[CentOS] Problems when using tc.

[jason.z...@sumscope.com]

Hi, all,
I am a newbee to tc. I want to create a filter on port 2323, but got an error 
like this. Anyone can help me?
[jason@localhost network]$ sudo tc -s qdisc ls dev eth0 qdisc mq 0: root  Sent 
1483890 bytes 3617 pkt (dropped 0, overlimits 0 requeues 0)

 rate 0bit 0pps backlog 0b 0p requeues 0

[jason@localhost network]$ sudo tc filter add dev eth0  parent 0: protocol ip  
u32 match ip dport 2323 0x flowid 1:0

RTNETLINK answers: Operation not supported

We have an error talking to the kernel 

Regards,Jason


jason.z...@sumscope.com

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Is there any benefit to using NetworkManager on a server with a static IP?

[Christopher Jacoby]

I've been banging my head against the wall trying to get a simple two NIC
bond to work. Got really odd behavior from service network restart, then
finally decided to disable NetworkManager. Voila! Bonding and the network
service script starts working just the way I expect.

Does anyone here actually use NetworkManager on anything but a laptop or
desktop? I can't seem to figure out a reason to use it on a server.

Chris
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Does anyone use tcp wrappers (hosts.allow/hosts.deny) anymore?

[Devin Reade]

As others have mentioned in this thread, yes I use it as part of
a defence in depth strategy, and it's a suitable tool for what
it is intended to do.  I would not be happy with it going away,
especially if doing so broke various tools or introduced a 
dependancy on a non-base RPM.

Devin

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Devin Reade]

--On Tuesday, March 25, 2014 08:21:08 AM -0600 Nels Lindquist
 wrote:

> We've been using Horde on CentOS for years, and I'm just about to
> deploy a new server into production running the latest Horde release
> on CentOS 6.5.
[...]
> I'm deploying Groupware Webmail Edition 5.1.4, which includes turba,
> trean, kronolith, gollem, ingo, imp, mnemo and nag, plus I've
> installed passwd separately.
[...]
> I'm using it for a number of virtual domains on one server, with
> Sendmail, Cyrus IMAPD (including Sieve for filtering) and PostgreSQL
> with LDAP authentication.

I've had similar configurations running for years on CentOS 5, using
MySQL instead of PostgreSQL, and a slightly different enabled stack in
the Webmail edition.  Yes, you need to understand how mail protocols
work, and you need to be able to read and understand technical
documentation.  Without trying to sound condescending, do we really
expect non-technical users to be able run an MTA and MDA?

While getting that software stack working in the days of CentOS 5.0 
was a bit complex, including needing to have custom builds of Cyrus IMAPd
and Horde, I find that current versions deploy quite nicely on 5.10
with only minimal configuration changes, and have been quite stable.

Just waiting on CentOS 7 to start updating those systems ...

Devin

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Cliff Pratt]

On Wed, Mar 26, 2014 at 12:45 AM, Ned Slider  wrote:

> On 25/03/14 04:05, Les Mikesell wrote:
> > On Mon, Mar 24, 2014 at 6:38 PM, Johnny Hughes 
> wrote:
> 
>  Has anybody gotten this working?
> 
>  By the way, this is CentOS 6.5.
> >>> If you are starting from scratch building a mail server you might want
> >>> to look at SME server or ClearOS where webmail works out of the box.
> >>>
> >>
> >> It would be my personal preference that we help people run things on
> >> CentOS rather than always recommending another distribution.
> >
> > SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if
> > CentOS6 had had a timely release.  They are the same code underneath,
> > just already configured to work as installed and with a few additions.
> >
>
> Whilst I understand why Johnny would prefer to be able to offer a
> CentOS-based solution rather than signposting users towards other
> products, I must admit I kind of agree with Les here.
>
> My initial thought to Johnny's reply was why would CentOS want to
> reinvent this particular wheel, looking to solve a problem that has
> already been solved, just not by CentOS.
>
> I thought that CentOS's space was to be plug compatible with RHEL. Or has
that changed?

As such any upgrade to a package that also in RHEL breaks that paradigm.

Pragmatically that is going to happen in the hobbyist arena, but probably
should not happen in the professional (for want of a better word) arena.

Cheers,

Cliff
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] NVidia, again

[Ljubomir Ljubojevic]

On 03/25/2014 10:36 PM, m.r...@5-cent.us wrote:
> Got a HBS (y'know, Honkin' Big Server, one o' them technical terms), a
> Dell 720 with two Tesla GPUs. I updated the o/s, 6.5, and I cannot get the
> GPUs recognized. As a last resort, I d/l NVidia's proprietary
> driver/installer, 325, and it builds fine... I've yum removed the
> kmod-nvidia I had on the system, nouveau is blacklisted, and when I
> reboot, lsmod shows me nvidia loaded, which modinfo tells me looks like
> the one I built but enum_gpu, which is from a CUDA group, builds...
> but can't enumerate the GPUs (how we wake them up for the users). I see
> the /dev/nvidia*, and they're a+r, a+w Oh, and selinux is permissive.
>
> Anyone got a clue? If I can't get this working, I'm going to have to
> downgrade the system several kernels.
>
> mark

Elrepo kmod drivers are not an option? First nvidia-detect then selected 
packages...


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[benfell]

On Tue, Mar 25, 2014 at 03:40:16PM -0500, Les Mikesell wrote:
> 
> The remi repository will replace a lot of base packages with newer
> versions if you let it. It may be OK by itself or with EPEL enable but
> likely to conflict with anything else.
> 
Jeez. There's more than decent reason to suspect that that might be a
problem...

Thanks!
-- 
David Benfell 
See https://parts-unknown.org/node/2 if you don't understand the
attachment.


pgpB0_RXSAgM5.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] NVidia, again

[m . roth]

Got a HBS (y'know, Honkin' Big Server, one o' them technical terms), a
Dell 720 with two Tesla GPUs. I updated the o/s, 6.5, and I cannot get the
GPUs recognized. As a last resort, I d/l NVidia's proprietary
driver/installer, 325, and it builds fine... I've yum removed the
kmod-nvidia I had on the system, nouveau is blacklisted, and when I
reboot, lsmod shows me nvidia loaded, which modinfo tells me looks like
the one I built but enum_gpu, which is from a CUDA group, builds...
but can't enumerate the GPUs (how we wake them up for the users). I see
the /dev/nvidia*, and they're a+r, a+w Oh, and selinux is permissive.

Anyone got a clue? If I can't get this working, I'm going to have to
downgrade the system several kernels.

   mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Les Mikesell]

On Tue, Mar 25, 2014 at 3:22 PM,   wrote:
> On Tue, Mar 25, 2014 at 08:21:08AM -0600, Nels Lindquist wrote:
>>
>> I see later in the thread that you're trying to use the EPEL packages,
>> which are based on the Horde 3 framework.  The current stable
>> framework is Horde 5, which is significantly advanced from the Horde 3
>> framework.
>
> Actually:
>
> php-horde-horde.noarch   5.1.6-1.el6.remi
> @remi
>
> I'm still a little confused about these additional repositories, but
> this looks like Horde 5 to me.

The remi repository will replace a lot of base packages with newer
versions if you let it. It may be OK by itself or with EPEL enable but
likely to conflict with anything else.

-- 
   Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[benfell]

On Tue, Mar 25, 2014 at 09:56:46AM -0600, Nels Lindquist wrote:
> On 3/24/2014 3:17 PM, benf...@parts-unknown.org wrote:
> 
> What are you using as an authentication backend?  Many people with the
> simplest use case for Horde (single domain webmail; one server) set up
> the one required backend in IMP, and then allow Horde to use IMP for
> authentication, which in effect passes authentication for all of Horde
> through to the underlying mail server.
> 
I was using the filesystem for the session-handling backend, and
dovecot for authentication. Dovecot was the only authentication
backend I could figure out how to get working.

For me at least, horde's documentation--especially on authentication
backends--doesn't even begin to approach adequacy.

-- 
David Benfell 
See https://parts-unknown.org/node/2 if you don't understand the
attachment.


pgprjIeGhPEwN.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[benfell]

On Tue, Mar 25, 2014 at 08:21:08AM -0600, Nels Lindquist wrote:
> 
> I see later in the thread that you're trying to use the EPEL packages,
> which are based on the Horde 3 framework.  The current stable
> framework is Horde 5, which is significantly advanced from the Horde 3
> framework.

Actually:

php-horde-horde.noarch   5.1.6-1.el6.remi
@remi

I'm still a little confused about these additional repositories, but
this looks like Horde 5 to me.

-- 
David Benfell 
See https://parts-unknown.org/node/2 if you don't understand the
attachment.


pgpubzrr44eAU.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[Les Mikesell]

On Tue, Mar 25, 2014 at 2:17 PM, Nux!  wrote:
> On 25.03.2014 15:48, Les Mikesell wrote:
>>
>> That works for ordinary logins and ssh - you still need to add the
>> users but you don't have to maintain passwords.   Won't work for samba
>> shares, though.
>
> That blows, in this case I guess it's easier to just join the domain.
> Thanks for letting me know!

It _might_ be possible to make ldap work with AD for samba - and if it
is, I'd like to know.   For the small number of people who need it
here I've either added local smbpasswds or told them to use winscp
instead.

-- 
   Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[Nux!]

On 25.03.2014 15:48, Les Mikesell wrote:
> 
> That works for ordinary logins and ssh - you still need to add the
> users but you don't have to maintain passwords.   Won't work for samba
> shares, though.

That blows, in this case I guess it's easier to just join the domain. 
Thanks for letting me know!

-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Full Screen in Dual Monitor setup.

[Ray Frush]

I apologize for the repeated question.   I have not been getting copies of
my own messages posted to this list, so I didn't realize they were getting
posted until I checked the archive.  (I've checked the mailman settings,
and I'm supposed to be getting copies of my own message, so it's not that).



Ray Frush   "Either you are part of the solution
T:970.288.6223   or part of the precipitate."
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
 Avago Technologies | APD Technical Computing | IT Engineer
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[m . roth]

Todor Petkov wrote:
> On 25/03/2014 02:31 PM, Nux! wrote:
>> On 25.03.2014 12:20, Nux! wrote:
>>> On 25.03.2014 12:01, mark wrote:
 On 03/25/14 06:08, Nux! wrote:
>
> Does anyone know if it's possible to auth users against AD and
> how? I don't want to register the station to the domain, just auth the
> users against it.
> We have a local mediawiki installation that auths users against
> the AD without having any admin access to it.
>
> Any ideas?

 Yes, you can. Yes, we do. We added krb5 in the mix last year, too.

>> Actually it looks rather easy, e.g.
>> http://seriousbirder.com/blogs/centos-6-with-kerberos-authentication/
>>
>> Thanks again, Mark.

Would have said more, but I'm busy fighting fires today.
Hi,
>
> you can try this:
>
> http://www.couyon.net/1/post/2012/04/enabling-ldap-usergroup-support-and-authentication-in-centos-6.html
>
> You need to edit the ldap fields for AD though.
>
Yeah, we had that issue here, and I gather, from my manager, that it took
*years*, literally, to get the WinBlows aedmins in charge of the AD to
agree to add the necessary fields.

   mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[Todor Petkov]

On 25/03/2014 02:31 PM, Nux! wrote:
> On 25.03.2014 12:20, Nux! wrote:
>> On 25.03.2014 12:01, mark wrote:
>>> On 03/25/14 06:08, Nux! wrote:
 Hi,

 Does anyone know if it's possible to auth users against AD and 
 how?
 I
 don't want to register the station to the domain, just auth the
 users
 against it.
 We have a local mediawiki installation that auths users against 
 the
 AD
 without having any admin access to it.

 Any ideas?
>>>
>>> Yes, you can. Yes, we do. We added krb5 in the mix last year, too.
>>>
>>> mark
>>
>> Mark,
>>
>> Thanks, can you point me to some docs?
>
>
> Actually it looks rather easy, e.g.
> http://seriousbirder.com/blogs/centos-6-with-kerberos-authentication/
>
> Thanks again, Mark.


Hi,

you can try this:

http://www.couyon.net/1/post/2012/04/enabling-ldap-usergroup-support-and-authentication-in-centos-6.html

You need to edit the ldap fields for AD though.

Regards,


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Full Screen in Dual Monitor setup.

[Ray Frush]

This question is related to Centos 6.4 running on workstations with dual
monitors attached using Nvidia drivers, twinview mode.


We've gotten stuck on a window manager specific issue with getting
'vncviewer' (tigervnc) to go full screen to both monitors.

If Gnome is the window manager, we have no issues.  Hitting "F8" in
vncviewer and selecting "full screen" expands the viewer across both
displays as expected.

If KDE is the window manager, vncviewer will only expand to completely fill
one of the two displays, even if the 'vncviewr' option "enable full-screen
over all monitors" is enabled.

In the "Multiple Monitors" system settings all options are enabled,
suggesting that multiple monitor full screen mode should be working.

Any thoughts on how to get full screen to work across both displays
properly on KDE?



Extra information:

VNC:
tigervnc-1.3.0-16.el6.x86_64  (issue is seen with stock
tigervnc-1.1.0-5.el6.x86_64.rpm)

Nvidia driver packages installed:

kmod-nvidia-310.44-1.el6.elrepo.x86_64
nvidia-x11-drv-310.44-1.el6.elrepo.x86_64



Ray Frush   "Either you are part of the solution
T:970.288.6223   or part of the precipitate."
-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-
 Avago Technologies | APD Technical Computing | IT Engineer
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Linux malware attack

[Les Mikesell]

On Fri, Mar 21, 2014 at 4:18 PM,   wrote:
>>
>> #5 (non-standard port) is very useful.  Not for protecting yourself
>> against attack, but from not having your log files fill up with all of
>> the automated attack scripts.  Which makes it easier to spot the more
>> serious attackers who have taken the time and effort to find your SSH
>> port.
>
> Huh! That's the *only* rationale I've ever heard for security through
> obscurity that actually makes sense. (One of my ongoing "goals" for the
> annual review is cutting down the noise in our logs.)
> 

It's all obscurity even if you think you can call it something else.
OpenVPN over UDP configured to not respond at all unless the
certificates match is even better at being hard to find with random
probes, though.

-- 
  Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Nels Lindquist]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 3/24/2014 3:17 PM, benf...@parts-unknown.org wrote:
> Hi,
> 
> Horde seems to be quite the problem child. It sorta kinda looks
> like session handling is entirely broken.

What are you using for a session handler?

> kronolith will let me in, but not for long. Then I get "invalid
> token" and am bounced back to the home screen.

Tokens are different from sessions (related to forms, etc), and are
configured differently.

> imp won't let me in at all. This behavior is completely broken: I
> get a log in screen and a message in /var/log/messages about not
> being authorized for IMP (which is apparently right up there in the
> list of useless, meaningless error messages).

What are you using as an authentication backend?  Many people with the
simplest use case for Horde (single domain webmail; one server) set up
the one required backend in IMP, and then allow Horde to use IMP for
authentication, which in effect passes authentication for all of Horde
through to the underlying mail server.

> Looking around on the web, I see a google thread about somebody
> saying kronolith shouldn't reset session data, and Jan Schneider,
> the horde developer, I think, insisting that it must. He seems to
> have his own idea about how things should work--and I'm beginning
> to wonder if it actually does.

Not sure about this; I've never had users reporting any session issues
in kronolith, even with the H3 framework you're trying to make work.

> Has anybody gotten this working?
> 
> By the way, this is CentOS 6.5.
> 

Nels Lindquist
- 


-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQB1AwUBUzGnPBP/WUEM2uY9AQLO3gMAvTiIq8IbokaEVKx7hAuzcsgfqHPcZdOv
fqEJZz86l8tFOG9fWbltuD3cfFA8mXCIdSHmfChGA6EnMjgV078sOYLSnIZdDp/u
07buznvq5UIdfVKMAd5fRe3whrdAZK0t
=i/hs
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[Les Mikesell]

On Tue, Mar 25, 2014 at 7:31 AM, Nux!  wrote:
> Does anyone know if it's possible to auth users against AD and how?
 I
 don't want to register the station to the domain, just auth the
 users
 against it.
 We have a local mediawiki installation that auths users against the
 AD
 without having any admin access to it.

> Actually it looks rather easy, e.g.
> http://seriousbirder.com/blogs/centos-6-with-kerberos-authentication/
>

That works for ordinary logins and ssh - you still need to add the
users but you don't have to maintain passwords.   Won't work for samba
shares, though.

-- 
  Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Les Mikesell]

On Tue, Mar 25, 2014 at 9:53 AM, Ned Slider  wrote:
>
> I see two types of user - those who just want it to work out of the box
> with a Windows-like point and click interface to configure things
> without really having any clue what is happening under the bonnet, and
> those who want to assemble a system from the component parts and have a
> fuller understanding of how their system works.

There's also a big middle ground where you want to set up a system for
someone else to manage and not have them call you everything they need
a small change.  Like a remote office where you want the office
manager to be able to manage users/groups and maybe even give a new
printer a name to match the label they stuck on it - and you wouldn't
trust them to be root at a command line.  Or a friend who wants a home
file server with the potential for adding other services.

> For the latter, I wrote
> the Postfix series of guides on the Wiki
>
> http://wiki.centos.org/HowTos#head-0facb50d5796bee0bd394636c32ffa9a997a6ab5
>
> which were designed to be modular and extensible, allowing folks to
> start off with a basic Postfix mail server and add such functionality as
> spam/virus filtering or authentication etc to their setup as and when
> required, learning the underlying technologies as they go.

Things like that are fine for pros.   How much time should a
non-technical person allow, starting from scratch and nothing but
instructions they haven't read yet, before they would have a safe,
working, email server?  And really, why should they care about the
underlying technology?  Standard protocols are standard protocols.

> Personally I would rather learn how to do something myself rather than
> have it pre-configured in such a way as someone else deems appropriate.
> That way when it breaks I have a clue how to fix it. So for me, a SIG
> needs to be little more than a set of tried and tested documentation

Yes, that is exactly the point of SME/ClearOS.  First, they don't
break much because their combinations of packages are well tested
together, and second, if they do break,  the authors and large base of
users running the same thing are going to collaborate on the fix.  If
you assemble a bunch of pieces yourself out of the bare CentOS tools
you are on your own.  Again, that's fine for pros - and anyone getting
paid to repeat work that has been done over and over again (sometimes
right, sometimes badly...).

> I don't want/need a pre-configued
> installable ISO image or whatever that has already made lots of
> predetermined choices for me.

No one is forcing you to use a known working configuration if you
really want the toolbox.  But be realistic about how much time it has
cost you.  The great thing about software is how re-usable it is - and
except for users/groups and ip addresses, that pretty much applies to
configurations too.  So a configuration that provides a good service
in one place can do the same in a lot of places without wasting a lot
of time to reproduce it.

-- 
  Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Ned Slider]

On 25/03/14 14:06, Ljubomir Ljubojevic wrote:
> On 03/25/2014 12:45 PM, Ned Slider wrote:
>> On 25/03/14 04:05, Les Mikesell wrote:
>>> On Mon, Mar 24, 2014 at 6:38 PM, Johnny Hughes  wrote:
>>
>> Has anybody gotten this working?
>>
>> By the way, this is CentOS 6.5.
> If you are starting from scratch building a mail server you might want
> to look at SME server or ClearOS where webmail works out of the box.
>

 It would be my personal preference that we help people run things on
 CentOS rather than always recommending another distribution.
>>>
>>> SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if
>>> CentOS6 had had a timely release.  They are the same code underneath,
>>> just already configured to work as installed and with a few additions.
>>>
>>
>> Whilst I understand why Johnny would prefer to be able to offer a
>> CentOS-based solution rather than signposting users towards other
>> products, I must admit I kind of agree with Les here.
>>
>> My initial thought to Johnny's reply was why would CentOS want to
>> reinvent this particular wheel, looking to solve a problem that has
>> already been solved, just not by CentOS.
>>
>> But if that's what a SIG wants to do, in the CentOS space, fine. Just be
>> aware that a number of mature products already exist so you have a lot
>> of catch up work to do just to get off the starting line.
>>
>> What demand for such a product do you think exists from CentOS users? My
>> guess is if people want or need that product they have long since been
>> using the competition's offerings. So how long do you think it will take
>> to get a CentOS offering to the point it can win back users from the
>> competition? These are the types of questions I'd be thinking about if I
>> were considering investing my time in such a SIG.
>>
>
> On top of what you said, I would add that majority of users are not real
> hard core admins, just people with an itch to scratch. So in that case
> out-of-the-box working system for regular Joe is what they need, a car
> that you can start and drive, not an assembly kit that need weeks of
> learning and putting together before driving it.
>
> SME like ClearOS if what they need, and it is good way to start learning
> about CentOS, since all base packages are just that. I also started with
> ClarckConnect (ClearOS) in 2005, and I started to learn how things work
> once I had my web and mail server running on them.
>
>

Yes, I agree.

I see two types of user - those who just want it to work out of the box 
with a Windows-like point and click interface to configure things 
without really having any clue what is happening under the bonnet, and 
those who want to assemble a system from the component parts and have a 
fuller understanding of how their system works. For the latter, I wrote 
the Postfix series of guides on the Wiki

http://wiki.centos.org/HowTos#head-0facb50d5796bee0bd394636c32ffa9a997a6ab5

which were designed to be modular and extensible, allowing folks to 
start off with a basic Postfix mail server and add such functionality as 
spam/virus filtering or authentication etc to their setup as and when 
required, learning the underlying technologies as they go.

Personally I would rather learn how to do something myself rather than 
have it pre-configured in such a way as someone else deems appropriate. 
That way when it breaks I have a clue how to fix it. So for me, a SIG 
needs to be little more than a set of tried and tested documentation I 
can follow together with a few extra packages in 
/CentOS/SIG/MailServerExtras that are missing from Core (which already 
exist in Repoforge and EPEL anyway). I don't want/need a pre-configued 
installable ISO image or whatever that has already made lots of 
predetermined choices for me.



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Les Mikesell]

On Tue, Mar 25, 2014 at 9:06 AM, Ljubomir Ljubojevic  wrote:
>
> On top of what you said, I would add that majority of users are not real
> hard core admins, just people with an itch to scratch. So in that case
> out-of-the-box working system for regular Joe is what they need, a car
> that you can start and drive, not an assembly kit that need weeks of
> learning and putting together before driving it.
>
> SME like ClearOS if what they need, and it is good way to start learning
> about CentOS, since all base packages are just that. I also started with
> ClarckConnect (ClearOS) in 2005, and I started to learn how things work
> once I had my web and mail server running on them.

I always thought that the CentOS project did itself a disservice by
not encouraging and staying associated with the more usable respins.
 Another good one that worked up through CentOS5 was K12LTSP which was
a fairly stock CentOS install that would come up PXE-booting thin
clients - and it added a working java (back when that wasn't easy),
flash, and a set of education-related programs.  I hope the future SIG
concept brings more of that kind of appliance-like setup
pre-configured to do certain jobs without additional fiddling.

-- 
   Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Nels Lindquist]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

We've been using Horde on CentOS for years, and I'm just about to
deploy a new server into production running the latest Horde release
on CentOS 6.5.

I see later in the thread that you're trying to use the EPEL packages,
which are based on the Horde 3 framework.  The current stable
framework is Horde 5, which is significantly advanced from the Horde 3
framework.

I'm deploying Groupware Webmail Edition 5.1.4, which includes turba,
trean, kronolith, gollem, ingo, imp, mnemo and nag, plus I've
installed passwd separately.

There's no doubt that Horde is a complex framework which is designed
to work with a wide variety of backend services.  It can be tricky to
set up due to the level of complexity involved, but it works
beautifully once everything is set up properly.

I'm using it for a number of virtual domains on one server, with
Sendmail, Cyrus IMAPD (including Sieve for filtering) and PostgreSQL
with LDAP authentication.

Nels Lindquist
- 



On 3/24/2014 3:17 PM, benf...@parts-unknown.org wrote:
> Hi,
> 
> Horde seems to be quite the problem child. It sorta kinda looks
> like session handling is entirely broken.
> 
> kronolith will let me in, but not for long. Then I get "invalid
> token" and am bounced back to the home screen.
> 
> imp won't let me in at all. This behavior is completely broken: I
> get a log in screen and a message in /var/log/messages about not
> being authorized for IMP (which is apparently right up there in the
> list of useless, meaningless error messages).
> 
> Looking around on the web, I see a google thread about somebody
> saying kronolith shouldn't reset session data, and Jan Schneider,
> the horde developer, I think, insisting that it must. He seems to
> have his own idea about how things should work--and I'm beginning
> to wonder if it actually does.
> 
> Has anybody gotten this working?
> 
> By the way, this is CentOS 6.5.
> 
> Thanks!
> 
> 
> 
> ___ CentOS mailing
> list CentOS@centos.org 
> http://lists.centos.org/mailman/listinfo/centos
> 

-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.20 (MingW32)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQB1AwUBUzGQ0BP/WUEM2uY9AQKV+wL9FZhjK1s7vXaPePiRzHwEMpmBrK1qjPu0
R9Zl4GLyqjN4DjPhYTaJibUNlczgGpb1jvUY/VOot/uV/rfy2dQx1ctG5mzqQFUe
bMKp3h51VRYTZqMB5ERhzNDIGEEy7+2r
=LR5f
-END PGP SIGNATURE-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Ljubomir Ljubojevic]

On 03/25/2014 12:45 PM, Ned Slider wrote:
> On 25/03/14 04:05, Les Mikesell wrote:
>> On Mon, Mar 24, 2014 at 6:38 PM, Johnny Hughes  wrote:
>
> Has anybody gotten this working?
>
> By the way, this is CentOS 6.5.
 If you are starting from scratch building a mail server you might want
 to look at SME server or ClearOS where webmail works out of the box.

>>>
>>> It would be my personal preference that we help people run things on
>>> CentOS rather than always recommending another distribution.
>>
>> SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if
>> CentOS6 had had a timely release.  They are the same code underneath,
>> just already configured to work as installed and with a few additions.
>>
>
> Whilst I understand why Johnny would prefer to be able to offer a
> CentOS-based solution rather than signposting users towards other
> products, I must admit I kind of agree with Les here.
>
> My initial thought to Johnny's reply was why would CentOS want to
> reinvent this particular wheel, looking to solve a problem that has
> already been solved, just not by CentOS.
>
> But if that's what a SIG wants to do, in the CentOS space, fine. Just be
> aware that a number of mature products already exist so you have a lot
> of catch up work to do just to get off the starting line.
>
> What demand for such a product do you think exists from CentOS users? My
> guess is if people want or need that product they have long since been
> using the competition's offerings. So how long do you think it will take
> to get a CentOS offering to the point it can win back users from the
> competition? These are the types of questions I'd be thinking about if I
> were considering investing my time in such a SIG.
>

On top of what you said, I would add that majority of users are not real 
hard core admins, just people with an itch to scratch. So in that case 
out-of-the-box working system for regular Joe is what they need, a car 
that you can start and drive, not an assembly kit that need weeks of 
learning and putting together before driving it.

SME like ClearOS if what they need, and it is good way to start learning 
about CentOS, since all base packages are just that. I also started with 
ClarckConnect (ClearOS) in 2005, and I started to learn how things work 
once I had my web and mail server running on them.


-- 
Ljubomir Ljubojevic
(Love is in the Air)
PL Computers
Serbia, Europe

StarOS, Mikrotik and CentOS/RHEL/Linux consultant
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Les Mikesell]

On Tue, Mar 25, 2014 at 5:52 AM, Leon Fauster
 wrote:
>
>> SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if
>> CentOS6 had had a timely release.  They are the same code underneath,
>> just already configured to work as installed and with a few additions.
>
>
> the point is that it is not CentOS, even RHEL is not CentOS.

No, it actually is mostly CentOS.  Same packages.   ClearOS used
CentOS5 too, and only did their own rebuild after getting tired of
waiting for 6.   SME has a somewhat different installer that can
install on a single disk as a 'broken' raid1, letting you add a mirror
later, which is a nice touch, but the kernel and supporting code is
the same once it is running.  They both are managed in  a very
different way (through a web interface) than a stock system, but
that's the point.  If you want to do what they are set up to do, they
make it much easier to get the same reliable code working.  On the
other hand, if you want something different, you end up having to do
even more work to customize them.

> the "webmail" is a specific scenario, maybe a variant spin of
> CentOS could be the result of a SIG.

I thought when the topic of SIGs for CentOS 7 first came up there was
some input from the SME and ClearOS groups.  Not sure if SME would be
quite the same without their custom installer, but I think ClearOS is
already just extra RPMs on top of a stock system.

-- 
  Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[Nux!]

On 25.03.2014 12:20, Nux! wrote:
> On 25.03.2014 12:01, mark wrote:
>> On 03/25/14 06:08, Nux! wrote:
>>> Hi,
>>> 
>>> Does anyone know if it's possible to auth users against AD and how? 
>>> I
>>> don't want to register the station to the domain, just auth the 
>>> users
>>> against it.
>>> We have a local mediawiki installation that auths users against the
>>> AD
>>> without having any admin access to it.
>>> 
>>> Any ideas?
>> 
>> Yes, you can. Yes, we do. We added krb5 in the mix last year, too.
>> 
>>  mark
> 
> Mark,
> 
> Thanks, can you point me to some docs?


Actually it looks rather easy, e.g.
http://seriousbirder.com/blogs/centos-6-with-kerberos-authentication/

Thanks again, Mark.


-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[Nux!]

On 25.03.2014 12:01, mark wrote:
> On 03/25/14 06:08, Nux! wrote:
>> Hi,
>> 
>> Does anyone know if it's possible to auth users against AD and how? I
>> don't want to register the station to the domain, just auth the users
>> against it.
>> We have a local mediawiki installation that auths users against the 
>> AD
>> without having any admin access to it.
>> 
>> Any ideas?
> 
> Yes, you can. Yes, we do. We added krb5 in the mix last year, too.
> 
>   mark

Mark,

Thanks, can you point me to some docs?

Lucian

-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Authenticating against AD (without adding to domain)

[mark]

On 03/25/14 06:08, Nux! wrote:
> Hi,
>
> Does anyone know if it's possible to auth users against AD and how? I
> don't want to register the station to the domain, just auth the users
> against it.
> We have a local mediawiki installation that auths users against the AD
> without having any admin access to it.
>
> Any ideas?

Yes, you can. Yes, we do. We added krb5 in the mix last year, too.

mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 109, Issue 12

[centos-announce-request]

Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CEBA-2014:0317  CentOS 5 ksh Update (Johnny Hughes)
   2. CEBA-2014:0318  CentOS 6 grep Update (Johnny Hughes)
   3. CEBA-2014:0320  CentOS 6 spice-vdagent Update (Johnny Hughes)
   4. CESA-2014:0322 Moderate CentOS 5 net-snmp Update (Johnny Hughes)
   5. CESA-2014:0321 Moderate CentOS 6 net-snmp Update (Johnny Hughes)


--

Message: 1
Date: Mon, 24 Mar 2014 12:03:16 +
From: Johnny Hughes 
Subject: [CentOS-announce] CEBA-2014:0317  CentOS 5 ksh Update
To: centos-annou...@centos.org
Message-ID: <20140324120316.ga...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2014:0317 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0317.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
f194d049059a6a944a8216e9c4a1263b7c359c3ef7f560c89d7d97b5ec0c6947  
ksh-20100621-18.el5_10.1.i386.rpm

x86_64:
1ea91253f108e0f69518e93596a51238f8e7a7969fafc85be3c5ad79c3552c0e  
ksh-20100621-18.el5_10.1.x86_64.rpm

Source:
b47d086229d3422d2cceabe12b8fc381dc5cb1b52d677e2817b1a1243f7fca8d  
ksh-20100621-18.el5_10.1.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 2
Date: Mon, 24 Mar 2014 12:43:23 +
From: Johnny Hughes 
Subject: [CentOS-announce] CEBA-2014:0318  CentOS 6 grep Update
To: centos-annou...@centos.org
Message-ID: <20140324124323.ga19...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2014:0318 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0318.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
d97d78ed0ecc7cf76343f0df87214b7db886676708d5351d4268816f90c195d8  
grep-2.6.3-4.el6_5.1.i686.rpm

x86_64:
aece77f39ea97b074a84de88c38836b8f12176172267591426a17bd027829f21  
grep-2.6.3-4.el6_5.1.x86_64.rpm

Source:
66b5f77b5513c18e9e285892560ccec3c34222dc7e7539b5f5be8d81a46447fa  
grep-2.6.3-4.el6_5.1.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 3
Date: Mon, 24 Mar 2014 14:36:32 +
From: Johnny Hughes 
Subject: [CentOS-announce] CEBA-2014:0320  CentOS 6 spice-vdagent
Update
To: centos-annou...@centos.org
Message-ID: <20140324143632.ga26...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2014:0320 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0320.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
f713a3c722898be082917e1c5ec2a61ad9411afec4b5ed774d2e7a6bc5affb34  
spice-vdagent-0.14.0-3.el6_5.i686.rpm

x86_64:
5fbae09c22906587fcaa0b355c6a66cdfe68db56fcfa7453b53364b72f9532b0  
spice-vdagent-0.14.0-3.el6_5.x86_64.rpm

Source:
e13385524526967b8086c10a21977e2b93777d127fdaf188ff1bc2307716e528  
spice-vdagent-0.14.0-3.el6_5.src.rpm



-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 4
Date: Mon, 24 Mar 2014 20:45:45 +
From: Johnny Hughes 
Subject: [CentOS-announce] CESA-2014:0322 Moderate CentOS 5 net-snmp
Update
To: centos-annou...@centos.org
Message-ID: <20140324204545.ga25...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2014:0322 Moderate

Upstream details at : https://rhn.redhat.com/errata/RHSA-2014-0322.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( sha256sum Filename ) 

i386:
aac06404e9773899457e9ded7cf7c627f8e1918dd3d16be17e16da8580492882  
net-snmp-5.3.2.2-22.el5_10.1.i386.rpm
429150fac6a12e51fe4e5b7773b4b66126467c0083e8ef127af0c34c5b2bd382  
net-snmp-devel-5.3.2.2-22.el5_10.1.i386.rpm
923b759ff2c6dfc9d2aa97640841635516b3bc3a844e1b8ed5a40e9571898bc8  
net-snmp-libs-5.3.2.2-22.el5_10.1.i386.rpm
462484a7f4e12df4858b6cafc9dd7566f833648d6e0d6ef0824cca03fa263cef  
net-snmp-perl-5.3.2.2-22.el5_10.1.i386.rpm
c1de2b2320b5399df8641711579f0fe210c9d40b2b58a0c973481126cc3f4a32  
net-snmp-utils-5.3.2.2-22.el5_10.1.i386.rpm

x86_64:
b09d05fdf5f1d90b409ee2abd380154512bb7e7f80adde81435dc1e19c796

Re: [CentOS] has anybody gotten horde working?

[Ned Slider]

On 25/03/14 04:05, Les Mikesell wrote:
> On Mon, Mar 24, 2014 at 6:38 PM, Johnny Hughes  wrote:

 Has anybody gotten this working?

 By the way, this is CentOS 6.5.
>>> If you are starting from scratch building a mail server you might want
>>> to look at SME server or ClearOS where webmail works out of the box.
>>>
>>
>> It would be my personal preference that we help people run things on
>> CentOS rather than always recommending another distribution.
>
> SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if
> CentOS6 had had a timely release.  They are the same code underneath,
> just already configured to work as installed and with a few additions.
>

Whilst I understand why Johnny would prefer to be able to offer a 
CentOS-based solution rather than signposting users towards other 
products, I must admit I kind of agree with Les here.

My initial thought to Johnny's reply was why would CentOS want to 
reinvent this particular wheel, looking to solve a problem that has 
already been solved, just not by CentOS.

But if that's what a SIG wants to do, in the CentOS space, fine. Just be 
aware that a number of mature products already exist so you have a lot 
of catch up work to do just to get off the starting line.

What demand for such a product do you think exists from CentOS users? My 
guess is if people want or need that product they have long since been 
using the competition's offerings. So how long do you think it will take 
to get a CentOS offering to the point it can win back users from the 
competition? These are the types of questions I'd be thinking about if I 
were considering investing my time in such a SIG.




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] has anybody gotten horde working?

[Leon Fauster]

Am 25.03.2014 um 05:05 schrieb Les Mikesell :
> On Mon, Mar 24, 2014 at 6:38 PM, Johnny Hughes  wrote:
>>> If you are starting from scratch building a mail server you might want
>>> to look at SME server or ClearOS where webmail works out of the box.
>>> 
>> 
>> It would be my personal preference that we help people run things on
>> CentOS rather than always recommending another distribution.
> 
> SME isn't exactly an 'other' distribution, and ClearOS wouldn't be if
> CentOS6 had had a timely release.  They are the same code underneath,
> just already configured to work as installed and with a few additions.


the point is that it is not CentOS, even RHEL is not CentOS. 

the "webmail" is a specific scenario, maybe a variant spin of 
CentOS could be the result of a SIG.  

--
LF

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] sssd run level get turned off automagically

[Arun Khan]

On Tue, Mar 25, 2014 at 1:44 PM, Clint Dilks  wrote:
> On 25/03/2014 7:52 PM, "Arun Khan"  wrote:
>>
>> CentOS 6.5 (AMD64)
>> LDAP DS:  via SSSD
>>
>> When I did the OS installation (client site), I had turned the service
>> ON with 'chkconfig sssd on'  and 'chkconfig sssd --list' showed that
>> it was ON
>>
>> However, whenever the server has been 'hard' rebooted, 'service sssd
>> status' shows that it is not running.'chkconfig sssd --list' shows
>> it is OFF!
>>
>> I don't understand how it is automagically turned off.  Any ideas what
>> could be the problem.
>>
>
> Hi did you  run authconfig after setting sssd to start on boot?
>

The command I used was taken from this site


 authconfig --enablesssd --enablesssdauth
--enablelocauthorize --update

File /etc/sssd/sssd.conf -- once sssd is running no issue with LDAP binding.

Thanks
-- 
Arun Khan
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Authenticating against AD (without adding to domain)

[Nux!]

Hi,

Does anyone know if it's possible to auth users against AD and how? I 
don't want to register the station to the domain, just auth the users 
against it.
We have a local mediawiki installation that auths users against the AD 
without having any admin access to it.

Any ideas?

Lucian

-- 
Sent from the Delta quadrant using Borg technology!

Nux!
www.nux.ro
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] sssd run level get turned off automagically

[Clint Dilks]

On 25/03/2014 7:52 PM, "Arun Khan"  wrote:
>
> CentOS 6.5 (AMD64)
> LDAP DS:  via SSSD
>
> When I did the OS installation (client site), I had turned the service
> ON with 'chkconfig sssd on'  and 'chkconfig sssd --list' showed that
> it was ON
>
> However, whenever the server has been 'hard' rebooted, 'service sssd
> status' shows that it is not running.'chkconfig sssd --list' shows
> it is OFF!
>
> I don't understand how it is automagically turned off.  Any ideas what
> could be the problem.
>

Hi did you  run authconfig after setting sssd to start on boot?

> 
>
> [root@storage ~]# chkconfig sssd --list
> sssd0:off   1:off   2:on3:off   4:off   5:off   6:off
> [root@storage ~]# chkconfig sssd on
> [root@storage ~]# chkconfig sssd --list
> sssd0:off   1:off   2:on3:on4:on5:on6:off
> [root@storage ~]# service sssd start
> Starting sssd: [  OK  ]
> [root@storage ~]# service sssd status
> sssd (pid  3511) is running...
>
> 
>
> --
> Arun Khan
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos