Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of Gordon Messmer > Sent: den 29 juni 2015 19:40 > To: CentOS mailing list > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > On 06/29/2015 06:46 AM, Sorin Srbu wrote: > > Even considering a minimal CentOS install, is that still less minimal > > than e.g. Smoothwall or Ipcop? > > Yes, a minimal install of CentOS is probably larger (less minimal) than a > specialized distribution. > > > In my world, security has a price and, and that might be the need to > > learn another distro in order to minimize security issues (and maybe > > as in this case minimize attack-surfaces). > > When all of your systems are one OS, you can more easily build an > infrastructure that provides backups, security and bug fix updates, > monitoring, etc for all of your systems. Specialized devices are often left out > when admins set up infrastructure to provide those services for their primary > systems. That's one way that a general purpose OS can be significantly > better than a specialized OS. Those are good points, thanks. I'm probably somewhat indoctrinated by the Smoothwall community and the thesis that an appliance like that, that only does one thing is really good at doing just that. Thanks all for your thoughts on this! -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of m.r...@5-cent.us > Sent: den 29 juni 2015 17:25 > To: CentOS mailing list > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > > The WiFi solution I use still uses a Centos 6 firewall/router/gateway, > > but one of my inside devices is a WiFi router. Rather than doing > > double routing, I connect one of the WiFi's LAN connections via a > > switch to my Router via a switch, leaving the WiFi Router's WAN > > conection unused. That way, my gateway (and not the WiFi router) is > > the DHCP server, and can enforce whatever firewall rules I want to > > apply. > > > > No need to give up your guest WiFi if you stick with a Centos gateway. > > Hmmm... that's a thought. On the other hand, for defence in depth, I'm sort > of leary about using my own system as a firewall. As I noted, on my old > firewall/router box, I had almost nothing. That's why I'm considering a PI I used to use a similar solution at home with Smoothwall and an AP. Worked fine till the computer running Smoothwall died. Worked fine for home use. IDK if it would be a good solution in a "professional" environment as well, but scaled up of course. -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CPAN issues
Thank you Kahlil for your reply. I made few perl changes, uninstalled CPAN, removed the .cpan dir, and reinstalled, and ran 'install CPAN' and everything looked much better. That is, no failures. The last part of the output was; t/97-mock.t ... ok t/97-process_options.t ok t/97-process_setup_options.t .. ok t/97-return_values.t .. ok All tests successful. Files=30, Tests=815, 79 wallclock secs ( 0.55 usr 0.04 sys + 57.45 cusr 6.75 csys = 64.79 CPU) Result: PASS ANDK/CPAN-2.10.tar.gz /usr/bin/make test -- OK Running make install Appending installation info to /root/perl5/lib/perl5/x86_64-linux-thread-multi/perllocal.pod ANDK/CPAN-2.10.tar.gz /usr/bin/make install -- OK And that's it. Ran reload CPAN and it still shows v 1.98. Getting much closer? Any ideas? Thanks again, James - Original Message - From: "Kahlil Hodgson" To: "CentOS mailing list" Sent: Monday, June 29, 2015 4:49:05 PM Subject: Re: [CentOS] CPAN issues CPAN is a core module which can be tricky to update on the RedHat based systems. Suggest investigating: local::lib App::cpanminus Pinto If you need a newer Perl, check out www.softwarecollections.org. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar CentOS installation and transfer it to new server
On Mon, Jun 29, 2015 at 4:43 PM, Chris Murphy wrote: > On Mon, Jun 29, 2015 at 2:38 PM, Chris Murphy > wrote: > > Anaconda on Fedora live media installs uses: > > > > rsync -pogAXtlHrDx > > Looks like this is the same as -aAXHx > > The cap X is for extended attributes. > > Mr. Murphy, thanks for your follow up. Do you mean boot both the current and the new server with LiveCD's and then --- rsync -aAXHx -e 'ssh' /chroot-mounted/root/directory root@192.168.10.200: /chroot-mounted/root/destination/directory Best regards. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CPAN issues
CPAN is a core module which can be tricky to update on the RedHat based systems. Suggest investigating: local::lib App::cpanminus Pinto If you need a newer Perl, check out www.softwarecollections.org. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
Am 29.06.2015 um 19:40 schrieb Gordon Messmer : > On 06/29/2015 06:46 AM, Sorin Srbu wrote: >> Even considering a minimal CentOS install, is that still less minimal than >> e.g. Smoothwall or Ipcop? > > Yes, a minimal install of CentOS is probably larger (less minimal) than a > specialized distribution. our dedicated DNS systems are minimal without effort (234 packages / 1,1GB total), with more effort we could reduce it under 1GB (logfiles are included). >> In my world, security has a price and, and that might be the need to learn >> another distro in order to minimize security issues (and maybe as in this >> case minimize attack-surfaces). > > When all of your systems are one OS, you can more easily build an > infrastructure that provides backups, security and bug fix updates, > monitoring, etc for all of your systems. Specialized devices are often left > out when admins set up infrastructure to provide those services for their > primary systems. That's one way that a general purpose OS can be > significantly better than a specialized OS. +1 -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CPAN issues
It's not a good idea to update CPAN and/or install modules from CPAN into the OS-installed perl. Use rpm packages from yum. Many can be found in the standard CentOS repo and EPEL has many as well. Take a look at perlbrew if you really need a new version of perl for some reason. If you don't really need the new version, don't update it. ❧ Brian Mathis @orev On Mon, Jun 29, 2015 at 5:08 PM, James D. Parra wrote: > Hello List, > > Running CentOS Linux release 7.0.1406 (Core), and trying to update CPAN > from version 1.98 to version 2.10, but it fails. > > > > t/97-process_setup_options.t .. ok > t/97-return_values.t .. 6/10 > # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm > Local::Prereq::Fails' > # at t/97-return_values.t line 49. > # got: '2' > # expected: '1' > > # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm > Local::Make::Fails' > # at t/97-return_values.t line 49. > # got: '2' > # expected: '1' > t/97-return_values.t .. 8/10 > # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm > Local::Test::Fails' > # at t/97-return_values.t line 49. > # got: '2' > # expected: '1' > t/97-return_values.t .. 9/10 > # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm > Local::Unsupported::OS' > # at t/97-return_values.t line 49. > # got: '2' > # expected: '1' > t/97-return_values.t .. 10/10 > # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm > Local::Works::Fine' > # at t/97-return_values.t line 49. > # got: '2' > # expected: '0' > # Looks like you failed 5 tests of 10. > t/97-return_values.t .. Dubious, test returned 5 (wstat 1280, > 0x500) > Failed 5/10 subtests > > Test Summary Report > --- > t/30shell.t (Wstat: 65280 Tests: 150 Failed: 0) > Non-zero exit status: 255 > Parse errors: Bad plan. You planned 223 tests but ran 150. > t/41distribution.t (Wstat: 1024 Tests: 19 Failed: 4) > Failed tests: 14, 16-17, 19 > Non-zero exit status: 4 > t/97-return_values.t(Wstat: 1280 Tests: 10 Failed: 5) > Failed tests: 6-10 > Non-zero exit status: 5 > Files=30, Tests=595, 259 wallclock secs ( 0.27 usr 0.02 sys + 14.40 cusr > 1.11 csys = 15.80 CPU) > Result: FAIL > Failed 3/30 test programs. 9/595 subtests failed. > make: *** [test_dynamic] Error 5 > ANDK/CPAN-2.10.tar.gz > one dependency not OK (CPAN::Meta::Requirements); additionally test > harness failed > /usr/bin/make test -- NOT OK > //hint// to see the cpan-testers results for installing this module, try: > reports ANDK/CPAN-2.10.tar.gz > Running make install > make test had returned bad status, won't install without force > Failed during this command: > ANDK/CPAN-2.10.tar.gz: make_test NO one > dependency not OK (CPAN::Meta::Requirements); additionally test harness > failed > > > Any ideas how I can resolve this? > > Thank you, > > James > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CPAN issues
Hello List, Running CentOS Linux release 7.0.1406 (Core), and trying to update CPAN from version 1.98 to version 2.10, but it fails. t/97-process_setup_options.t .. ok t/97-return_values.t .. 6/10 # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm Local::Prereq::Fails' # at t/97-return_values.t line 49. # got: '2' # expected: '1' # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm Local::Make::Fails' # at t/97-return_values.t line 49. # got: '2' # expected: '1' t/97-return_values.t .. 8/10 # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm Local::Test::Fails' # at t/97-return_values.t line 49. # got: '2' # expected: '1' t/97-return_values.t .. 9/10 # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm Local::Unsupported::OS' # at t/97-return_values.t line 49. # got: '2' # expected: '1' t/97-return_values.t .. 10/10 # Failed test 'blib/script/cpan -j t/97-lib_cpan1/CPAN/Config.pm Local::Works::Fine' # at t/97-return_values.t line 49. # got: '2' # expected: '0' # Looks like you failed 5 tests of 10. t/97-return_values.t .. Dubious, test returned 5 (wstat 1280, 0x500) Failed 5/10 subtests Test Summary Report --- t/30shell.t (Wstat: 65280 Tests: 150 Failed: 0) Non-zero exit status: 255 Parse errors: Bad plan. You planned 223 tests but ran 150. t/41distribution.t (Wstat: 1024 Tests: 19 Failed: 4) Failed tests: 14, 16-17, 19 Non-zero exit status: 4 t/97-return_values.t(Wstat: 1280 Tests: 10 Failed: 5) Failed tests: 6-10 Non-zero exit status: 5 Files=30, Tests=595, 259 wallclock secs ( 0.27 usr 0.02 sys + 14.40 cusr 1.11 csys = 15.80 CPU) Result: FAIL Failed 3/30 test programs. 9/595 subtests failed. make: *** [test_dynamic] Error 5 ANDK/CPAN-2.10.tar.gz one dependency not OK (CPAN::Meta::Requirements); additionally test harness failed /usr/bin/make test -- NOT OK //hint// to see the cpan-testers results for installing this module, try: reports ANDK/CPAN-2.10.tar.gz Running make install make test had returned bad status, won't install without force Failed during this command: ANDK/CPAN-2.10.tar.gz: make_test NO one dependency not OK (CPAN::Meta::Requirements); additionally test harness failed Any ideas how I can resolve this? Thank you, James ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar CentOS installation and transfer it to new server
On Mon, Jun 29, 2015 at 2:38 PM, Chris Murphy wrote: > Anaconda on Fedora live media installs uses: > > rsync -pogAXtlHrDx Looks like this is the same as -aAXHx The cap X is for extended attributes. -- Chris Murphy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 gcc is a bit old
On Mon, 29 Jun 2015, Matt Garman wrote: Take a look at Devtoolset, I think this will give you what you want: https://www.softwarecollections.org/en/scls/rhscl/devtoolset-3/ Thanks much. It looks like what I want. Also, I think I'll look at the Modules environment in case a convient solution is not available the next time I want to replace a standard package. -- Michael henne...@web.cs.ndsu.nodak.edu "SCSI is NOT magic. There are *fundamental technical reasons* why it is necessary to sacrifice a young goat to your SCSI chain now and then." -- John Woods ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar CentOS installation and transfer it to new server
Anaconda on Fedora live media installs uses: rsync -pogAXtlHrDx There is at least one equivalent that's shorter, probably with -a representing about half of those. Chris Murphy ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 gcc is a bit old
- Original Message - | Take a look at Devtoolset, I think this will give you what you want: | https://www.softwarecollections.org/en/scls/rhscl/devtoolset-3/ | | | | On Mon, Jun 29, 2015 at 1:56 PM, Michael Hennebry | wrote: | > gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-11) is a bit old. | > There have been major changes since then. | > I'd like a newer version. | > | > If I have to, I expect that I can install from source. | > I'd rather not. | > | > Is there a CentOS 6-compatible repository | > from which I can get a newer version? | > Does a standard CentOS 7 repository have a newer version? | > Does a CentOS 7-compatible repository have a newer version? | > | > It's my understanding that to compile from source, | > I will need to keep the gcc I have. | > Otherwise I would have nothing to compile the source. | > I expect that providing the right options will let old and new co-exist. | > Is ensuring that I get the right gcc when I type "gcc" | > just a matter of having the right search path for gcc? | > Will I need to do anything interesting to ensure that | > the resulting executables run using the right libraries? | > | > I've installed from source before, | > but never to replace an existing compiler. | > My concern is that if I louse things up, | > the mess could be very hard to fix. | > | > -- | > Michael henne...@web.cs.ndsu.nodak.edu | > "SCSI is NOT magic. There are *fundamental technical | > reasons* why it is necessary to sacrifice a young | > goat to your SCSI chain now and then." -- John Woods When you're going to maintain software for long periods of time the Modules environment can come in really handy. See http://modules.sf.net -- James A. Peltier IT Services - Research Computing Group Simon Fraser University - Burnaby Campus Phone : 604-365-6432 Fax : 778-782-3045 E-Mail : jpelt...@sfu.ca Website : http://www.sfu.ca/itservices Twitter : @sfu_rcg Powering Engagement Through Technology ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] set up login.defs but password still not expire?
We have Centos 5.8 on LInux server.I setup /etc/login.defs following: PASS_MAX_DAYS 3 PASS_MIN_DAYS 0 PASS_MIN_LEN 8 PASS_WARN_AGE 1 after that I chack user password policy and it show:# chage -l user1 Last password change : Jun 29, 2015 Password expires : never Password inactive : never Account expires : never Minimum number of days between password change : 0 Maximum number of days between password change : 9 Number of days of warning before password expires : 7 anyone know why? I did reboot server still same. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar CentOS installation and transfer it to new server
Thanks Mr. Roth! That's nice and methodical. I do like how you can revert by simply remounting the previous directories. I'm going to try both. I'm still hopeful that a simple tar -xf server.tgz into the chrooted "/" is possible. At linuxquestions.org, one user suggests it can be done by exempting the following: /proc /sys /dev /tmp /var I'm thinking the tarball thing may work due to the following: There's only one posix user account besides root, thus almost all files on the system are user: root group: root. I'll be using the same version of tar on both the Current Installation and the New Installation. All other user data will be mounted on the other set of hard drives and not a part of the base installation I'm un-tarring into (/). I'll also update each server install prior to transfer so all base packages on both servers match x.y.z to x.y.z. Mike On Mon, Jun 29, 2015 at 2:45 PM, wrote: > Mike wrote: > > Current Installation: CentOS 7.1503 with SerNet Samba 4 ver. 4.1.17 > > configured as Active Directory Domain Controller. > > Current Installation: HP Workstation with dual Xeon quadcore cpu's and 4 > x > > SATA hard drives NOT configured in RAID array. > > > > New Installation: CentOS 7.1503 minimal install > > New Installation: SuperMicro with single Xeon quadcore cpu and 4 x SATA > > hard drives configured in two pairs of RAID 1. > > > > The Current Install is about 3.5 GB's and has my Samba 4 setup all solid > > and working well. I want to know if it's possible to simply: > > > > - tar up the whole root partition > > - put it on a USB drive > > - boot the New server with a livecd > > - chroot into / partition > > - unpack the tar'ed root (/) from the USB drive into the New server root > > (/). > > > > Both installs used the automatic partitioning from anaconda, so /boot is > > on > > a separate partition. Each server has an initrd and kernel that works > > from > > /boot partition. Both CentOS installs are setup using the xfs filesystem > > on the root (/) partition. > > > > I saw someone do this successfully once but they left out certain > > directories like /srv , /tmp , and /var. > > But I'm not 100% certain which directories need to be left out of the > > tarball. > > > > Has anyone done this before? > > Do you know if it's doable? > > > > Thanks for reading. > > What we've done a good bit of, to upgrade one server from another that's > already where we want it to be, is this: > > 1. On the target machine, mkdir /new /boot/new > 2. rsync -HPavx :/boot/. /boot/new/ > 3. rsync -HPavx -exclude=/old -exclude=/var/log/wtmp :/. > /new/ (exclude anything else you want) > 4. Copy /etc/fstab, /etc/sysconfig/network, > /etc/sysconfig/network-scripts/ifcfg-e*, /boot/grub/device.map, and > /etc/exports, if any, to /boot/new and /new/etc/ > 5. Deal with /new/etc/udev.d/rules/70-persistant-net.rules > 6. copy /etc/ssh/ssh_host* /new/etc/ssh/ > 7. IF THE NEW HARDWARE IS DIFFERENT THAN THE OLD, make a new initrd. > mount --bind /dev /new/dev > mount --bind /sys /new/sys > mount --bind /proc /new/proc > mount --bind /boot/new /new/boot > chroot /new > cd /lib/modules > > VER=$(ls -rt1 | tail -1) > echo $VER > > mkinitrd X $VER > mv X /boot/initrd-$VER.img > > exit > > 8. I haven't been able to do the next in bash, my preferred shell, so: > zsh > zmodload zsh/files > > cd /boot > mkdir old > mv * old > mv old/lost+found . > mv old/new/* . > > # Root partition. > cd / > mkdir old > mv * old > mv old/lost+found . > #mv old/root . -- WHY? > mv old/scratch . > mv old/new/* . > > sync > sync > > 9. touch /.autorelabel > > reboot > > And you can always go back via a rescue boot and a few moves. > >mark > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
Anand Buddhdev wrote: > Hi CentOS folk, > > In an RPM post-install script, is it possible to know the previous > version number, and the new version number of a package if it's an update? > > I need to know this, because for a certain package, if updating from > version 1.x to 2.x, I need to run a program to convert the config file > of the package from version 1.x format to version 2.x format. > > I've looked at SPEC file documentation, but haven't found anything > relevant. triggers can support that, you can implement a trigger scriplet to run only if upgrading from < 2.x, using something like: %triggerun foo < 2.x convert_config... See also: http://rpm.org/api/4.4.2.2/triggers.html -- Rex ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 gcc is a bit old
On 6/29/2015 11:56 AM, Michael Hennebry wrote: Does a standard CentOS 7 repository have a newer version? Does a CentOS 7-compatible repository have a newer version? el 7 comes with gcc 4.8.3 -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tar CentOS installation and transfer it to new server
Mike wrote: > Current Installation: CentOS 7.1503 with SerNet Samba 4 ver. 4.1.17 > configured as Active Directory Domain Controller. > Current Installation: HP Workstation with dual Xeon quadcore cpu's and 4 x > SATA hard drives NOT configured in RAID array. > > New Installation: CentOS 7.1503 minimal install > New Installation: SuperMicro with single Xeon quadcore cpu and 4 x SATA > hard drives configured in two pairs of RAID 1. > > The Current Install is about 3.5 GB's and has my Samba 4 setup all solid > and working well. I want to know if it's possible to simply: > > - tar up the whole root partition > - put it on a USB drive > - boot the New server with a livecd > - chroot into / partition > - unpack the tar'ed root (/) from the USB drive into the New server root > (/). > > Both installs used the automatic partitioning from anaconda, so /boot is > on > a separate partition. Each server has an initrd and kernel that works > from > /boot partition. Both CentOS installs are setup using the xfs filesystem > on the root (/) partition. > > I saw someone do this successfully once but they left out certain > directories like /srv , /tmp , and /var. > But I'm not 100% certain which directories need to be left out of the > tarball. > > Has anyone done this before? > Do you know if it's doable? > > Thanks for reading. What we've done a good bit of, to upgrade one server from another that's already where we want it to be, is this: 1. On the target machine, mkdir /new /boot/new 2. rsync -HPavx :/boot/. /boot/new/ 3. rsync -HPavx -exclude=/old -exclude=/var/log/wtmp :/. /new/ (exclude anything else you want) 4. Copy /etc/fstab, /etc/sysconfig/network, /etc/sysconfig/network-scripts/ifcfg-e*, /boot/grub/device.map, and /etc/exports, if any, to /boot/new and /new/etc/ 5. Deal with /new/etc/udev.d/rules/70-persistant-net.rules 6. copy /etc/ssh/ssh_host* /new/etc/ssh/ 7. IF THE NEW HARDWARE IS DIFFERENT THAN THE OLD, make a new initrd. mount --bind /dev /new/dev mount --bind /sys /new/sys mount --bind /proc /new/proc mount --bind /boot/new /new/boot chroot /new cd /lib/modules VER=$(ls -rt1 | tail -1) echo $VER mkinitrd X $VER mv X /boot/initrd-$VER.img exit 8. I haven't been able to do the next in bash, my preferred shell, so: zsh zmodload zsh/files cd /boot mkdir old mv * old mv old/lost+found . mv old/new/* . # Root partition. cd / mkdir old mv * old mv old/lost+found . #mv old/root . -- WHY? mv old/scratch . mv old/new/* . sync sync 9. touch /.autorelabel reboot And you can always go back via a rescue boot and a few moves. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 gcc is a bit old
Take a look at Devtoolset, I think this will give you what you want: https://www.softwarecollections.org/en/scls/rhscl/devtoolset-3/ On Mon, Jun 29, 2015 at 1:56 PM, Michael Hennebry wrote: > gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-11) is a bit old. > There have been major changes since then. > I'd like a newer version. > > If I have to, I expect that I can install from source. > I'd rather not. > > Is there a CentOS 6-compatible repository > from which I can get a newer version? > Does a standard CentOS 7 repository have a newer version? > Does a CentOS 7-compatible repository have a newer version? > > It's my understanding that to compile from source, > I will need to keep the gcc I have. > Otherwise I would have nothing to compile the source. > I expect that providing the right options will let old and new co-exist. > Is ensuring that I get the right gcc when I type "gcc" > just a matter of having the right search path for gcc? > Will I need to do anything interesting to ensure that > the resulting executables run using the right libraries? > > I've installed from source before, > but never to replace an existing compiler. > My concern is that if I louse things up, > the mess could be very hard to fix. > > -- > Michael henne...@web.cs.ndsu.nodak.edu > "SCSI is NOT magic. There are *fundamental technical > reasons* why it is necessary to sacrifice a young > goat to your SCSI chain now and then." -- John Woods > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 6 gcc is a bit old
gcc (GCC) 4.4.7 20120313 (Red Hat 4.4.7-11) is a bit old. There have been major changes since then. I'd like a newer version. If I have to, I expect that I can install from source. I'd rather not. Is there a CentOS 6-compatible repository from which I can get a newer version? Does a standard CentOS 7 repository have a newer version? Does a CentOS 7-compatible repository have a newer version? It's my understanding that to compile from source, I will need to keep the gcc I have. Otherwise I would have nothing to compile the source. I expect that providing the right options will let old and new co-exist. Is ensuring that I get the right gcc when I type "gcc" just a matter of having the right search path for gcc? Will I need to do anything interesting to ensure that the resulting executables run using the right libraries? I've installed from source before, but never to replace an existing compiler. My concern is that if I louse things up, the mess could be very hard to fix. -- Michael henne...@web.cs.ndsu.nodak.edu "SCSI is NOT magic. There are *fundamental technical reasons* why it is necessary to sacrifice a young goat to your SCSI chain now and then." -- John Woods ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> I get good results with IPCop on an older box. I happened to already > have my WAP set up, similar to David, with ethernet cable into my > Netgear gigabit switch. But IPCop has a zone now for wifi and I could > hook it into my IPCop and and get all it's benefits. > > I haven't bothered because I'm in the boonies with little traffic, > meaning less "drive-by" traffic/chance of someone trying to break in via > that route, and my security key is very long and follows all the usual > guidlines re case, numbers, etc. Everyone that I've authorized has had > to attempt multiple times to finally get in, even me, until the device > in use (IPHone, Android phone, Kindle Fire, ...) remembers a successful > access completion. > > I'm very pleased with IPCop - going on near a decade by now I guess. > > MHO, > Bill > > > OT but for firewalls I do lots of work with various flavors, I have pretty much settled on Pfsense, since I most of what I run is *nix based I like the fact that its BSD based. I have tired and tested lots of stuff and that is the one that I have settled on, use and support. Just something else to add to the list ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On Mon, 2015-06-29 at 08:17 -0700, david wrote: > > > > >Yup. For, um, about a dozen years, I ran RH 7.1,7.2, 7.3, and eventually 9 > >on an old box that was nothing but a firewall router. I was seriously > >paranoid - no gcc or any development tools, no X, not much of anything. To > >the best of my knowledge, we never had a breakin. > > > >I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly > >impressed. I mean, it seems ok, but the project is run in what I can only > >describe as "amateur", in the worst sense of the word. The several > >official developers release a build, and you can choose which one of > >who's; people on the mailing list have "favorite builds", which is not a > >phrase I have *ever* heard used with an o/s before, and I'm afraid to > >update, as some of their "documentation" is out of date, or wrong. > > > >At some point, I may just get a PI, and run CentOS, or some > >firewall/router distro, though that would mean not having WiFi for guests. > > > >mark > > Mark > The WiFi solution I use still uses a Centos 6 > firewall/router/gateway, but one of my inside devices is a WiFi > router. Rather than doing double routing, I connect one of the > WiFi's LAN connections via a switch to my Router via a switch, > leaving the WiFi Router's WAN conection unused. That way, my gateway > (and not the WiFi router) is the DHCP server, and can enforce > whatever firewall rules I want to apply. > > No need to give up your guest WiFi if you stick with a Centos gateway. > > David > I get good results with IPCop on an older box. I happened to already have my WAP set up, similar to David, with ethernet cable into my Netgear gigabit switch. But IPCop has a zone now for wifi and I could hook it into my IPCop and and get all it's benefits. I haven't bothered because I'm in the boonies with little traffic, meaning less "drive-by" traffic/chance of someone trying to break in via that route, and my security key is very long and follows all the usual guidlines re case, numbers, etc. Everyone that I've authorized has had to attempt multiple times to finally get in, even me, until the device in use (IPHone, Android phone, Kindle Fire, ...) remembers a successful access completion. I'm very pleased with IPCop - going on near a decade by now I guess. MHO, Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Tar CentOS installation and transfer it to new server
Current Installation: CentOS 7.1503 with SerNet Samba 4 ver. 4.1.17 configured as Active Directory Domain Controller. Current Installation: HP Workstation with dual Xeon quadcore cpu's and 4 x SATA hard drives NOT configured in RAID array. New Installation: CentOS 7.1503 minimal install New Installation: SuperMicro with single Xeon quadcore cpu and 4 x SATA hard drives configured in two pairs of RAID 1. The Current Install is about 3.5 GB's and has my Samba 4 setup all solid and working well. I want to know if it's possible to simply: - tar up the whole root partition - put it on a USB drive - boot the New server with a livecd - chroot into / partition - unpack the tar'ed root (/) from the USB drive into the New server root (/). Both installs used the automatic partitioning from anaconda, so /boot is on a separate partition. Each server has an initrd and kernel that works from /boot partition. Both CentOS installs are setup using the xfs filesystem on the root (/) partition. I saw someone do this successfully once but they left out certain directories like /srv , /tmp , and /var. But I'm not 100% certain which directories need to be left out of the tarball. Has anyone done this before? Do you know if it's doable? Thanks for reading. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 06/29/2015 06:46 AM, Sorin Srbu wrote: Even considering a minimal CentOS install, is that still less minimal than e.g. Smoothwall or Ipcop? Yes, a minimal install of CentOS is probably larger (less minimal) than a specialized distribution. In my world, security has a price and, and that might be the need to learn another distro in order to minimize security issues (and maybe as in this case minimize attack-surfaces). When all of your systems are one OS, you can more easily build an infrastructure that provides backups, security and bug fix updates, monitoring, etc for all of your systems. Specialized devices are often left out when admins set up infrastructure to provide those services for their primary systems. That's one way that a general purpose OS can be significantly better than a specialized OS. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 6/29/2015 7:43 AM, m.r...@5-cent.us wrote: At some point, I may just get a PI, and run CentOS, or some firewall/router distro, though that would mean not having WiFi for guests. I'm using a UniFi AP for my wireless, actually, I have two of them at home for full coverage. it works SO much smoother than the consumer routers I'd tried before.the UniFi is a ceiling mount device that looks like a smoke detector, it gets its power from the ethernet wire (comes with the PoE injector), the two of them act as a single wireless access point, one at each end of my rather long house provides corner to corner coverage. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 06/28/2015 03:49 PM, Max Pyziur wrote: From several sources, code, the stock CentOS iptables I've cobbled the following /etc/sysconfig/iptables; while it works, I suspect that there are holes: # Firewall configuration written by system-config-firewall # Manual customization of this file is not recommended. *nat :PREROUTING ACCEPT [0:0] :POSTROUTING ACCEPT [0:0] :OUTPUT ACCEPT [0:0] -A POSTROUTING -j MASQUERADE COMMIT *filter :INPUT DROP [0:0] :FORWARD ACCEPT [0:0] Some holes, yes. I'd recommend that your FORWARD table be similar to INPUT. It should DROP by default, and ACCEPT on traffic coming in the LAN interface and going out the WAN interface (and ESTABLISHED data). As it is now, a host on your WAN interface could use your system as its gateway, and you'd MASQ its traffic. Possibly: :FORWARD DROP [0:0] -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT -A FORWARD -m state --state NEW -i eth0 -o eth1 -j ACCEPT Best practice is to apply both egress and ingress filters as well. You should only forward traffic to the WAN if the source address is one that you use on your LAN. You should only forward traffic to your LAN if the source is *not* an address you use in your LAN. I think that looks like this in iptables, but I might be wrong... :FORWARD DROP [0:0] -A FORWARD -m state --state ESTABLISHED,RELATED -i eth1 -s ! 192.168.1.0/24 -j ACCEPT -A FORWARD -m state --state ESTABLISHED,RELATED -i eth0 -j ACCEPT -A FORWARD -m state --state NEW -i eth0 -o eth1 -s 192.168.1.0/24 -j ACCEPT ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On Mon, 29 Jun 2015, Tris Hoar wrote: On 29/06/2015 16:59, Max Pyziur wrote: On Sun, 28 Jun 2015, John R Pierce wrote: > On 6/28/2015 3:49 PM, Max Pyziur wrote: > > I also seem to need to load > > iptable_nat > > nf_nat_ftp > > > > via rc.local > > > > Is this correct? > > only if you're running some Linux build from the 1990s. > > nothing on RHEL/CentOS should need anything in rc.local Then what is the appropriate way to ensure that these modules are loaded? Should they be placed in the /etc/init.d/iptables script? IPTABLES_MODULES="iptable_nat ip_nat_ftp ip_conntrack ip_conntrack_ftp" or somewhere else? Thanks Max It should do it automatically for you. Try it. Editing system init scripts is rarely recommended. It worked. There are a lot of website guides to Linux homenetworking, some going back as far as tldp days (late 1990s, early 2000s). Understandably, there is no one that presents itself as being authoritative. Rebuilding a CentOS box is an occasional endeavour, not a weekly one. So the reliance is on the informational sources that are there (some of which do recommend hacking rc.local or /etc/init.d/iptables), memory, and trial-and-error (typos and misspecified NICs can become time-sinks). Tris Max ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 29/06/2015 16:59, Max Pyziur wrote: On Sun, 28 Jun 2015, John R Pierce wrote: On 6/28/2015 3:49 PM, Max Pyziur wrote: I also seem to need to load iptable_nat nf_nat_ftp via rc.local Is this correct? only if you're running some Linux build from the 1990s. nothing on RHEL/CentOS should need anything in rc.local Then what is the appropriate way to ensure that these modules are loaded? Should they be placed in the /etc/init.d/iptables script? IPTABLES_MODULES="iptable_nat ip_nat_ftp ip_conntrack ip_conntrack_ftp" or somewhere else? Thanks Max It should do it automatically for you. Try it. Editing system init scripts is rarely recommended. Tris * This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify postmas...@bgfl.org The views expressed within this email are those of the individual, and not necessarily those of the organisation * ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On Sun, 28 Jun 2015, John R Pierce wrote: On 6/28/2015 3:49 PM, Max Pyziur wrote: I also seem to need to load iptable_nat nf_nat_ftp via rc.local Is this correct? only if you're running some Linux build from the 1990s. nothing on RHEL/CentOS should need anything in rc.local Then what is the appropriate way to ensure that these modules are loaded? Should they be placed in the /etc/init.d/iptables script? IPTABLES_MODULES="iptable_nat ip_nat_ftp ip_conntrack ip_conntrack_ftp" or somewhere else? Thanks Max ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
david wrote: > At 07:43 AM 6/29/2015, you wrote: >>James B. Byrne wrote: >> > On Mon, June 29, 2015 02:14, Sorin Srbu wrote: >> > OS 6? >> >> >> >> Please note: I'm not criticizing, just curious about the argument >> >> behind using a regular OS to do firewall-stuff. >> > >> > Maintenance. >> > >> > A consistent set of expectations does wonders for debugging odd-ball >> > occurrences. Why learn the idiosyncrasies of two distros when one >> > suffices? Just start with a minimal CentOS install on your >> > router/gateway and add only the packages that you know that you need. >> > Any critical omission will evidence itself in short order and can be >> > added then; or the source of the need removed as circumstance >> > warrants. >> >>Yup. For, um, about a dozen years, I ran RH 7.1,7.2, 7.3, and eventually >> 9 >>on an old box that was nothing but a firewall router. I was seriously >>paranoid - no gcc or any development tools, no X, not much of anything. >> To >>the best of my knowledge, we never had a breakin. >> >>I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly >>impressed. I mean, it seems ok, but the project is run in what I can only >>describe as "amateur", in the worst sense of the word. The several >>official developers release a build, and you can choose which one of >>who's; people on the mailing list have "favorite builds", which is not a >>phrase I have *ever* heard used with an o/s before, and I'm afraid to >>update, as some of their "documentation" is out of date, or wrong. >> >>At some point, I may just get a PI, and run CentOS, or some >>firewall/router distro, though that would mean not having WiFi for >> guests. >> >>mark > > Mark > The WiFi solution I use still uses a Centos 6 > firewall/router/gateway, but one of my inside devices is a WiFi > router. Rather than doing double routing, I connect one of the > WiFi's LAN connections via a switch to my Router via a switch, > leaving the WiFi Router's WAN conection unused. That way, my gateway > (and not the WiFi router) is the DHCP server, and can enforce > whatever firewall rules I want to apply. > > No need to give up your guest WiFi if you stick with a Centos gateway. Hmmm... that's a thought. On the other hand, for defence in depth, I'm sort of leary about using my own system as a firewall. As I noted, on my old firewall/router box, I had almost nothing. That's why I'm considering a PI mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
At 07:43 AM 6/29/2015, you wrote: James B. Byrne wrote: > On Mon, June 29, 2015 02:14, Sorin Srbu wrote: > OS 6? >> >> Please note: I'm not criticizing, just curious about the argument >> behind using a regular OS to do firewall-stuff. > > Maintenance. > > A consistent set of expectations does wonders for debugging odd-ball > occurrences. Why learn the idiosyncrasies of two distros when one > suffices? Just start with a minimal CentOS install on your > router/gateway and add only the packages that you know that you need. > Any critical omission will evidence itself in short order and can be > added then; or the source of the need removed as circumstance > warrants. Yup. For, um, about a dozen years, I ran RH 7.1,7.2, 7.3, and eventually 9 on an old box that was nothing but a firewall router. I was seriously paranoid - no gcc or any development tools, no X, not much of anything. To the best of my knowledge, we never had a breakin. I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly impressed. I mean, it seems ok, but the project is run in what I can only describe as "amateur", in the worst sense of the word. The several official developers release a build, and you can choose which one of who's; people on the mailing list have "favorite builds", which is not a phrase I have *ever* heard used with an o/s before, and I'm afraid to update, as some of their "documentation" is out of date, or wrong. At some point, I may just get a PI, and run CentOS, or some firewall/router distro, though that would mean not having WiFi for guests. mark Mark The WiFi solution I use still uses a Centos 6 firewall/router/gateway, but one of my inside devices is a WiFi router. Rather than doing double routing, I connect one of the WiFi's LAN connections via a switch to my Router via a switch, leaving the WiFi Router's WAN conection unused. That way, my gateway (and not the WiFi router) is the DHCP server, and can enforce whatever firewall rules I want to apply. No need to give up your guest WiFi if you stick with a Centos gateway. David ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
James B. Byrne wrote: > On Mon, June 29, 2015 02:14, Sorin Srbu wrote: > OS 6? >> >> Please note: I'm not criticizing, just curious about the argument >> behind using a regular OS to do firewall-stuff. > > Maintenance. > > A consistent set of expectations does wonders for debugging odd-ball > occurrences. Why learn the idiosyncrasies of two distros when one > suffices? Just start with a minimal CentOS install on your > router/gateway and add only the packages that you know that you need. > Any critical omission will evidence itself in short order and can be > added then; or the source of the need removed as circumstance > warrants. Yup. For, um, about a dozen years, I ran RH 7.1,7.2, 7.3, and eventually 9 on an old box that was nothing but a firewall router. I was seriously paranoid - no gcc or any development tools, no X, not much of anything. To the best of my knowledge, we never had a breakin. I'm running DD-WRT on an ASUS router these days, and I'm *NOT* wildly impressed. I mean, it seems ok, but the project is run in what I can only describe as "amateur", in the worst sense of the word. The several official developers release a build, and you can choose which one of who's; people on the mailing list have "favorite builds", which is not a phrase I have *ever* heard used with an o/s before, and I'm afraid to update, as some of their "documentation" is out of date, or wrong. At some point, I may just get a PI, and run CentOS, or some firewall/router distro, though that would mean not having WiFi for guests. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Old and new package version numbers during RPM update
On 06/28/2015 05:11 PM, Anand Buddhdev wrote: My motivation for asking this question was for making an EPEL package that can work for most people without breaking their installations (especially if they have unattended yum updates, like with yum-cron). Bear in mind that one of the reasons people use stable distributions like RHEL/CentOS is that what you are suggesting does not happen. Major changes should not be made during a platforms support lifetime. Postgresql is a good example for the best way to handle this. RHEL 5 was originally released with Postgresql 8.1. When 8.4 was released, it had features that made it highly desirable, but it wasn't compatible with the existing data files. The new version was released as postgresql84 so that admins who wanted it could upgrade manually, but the upgrade would not happen automatically. Maybe the best thing to do is release knotdns2 and avoid surprising admins with changes they need to prepare for. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
Am 29.06.2015 um 15:46 schrieb Sorin Srbu : >> >>> Please note: I'm not criticizing, just curious about the argument >>> behind using a regular OS to do firewall-stuff. >>> >> >> Maintenance. >> >> A consistent set of expectations does wonders for debugging odd-ball >> occurrences. Why learn the idiosyncrasies of two distros when one > suffices? >> Just start with a minimal CentOS install on your router/gateway and add > only >> the packages that you know that you need. >> Any critical omission will evidence itself in short order and can be added > then; >> or the source of the need removed as circumstance warrants. > > Sorry for OT. > > Even considering a minimal CentOS install, is that still less minimal than > e.g. Smoothwall or Ipcop? > In my world, security has a price and, and that might be the need to learn > another distro in order to minimize security issues (and maybe as in this > case minimize attack-surfaces). > > Still just curious about the arguments pro/con regular OS:s as firewall. 8-) +1 - we use here for "all" the same distro because normally the most security holes are done by the configuration abilities of humans. to catch this effectively the distro is not a variable. Therefore I appreciate the great work of the "CentOS on ARM7"-team! -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of James B. Byrne > Sent: den 29 juni 2015 15:10 > To: CentOS mailing list > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > > > Please note: I'm not criticizing, just curious about the argument > > behind using a regular OS to do firewall-stuff. > > > > Maintenance. > > A consistent set of expectations does wonders for debugging odd-ball > occurrences. Why learn the idiosyncrasies of two distros when one suffices? > Just start with a minimal CentOS install on your router/gateway and add only > the packages that you know that you need. > Any critical omission will evidence itself in short order and can be added then; > or the source of the need removed as circumstance warrants. Sorry for OT. Even considering a minimal CentOS install, is that still less minimal than e.g. Smoothwall or Ipcop? In my world, security has a price and, and that might be the need to learn another distro in order to minimize security issues (and maybe as in this case minimize attack-surfaces). Still just curious about the arguments pro/con regular OS:s as firewall. 8-) -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On Mon, June 29, 2015 02:14, Sorin Srbu wrote: OS 6? > > Please note: I'm not criticizing, just curious about the argument > behind using a regular OS to do firewall-stuff. > Maintenance. A consistent set of expectations does wonders for debugging odd-ball occurrences. Why learn the idiosyncrasies of two distros when one suffices? Just start with a minimal CentOS install on your router/gateway and add only the packages that you know that you need. Any critical omission will evidence itself in short order and can be added then; or the source of the need removed as circumstance warrants. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 124, Issue 16
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org
You can reach the person managing the list at
centos-announce-ow...@centos.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."
Today's Topics:
1. CEBA-2015:1191 CentOS 5 irqbalance BugFix Update (Johnny Hughes)
--
Message: 1
Date: Sat, 27 Jun 2015 12:10:07 +
From: Johnny Hughes
To: centos-annou...@centos.org
Subject: [CentOS-announce] CEBA-2015:1191 CentOS 5 irqbalance BugFix
Update
Message-ID: <20150627121007.ga30...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2015:1191
Upstream details at : https://rhn.redhat.com/errata/RHBA-2015-1191.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
0ec224e1af235b81234eea49486b3cf28562457ce4c67ae3da06cdc7e5f4ba37
irqbalance-0.55-16.el5_11.i386.rpm
x86_64:
818235db375a8409016a5bf4a3c27765adbf4a44dfea7b9a0bbbc6c7c6a959ab
irqbalance-0.55-16.el5_11.x86_64.rpm
Source:
b233e7b4dfe9720ddad886936804055e2c92ae57a5ee83ff3324eff85de0c719
irqbalance-0.55-16.el5_11.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
___
CentOS-announce mailing list
centos-annou...@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
End of CentOS-announce Digest, Vol 124, Issue 16
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] puppet files denied by SELinux
I have no idea of the current dependency problem. I think your original problem was caused by mv'ing files from an nfs share to /etc which maintained the context. And SELinux prevented puppet from accessing nfs_t type. If you had just run restorecon on the object it would have set it back to the correct/default context. You might want to setup an alias mv "mv -Z" This changes the way mv works to set the context after mv rather then maintaining the source context. On 06/21/2015 02:05 PM, Tim Dunphy wrote: > Hey guys, > > Quick update. I grepped through the output of getsebool -a to see that > related to puppet. And I found this setting: puppetagent_manage_all_files. > > So I tried running this command: setsebool -P puppetagent_manage_all_files > 0 > > And did a restorecon on my modules directory: restorecon -R -v > environments/production/moudles > > So there's good news and bad news to report! It seems that now puppet on > the client isn't complaining about not having access to the cert and key > files anymore! That's the good news. The bad news is, when I do puppet runs > on all the hosts now, I get the following errors: > > Notice: /File[/var/lib/puppet/lib/facter/concat_basedir.rb]: Dependency > File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/facter/concat_basedir.rb]: Skipping > because of failed dependencies > Notice: /File[/var/lib/puppet/lib/facter/ssldir.rb]: Dependency > File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/facter/ssldir.rb]: Skipping because of > failed dependencies > Notice: > /File[/var/lib/puppet/lib/puppet/parser/functions/ensure_resource.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: > /File[/var/lib/puppet/lib/puppet/parser/functions/ensure_resource.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/validate_re.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/validate_re.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/reports/datadog_reports.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/reports/datadog_reports.rb]: > Skipping because of failed dependencies > Notice: > /File[/var/lib/puppet/lib/puppet/parser/functions/is_function_available.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: > /File[/var/lib/puppet/lib/puppet/parser/functions/is_function_available.rb]: > Skipping because of failed dependencies > Notice: > /File[/var/lib/puppet/lib/puppet/parser/functions/str2saltedsha512.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: > /File[/var/lib/puppet/lib/puppet/parser/functions/str2saltedsha512.rb]: > Skipping because of failed dependencies > Notice: > /File[/var/lib/puppet/lib/puppet/parser/functions/delete_undef_values.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: > /File[/var/lib/puppet/lib/puppet/parser/functions/delete_undef_values.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/fqdn_rotate.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/fqdn_rotate.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/facter/gemhome.rb]: Dependency > File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/facter/gemhome.rb]: Skipping because of > failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/values_at.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/values_at.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/getvar.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/getvar.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/provider/vcsrepo/cvs.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/provider/vcsrepo/cvs.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/strftime.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/strftime.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/parser/functions/chop.rb]: > Dependency File[/var/lib/puppet/lib] has failures: true > Warning: /File[/var/lib/puppet/lib/puppet/parser/functions/chop.rb]: > Skipping because of failed dependencies > Notice: /File[/var/lib/puppet/lib/puppet/util/firewall.rb]: Dependency > File[/var/lib/puppet/lib] has failures: true > Warn
Re: [CentOS] Old and new package version numbers during RPM update
Am 29.06.2015 um 02:11 schrieb Anand Buddhdev :
> On 29/06/15 01:07, Kahlil Hodgson wrote:
>
>> On 29 June 2015 at 07:37, John R Pierce wrote:
>>
>>> so a regex looking for "system:" vs "system {" should nicely delineate
>>> these. I dunno, I might even put that into the conversion utility and
>>> have it just quit if the file is already in the new format, and always run
>>> it.
>>
>> +1 for the idempotent approach. IMHO much more robust. Also consider what
>> will happen if someone does a 'yum downgrade' on the package or a
>> dependency -- you might want to allow the conversion to go both ways or at
>> least complain appropriately.
>
> Yep. I've already considered this approach, but I avoid regexes as much
> as possible. They're great for some work, but they can inadvertently
> match too much or fail (for example if the "system" keyword and the
> opening brace are on different lines). You see where I'm going? But,
> this is a digression...
that is exactly what regex can do for you. it confirms the "language"
of the config file, unattached from new lines or space characters.
Sure, the expression itself is more "complicated" ... (a combination
of tools is also possible eg. tr, awk, sed, grep)
--
LF
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
At Mon, 29 Jun 2015 06:14:33 + CentOS mailing list wrote: > > Content-Language: en-US > > > > -Original Message- > > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > > Behalf Of Sorin Srbu > > Sent: den 29 juni 2015 08:11 > > To: CentOS mailing list > > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > > server > > > > > -Original Message- > > > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] > > On > > > Behalf Of Max Pyziur > > > Sent: den 28 juni 2015 20:50 > > > To: centos@centos.org > > > Subject: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > > > server > > > > > > I'm rebuilding a machine to function as a gateway/router to Verizon DSL. > > > > May I ask why you don't just use a made-for-the-purpose-distro like > > Smoothwall to do this? > > I takes (almost) all of the pain out of configuring stuff, and is quite > secure due > > to not having as much "junk" pre-installed as CentOS 6? > > Please note: I'm not criticizing, just curious about the argument behind > using a regular OS to do firewall-stuff. The most common case is that the machine implementing the gateway/routing/firewall is also being used for other stuff. Rather that having a separate piece of equipment a 'small' part of an existing piece of equipment is being utilized. This saves on resources. > -- Robert Heller -- 978-544-6933 Deepwoods Software-- Custom Software Services http://www.deepsoft.com/ -- Linux Administration Services hel...@deepsoft.com -- Webhosting Services ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 6/29/2015 12:04 AM, Sorin Srbu wrote: Gotcha'. Fewer watts may be worth it in the long run, as this is a device that's always on for obvious reasons. depends entirely on your performance requirements. the APU has no fans AND no vents, the case sheet metal is the heatsink. this means it won't fill up with dust over time.the lower end avoton/rangley chips have a heatsink and case vents, but not a fan, convection will move air and dust through the case. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
> -Original Message- > From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On > Behalf Of John R Pierce > Sent: den 29 juni 2015 09:03 > To: centos@centos.org > Subject: Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home > server > > On 6/28/2015 11:50 PM, Sorin Srbu wrote: > > That DIY Kit was pretty cool, thanks for the info! > > I note everyone is moving over to the Intel Avoton/Rangley 'system on a > chip', this is the Xeon Atom C2xx8 series, like this... > http://store.netgate.com/ADI/RCC-VE-2440-board.aspx > (other versions of Rangley come with 2-4-6 ethernet ports, and 2-4-8 cores) > > these are higher performance than the APU, for somewhat more watts and > dollars. Gotcha'. Fewer watts may be worth it in the long run, as this is a device that's always on for obvious reasons. -- //Sorin ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Using a CentOS 6 Machine as a gateway/router/home server
On 6/28/2015 11:50 PM, Sorin Srbu wrote: That DIY Kit was pretty cool, thanks for the info! I note everyone is moving over to the Intel Avoton/Rangley 'system on a chip', this is the Xeon Atom C2xx8 series, like this... http://store.netgate.com/ADI/RCC-VE-2440-board.aspx (other versions of Rangley come with 2-4-6 ethernet ports, and 2-4-8 cores) these are higher performance than the APU, for somewhat more watts and dollars. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
