Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of John R Pierce > Sent: den 29 juni 2015 08:29 > To: centos@centos.org > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > On 6/28/2015 11:11 PM, Sorin Srbu wrote: > > May I ask why you don't just use a made-for-the-purpose-distro like > > Smoothwall to do this? > > indeed, I use pfSense, running on a APU1D4 [1] router board as my firewall, > and a separate home server on a HP Microserver [2]. IMHO, keeping the > firewall function completely separate simplifies security. > > [1] http://store.netgate.com/kit-APU1C4.aspx > [2] http://www8.hp.com/h20195/v2/GetPDF.aspx/c04111079.pdf That DIY Kit was pretty cool, thanks for the info! -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 6/28/2015 11:11 PM, Sorin Srbu wrote: May I ask why you don't just use a made-for-the-purpose-distro like Smoothwall to do this? indeed, I use pfSense, running on a APU1D4 [1] router board as my firewall, and a separate home server on a HP Microserver [2]. IMHO, keeping the firewall function completely separate simplifies security. that router board can handle 300 Mbit/sec of NAT firewall rules, since I only have 30Mbit internet, thats plenty of headroom.the Microserver has 4x3 TB SATA drives in a raidZ (ZFS) for 7.5 TiB usable. I can muck about with the server at my leisure, and reboot it, and not affect internet routing to my wife. the firewall doesn't need mucking about with and has uptimes measured in months (time between pfSense upgrades).pfSense provides the DHCP and DNS and NTP services for the LAN. [1] http://store.netgate.com/kit-APU1C4.aspx [2] http://www8.hp.com/h20195/v2/GetPDF.aspx/c04111079.pdf -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of Sorin Srbu > Sent: den 29 juni 2015 08:11 > To: CentOS mailing list > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > > -Original Message- > > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] > On > > Behalf Of Max Pyziur > > Sent: den 28 juni 2015 20:50 > > To: centos@centos.org > > Subject: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > > server > > > > I'm rebuilding a machine to function as a gateway/router to Verizon DSL. > > May I ask why you don't just use a made-for-the-purpose-distro like > Smoothwall to do this? > I takes (almost) all of the pain out of configuring stuff, and is quite secure due > to not having as much "junk" pre-installed as CentOS 6? Please note: I'm not criticizing, just curious about the argument behind using a regular OS to do firewall-stuff. -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of Max Pyziur > Sent: den 28 juni 2015 20:50 > To: centos@centos.org > Subject: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > I'm rebuilding a machine to function as a gateway/router to Verizon DSL. Hi, May I ask why you don't just use a made-for-the-purpose-distro like Smoothwall to do this? I takes (almost) all of the pain out of configuring stuff, and is quite secure due to not having as much "junk" pre-installed as CentOS 6? -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /boot on a separate partition?
On Fri, Jun 26, 2015 at 8:47 PM, Jonathan Billings wrote: > On Fri, Jun 26, 2015 at 10:54:07AM -0600, Chris Murphy wrote: >> This makes no sense to me. rEFInd dynamically discovers linux kernel >> updates, it doesn't need any regular configuration file changes. Once >> you configure it, it's a static configuration file unlike grub.cfg or >> extlinux.conf. >> >> So why do you need /boot/efi persistently mounted? You don't even need >> what GRUB users ought to have which is fstab using mount options >> noauto,x-systemd.automount for /boot/efi. > > Surprisingly enough, we actually like to ensure the rEFInd > configuration is correct, and it isn't like it is hurting anyone to > have it mounted. Its a managed system, users don't get root access. it doesn't seem like there's any advantage, especially with rEFInd which unlike the RH/CentOS/Fedora GRUB2 method right now, doesn't need to update anything on the ESP ever. The two disadvantages: https://bugzilla.redhat.com/show_bug.cgi?id=1077917 https://bugzilla.kernel.org/show_bug.cgi?id=92721 It's a bad practice, and I wish the distros would stop being neurotic about mounting everything just because it can be mounted. > Also, we have been seeing Win7 mucking around with the EFI partition > post-install, so it helps to make sure things are correct, although > typically what happens is Windows makes it so it is the only boot > option, and preempts rEFInd, and Linux never even gets a chance to > run. The Windows installer is expected to modify the ESP and NVRAM in its favor. The RH/CentOS/Fedora installer does the same thing, with the only supported configuration in Fedora being Fedora installed after Windows, not the reverse. I didn't think dual-boot was supported at all by RHEL or CentOS. So what's likely happening is: a. the ESP//EFI/BOOT/BOOTX64.EFI file is being stepped on by the Windows installer and replaced with the Windows bootloader since this path is the fallback bootloader position. Normally for dual boot systems this is a copy of shim.efi, I'm not sure what does this with rEFInd installations, if it's also shim.efi (likely) or a copy of rEFInd.efi. b. the NVRAM boot order is changed to favor Windows. So chances are all you have to do is change the boot order using efibootmgr. If you use # efibootmgr -v So long as the boot order points to shim.efi and things are set so that shim.efi points to rEFInd, rEFInd itself doesn't care about or depend on NVRAM contents. But NVRAM has to provide an initial path that results in rEFInd getting loaded. -- Chris Murphy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 6/28/2015 3:49 PM, Max Pyziur wrote: I also seem to need to load iptable_nat nf_nat_ftp via rc.local Is this correct? only if you're running some Linux build from the 1990s. nothing on RHEL/CentOS should need anything in rc.local -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 29/06/15 01:07, Kahlil Hodgson wrote: > On 29 June 2015 at 07:37, John R Pierce wrote: > >> so a regex looking for "system:" vs "system {" should nicely delineate >> these. I dunno, I might even put that into the conversion utility and >> have it just quit if the file is already in the new format, and always run >> it. > > â+1 for the idempotent approach. IMHO much more robust. Also consider what > will happen if someone does a 'yum downgrade' on the package or a > dependency -- you might want to allow the conversion to go both ways or at > least complain appropriately. Yep. I've already considered this approach, but I avoid regexes as much as possible. They're great for some work, but they can inadvertently match too much or fail (for example if the "system" keyword and the opening brace are on different lines). You see where I'm going? But, this is a digression... I also prefer an idempotent approach, and I'm already talking to the authors of this specific package (knot dns), about making their knot1to2 utility idempotent, so that it's always safe to run it. However, one problem is that nothing can handle downgrades. The v2 config format is a superset of the v1 format, and while not impossible, it's very hard to go back. There is no reverse knot2to1 utility. I'd like to thank everyone for the various suggestions. I'm going to place with them and see which one works out best. Finally, as an aside, I'd like to mention that upgrading my own systems is easy, because I have control over them. My motivation for asking this question was for making an EPEL package that can work for most people without breaking their installations (especially if they have unattended yum updates, like with yum-cron). Anand ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 06/28/2015 03:20 PM, Alexander Dalloz wrote: > Am 28.06.2015 um 20:50 schrieb Max Pyziur: > > > Part of the firewall setup (iptables) is to configure masquerading. > That's you issue, the missing masquerading of the traffic from the LAN > hosts through the gateway. > >> I'm obviously overlooking some other configuration settings required for >> machines inside the network being able to connect through the >> gateway/router. >> >> Thanks for any advice in advance as others have stated, you need to use nating; you won't actually be routing traffic (unless you've been allocated a routable network. which is possible, but pretty unlikely). the script I use (stolen from some google search, I'm sure. I can't give proper attribution if pressed): iptables --flush# Flush all the rules in filter and nat tables iptables --table nat --flush iptables --delete-chain # Delete all chains that are not in default filter and nat table iptables --table nat --delete-chain # Set up IP FORWARDing and Masquerading iptables --table nat --append POSTROUTING --out-interface eth2 -j MASQUERADE iptables --append FORWARD --in-interface eth3 -j ACCEPT # Enables packet forwarding by kernel echo 1 > /proc/sys/net/ipv4/ip_forward in this case eth3 would be your local, non-routed network (e.g. 10.* or 192.168.*) and eth2 would be your regular network interface (like the one plugged into your cable modem or DSL connection) it'd likely need to be customized for your environment and running it would likely destroy any firewall rules you have setup, fair warning. -- public gpg key id: AE60F64C ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 29 June 2015 at 07:37, John R Pierce wrote: > so a regex looking for "system:" vs "system {" should nicely delineate > these. I dunno, I might even put that into the conversion utility and > have it just quit if the file is already in the new format, and always run > it. > â+1 for the idempotent approach. IMHO much more robust. Also consider what will happen if someone does a 'yum downgrade' on the package or a dependency -- you might want to allow the conversion to go both ways or at least complain appropriately. âKâ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On Sun, 28 Jun 2015, Brian Miller wrote: On Sun, 2015-06-28 at 14:50 -0400, Max Pyziur wrote: I haven't setup the firewall yet (dangerous, I know) until I get the connectivity working. I'm obviously overlooking some other configuration settings required for machines inside the network being able to connect through the gateway/router. As others have pointed out, you're either missing a NAT layer or you got a large enough IP allocation to subnet and you haven't set up routing. Probably safe to assume it's NAT. I'd suggest at a minimum you install something like shorewall to assist in managing your firewall and IP masquerading tasks. It's available in EPEL, is very well documented, and provides enough built in sanity checks to protect you against making some silly (and some not so silly) mistakes in your firewall management. Thanks to all for pointing me in the direction of iptables and IP masquerading. From several sources, code, the stock CentOS iptables I've cobbled the following /etc/sysconfig/iptables; while it works, I suspect that there are holes: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -j MASQUERADE COMMIT *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT -A INPUT -p icmp -j ACCEPT -A INPUT -i lo -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT -A INPUT -m state --state NEW -m tcp -p tcp --dport 443 -j ACCEPT COMMIT I also seem to need to load iptable_nat nf_nat_ftp via rc.local Is this correct? Thank you again, Max ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] LVM hatred, was Re: /boot on a separate partition?
On Wed, 24 Jun 2015 14:06:19 -0500 Chris Adams wrote: > Now, if btrfs ever gets all the kinks worked out (and has a stable > "fsck" for the corner cases), it integrates volume management into the > filesystem, which makes some of the management easier. I used AdvFS on > DEC/Compaq/HP Tru64 Unix, which had some of that, and it made some of > this easier/faster/smoother. Btrfs may eventually obsolete a lot of > uses of LVM, but that's down the road. https://en.wikipedia.org/wiki/AdvFS AdvFS uses a relatively advanced concept of a storage pool (called a file domain) and of logical file systems (called file sets). A file domain is composed of any number of block devices, which could be partitions, LVM or LSM devices. I really miss this. BR, Bob ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 6/28/2015 2:26 PM, Anand Buddhdev wrote: On 28/06/15 17:50, John R Pierce wrote: why doesn't the config file have the version in it ? not having that makes your whole system error prone. Perhaps I wasn't clear. Version 1 of the package uses a config file that looks like this: system { setting1 value1; setting2 value2; } interfaces { iface1; iface2; } Version 2 of the package has switched to a YAML-based syntax, so the config file needs to look like this: system: setting1: value1 setting2: value2 So, I need to be able to program the RPM so that when upgrading from 1.x to 2.x, it triggers the conversion utility that converts from v1 to v2 format. so a regex looking for "system:" vs "system {" should nicely delineate these. I dunno, I might even put that into the conversion utility and have it just quit if the file is already in the new format, and always run it. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 28/06/15 17:50, John R Pierce wrote: > On 6/27/2015 5:38 PM, Anand Buddhdev wrote: >> Thanks Joseph. I am aware of this option, but it would be only a last >> resort, because checking the format of the config file is error-prone. > > why doesn't the config file have the version in it ? not having that > makes your whole system error prone. Perhaps I wasn't clear. Version 1 of the package uses a config file that looks like this: system { setting1 value1; setting2 value2; } interfaces { iface1; iface2; } Version 2 of the package has switched to a YAML-based syntax, so the config file needs to look like this: system: setting1: value1 setting2: value2 So, I need to be able to program the RPM so that when upgrading from 1.x to 2.x, it triggers the conversion utility that converts from v1 to v2 format. Anand ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
Am 28.06.2015 um 17:50 schrieb John R Pierce : > On 6/27/2015 5:38 PM, Anand Buddhdev wrote: >> Thanks Joseph. I am aware of this option, but it would be only a last >> resort, because checking the format of the config file is error-prone. > > why doesn't the config file have the version in it ? not having that makes > your whole system error prone. normally config files have semantics that lets understand the parser the content. So, two accepting rules (regex) could be used to identify the config type of the file. -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On Sun, 2015-06-28 at 14:50 -0400, Max Pyziur wrote: > I haven't setup the firewall yet (dangerous, I know) until I get the > connectivity working. > > I'm obviously overlooking some other configuration settings required for > machines inside the network being able to connect through the > gateway/router. As others have pointed out, you're either missing a NAT layer or you got a large enough IP allocation to subnet and you haven't set up routing. Probably safe to assume it's NAT. I'd suggest at a minimum you install something like shorewall to assist in managing your firewall and IP masquerading tasks. It's available in EPEL, is very well documented, and provides enough built in sanity checks to protect you against making some silly (and some not so silly) mistakes in your firewall management. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
Am 28.06.2015 um 20:50 schrieb Max Pyziur: [ ... ] I can't connect from the home machines directly to the Internet. I have set net.ipv4.ip_forward = 1 in /etc/sysctl.conf I haven't setup the firewall yet (dangerous, I know) until I get the connectivity working. Part of the firewall setup (iptables) is to configure masquerading. That's you issue, the missing masquerading of the traffic from the LAN hosts through the gateway. I'm obviously overlooking some other configuration settings required for machines inside the network being able to connect through the gateway/router. Thanks for any advice in advance. Max Pyziur p...@brama.com Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
You need NAT setup on the server. ZK > On Jun 28, 2015, at 2:50 PM, Max Pyziur wrote: > > > Greetings, > > I'm rebuilding a machine to function as a gateway/router to Verizon DSL. > > It has two NICs eth0 and eth1 (static set to 192.168.1.1). > > eth0 connects to the DSL modem. > > I've setup Verizon DSL usine pppoe-setup, and it works. > > > I can connect from home machines to the server (192.168.1.1); while logged in > to the server, I can connect to both the internet, and the home machines. > > But ... > > I can't connect from the home machines directly to the Internet. > > I have set > net.ipv4.ip_forward = 1 > in /etc/sysctl.conf > > I haven't setup the firewall yet (dangerous, I know) until I get the > connectivity working. > > I'm obviously overlooking some other configuration settings required for > machines inside the network being able to connect through the gateway/router. > > Thanks for any advice in advance. > > > Max Pyziur > p...@brama.com > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Using a CentOS 6 Machine as a gateway/router/home server
Greetings, I'm rebuilding a machine to function as a gateway/router to Verizon DSL. It has two NICs eth0 and eth1 (static set to 192.168.1.1). eth0 connects to the DSL modem. I've setup Verizon DSL usine pppoe-setup, and it works. I can connect from home machines to the server (192.168.1.1); while logged in to the server, I can connect to both the internet, and the home machines. But ... I can't connect from the home machines directly to the Internet. I have set net.ipv4.ip_forward = 1 in /etc/sysctl.conf I haven't setup the firewall yet (dangerous, I know) until I get the connectivity working. I'm obviously overlooking some other configuration settings required for machines inside the network being able to connect through the gateway/router. Thanks for any advice in advance. Max Pyziur p...@brama.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 6/27/2015 5:38 PM, Anand Buddhdev wrote: Thanks Joseph. I am aware of this option, but it would be only a last resort, because checking the format of the config file is error-prone. why doesn't the config file have the version in it ? not having that makes your whole system error prone. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone else think the latest Xorg fix is hogging stuff?
On Sat, 2015-06-27 at 21:17 -0400, Mark LaPierre wrote: > On 06/27/15 17:05, Bill Maltby (C4B) wrote: > > Since the latest update (may wrap here), > > xorg-x11-server-Xorg-1.15.0-26.el6.centos.0.1.x86_64 Sat 20 Jun 2015 > > 04:16:01 PM EDT > > xorg-x11-server-common-1.15.0-26.el6.centos.0.1.x86_64 Sat 20 Jun 2015 > > 04:15:58 PM EDT > > > > Xorg is competing heavily with FF for top hog on my system. In FF I > > understand because I had multiple windows (6 desktops) with many tabs. I > > know this would theoretically increase Xorg work as well but prior to > > this update I seldom saw it near the top of "top" > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ > > COMMAND > > 4055 hardtolo 20 0 2165m 945m 49m R 95.9 12.0 3724:26 > > firefox > > 3119 root 20 0 276m 121m 34m S 34.0 1.6 2228:58 > > Xorg > > 15645 hardtolo 20 0 6163m 350m 26m S 10.6 4.5 181:50.51 > > java > > > > Anyone else pound the crap out of a desktop with FF and see Xorg getting > > "fat"? > > > > TIA for any clues or response. > > > > Bill > > > > Here's what I see with three FF sessions running at the same time: > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > 2631 fahclien 39 19 832m 530m 3012 S 637.9 1.7 311:40.44 FahCore_a4 > > 4236 mlapier 20 0 2530m 1.4g 42m R 83.7 4.6 2:50.27 firefox > > 2823 root 20 0 163m 42m 17m S 19.9 0.1 1:31.18 Xorg > > 3429 mlapier 20 0 625m 158m 39m S 2.3 0.5 1:06.08 skype > Follow-up from my previous post, which as others have noted Goodle is kind enoungh to not let me conveniently see ... I had forgotten that the longer FF runs in my setup the more CPU it tends to use. And I assume this feeds through to demand on Xorg. I stopped FF, restarted and now see very reasonable numbers for it and Xorg, which no longer sits so high up in CPU usage. PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND 7815 hardtolo 20 0 1590m 563m 45m S 8.9 7.2 14:42.16 firefox 8711 hardtolo 20 0 786m 91m 21m S 2.3 1.2 7:16.57 plugin-containe 9409 wild-bil 20 0 15272 1400 888 R 0.7 0.0 0:00.55 top 1867 root 20 0 000 S 0.3 0.0 0:09.25 kondemand/0 1868 root 20 0 000 S 0.3 0.0 0:06.48 kondemand/1 2195 root 20 0 22516 1084 916 S 0.3 0.0 0:12.73 hald-addon-stor 6890 TempTemp 20 0 264m 12m 4712 S 0.3 0.2 0:01.35 gnome-screensav 7315 hardtolo 20 0 540m 15m 10m S 0.3 0.2 0:13.58 clock-applet 7919 root 20 0 197m 50m 11m S 0.3 0.6 0:38.11 Xorg 8043 wild-bil 20 0 494m 10m 7884 S 0.3 0.1 0:01.35 gnome-settings- 8096 wild-bil 20 0 540m 13m 10m S 0.3 0.2 0:13.41 clock-applet Thanks for passing on the reply, which eventually logged my memory. Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
Am 28.06.2015 um 01:59 schrieb Anand Buddhdev : > In an RPM post-install script, is it possible to know the previous > version number, and the new version number of a package if it's an update? > > I need to know this, because for a certain package, if updating from > version 1.x to 2.x, I need to run a program to convert the config file > of the package from version 1.x format to version 2.x format. > > I've looked at SPEC file documentation, but haven't found anything relevant. OLDVER=$(rpm -q --qf '%{VERSION}\n' | sort -V |head -1) -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Anyone else think the latest Xorg fix is hogging stuff?
On Sat, 2015-06-27 at 21:17 -0400, Mark LaPierre wrote: > On 06/27/15 17:05, Bill Maltby (C4B) wrote: > > Since the latest update (may wrap here), > > xorg-x11-server-Xorg-1.15.0-26.el6.centos.0.1.x86_64 Sat 20 Jun 2015 > > 04:16:01 PM EDT > > xorg-x11-server-common-1.15.0-26.el6.centos.0.1.x86_64 Sat 20 Jun 2015 > > 04:15:58 PM EDT > > > > > Xorg is competing heavily with FF for top hog on my system. In FF I > > understand because I had multiple windows (6 desktops) with many tabs. I > > know this would theoretically increase Xorg work as well but prior to > > this update I seldom saw it near the top of "top" > > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ > > COMMAND > > 4055 hardtolo 20 0 2165m 945m 49m R 95.9 12.0 3724:26 > > firefox > > 3119 root 20 0 276m 121m 34m S 34.0 1.6 2228:58 > > Xorg > > 15645 hardtolo 20 0 6163m 350m 26m S 10.6 4.5 181:50.51 > > java > > 5663 hardtolo 20 0 1557m 202m 24m S 9.6 2.6 294:53.69 > > plugin-containe > > > > Anyone else pound the crap out of a desktop with FF and see Xorg getting > > "fat"? > > > > TIA for any clues or response. > > > > Bill > > > > Here's what I see with three FF sessions running at the same time: > > > PID USER PR NI VIRT RES SHR S %CPU %MEMTIME+ COMMAND > > 2631 fahclien 39 19 832m 530m 3012 S 637.9 1.7 311:40.44 FahCore_a4 > > 4236 mlapier 20 0 2530m 1.4g 42m R 83.7 4.6 2:50.27 firefox > > 2823 root 20 0 163m 42m 17m S 19.9 0.1 1:31.18 Xorg > > 3429 mlapier 20 0 625m 158m 39m S 2.3 0.5 1:06.08 skype > Thanks Mark. Do you happen to know (recall?) if this is more or less in-line with what went on before the latest Xorg fix? I may not be doing too badly. I also run 3 users in three X sessions. Two have six desktops and one has two desktops. The last is my "idle" user, never doing anything, that sits on tty1 so I can have my active users like they were before the CentOS 6.6 upgrade - the first X session used to come on tty7 and did not screw up when switching run levels to/from 3 and 5 (bug open on CentOS, but I suspect not passed upstream?). This is on my home-built box on an MSI 760GM-P23FX MB, SATA. >From lspci -v, some things that may affect me? 01:00.0 VGA compatible controller: Advanced Micro Devices, Inc. [AMD/ATI] Cedar [Radeon HD 5000/6000/7350/8350 Series] (prog-if 00 [VGA controller]) Subsystem: Diamond Multimedia Systems Device 5450 Kernel driver in use: radeon Kernel modules: radeon CPU stuff, 6 cores: processor : 0 vendor_id : AuthenticAMD cpu family : 16 model : 10 model name : AMD Phenom(tm) II X6 1035T Processor stepping: 0 cpu MHz : 800.000 cache size : 512 KB physical id : 0 siblings: 6 core id : 0 cpu cores : 6 apicid : 0 initial apicid : 0 fpu : yes fpu_exception : yes cpuid level : 6 wp : yes flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp lm 3dnowext 3dnow constant_tsc rep_good nonstop_tsc extd_apicid aperfmperf pni monitor cx16 popcnt lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw ibs skinit wdt nodeid_msr cpb npt lbrv svm_lock nrip_save pausefilter bogomips: 5200.20 Memory: $ free (may wrap) total used free sharedbuffers cached Mem: 805796826754245382544 12192 104652 1149796 -/+ buffers/cache:14209766636992 Swap: 14352376 0 14352376 Do you/anyone think my Xorg CPU usage looks reasonable all things considered or should I be looking for some "tweaks"? TIA, Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 28/06/15 03:06, Joseph L. Casale wrote: Hi Joseph, > Well normal convention would be if you replace then the old one > gets appended with .rpmsave, if you are not replacing then the new > one gets appended with .rpmnew. I'm also aware of this, but it's not what I need :) > On the other hand, check this out: > https://www.redhat.com/promo/summit/2010/presentations/summit/opensource-for-it-leaders/thurs/pwaterma-2-rpm/RPM-ifying-System-Configurations.pdf This is a very interesting presentation. I had no idea about trigger scripts. I'm going to play around with them, and see if they can help me solve my case. Thank you for the link! Regards, Anand ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos