote: On Wednesday 02 May 2012, Alan M. Evans wrote: Hello all... I maintain an amateurish email list for my wife's website on my CentOS 6 server. Once-a-month, she sends mail to mylista...@mydomain.com and the /etc/aliases file redirects that to my script: mylistaddr: | /usr/bin/php-cgi /var/www/html/mydomain/email-cgi.php The script, in turn, reads the recipient addresses out of a DB and composes and sends the mails. This all worked great until this month's mailing. Now sendmail just bounces the mail back 554 5.3.0 unknown mailer error 255. When I see programs complaining about unknown conditions, I usually suspect SELinux first, and sure enough... setenforce 0 then everything works like a charm. I wonder what changed between last month and this month? Anyway, I checked the audit.log file and found the relevant AVC denials. I created a local policy (audit2allow) to circumvent the denials, which helpfully prevented the denial messages in audit.log. But the maillist script still fails identically as long as SELinux is enforcing. And now nothing shows up in audit.log. So SELinux is preventing sendmail from calling my maillist script and not reporting the reason. How do I go about figuring out what's broken and how to fix it? Do you have the httpd_can_sendmail boolean on? Yes. -- Mae fy hofrenfad i yn llawn llysywod ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
On Thu, 2012-05-03 at 06:54 -0700, Alan M. Evans wrote: On Thu, 2012-05-03 at 10:33 +0100, Colin Coles wrote: On Wednesday 02 May 2012, Alan M. Evans wrote: Hello all... I maintain an amateurish email list for my wife's website on my CentOS 6 server. Once-a-month, she sends mail to mylista...@mydomain.com and the /etc/aliases file redirects that to my script: mylistaddr: | /usr/bin/php-cgi /var/www/html/mydomain/email-cgi.php The script, in turn, reads the recipient addresses out of a DB and composes and sends the mails. This all worked great until this month's mailing. Now sendmail just bounces the mail back 554 5.3.0 unknown mailer error 255. When I see programs complaining about unknown conditions, I usually suspect SELinux first, and sure enough... setenforce 0 then everything works like a charm. I wonder what changed between last month and this month? Anyway, I checked the audit.log file and found the relevant AVC denials. I created a local policy (audit2allow) to circumvent the denials, which helpfully prevented the denial messages in audit.log. But the maillist script still fails identically as long as SELinux is enforcing. And now nothing shows up in audit.log. So SELinux is preventing sendmail from calling my maillist script and not reporting the reason. How do I go about figuring out what's broken and how to fix it? Do you have the httpd_can_sendmail boolean on? Yes. Actually, just looking at my own description and I realize that the subject should read that SELinux is preventing my script from *receiving* mail, not sending mail. Various scripts on the site send mail all the time with no problem. It's the execution (via the aliases file) of email-cgi.php that fails. -Alan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/03/2012 10:02 AM, Alan M. Evans wrote: On Thu, 2012-05-03 at 06:54 -0700, Alan M. Evans wrote: On Thu, 2012-05-03 at 10:33 +0100, Colin Coles wrote: On Wednesday 02 May 2012, Alan M. Evans wrote: Hello all... I maintain an amateurish email list for my wife's website on my CentOS 6 server. Once-a-month, she sends mail to mylista...@mydomain.com and the /etc/aliases file redirects that to my script: mylistaddr: | /usr/bin/php-cgi /var/www/html/mydomain/email-cgi.php The script, in turn, reads the recipient addresses out of a DB and composes and sends the mails. This all worked great until this month's mailing. Now sendmail just bounces the mail back 554 5.3.0 unknown mailer error 255. When I see programs complaining about unknown conditions, I usually suspect SELinux first, and sure enough... setenforce 0 then everything works like a charm. I wonder what changed between last month and this month? Anyway, I checked the audit.log file and found the relevant AVC denials. I created a local policy (audit2allow) to circumvent the denials, which helpfully prevented the denial messages in audit.log. But the maillist script still fails identically as long as SELinux is enforcing. And now nothing shows up in audit.log. So SELinux is preventing sendmail from calling my maillist script and not reporting the reason. How do I go about figuring out what's broken and how to fix it? Do you have the httpd_can_sendmail boolean on? Yes. Actually, just looking at my own description and I realize that the subject should read that SELinux is preventing my script from *receiving* mail, not sending mail. Various scripts on the site send mail all the time with no problem. It's the execution (via the aliases file) of email-cgi.php that fails. -Alan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos What AVC messages are you seeing? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+ik/IACgkQrlYvE4MpobP4xACghLKXTF4anbHyWXRLAuxbOKnw +dYAoKAHJnw2tnGvpWgEAAuw+FVIanxE =9s7r -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] mysql-bin files - filling up the space.
Dear All Greetings, i am seeking help from guys with mysql knowledge. i can see lot of these files in mysql directory. And they are eventually filling up the space on the server. what these files are? some exists with very old time stamps. such as February 2012. can these be deleted? This Number Starts From ---mysql-bin.01 -rw-rw 1 mysql mysql 159M Apr 25 12:24 mysql-bin.000197 -rw-rw 1 mysql mysql 5M Apr 26 00:00 mysql-bin.000198 -rw-rw 1 mysql mysql 8.1M Apr 27 00:00 mysql-bin.000200 -rw-rw 1 mysql mysql 125M MAY 27 20:29 mysql-bin.000230 Prabh S. Mavi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Libreoffice.org official RPMs in yum friendly format
On 27.04.2012 12:55, Nux! wrote: Anyway, for those of you interested to run the RPMs from the libreoffice.org tarball instead of the stock packages, I put them all in a repo. Repo updated with 3.5.3: http://www.nux.ro/archive/2012/05/LibreOffice_org_RPMs_repo_updated.html -- Sent from the Delta quadrant using Borg technology! Nux! www.nux.ro ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mysql-bin files - filling up the space.
On Thu, May 3, 2012 at 11:23 AM, Prabhpal S. Mavi prabh...@digital-infotech.net wrote: Dear All Greetings, i am seeking help from guys with mysql knowledge. i can see lot of these files in mysql directory. And they are eventually filling up the space on the server. what these files are? some exists with very old time stamps. such as February 2012. can these be deleted? This Number Starts From ---mysql-bin.01 -rw-rw 1 mysql mysql 159M Apr 25 12:24 mysql-bin.000197 -rw-rw 1 mysql mysql 5M Apr 26 00:00 mysql-bin.000198 -rw-rw 1 mysql mysql 8.1M Apr 27 00:00 mysql-bin.000200 -rw-rw 1 mysql mysql 125M MAY 27 20:29 mysql-bin.000230 The first hit here has a very detailed description of that: https://www.google.com.br/search?q=mysql-bin In case your results are different: http://www.cyberciti.biz/faq/what-is-mysql-binary-log/ -- Giovanni ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can only login as root
On Thu, May 03, 2012 at 09:25:02AM -0400, Tait Clarridge wrote: On Thu, 2012-05-03 at 13:47 +0100, Timothy Murphy wrote: I have a strange problem on a CentOS-5.8 machine. I can only login as root. If I try to login with one of the user's names, it hangs for a long time. I thought it hung forever, but I just found that I do login after su tim after 5 minutes. It seems that the problem lies in repeated messages in /var/log/messages Sounds like another bug that has been around for years. You may be able to fix this by finding a line--on CentOS 5.x I think it's in /etc/ldap.conf, that says bind_policy hard. (It's probably commented out.) Uncomment it (by removing the # at the beginning of the line, if there is a # sign) and change it bind_policy soft. Then restart ldap if it's running--on 5.8, not sure if it's service slapd or service ldap. See if that helps. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 Spike: We like to talk big... vampires do. 'I'm going to destroy the world.' That's just tough-guy talk. Strutting around with your friends over a pint of blood. The truth is, I _like_ this world. You've got...dog racing, Manchester United. And you've got people. Billions of people walking around like Happy Meals with legs. It's all right here. But then someone comes along with a vision. With a real... passion for destruction. Angel could pull it off. Good-bye, Picadilly. Farewell, Leicester-bloody-Square. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
[ Sorry about the private message. Reply-to header wasn't set in your message. Resending to all... ] On Thu, 2012-05-03 at 10:19 -0400, Daniel J Walsh wrote: What AVC messages are you seeing? None now, as I said. But before I applied the local policy, the denials were: type=AVC msg=audit(1335990099.325:127749): avc: denied { getattr } for pid=17629 comm=php-cgi path=/var/www/html/mydomain/email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127750): avc: denied { read } for pid=17629 comm=php-cgi name=email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127750): avc: denied { open } for pid=17629 comm=php-cgi name=email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127751): avc: denied { ioctl } for pid=17629 comm=php-cgi path=/var/www/html/mydomain/email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.346:127752): avc: denied { write } for pid=17629 comm=php-cgi name=.s.PGSQL.5432 dev=cciss!c0d0p1 ino=9568267 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:object_r:postgresql_tmp_t:s0 tclass=sock_file type=AVC msg=audit(1335990099.346:127752): avc: denied { connectto } for pid=17629 comm=php-cgi path=/tmp/.s.PGSQL.5432 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:system_r:postgresql_t:s0 tclass=unix_stream_socket I used these with audit2allow to make a local policy module. Since then, audit.log is completely silent when the script execution fails. -Alan ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can only login as root
On May 3, 2012, at 5:47 AM, Timothy Murphy wrote: I have a strange problem on a CentOS-5.8 machine. I can only login as root. If I try to login with one of the user's names, it hangs for a long time. I thought it hung forever, but I just found that I do login after su tim after 5 minutes. It seems that the problem lies in repeated messages in /var/log/messages --- May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server ldap://www.gayleard.com/: Can't contact LDAP server May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... --- The openldap server is not running, and I don't see why this authentication is being sought. There is nothing in /etc/pam.d/su or /etc/pam.d/login or /etc/ssh/sshd_config to suggest that ldap needs to be invoked, unless it is a part of system-auth . it would seem that you configured ldap as a potential authentication source in 'authconfig' Tait probably gave you the best possible fix - remove the ldap entries in /etc/nsswitch.conf (or /etc/sssd/sssd.conf if present). Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/03/2012 10:40 AM, Alan M. Evans wrote: [ Sorry about the private message. Reply-to header wasn't set in your message. Resending to all... ] On Thu, 2012-05-03 at 10:19 -0400, Daniel J Walsh wrote: What AVC messages are you seeing? None now, as I said. But before I applied the local policy, the denials were: type=AVC msg=audit(1335990099.325:127749): avc: denied { getattr } for pid=17629 comm=php-cgi path=/var/www/html/mydomain/email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127750): avc: denied { read } for pid=17629 comm=php-cgi name=email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127750): avc: denied { open } for pid=17629 comm=php-cgi name=email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127751): avc: denied { ioctl } for pid=17629 comm=php-cgi path=/var/www/html/mydomain/email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.346:127752): avc: denied { write } for pid=17629 comm=php-cgi name=.s.PGSQL.5432 dev=cciss!c0d0p1 ino=9568267 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:object_r:postgresql_tmp_t:s0 tclass=sock_file type=AVC msg=audit(1335990099.346:127752): avc: denied { connectto } for pid=17629 comm=php-cgi path=/tmp/.s.PGSQL.5432 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:system_r:postgresql_t:s0 tclass=unix_stream_socket I used these with audit2allow to make a local policy module. Since then, audit.log is completely silent when the script execution fails. -Alan An email comes in and this then executes a cgi script which connects to posgresql? -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+ino0ACgkQrlYvE4MpobOnKACg5YDMt5YWy5oy0MgOS98E02HT vI0AnipTxYI/CQFoDy7sCHRMqkyCXGI0 =/XtW -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
2012/5/3 Alan M. Evans a...@extratech.com: [ Sorry about the private message. Reply-to header wasn't set in your message. Resending to all... ] On Thu, 2012-05-03 at 10:19 -0400, Daniel J Walsh wrote: What AVC messages are you seeing? None now, as I said. But before I applied the local policy, the denials were: How about trying something like this: su - useraccount-under-script-runs -s /bin/bash and then run following commands: /usr/bin/php-cgi /var/www/html/mydomain/email-cgi.php or strace /usr/bin/php-cgi /var/www/html/mydomain/email-cgi.php -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenLDAP migration from Centos 5 to 6
On May 1, 2012, at 4:05 PM, Timothy Murphy wrote: Giles Coochey wrote: So I have copied /etc/openldap/slapd.conf from the old server to the new and also copied the old DB_CONFIG to /var/lib/ldap (these files are not used under CentOS-6, as far as I can see), and run Under Centos 6.2 openldap uses the new cn=config configuration mechanism, and will ignore your slapd.conf configuration if that mechnism already exists. Thanks for your response. I know the default config is as you say, but I gave the command --- [root@grover ldap]# slapadd -f /tmp/slapd.conf -l /tmp/ldif bdb_monitor_db_open: monitoring disabled; configure monitor database to enable - 100.00% eta none elapsed 26s spd 4.8 k/s Closing DB... --- I'm pretty sure the file slapd.conf was read by the program, as the outcome was different. Try backing up and removing that folder, then your slapd.conf configuration will actually be read. I'll try that, But have you actually migrated an openLDAP setup from CentOS 5 to 6? - as I understand it (and I have been doing new installs with Ubuntu and not CentOS 6), CentOS 6 uses the dynamic config methodology thereby rendering slapd.conf and the previous methods for configuring ldap useless down the self-defeating path. The way to 'migrate' isn't that complicated - you need to do a slapcat of your previous (CentOS 5) openldap server into a file. Then you need to set up the base configuration and database via the dynamic configuration methodology. I can point you to the methodology for Ubuntu - https://help.ubuntu.com/10.04/serverguide/openldap-server.html and the process on CentOS would almost be the same with the exceptions being the software packages have different names on CentOS and the configuration data would be in /etc/openldap on CentOS and in /etc/ldap in Ubuntu. I suspect that someone has documented a similar guide for CentOS but I don't know where. Craig ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux prevents my PHP script from sending mail
On Thu, 2012-05-03 at 11:04 -0400, Daniel J Walsh wrote: On 05/03/2012 10:40 AM, Alan M. Evans wrote: On Thu, 2012-05-03 at 10:19 -0400, Daniel J Walsh wrote: What AVC messages are you seeing? None now, as I said. But before I applied the local policy, the denials were: type=AVC msg=audit(1335990099.325:127749): avc: denied { getattr } for pid=17629 comm=php-cgi path=/var/www/html/mydomain/email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127750): avc: denied { read } for pid=17629 comm=php-cgi name=email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127750): avc: denied { open } for pid=17629 comm=php-cgi name=email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.326:127751): avc: denied { ioctl } for pid=17629 comm=php-cgi path=/var/www/html/mydomain/email-cgi.php dev=cciss!c0d0p1 ino=14811468 scontext=system_u:system_r:sendmail_t:s0 tcontext=unconfined_u:object_r:httpd_sys_content_t:s0 tclass=file type=AVC msg=audit(1335990099.346:127752): avc: denied { write } for pid=17629 comm=php-cgi name=.s.PGSQL.5432 dev=cciss!c0d0p1 ino=9568267 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:object_r:postgresql_tmp_t:s0 tclass=sock_file type=AVC msg=audit(1335990099.346:127752): avc: denied { connectto } for pid=17629 comm=php-cgi path=/tmp/.s.PGSQL.5432 scontext=system_u:system_r:sendmail_t:s0 tcontext=system_u:system_r:postgresql_t:s0 tclass=unix_stream_socket I used these with audit2allow to make a local policy module. Since then, audit.log is completely silent when the script execution fails. An email comes in and this then executes a cgi script which connects to posgresql? Yes. The DB that keeps the mailing list recipients is postgresql. I'm not entirely certain how it got that far, given that sendmail was denied read and open access on the script. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DKIM Pass - Fail - Solved !!!
on 5/2/2012 9:36 AM Prabhpal S. Mavi spake the following: ntpdate should be run just once and then just have ntpd on.. the nptdate should bring the server to the proper time and cause dovecot to fail..you should only need to run it once (assuming the server is left on and not off for long periods). I run ntpd as a daemon, but not ntpdate... you do have to set up ntp as you have done to get in the pools, but leaving ntp on as a daemon should not affect it...at least it does not with mine. Dear BOB. H, Thanks for your response, you are right, it is ntpdate that create the problem after reboot not ntpd. once the time is corrected by ntpdate after that no issues as long as server is up. there are other solution, who wish to run both daemons. bash script can monitor dovecot every 5min through cron. when dovecot will stop due to time shifted error after reboot, script will start it again. and would be fine as long as server does not reboot again. Thanks / Regards Prabh S. Mavi NTPD will slowly and constantly keep your clock in sync... You do not need to run dtpdate constantly as it will force the large time jumps... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Reject Action For SPF
Dear Friends, i have setup SPF alright, postfix is performing check as well (results below), but even if there is no SPF record exist for a domain, message is still accepted. how can i set the reject action, if no SPF available. May 3 16:11:14 titan postfix/policy-spf[5353]: : SPF none (No applicable sender policy available): Envelope-from: somedomain.com Prabh S. Mavi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
Hi Prabh, i have setup SPF alright, postfix is performing check as well (results below), but even if there is no SPF record exist for a domain, message is still accepted. how can i set the reject action, if no SPF available. are you sure you want to do this? It will definitely result in lots of legitimate mail being blocked, because SPF is by no means ubiquitous. You can set up your mail server to block mail if the SPF record suggests it, but I would never filter mail originating from domains having no SPF record at all. Best regards, Peter. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
are you sure you want to do this? It will definitely result in lots of legitimate mail being blocked, because SPF is by no means ubiquitous. You can set up your mail server to block mail if the SPF record suggests it, but I would never filter mail originating from domains having no SPF record at all. Best regards, Peter. Dear Peter, Thanks for your response. it is true what you are saying. but we want to set that way. Prabh S. Mavi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
On 5/3/2012 12:40 PM, Prabhpal S. Mavi wrote: are you sure you want to do this? It will definitely result in lots of legitimate mail being blocked, because SPF is by no means ubiquitous. You can set up your mail server to block mail if the SPF record suggests it, but I would never filter mail originating from domains having no SPF record at all. Best regards, Peter. Dear Peter, Thanks for your response. it is true what you are saying. but we want to set that way. Prabh S. Mavi A couple of notes. 1. SPF was not designed to be used this way. It is doubtful that anyone has written anything that even remotely considered this option in use. You will likely have to write it yourself. 2. SPF is still in RFC testing, so it is not yet a full internet standard. And once it is, the standard still does not condone using it the way you intend. IOW, there is nothing in the standard that states you must have a SPF record to be a legit email domain. Basically, you'll have a broken mailserver. We are actually stuck with having to take ours off for the moment as one 'service' we use demands sending email from their mailservers using our email address and they still have no SPF record. If you do this, most likely you will not get around 90% of the good email as SPF is not widely used as of yet. But I guess if you are only interested in receiving email from a few 'known' domains... it could work. Seems it would be easier to just blacklist all and whitelist the few? If it is just for internal... perhaps a webmail system with no outside email ability would be the way to go? -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
1. SPF was not designed to be used this way. It is doubtful that anyone has written anything that even remotely considered this option in use. You will likely have to write it yourself. 2. SPF is still in RFC testing, so it is not yet a full internet standard. And once it is, the standard still does not condone using it the way you intend. IOW, there is nothing in the standard that states you must have a SPF record to be a legit email domain. Basically, you'll have a broken mailserver. We are actually stuck with having to take ours off for the moment as one 'service' we use demands sending email from their mailservers using our email address and they still have no SPF record. If you do this, most likely you will not get around 90% of the good email as SPF is not widely used as of yet. But I guess if you are only interested in receiving email from a few 'known' domains... it could work. Seems it would be easier to just blacklist all and whitelist the few? If it is just for internal... perhaps a webmail system with no outside email ability would be the way to go? Dear Hilton. J Thanks for your advice, i actually know this. what would you say about those who put there efforts to implement SPF. why they do it? Thanks / Regards Prabh S. Mavi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
1. SPF was not designed to be used this way. It is doubtful that anyone has written anything that even remotely considered this option in use. You will likely have to write it yourself. 2. SPF is still in RFC testing, so it is not yet a full internet standard. And once it is, the standard still does not condone using it the way you intend. IOW, there is nothing in the standard that states you must have a SPF record to be a legit email domain. Basically, you'll have a broken mailserver. We are actually stuck with having to take ours off for the moment as one 'service' we use demands sending email from their mailservers using our email address and they still have no SPF record. If you do this, most likely you will not get around 90% of the good email as SPF is not widely used as of yet. But I guess if you are only interested in receiving email from a few 'known' domains... it could work. Seems it would be easier to just blacklist all and whitelist the few? If it is just for internal... perhaps a webmail system with no outside email ability would be the way to go? Dear Hilton. J Thanks for your advice, i actually know this. what would you say about those who put there efforts to implement SPF. why they do it? Thanks / Regards Prabh S. Mavi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
Hi Prabh, Thanks for your advice, i actually know this. what would you say about those who put there efforts to implement SPF. why they do it? *if* someone sets up SPF for their domain, SPF works. Among other things, it can greatly reduce the amount of backscatter you receive due to spammers using your address to send mail. So it's not futile at all, it's just not planned to be used the way you intend to do it. Which SPF implementation are you using? And on which CentOS release? Best regards, Peter. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Can only login as root
From: Timothy Murphy gayle...@eircom.net To: centos@centos.org Sent: Thursday, May 3, 2012 5:47 AM Subject: [CentOS] Can only login as root I have a strange problem on a CentOS-5.8 machine. I can only login as root. If I try to login with one of the user's names, it hangs for a long time. I thought it hung forever, but I just found that I do login after su tim after 5 minutes. It seems that the problem lies in repeated messages in /var/log/messages --- May 3 12:14:13 helen su: nss_ldap: failed to bind to LDAP server ldap://www.gayleard.com/: Can't contact LDAP server May 3 12:14:13 helen su: nss_ldap: reconnecting to LDAP server (sleeping 64 seconds)... --- = How does your /etc/nsswitch.conf look? Particularly the 'passwd:' line? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] hack / spam/ probe /attack
so last night all my servers were severely probed and they tried to violate me (lol) the attack was so egregious I decided to contact the isp for that ip. Telepacific. The ip has some google searches that point to a few spam and a few attacks...So i assume a compromised server. So I sent them the info and said it must be a hacked server (the ip is on their business network) they responded ' you are not a customer and we cannot by law discuss a customer with you' They wanted me to contact my datacenter so they could look into it. I responded and told them the info again and they basically said it is up to my isp or datacenter to deal with it and to basically 'go away' that was my first attempt to notify an isp about a hacker/hacked computer on their serversdid not go so well. Is that the way they all deal with these issues? was not expecting that from the isp ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
bob wrote: so last night all my servers were severely probed and they tried to violate me (lol) You can use fail2ban as a condom g the attack was so egregious I decided to contact the isp for that ip. Telepacific. The ip has some google searches that point to a few spam and a few attacks...So i assume a compromised server. So I sent them the info and said it must be a hacked server (the ip is on their business network) Is this to their abuse? they responded ' you are not a customer and we cannot by law discuss a customer with you' They wanted me to contact my datacenter so they could look into it. I responded and told them the info again and they basically said it is up to my isp or datacenter to deal with it and to basically 'go away' A suggestion: ask for their legal service address. And this may sound weird, but you might call the FBI I mean, they were originally going heavily after wire fraud, and that's what this is, along with all the cyberbuzzwords. snip mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
On 05/03/2012 01:43 PM, bob wrote: so last night all my servers were severely probed and they tried to So I sent them the info and said it must be a hacked server (the ip is on their business network) Responsible ISP's maintain an 'abuse' mailbox (e.g., ab...@isp.com). Complaints I've sent to several ISP's via this route have always gotten prompt, responses. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
Tim Evans wrote: On 05/03/2012 01:43 PM, bob wrote: so last night all my servers were severely probed and they tried to So I sent them the info and said it must be a hacked server (the ip is on their business network) Responsible ISP's maintain an 'abuse' mailbox (e.g., ab...@isp.com). Complaints I've sent to several ISP's via this route have always gotten prompt, responses. Same here. Did they not understand what you were contacting them about... or did you email their support, in which case that's not what they do. They *should* have told you who to contact, though, not go away, boy, you bother me. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
On 5/3/2012 1:59 PM, m.r...@5-cent.us wrote: Tim Evans wrote: On 05/03/2012 01:43 PM, bob wrote: so last night all my servers were severely probed and they tried to So I sent them the info and said it must be a hacked server (the ip is on their business network) Responsible ISP's maintain an 'abuse' mailbox (e.g., ab...@isp.com). Complaints I've sent to several ISP's via this route have always gotten prompt, responses. Same here. Did they not understand what you were contacting them about... or did you email their support, in which case that's not what they do. They *should* have told you who to contact, though, not go away, boy, you bother me. mark yea, I went to thier top tier support and asked where I should send my info and they told me to bugger off. will try abuse when I get home. Not sure any of this is worth the effort, but will try now and then when probed...lol ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
bob wrote: On 5/3/2012 1:59 PM, m.r...@5-cent.us wrote: Tim Evans wrote: On 05/03/2012 01:43 PM, bob wrote: so last night all my servers were severely probed and they tried to So I sent them the info and said it must be a hacked server (the ip is on their business network) Responsible ISP's maintain an 'abuse' mailbox (e.g., ab...@isp.com). Complaints I've sent to several ISP's via this route have always gotten prompt, responses. Same here. Did they not understand what you were contacting them about... or did you email their support, in which case that's not what they do. They *should* have told you who to contact, though, not go away, boy, you bother me. yea, I went to thier top tier support and asked where I should send my info and they told me to bugger off. will try abuse when I get home. Not sure any of this is worth the effort, but will try now and then when probed...lol Do it. And try abuse; if not, I meant it about asking for the legal service address, which is what you have your lawyer send a letter to. Or the FBI. Give them something to do other than setting up naive innocent idiots so they can bust them for Big Headlines. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Fwd: File size diff between NFS mount and local disk
Hi all, I posed the below yesterday but have new info. Only across NFS does a 2.5MB file show as 64MB. When locally on the NFS server itself, the file still shows as 2.5MB. Any nuggets? - aurf Begin forwarded message: From: aurfalien aurfal...@gmail.com Date: May 2, 2012 12:56:05 PM EDT To: CentOS mailing list centos@centos.org Subject: File size diff between NFS mount and local disk Hi all, I never really paid attention to this but a file on an NFS mount is showing 64M in size, but when copying the file to a local drive, it shows 2.5MB in size. My NFS server is hardware Raided with a volume stripe size of 128K were the volume size is 20TB. My NFS clients are the same distro as the server being Centos. Is this due to my stripe size? Nuggets are appreciated. - aurf ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] File size diff on local disk vs NFS share
On May 3, 2012, at 3:04 PM, Glenn Cooper wrote: I never really paid attention to this but a file on an NFS mount is showing 64M in size, but when copying the file to a local drive, it shows 2.5MB in size. My NFS server is hardware Raided with a volume stripe size of 128K were the volume size is 20TB, my local disk is about 500GB. Is this due to my stripe size? Nuggets are appreciated. By the way, this is only across NFS as when ssh'd into the server, the file size shows 2.5M, same as the clients when its local so its seems NFS is the culprit. I have r/wsize tweaked but thats it. Wild guess - cached file attributes not getting updated properly in the NFS client? Has the actual file size changed recently, like in the last few hours or days? Cheers, Glenn Hi, More info. So the file in question is showing to be 2.5MB today, were as yesterday it was ~66MB. A new file generated today is also 2.4MB but via NFS its 66MB, even when logged in to the server locally its 66MB! You hinted to cache and so I looked around my Raid controller settings, specifically write through vs write back. I will change it from write back to write through later tonight and report back. The pattern is all files new files look to be 66MB until some time later. I do have a 4GB mem cache on this Raid controller (Areca). - aurf ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] File size diff on local disk vs NFS share
On May 3, 2012, at 3:04 PM, Glenn Cooper wrote: I never really paid attention to this but a file on an NFS mount is showing 64M in size, but when copying the file to a local drive, it shows 2.5MB in size. My NFS server is hardware Raided with a volume stripe size of 128K were the volume size is 20TB, my local disk is about 500GB. Is this due to my stripe size? Nuggets are appreciated. By the way, this is only across NFS as when ssh'd into the server, the file size shows 2.5M, same as the clients when its local so its seems NFS is the culprit. I have r/wsize tweaked but thats it. Wild guess - cached file attributes not getting updated properly in the NFS client? Has the actual file size changed recently, like in the last few hours or days? Cheers, Glenn Something more relevant perhaps, mount options via FSTAB on the server are; /dev/###/mountpoint xfs defaults,allocsize=64m,relatime,logbufs=8,logbsize=256k 0 0 Notice the allocsize of 64MB, perhaps relatime might be playing a role as well? I will remove allocsize first and report back. - aurf ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] File size diff on local disk vs NFS share
On 05/03/2012 09:16 PM, aurfalien wrote: On May 3, 2012, at 3:04 PM, Glenn Cooper wrote: I never really paid attention to this but a file on an NFS mount is showing 64M in size, but when copying the file to a local drive, it shows 2.5MB in size. My NFS server is hardware Raided with a volume stripe size of 128K were the volume size is 20TB, my local disk is about 500GB. Is this due to my stripe size? Nuggets are appreciated. By the way, this is only across NFS as when ssh'd into the server, the file size shows 2.5M, same as the clients when its local so its seems NFS is the culprit. I have r/wsize tweaked but thats it. Wild guess - cached file attributes not getting updated properly in the NFS client? Has the actual file size changed recently, like in the last few hours or days? Cheers, Glenn Something more relevant perhaps, mount options via FSTAB on the server are; /dev/### /mountpoint xfs defaults,allocsize=64m,relatime,logbufs=8,logbsize=256k 0 0 Notice the allocsize of 64MB, perhaps relatime might be playing a role as well? I will remove allocsize first and report back. - aurf Is it possible that you have 2 files with (almost) the same name? Check the inode of the file? And maybe copy it to subfolder? -- Ljubomir Ljubojevic (Love is in the Air) PL Computers Serbia, Europe Google is the Mother, Google is the Father, and traceroute is your trusty Spiderman... StarOS, Mikrotik and CentOS/RHEL/Linux consultant ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
On 05/03/2012 12:43 PM, bob wrote: so last night all my servers were severely probed and they tried to violate me (lol) the attack was so egregious I decided to contact the isp for that ip. Telepacific. The ip has some google searches that point to a few spam and a few attacks...So i assume a compromised server. So I sent them the info and said it must be a hacked server (the ip is on their business network) they responded ' you are not a customer and we cannot by law discuss a customer with you' They wanted me to contact my datacenter so they could look into it. I responded and told them the info again and they basically said it is up to my isp or datacenter to deal with it and to basically 'go away' that was my first attempt to notify an isp about a hacker/hacked computer on their serversdid not go so well. Is that the way they all deal with these issues? was not expecting that from the isp welcome to the internet. abuse@ contacts are the best route. check whois for a technical/abuse contact. possibly check their website for a helpdesk address. detail the specific attack(with log snippets if possible). saying ip blah attacked me. fix it now! isn't helpful. if you get a 1 out of 4 positive responses from abuse@ you are lucky. i typically include something like: please investigate and take appropriate action. that way the ball is in their court, they can take action if they choose. don't take the front line support response as the truth. often your complaint is forwarded to the appropriate team to investigate, while the front line simply responds to the incoming email. don't be discouraged, there are several good guys out there. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] File size diff on local disk vs NFS share
Ljubomir Ljubojevic wrote: On 05/03/2012 09:16 PM, aurfalien wrote: On May 3, 2012, at 3:04 PM, Glenn Cooper wrote: I never really paid attention to this but a file on an NFS mount is showing 64M in size, but when copying the file to a local drive, it shows 2.5MB in size. snip By the way, this is only across NFS as when ssh'd into the server, the file size shows 2.5M, same as the clients when its local so its seems NFS is the culprit. snip Wild guess - cached file attributes not getting updated properly in the NFS client? Has the actual file size changed recently, like in the last few hours or days? Something more relevant perhaps, mount options via FSTAB on the server are; /dev/### /mountpoint xfs defaults,allocsize=64m,relatime,logbufs=8,logbsize=256k 0 0 Notice the allocsize of 64MB, perhaps relatime might be playing a role as well? I will remove allocsize first and report back. Is it possible that you have 2 files with (almost) the same name? Check the inode of the file? And maybe copy it to subfolder? Two questions: are you looking at the file *without* the directory being NFS mounted? Could you have accidentally created it under the mountpoint? Second - could it be a sparse file? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
Steven Tardy wrote: On 05/03/2012 12:43 PM, bob wrote: so last night all my servers were severely probed and they tried to violate me (lol) the attack was so egregious I decided to contact the isp for that ip. Telepacific. The ip has some google searches that point to a few spam and a few attacks...So i assume a compromised server. So I sent them the info and said it must be a hacked server (the ip is on their business network) they responded ' you are not a customer and we cannot by law discuss a customer with you' They wanted me to contact my datacenter so they could look into it. snip was not expecting that from the isp welcome to the internet. abuse@ contacts are the best route. check whois for a technical/abuse contact. possibly check their website for a helpdesk address. whois only lists a technical contact of hostmas...@telepacific.com. However, from their website, I went to contact http://www.telepacific.com/support/corporate-contacts.asp, and see snip 877-487-8349Emergency Law Enforcement Option 2. Fraud and subpoena compliance 866-839-8545Non-Emergency Toll Fraud, Call Annoyance, Subpoena Compliance and non-emergency law enforcement 877-702-2873Internet Abuse Complaints snip So if you haven't gone there, that's your next option. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
On Fri, May 4, 2012 at 6:14 AM, m.r...@5-cent.us wrote: bob wrote: On 5/3/2012 1:59 PM, m.r...@5-cent.us wrote: Tim Evans wrote: On 05/03/2012 01:43 PM, bob wrote: so last night all my servers were severely probed and they tried to So I sent them the info and said it must be a hacked server (the ip is on their business network) Responsible ISP's maintain an 'abuse' mailbox (e.g., ab...@isp.com). Complaints I've sent to several ISP's via this route have always gotten prompt, responses. Same here. Did they not understand what you were contacting them about... or did you email their support, in which case that's not what they do. They *should* have told you who to contact, though, not go away, boy, you bother me. yea, I went to thier top tier support and asked where I should send my info and they told me to bugger off. will try abuse when I get home. Not sure any of this is worth the effort, but will try now and then when probed...lol Do it. And try abuse; if not, I meant it about asking for the legal service address, which is what you have your lawyer send a letter to. Or the FBI. Give them something to do other than setting up naive innocent idiots so they can bust them for Big Headlines. My mother told me that abuse rarely helps. Talking nicely often does. LOL. (Joking, of course). Cheers, Cliff ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Reject Action For SPF
On 5/3/2012 1:16 PM, Prabhpal S. Mavi wrote: 1. SPF was not designed to be used this way. It is doubtful that anyone has written anything that even remotely considered this option in use. You will likely have to write it yourself. 2. SPF is still in RFC testing, so it is not yet a full internet standard. And once it is, the standard still does not condone using it the way you intend. IOW, there is nothing in the standard that states you must have a SPF record to be a legit email domain. Basically, you'll have a broken mailserver. We are actually stuck with having to take ours off for the moment as one 'service' we use demands sending email from their mailservers using our email address and they still have no SPF record. If you do this, most likely you will not get around 90% of the good email as SPF is not widely used as of yet. But I guess if you are only interested in receiving email from a few 'known' domains... it could work. Seems it would be easier to just blacklist all and whitelist the few? If it is just for internal... perhaps a webmail system with no outside email ability would be the way to go? Dear Hilton. J Thanks for your advice, i actually know this. what would you say about those who put there efforts to implement SPF. why they do it? I have been on the SPF list since before Microsoft just about killed it. SPF is perhaps the most misunderstood function in the email world. It is not a spam filter. The SPF website will tell you that very early on. It is quite simply this. It is to battle domain spoofing. Or, to battle the use of a legit domain in a from address sent by a spammer woh has no rights to use that domain name. It is and always will be voluntary, as some domains simply cannot implement it. Their systems are too complex and the TXT record in bind won't allow enough characters. There are some other good reasons to not use it... or good situations where you are forced to not use it. Either way, it is simply a statement to the world that email from my domain should be coming from these IP addresses and that is all it is. The receiving end can choose what to do with that information. There is a gray area between it being called a spam filter or not... The SPF folks won't let you call it a spam filter. It can do a really good job of avoiding finding your mailbox full of bounce messages, but that will only be reduced by the number of systems which did SPF checks. Ultimately, I think it will be a great thing, much like RevDNS is now, but we couldn't really get hard core on RevDNS until most of the major providers did. If you can't send email to AOL, Comcast, Netscape, Gmail and so on, then why should you be able to send to me? If you are planning to run a legit world facing email server, planning to use SPF as you are will make it a very broken system and it will not be anywhere near RFC compliant. Best, John Hinton Thanks / Regards Prabh S. Mavi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Upgrading PHP and PHP53 on CentOS5 - Progress/Problem w/ Squirrelmail
On Thu, May 3, 2012 at 3:52 AM, Jesus del Valle yey...@googlemail.comwrote: Squirellmail provides an html email editor. With the upgrade to PHP53, the editor continues to work. However, the html email that is composed using this functionality is received empty. Hi Max. Testing squirrelmail with php53 (epel) from CentOS 5.8: I just installed the html editor plugin from squirrelmail (this one from 2005: http://squirrelmail.org/plugin_view.php?id=209), I activated it, however I don't see how I could test it,... Hi Max. Confirmed: The 2005 html editor plugin for Squirrelmail works under CentOS 5,8, php53 from the base (I think to remember some modules were from epel) repository. The problem, at least one of them, seems to be that the plugin does not recognize neither WebKit based browsers (iMac's Safari, iPad's Safari, Win7-64 Chrome) nor Gecko-ones (Win7-64 Firefox). In my Internet Explorer 9 it works, you can see immediately the wysiwyg buttons from some fsck editor it brings, I was able to send a html mail with IE that was recognized and displayed as such in Chrome. It seems to be there is a workaround for those browsers as well: http://old.nabble.com/HTML-Mail-Plugin-td28927479.html Regards, Jesus ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
On 5/3/2012 4:05 PM, m.r...@5-cent.us wrote: whois only lists a technical contact ofhostmas...@telepacific.com. However, from their website, I went to contact http://www.telepacific.com/support/corporate-contacts.asp, and see snip 877-487-8349 Emergency Law Enforcement Option 2. Fraud and subpoena compliance 866-839-8545 Non-Emergency Toll Fraud, Call Annoyance, Subpoena Compliance and non-emergency law enforcement 877-702-2873 Internet Abuse Complaints snip Thanks for the ideas guys. I got home late and could only send a mail to abuse. Gonna try the calls tomorrow. It would be nice to know the way all these isps would like this stuff presented... And if I can get this yahoos name and address. bob ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hack / spam/ probe /attack
Have you tryied with http://www.us-cert.gov/ ? Or http://www.first.org/ ? Maybe they can help you. (At least, ArCert helped me a few times) -- Diego - Yo no soy paranoico! (pero que me siguen, me siguen) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos