[CentOS-announce] CEBA-2013:0136 CentOS 5 bind Update
CentOS Errata and Bugfix Advisory 2013:0136 Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0136.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 40fac2e993877328c566ba57246c33b0b9bbcd29a08c7e405ed903c171b3c992 bind-9.3.6-20.P1.el5_8.6.i386.rpm 73379d4dfff47de2d8cc6dfae0e713bc3727708b76f62966775eb67fd9f4efb4 bind-chroot-9.3.6-20.P1.el5_8.6.i386.rpm 11719a1f759e5d98f700f0bd314705956736c3cab0f360c8ecd6bf4a3ca4b001 bind-devel-9.3.6-20.P1.el5_8.6.i386.rpm 2cf1694633dc8503ec601fdf3e7cbdd25c33c3a7d8f3e8a81b5e1d23d8118bc3 bind-libbind-devel-9.3.6-20.P1.el5_8.6.i386.rpm d260b2ba92cf06e58e79509225ad399b4714c321ad496776c913883c0ac09149 bind-libs-9.3.6-20.P1.el5_8.6.i386.rpm 7f1b9e543953776fabc3a3e34ee39e25491bf1b03f389b94c4a51fb9e8717e8a bind-sdb-9.3.6-20.P1.el5_8.6.i386.rpm ccc82d4d8ee1d7bb9282d2da2ed8838a3cba2086c8973506b7814384e6dcb856 bind-utils-9.3.6-20.P1.el5_8.6.i386.rpm 8592a57047db340f21695c6a722181cde81874e27122723844e4a28c2ab99ed3 caching-nameserver-9.3.6-20.P1.el5_8.6.i386.rpm x86_64: 562b9850da0301d447399dc544af3d261ea2cc63e9127ba6f17452796c05026a bind-9.3.6-20.P1.el5_8.6.x86_64.rpm f47c35cc148a9768e694652266e954b5b6ef4553f0618997a8d1423569076fcd bind-chroot-9.3.6-20.P1.el5_8.6.x86_64.rpm 11719a1f759e5d98f700f0bd314705956736c3cab0f360c8ecd6bf4a3ca4b001 bind-devel-9.3.6-20.P1.el5_8.6.i386.rpm 259dbd28bb991d3226d2cc33dc8a1e4f324d9a8e2413f902454587d6f136de18 bind-devel-9.3.6-20.P1.el5_8.6.x86_64.rpm 2cf1694633dc8503ec601fdf3e7cbdd25c33c3a7d8f3e8a81b5e1d23d8118bc3 bind-libbind-devel-9.3.6-20.P1.el5_8.6.i386.rpm a8e43752999deaa5eafef084588c13e5af88477300a2d40dc1a70efa45003030 bind-libbind-devel-9.3.6-20.P1.el5_8.6.x86_64.rpm d260b2ba92cf06e58e79509225ad399b4714c321ad496776c913883c0ac09149 bind-libs-9.3.6-20.P1.el5_8.6.i386.rpm 1f4a495fa32bf2df56f3246862b9137584b70147184e788433a9bda8c97c1202 bind-libs-9.3.6-20.P1.el5_8.6.x86_64.rpm dbce5f540a23e60d9a4983750a9b71ceaf1e83e69c46dd03a5289d3acea3c8ed bind-sdb-9.3.6-20.P1.el5_8.6.x86_64.rpm 82e8317a5c423be7d3f9fa6062aeeab5ce3bbf17c58b6be680eeb4d15337b14f bind-utils-9.3.6-20.P1.el5_8.6.x86_64.rpm d5b94ab5961f2f8e5e3eebf385d306d5a222d7857940e2cf94d324fd5c715711 caching-nameserver-9.3.6-20.P1.el5_8.6.x86_64.rpm Source: be82b584aa7f04cfca033bb0c7f312d032934f4931f51ac1793dbf79bd2ed1a3 bind-9.3.6-20.P1.el5_8.6.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
[CentOS-announce] CEBA-2013:0137 CentOS 6 tomcat6 Update
CentOS Errata and Bugfix Advisory 2013:0137 Upstream details at : https://rhn.redhat.com/errata/RHBA-2013-0137.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) i386: 19f46f7cb3322fb154e89660a8ea3dcf821d3f19f83056498ec5ec5b07da87c6 tomcat6-6.0.24-48.el6_3.noarch.rpm 792b710dadb4cbb005682a6f4df394f0408fac75e5003417bca245c60bca12f8 tomcat6-admin-webapps-6.0.24-48.el6_3.noarch.rpm fc69216cbde615ec6a89d7fd791bf8f40f2ed0365756a7068269bb1db2b03fad tomcat6-docs-webapp-6.0.24-48.el6_3.noarch.rpm e2782440204506f631e347ce5566b2b0f25a56621d23a3cde7e332d1c83eb29e tomcat6-el-2.1-api-6.0.24-48.el6_3.noarch.rpm b2fd68cf9558e3c657d03ba3734bc9462f916b9e0a5539745966d16c504f1474 tomcat6-javadoc-6.0.24-48.el6_3.noarch.rpm a8b7769c604b7d7f73023a5e8ae2cafb7713b229deb1ed1d8039685c94ac830e tomcat6-jsp-2.1-api-6.0.24-48.el6_3.noarch.rpm a965c3f30b9309f732bd711b6311b4f67748958fc329c70c6e0973fde8f07084 tomcat6-lib-6.0.24-48.el6_3.noarch.rpm 898f2db4bfb4825672dc3395612fb7514a8af96b3fd360a9be79efaa7beb54c3 tomcat6-servlet-2.5-api-6.0.24-48.el6_3.noarch.rpm 88f6cfa69cd0fcf1d27f2b894182b4f13cca4f9c3cc24feb58ad7d7173b0e8c3 tomcat6-webapps-6.0.24-48.el6_3.noarch.rpm x86_64: 19f46f7cb3322fb154e89660a8ea3dcf821d3f19f83056498ec5ec5b07da87c6 tomcat6-6.0.24-48.el6_3.noarch.rpm 792b710dadb4cbb005682a6f4df394f0408fac75e5003417bca245c60bca12f8 tomcat6-admin-webapps-6.0.24-48.el6_3.noarch.rpm fc69216cbde615ec6a89d7fd791bf8f40f2ed0365756a7068269bb1db2b03fad tomcat6-docs-webapp-6.0.24-48.el6_3.noarch.rpm e2782440204506f631e347ce5566b2b0f25a56621d23a3cde7e332d1c83eb29e tomcat6-el-2.1-api-6.0.24-48.el6_3.noarch.rpm b2fd68cf9558e3c657d03ba3734bc9462f916b9e0a5539745966d16c504f1474 tomcat6-javadoc-6.0.24-48.el6_3.noarch.rpm a8b7769c604b7d7f73023a5e8ae2cafb7713b229deb1ed1d8039685c94ac830e tomcat6-jsp-2.1-api-6.0.24-48.el6_3.noarch.rpm a965c3f30b9309f732bd711b6311b4f67748958fc329c70c6e0973fde8f07084 tomcat6-lib-6.0.24-48.el6_3.noarch.rpm 898f2db4bfb4825672dc3395612fb7514a8af96b3fd360a9be79efaa7beb54c3 tomcat6-servlet-2.5-api-6.0.24-48.el6_3.noarch.rpm 88f6cfa69cd0fcf1d27f2b894182b4f13cca4f9c3cc24feb58ad7d7173b0e8c3 tomcat6-webapps-6.0.24-48.el6_3.noarch.rpm Source: 5d9fd4691d754158443d9dfbf3a5377dcdd66d6249e7fc56d5f4fb504fb2a5f8 tomcat6-6.0.24-48.el6_3.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net ___ CentOS-announce mailing list CentOS-announce@centos.org http://lists.centos.org/mailman/listinfo/centos-announce
Re: [CentOS-virt] mirroring people.centos.org
On 01/05/2013 03:47 PM, Carl T. Miller wrote: Is there an easy way to mirror people.centos.org? I tried rsync people.centos.org:: and it gives some disclaimers followed by a null list of available modules. Are you sure you want to get 2.8 TiB of content ? I've got an ugly workaround using wget, but would prefer to use rsync. Select the repo you want / need, and use reposync. Remember that anything on people.centos.org is just a personal build. Its not release, and its not supported, and most likely will get no updates security or otherwise. -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh ICQ: 2522219| Yahoo IM: z00dax | Gtalk: z00dax GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] CentOS AWS AMIs?
Hi Richard, On 12/19/2012 05:37 PM, Richard Clark wrote: I've noticed that instance-backed AMIs no longer seem to exist for the 'official' CentOS images, though the EBS ones are fine.. Looking at the wiki (http://wiki.centos.org/Cloud/AWS), the AMIs listed on marketplace are slightly newer than what's listed on the wiki, so just wondering if something got overlooked after the last build? This whole thing is an artifact of the way in which the AWS guys setup the images. We dont have access to publish to the MarketPlace, we need to get an instance backed image going, generate an EBS backed one from there and then send that over to the AWS-MP people, who then do some testing, do their own magic foo, and publish to all regions and zones. Hence, they are newer than the ones we pushed out to AWS-MP. The AWS images at our end are coming from the raindrops infra that I setup and have been plodding away at for the last few months. More details about that and a proper announcement / release in a few weeks ( planning on getting things all stitched up in time for Fosdem ). What I am hoping to do is have the actual images published to cloud.centos.org in a way that people can download, add their own bits, and register + use as they want to, rather than going via the Market Place click-about. Kind of like we have the OpenNebula images ( and the openstack / eucalyptus ones coming soon ). Keep in mind that the public raindrops interface will have the ability for anyone to throw a kickstart at it, and have it deliver a working image to the AWS ID specified. Does that help answer your concern ? -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh ICQ: 2522219| Yahoo IM: z00dax | Gtalk: z00dax GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] Download official CentOS AMI?
On 12/20/2012 02:25 PM, Karl Ward wrote: I'd like to download the official CentOS AMI files for 6.3 x86_64, but that does not seem possible. The goal is to use the same image on both public and private clouds, to improve consistency. Are the AMI files available for download anywhere, or from anyone? Not at this moment, its a resource issue more than anything else. Tru and I were discussing doing a refresh in the next few days and I will make sure the raw images are published to cloud.centos.org Please note that these images contain a rc script to get the user metadata into place, and so might not be of much use outside AWS or Eucalyptus which expose that metadata service. The CentOS-5 images will be even more restricted, in that they will have the kernel-xen setup to boot as default ( for AWS ). Any help to build generic images would be appreciated! I offer my apologies if the CentOS-virt list is not the correct contact for this query. This is absolutely the best place for the question, I apologies for me rather delayed response. For the sake of completeness, its worth noting that lots of irc chatter that EL-6.4 will contain cloud-init, I hope its 0.7.x based, which would solve a lot of issues. Failing that, perhaps we should look at bringing in cloud-init ourselves ( or a better alternative ) -- Karanbir Singh +44-207-0999389 | http://www.karan.org/ | twitter.com/kbsingh ICQ: 2522219| Yahoo IM: z00dax | Gtalk: z00dax GnuPG Key : http://www.karan.org/publickey.asc ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] mirroring people.centos.org
On Mon, Jan 7, 2013 at 6:38 AM, Karanbir Singh mail-li...@karan.org wrote: On 01/05/2013 03:47 PM, Carl T. Miller wrote: Is there an easy way to mirror people.centos.org? I tried rsync people.centos.org:: and it gives some disclaimers followed by a null list of available modules. Are you sure you want to get 2.8 TiB of content ? I've got an ugly workaround using wget, but would prefer to use rsync. Select the repo you want / need, and use reposync. Remember that anything on people.centos.org is just a personal build. Its not release, and its not supported, and most likely will get no updates security or otherwise. Karanbir, rsync from a local repository is easily scripted to pull only what's wanted. reposync only pulls only RPM's, you have to run repodata correctly after it's run, and it doesn't get all the components for PXE builds in their normal layout. rsync is your *friend* fo this, if carefully tuned to get only the material you want. If you have to use HTTP or FTP because rsync isn't available, the lftp program has excellent scripting and the ability to mirror a remote site, much, much more cleanly and efficiently than wget. ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
Re: [CentOS-virt] CentOS AWS AMIs?
On Mon, Jan 07, 2013 at 11:43:49AM +, Karanbir Singh wrote: Keep in mind that the public raindrops interface will have the ability for anyone to throw a kickstart at it, and have it deliver a working image to the AWS ID specified. Does that help answer your concern ? Yes it does. Raindrops looks like it could be a pretty useful tool, looking forward to the announcement! Cheers, -- Richard Clark rich...@fohnet.co.uk signature.asc Description: Digital signature ___ CentOS-virt mailing list CentOS-virt@centos.org http://lists.centos.org/mailman/listinfo/centos-virt
[CentOS] rsync and selinux
I'm trying to use rysnc to back up some directories on a CentOS6 machine that uses selinux in enforcing mode. Most files didn't transfer, so I tried the example from rsync_selinux(8): Allow rsync servers to read the /var/rsync directory by adding the pub- lic_content_t file type to the directory and by restoring the file type. semanage fcontext -a -t public_content_t /var/rsync(/.*)? restorecon -F -R -v /var/rsync except I substituted /etc for /var/rsync. Big mistake. Most or all services with config files under /etc could no longer read their config files, including ssh. It looks like the selinux type was substituted rather than added? Thankfully, I was able to recover. What is the correct way to give rsync full access to everything under selinux? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] video capture
On 01/06/13 15:58, Rajagopal Swaminathan wrote: On Sun, Jan 6, 2013 at 11:01 PM, Mark LaPierremarklap...@aol.com wrote: I'm looking for a application that I can use to capture video from a USB web camera. I have Cheese Webcam Booth 2.28.1 installed but it leaves a lot to be desired in the video capture field. Things like actually working. It does an adequate job of snagging a batch of single images in burst mode. Any suggestions? Not sure if zonemider will help you. http://www.zoneminder.com/ I cannot comment about the specific camera model though We use motion at work, which has been fine for years. Note that these *are* for security, so we're not *that* worried about quality or blowing the video up. mark -- You may not be interested in war, but war is interested in you. -- Leon Trotsky You may not be interested in politics, but politics is interested in you. - whitroth ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] video capture
On Sun, 2013-01-06 at 12:31 -0500, Mark LaPierre wrote: Hey all, I'm looking for a application that I can use to capture video from a USB web camera. [...] Any suggestions? Have you tried vlc? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync and selinux
On 01/07/2013 03:59 AM, lheck...@users.sourceforge.net wrote: Big mistake. Most or all services with config files under /etc could no longer read their config files, including ssh. It looks like the selinux type was substituted rather than added? Thankfully, I was able to recover. Yes, I believe that you added a new file context rule to the configuration, and that rule had precedence over the system policy. Files have just one context. What is the correct way to give rsync full access to everything under selinux? The easiest way is to use rsync over ssh, rather than rsync as a daemon. As long as you aren't running it as a daemon, I don't believe that it's confined. Also, run rsync with -v to get more information about what's being skipped and why, and run 'tail -f /var/log/audit/audit.log' while you rsync to make sure that there aren't AVCs logged. If there aren't AVCs, it's probably not an SELinux problem. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
On Sun, Jan 06, 2013 at 06:23:20PM -0500, ken wrote: On 01/06/2013 05:18 PM fred smith wrote: On Sun, Jan 06, 2013 at 02:43:09PM -0500, ken wrote: On 01/06/2013 09:55 AM fred smith wrote: On Sun, Jan 06, 2013 at 06:33:07AM -0500, ken wrote: Fred, Also running an up-to-date 5.8 but with just 2G of RAM, clock-applet consumes the following: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 4133 me 15 0 29568 3748 2944 S 0.0 0.2 190:51.33 clock-applet My uptime at the moment is coming on 68 days. Over time the %CPU field may flicker up to 0.3 or even 0.7, but the RES column and others are steady at the numbers you see. I should add that all Preferences which we'd expect to consume more resources (e.g., display seconds, 12-hour time) are on. Do you use evolution? no, I have never found it to my liking. KDE, Gnome, or other WM? gnome. I don't know what to tell you then because, like you, I use gnome but not evolution. So our systems-- what of them which are directly related to clock-applet-- are much the same, yet you have a memory problem with clock-applet which I don't. here's what top reports today (clock-applet has not been restarted since the event mentioned in my original posting): PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 11159 fredex16 0 263m 149m 10m S 0.3 3.8 1:36.87 clock-applet it's now up to 156m. :( in which I note it is now up to 149m. Here are some items to compare: # rpm -q gnome-panel gnome-panel-2.16.1-7.el5 # ll /usr/libexec/clock-applet -rwxr-xr-x 1 root root 88048 May 24 2008 /usr/libexec/clock-applet # md5sum /usr/libexec/clock-applet 9d21ca21a0e99ad26aa10e1cd5b42024 /usr/libexec/clock-applet # rpm -q gnome-panel gnome-panel-2.16.1-7.el5 # ll /usr/libexec/clock-applet -rwxr-xr-x 1 root root 88048 May 24 2008 /usr/libexec/clock-applet # md5sum /usr/libexec/clock-applet 2bc9a73a5251d1b4747ec133839412b7 /usr/libexec/clock-applet it's the same version and size as yours, but the md5sum differs. have you perhaps disabled prelink? (I don't call that I have ever done so) It's not obvious to me what other (legitimate) event would account for the difference in checksum. Take a look in /etc/sysconfig/prelink. At the top it should tell you if you've got prelink on. You should also have a file called prelink in /etc/cron.daily/. yes, it's on. there's a log in /var/log/prelink from just yesterday morning. wouldn't ya think that if prelink has modified it, that the rpm -V would have flagged a modified checksum? Or is prelink smart enuff to tweak the RPM database? I have no clue. Think about what we've already discovered. You and I have different results from md5sum, yet neither of our clock-applet files are flagged. So we do have some kind of clue. Without digging into code and running tests etc., I'm guessing that rpm must amend/revise its database contingent upon prelink's being invoked. If none of that explains things, you might want to just reinstall gnome-panel and see if that fixes the memory problem. might try that, though it pains me to have to resort to the sort of fixes that Windows folks think are normal: power off, power on: reinstall: reboot. Gah! :) I know that feeling too. But, first, you shouldn't have to reboot... probably not, because this gnome stuff should load only at runlevel 5. Trace out the init scripts if you want to be sure. If so, that would mean you only need to init 2 (or maybe just 3); rpm -e gnome-panel; yum install gnome-panel; init 5. That's really not very windozey. You might also want to determine whether that command sequence will wipe your current panel configuration and, if so, which files to backup prior and restore later (so you wouldn't have to set up your panel all over again). Do Windows folks do that? 1a: It just occurred to me that (and this is a long shot, but still a possibility) the problem could go away just by reloading the applet. Just delete it from the panel and then install it again. Then watch its memory consumption to see if there's a difference. Even if this works, it likely wouldn't be anything more than a temporary fix, but it might point to where the problem lies. And it's a real quick and easy. Secondly, if the fate of the universe hung from our discovering exactly what the origin of the memory problem was, then yeah, it would be worth the effort. But it doesn't. There are lots of other and bigger issues around and dwelling on this little one would give people to think that we have too much time on our hands and that we don't know about all that bigger stuff. #C: Reinstalling might not actually fix the problem, but only make the current memory problem go away... or maybe not even that. The actual origin of the problem could be lurking in a lot places, e.g., with the drive (which see below), with a small bit of the RAM where the executable got
Re: [CentOS] rsync and selinux
On Mon, January 7, 2013 06:59, lheck...@users.sourceforge.net wrote: I'm trying to use rysnc to back up some directories on a CentOS6 machine that uses selinux in enforcing mode. Most files didn't transfer, so I tried the example from rsync_selinux(8): Allow rsync servers to read the /var/rsync directory by adding the pub- lic_content_t file type to the directory and by restoring the file type. semanage fcontext -a -t public_content_t /var/rsync(/.*)? restorecon -F -R -v /var/rsync except I substituted /etc for /var/rsync. Big mistake. Most or all services with config files under /etc could no longer read their config files, including ssh. It looks like the selinux type was substituted rather than added? Thankfully, I was able to recover. What is the correct way to give rsync full access to everything under selinux? I use rsync extensively to transfer entire systems from and to SElinux enforcing environments and have never had a problem with reads using rsync when logged on as the root user. My typical command line is some variation of the following: /usr/bin/rsync -avX --delete-after --specials --times \ --exclude-from=/root/rsync.d/exclude.list \ 192.168.216.29:/* /. Are you connecting as the root user? -- *** E-Mail is NOT a SECURE channel *** James B. Byrnemailto:byrn...@harte-lyne.ca Harte Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync and selinux
I use rsync extensively to transfer entire systems from and to SElinux enforcing environments and have never had a problem with reads using rsync when logged on as the root user. My typical command line is some variation of the following: /usr/bin/rsync -avX --delete-after --specials --times \ --exclude-from=/root/rsync.d/exclude.list \ 192.168.216.29:/* /. (-a includes --times :) Are you connecting as the root user? I'm connecting in daemon mode since I'm using pre-defined modules. Any other solution requires either a password or setting up passwordless ssh, which I'm not inclined to do in this case. The purpose here is automation. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync and selinux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/07/2013 08:26 AM, Gordon Messmer wrote: On 01/07/2013 03:59 AM, lheck...@users.sourceforge.net wrote: Big mistake. Most or all services with config files under /etc could no longer read their config files, including ssh. It looks like the selinux type was substituted rather than added? Thankfully, I was able to recover. Yes, I believe that you added a new file context rule to the configuration, and that rule had precedence over the system policy. Files have just one context. What is the correct way to give rsync full access to everything under selinux? The easiest way is to use rsync over ssh, rather than rsync as a daemon. As long as you aren't running it as a daemon, I don't believe that it's confined. Also, run rsync with -v to get more information about what's being skipped and why, and run 'tail -f /var/log/audit/audit.log' while you rsync to make sure that there aren't AVCs logged. If there aren't AVCs, it's probably not an SELinux problem. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I would try the booleans getsebool -a | grep rsync -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDq4eEACgkQrlYvE4MpobNEagCg2eZoqP/fDnR9o047A+KZSjq9 WMUAoL+WuVeGTdoWp8oHNcjczlFwZsST =zYUV -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
ken wrote: On Sun, Jan 06, 2013 at 06:23:20PM -0500, ken wrote: On 01/06/2013 05:18 PM fred smith wrote: On Sun, Jan 06, 2013 at 02:43:09PM -0500, ken wrote: On 01/06/2013 09:55 AM fred smith wrote: On Sun, Jan 06, 2013 at 06:33:07AM -0500, ken wrote: Fred, Also running an up-to-date 5.8 but with just 2G of RAM, clock-applet consumes the following: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 4133 me 15 0 29568 3748 2944 S 0.0 0.2 190:51.33 clock-applet snip it's the same version and size as yours, but the md5sum differs. have you perhaps disabled prelink? (I don't call that I have ever done so) It's not obvious to me what other (legitimate) event would account for the difference in checksum. snip I've not been in this thread, but the above cmt *deeply* disturbs me. I'd start by yum remove the package with the applet and reinstall... after double checking what mirror it's getting the package from. Yes, an infected repo is what's running through my mind, or a hijacked URL. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync and selinux
I would try the booleans getsebool -a | grep rsync Yes, I've set rsync_client. The others aren't relevant here IMHO. allow_rsync_anon_write -- on rsync_client -- on rsync_export_all_ro -- off rsync_use_cifs -- off rsync_use_nfs -- off ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
ken wrote: On Sun, Jan 06, 2013 at 06:23:20PM -0500, ken wrote: On 01/06/2013 05:18 PM fred smith wrote: On Sun, Jan 06, 2013 at 02:43:09PM -0500, ken wrote: On 01/06/2013 09:55 AM fred smith wrote: On Sun, Jan 06, 2013 at 06:33:07AM -0500, ken wrote: Fred, Also running an up-to-date 5.8 but with just 2G of RAM, clock-applet consumes the following: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 4133 me 15 0 29568 3748 2944 S 0.0 0.2 190:51.33 clock-applet snip it's the same version and size as yours, but the md5sum differs. have you perhaps disabled prelink? (I don't call that I have ever done so) It's not obvious to me what other (legitimate) event would account for the difference in checksum. snip I've not been in this thread, but the above cmt *deeply* disturbs me. I'd start by yum remove the package with the applet and reinstall... after double checking what mirror it's getting the package from. Yes, an infected repo is what's running through my mind, or a hijacked URL. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync and selinux
lheck...@users.sourceforge.net wrote: I use rsync extensively to transfer entire systems from and to SElinux enforcing environments and have never had a problem with reads using rsync when logged on as the root user. My typical command line is some variation of the following: /usr/bin/rsync -avX --delete-after --specials --times \ --exclude-from=/root/rsync.d/exclude.list \ 192.168.216.29:/* /. (-a includes --times :) Are you connecting as the root user? I'm connecting in daemon mode since I'm using pre-defined modules. Any other solution requires either a password or setting up passwordless ssh, which I'm not inclined to do in this case. The purpose here is automation. Over here, we have a key we use only for backups with rsync, and we restrict what commands can be run with that key to rsync. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
m.r...@5-cent.us wrote: ken wrote: On Sun, Jan 06, 2013 at 06:23:20PM -0500, ken wrote: On 01/06/2013 05:18 PM fred smith wrote: On Sun, Jan 06, 2013 at 02:43:09PM -0500, ken wrote: On 01/06/2013 09:55 AM fred smith wrote: On Sun, Jan 06, 2013 at 06:33:07AM -0500, ken wrote: Fred, Also running an up-to-date 5.8 but with just 2G of RAM, clock-applet consumes the following: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 4133 me 15 0 29568 3748 2944 S 0.0 0.2 190:51.33 clock-applet snip it's the same version and size as yours, but the md5sum differs. have you perhaps disabled prelink? (I don't call that I have ever done so) It's not obvious to me what other (legitimate) event would account for the difference in checksum. snip I've not been in this thread, but the above cmt *deeply* disturbs me. I'd start by yum remove the package with the applet and reinstall... after double checking what mirror it's getting the package from. Yes, an infected repo is what's running through my mind, or a hijacked URL. highly unlikely IMO. Remember: packages are signed. A bad guy would also need to have the centos key... and I believe prelink does this sort of thing. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
Nicolas Thierry-Mieg wrote: m.r...@5-cent.us wrote: ken wrote: On Sun, Jan 06, 2013 at 06:23:20PM -0500, ken wrote: On 01/06/2013 05:18 PM fred smith wrote: On Sun, Jan 06, 2013 at 02:43:09PM -0500, ken wrote: On 01/06/2013 09:55 AM fred smith wrote: On Sun, Jan 06, 2013 at 06:33:07AM -0500, ken wrote: Also running an up-to-date 5.8 but with just 2G of RAM, clock-applet consumes the following: PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 4133 me 15 0 29568 3748 2944 S 0.0 0.2 190:51.33 clock-applet snip it's the same version and size as yours, but the md5sum differs. have you perhaps disabled prelink? (I don't call that I have ever done so) It's not obvious to me what other (legitimate) event would account for the difference in checksum. snip I've not been in this thread, but the above cmt *deeply* disturbs me. I'd start by yum remove the package with the applet and reinstall... after double checking what mirror it's getting the package from. Yes, an infected repo is what's running through my mind, or a hijacked URL. highly unlikely IMO. Remember: packages are signed. A bad guy would also need to have the centos key... and I believe prelink does this sort of thing. Would change the md5sum of the package? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
On Mon, Jan 7, 2013 at 8:10 AM, m.r...@5-cent.us wrote: Nicolas Thierry-Mieg wrote: and I believe prelink does this sort of thing. Would change the md5sum of the package? prelink does change the md5sum. One needs to unprelink (use the -u flag) before comparing the hash value. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] rsync and selinux
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/07/2013 10:41 AM, m.r...@5-cent.us wrote: lheck...@users.sourceforge.net wrote: I use rsync extensively to transfer entire systems from and to SElinux enforcing environments and have never had a problem with reads using rsync when logged on as the root user. My typical command line is some variation of the following: /usr/bin/rsync -avX --delete-after --specials --times \ --exclude-from=/root/rsync.d/exclude.list \ 192.168.216.29:/* /. (-a includes --times :) Are you connecting as the root user? I'm connecting in daemon mode since I'm using pre-defined modules. Any other solution requires either a password or setting up passwordless ssh, which I'm not inclined to do in this case. The purpose here is automation. Over here, we have a key we use only for backups with rsync, and we restrict what commands can be run with that key to rsync. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos Seemed to be worthy of a blog http://danwalsh.livejournal.com/61646.html -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.13 (GNU/Linux) Comment: Using GnuPG with undefined - http://www.enigmail.net/ iEYEARECAAYFAlDq9+cACgkQrlYvE4MpobP2LgCgmj4zjsUNmqhV+wNyMcpDUzE7 TY0AnjeBlsW0Ae8cxPbZebf5NEugti4E =xvKd -END PGP SIGNATURE- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Disk error
For some time I have been seeing disk errors in the syslog every seven days. Until today it always happens Sunday morning at 8:13 AM, plus or minus a minute or two. Yesterday it happened at 1:13 AM. Here are the pertinent log entries for the latest occurrence: Jan 6 01:12:29 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:12:29 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:12:29 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:12:29 g2 kernel: ata9.00: cmd 25/00:00:00:fe:d5/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:12:29 g2 kernel: res 51/40:00:19:ff:d5/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:12:29 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:12:29 g2 kernel: ata9.00: error: { UNC } Jan 6 01:12:29 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:12:29 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:12:29 g2 kernel: ata9: EH complete Jan 6 01:12:33 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:12:33 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:12:33 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:12:33 g2 kernel: ata9.00: cmd 25/00:00:00:fe:d5/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:12:33 g2 kernel: res 51/40:00:7c:ff:d5/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:12:33 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:12:33 g2 kernel: ata9.00: error: { UNC } Jan 6 01:12:33 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:12:33 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:12:33 g2 kernel: ata9: EH complete Jan 6 01:13:06 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:13:06 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:13:06 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:13:06 g2 kernel: ata9.00: cmd 25/00:00:00:bf:d6/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:13:06 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:13:06 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:13:06 g2 kernel: ata9.00: error: { UNC } Jan 6 01:13:07 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:13:07 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:13:07 g2 kernel: ata9: EH complete Jan 6 01:13:10 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:13:10 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:13:10 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:13:10 g2 kernel: ata9.00: cmd 25/00:00:00:bf:d6/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:13:10 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:13:10 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:13:10 g2 kernel: ata9.00: error: { UNC } Jan 6 01:13:10 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:13:10 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:13:10 g2 kernel: ata9: EH complete Jan 6 01:13:14 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:13:14 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:13:14 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:13:14 g2 kernel: ata9.00: cmd 25/00:00:00:bf:d6/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:13:14 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:13:14 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:13:14 g2 kernel: ata9.00: error: { UNC } Jan 6 01:13:14 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:13:14 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:13:14 g2 kernel: ata9: EH complete Jan 6 01:13:17 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:13:17 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:13:17 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:13:17 g2 kernel: ata9.00: cmd 25/00:00:00:bf:d6/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:13:17 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:13:17 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:13:17 g2 kernel: ata9.00: error: { UNC } Jan 6 01:13:18 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:13:18 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:13:18 g2 kernel: ata9: EH complete Jan 6 01:13:21 g2 kernel: ata9.00: exception Emask 0x0 SAct 0x0 SErr 0x0 action 0x0 Jan 6 01:13:21 g2 kernel: ata9.00: BMDMA stat 0x64 Jan 6 01:13:21 g2 kernel: ata9.00: failed command: READ DMA EXT Jan 6 01:13:21 g2 kernel: ata9.00: cmd 25/00:00:00:bf:d6/00:02:04:00:00/e0 tag 0 dma 262144 in Jan 6 01:13:21 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) Jan 6 01:13:21 g2 kernel: ata9.00: status: { DRDY ERR } Jan 6 01:13:21 g2 kernel: ata9.00: error: { UNC } Jan 6 01:13:21 g2 kernel: ata9.00: configured for UDMA/33 Jan 6 01:13:21 g2 kernel: ata9.01: configured for UDMA/33 Jan 6 01:13:21 g2 kernel: ata9: EH complete Jan 6 01:13:25 g2 kernel:
Re: [CentOS] Disk error
On Mon, Jan 7, 2013 at 5:58 PM, Emmett Culley emm...@webengineer.com wrote: For some time I have been seeing disk errors in the syslog every seven days. Until today it always happens Sunday morning at 8:13 AM, plus or minus a minute or two. Yesterday it happened at 1:13 AM. Here are the pertinent log entries for the latest occurrence: [...] Jan 6 01:13:25 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) [...] Jan 6 01:13:25 g2 kernel: sd 8:0:0:0: [sdg] Add. Sense: Unrecovered read error - auto reallocate failed [...] There is nothing in /etc/cron.weekly, nor are there any root crontab entries. Any suggestions for investigating this issue would be much appreciated. Emmett Based on this I'd say your disk is going bad, and has run out of spare sectors: Jan 6 01:13:25 g2 kernel: sd 8:0:0:0: [sdg] Add. Sense: Unrecovered read error - auto reallocate failed You can use smartctl to get some information from the SMART tables, but I've never been able to get a conclusive test out of the testing options. It would be a good idea to run 'badblocks' against the drive as well, as it will definitely tell you if there are bad sectors. Disks are so cheap it's usually not worth too much effort or delay once you've found out that it's bad. ❧ Brian Mathis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disk error
On 01/07/2013 06:24 PM, Brian Mathis wrote: On Mon, Jan 7, 2013 at 5:58 PM, Emmett Culleyemm...@webengineer.com wrote: For some time I have been seeing disk errors in the syslog every seven days. Until today it always happens Sunday morning at 8:13 AM, plus or minus a minute or two. Yesterday it happened at 1:13 AM. Here are the pertinent log entries for the latest occurrence: [...] Jan 6 01:13:25 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) [...] Jan 6 01:13:25 g2 kernel: sd 8:0:0:0: [sdg] Add. Sense: Unrecovered read error - auto reallocate failed [...] There is nothing in /etc/cron.weekly, nor are there any root crontab entries. Any suggestions for investigating this issue would be much appreciated. Emmett Based on this I'd say your disk is going bad, and has run out of spare sectors: Jan 6 01:13:25 g2 kernel: sd 8:0:0:0: [sdg] Add. Sense: Unrecovered read error - auto reallocate failed You can use smartctl to get some information from the SMART tables, but I've never been able to get a conclusive test out of the testing options. It would be a good idea to run 'badblocks' against the drive as well, as it will definitely tell you if there are bad sectors. Disks are so cheap it's usually not worth too much effort or delay once you've found out that it's bad. ❧ Brian Mathis How do you explain the regular timing of the errors? Is there a process, maybe a backup or something, that runs at this time every Sunday morning Mr. Mathis? -- _ °v° /(_)\ ^ ^ Mark LaPierre Registerd Linux user No #267004 https://linuxcounter.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
On 01/07/2013 08:14 AM, Akemi Yagi wrote: prelink does change the md5sum. One needs to unprelink (use the -u flag) before comparing the hash value. Indeed. The prelink binary has --md5 and --sha flags to print the hash of the binary without prelink's data, and should be used in this case. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disk error
On 1/7/2013 3:43 PM, Mark LaPierre wrote: How do you explain the regular timing of the errors? Is there a process, maybe a backup or something, that runs at this time every Sunday morning Mr. Mathis? is this disk part of an mdraid mirror by any chance? /etc/cron.weekly/99raid-check does a synccheck of each md metadevice. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disk error
On 01/07/2013 03:43 PM, Mark LaPierre wrote: On 01/07/2013 06:24 PM, Brian Mathis wrote: On Mon, Jan 7, 2013 at 5:58 PM, Emmett Culleyemm...@webengineer.com wrote: For some time I have been seeing disk errors in the syslog every seven days. Until today it always happens Sunday morning at 8:13 AM, plus or minus a minute or two. Yesterday it happened at 1:13 AM. Here are the pertinent log entries for the latest occurrence: [...] Jan 6 01:13:25 g2 kernel: res 51/40:00:db:bf:d6/40:00:04:00:00/00 Emask 0x9 (media error) [...] Jan 6 01:13:25 g2 kernel: sd 8:0:0:0: [sdg] Add. Sense: Unrecovered read error - auto reallocate failed [...] There is nothing in /etc/cron.weekly, nor are there any root crontab entries. Any suggestions for investigating this issue would be much appreciated. Emmett Based on this I'd say your disk is going bad, and has run out of spare sectors: Jan 6 01:13:25 g2 kernel: sd 8:0:0:0: [sdg] Add. Sense: Unrecovered read error - auto reallocate failed You can use smartctl to get some information from the SMART tables, but I've never been able to get a conclusive test out of the testing options. It would be a good idea to run 'badblocks' against the drive as well, as it will definitely tell you if there are bad sectors. Disks are so cheap it's usually not worth too much effort or delay once you've found out that it's bad. ❧ Brian Mathis How do you explain the regular timing of the errors? Is there a process, maybe a backup or something, that runs at this time every Sunday morning Mr. Mathis? I Just looked a the backup process and noticed that an incremental backup started at 1:00 AM. However none of the other backups listed for this machine correlate in any way to the times that the disk errors re reported. As this is a host for multiple VMs it might be a good idea to look on each VM for cron jobs running at the time of the disk errors. I'll look there next. The drive the error reports concern is mounted via mdadm as /boot, so I was able to unmount it, stop the raid and run bad blocks via e2fsck. That reports: Checking for bad blocks (read-only test): done /dev/sdg1: Updating bad block inode. Pass 1: Checking inodes, blocks, and sizes Pass 2: Checking directory structure Pass 3: Checking directory connectivity Pass 4: Checking reference counts Pass 5: Checking group summary information /dev/sdg1: * FILE SYSTEM WAS MODIFIED * /dev/sdg1: 67/128016 files (7.5% non-contiguous), 165468/511988 blocks So Ill wait until to see it it happens next Sunday. Emmett Emmett ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Disk error
On 01/07/2013 04:19 PM, John R Pierce wrote: On 1/7/2013 3:43 PM, Mark LaPierre wrote: How do you explain the regular timing of the errors? Is there a process, maybe a backup or something, that runs at this time every Sunday morning Mr. Mathis? is this disk part of an mdraid mirror by any chance? /etc/cron.weekly/99raid-check does a synccheck of each md metadevice. It is a raid drive and there a read-check file in /etc/cron.d. It is set to run raid-check at 1:00 AM on Sunday. So I ran raid-check on the commend line, and sure enough the disk errors show up in syslog. I'll replace the drive, then run some long tests on it out of the system. Thanks for the suggestions! Emmett ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] gigantic memory leak in Clock Applet...
On 01/06/2013 06:32 PM, fred smith wrote: yes, it's on. there's a log in /var/log/prelink from just yesterday morning. wouldn't ya think that if prelink has modified it, that the rpm -V would have flagged a modified checksum? Or is prelink smart enuff to tweak the RPM database? I have no clue. rpm is smart enough to undo the prelinking (to a temporary file) before verifying the checksum. IIRC, it also then re-prelinks the temp file and verifies that the result matches the current file on disk. -- Bob Nichols NOSPAM is really part of my email address. Do NOT delete it. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos