Re: [CentOS] tar exclude command

2010-01-07 Thread Luciano Rocha 
On Thu, Jan 07, 2010 at 07:06:11AM -0800, adrian kok wrote:
> Hi 
> 
> I have problem in tar command
> 
> Can you help?
> 
> tar -cv --exclude /var/named/chroot/proc/* -zf backup.tar.gz /var/named 

You must escape the *, so that shell doesn't convert the command to:
 tar -cv --exclude /var/named/chroot/proc/1 /var/named/chroot/proc/2 ...

Use:
tar -cv --exclude /var/named/chroot/proc/\* -zf backup.tar.gz /var/named

Or just --exclude proc?

-- 
lfr
0/0


pgpUpFxNwiDab.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Lost mdadm.conf

2009-12-31 Thread Luciano Rocha 
On Thu, Dec 31, 2009 at 04:40:56PM +, Joseph L. Casale wrote:
> >Not all rescue environments have MAKEDEV or have it in $PATH, so this should 
> >always work. ;)
> 
> Really, on my hp's as well? I don't have any /dev/hdx or /dev/sdx on the ones 
> with software raid...
> 
> Nothing is easier than simply:
> # mdadm --detail --scan --verbose > /etc/mdadm.conf
> 
> And that actually *does* work in all environments...

Does that create the /dev/md* devices? I mean, a *scan* shouldn't change
the filesystem, should it? That's the problem that line tries to fix:
that there's no mdX device in /dev...


-- 
lfr
0/0


pgpQHePtbYx0M.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Lost mdadm.conf

2009-12-31 Thread Luciano Rocha 
On Thu, Dec 31, 2009 at 12:38:51PM -0400, robert mena wrote:
> Hi,
> 
> Yes.
> 
> I have from /devmd0 to /dev/md6 (for some reason it skipped md3).
> 
> I do not have the fstab at hand but
> /
> /boot
> and /tmp
> 
> each map to a different mdX.   I've been able to mount the /boot but no
> other.
> 
> One thing, besides the /boot all the other are ext4.  Could it be a problem
> with the rescue does not supporting this filesystem type.

Yes, it could. Can you send us the output of dmesg?

-- 
lfr
0/0


pgpTEK8G65Da9.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Lost mdadm.conf

2009-12-31 Thread Luciano Rocha 
On Thu, Dec 31, 2009 at 04:23:52PM +, Joseph L. Casale wrote:
> 
> That's a fairly limited script and out of date, I've never used mknod...

Not all rescue environments have MAKEDEV or have it in $PATH, so this
should always work. ;)

-- 
lfr
0/0


pgpVfPn6gbK7v.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Lost mdadm.conf

2009-12-31 Thread Luciano Rocha 
On Thu, Dec 31, 2009 at 12:24:23PM -0400, robert mena wrote:
> Hi,
> 
> it worked (kind of). Thanks.
> 
> I was able to recreate (the all appear in /proc/mdstat) and in the rescue
> I've mounted the /boot which maps to /dev/md0. But I can't mount any other
> partition.
> 
> they all complain with the same error
> 
> mount: Mounting /dev/mdX on /tmp/mountpoint failed: no such file or
> directory

Silly question: does /dev/md0 and /tmp/mountpoint exist?

-- 
lfr
0/0


pgpRdP8UYX9mV.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Lost mdadm.conf

2009-12-31 Thread Luciano Rocha 
On Thu, Dec 31, 2009 at 11:39:25AM -0400, robert mena wrote:
> Hi,
> 
> I lost my mdadm.conf (and /proc/mdadm shows nothing useful) and I'd like to
> mount the filesystem again.  So I've booted using rescue but I was wondering
> if I can do a command like this safely (i.e without losing the data
> previously stored).
> 
> mdadm -C /dev/md0 --level=raid0 --raid-devices=2 /dev/sda1 /dev/sdb1
> 
> Where of course the raid devices and the /dev/x are the correct ones

I've collected an howto somewhere from the 'net:

$ cat docs/sysadm/mdadm_recovery.txt

## define possible devices with arrays
echo 'DEVICE /dev/hd[a-l]* /dev/sd[a-l]*' > mdadm.conf

## scan
mdadm --examine --scan --config=mdadm.conf >> mdadm.conf

## review configuration, copy to /etc
cp mdadm.conf /etc/

## create devices
MAKEDEV md || { for ((i=0; i <= 31; i++)); do mknod /dev/md$i b 9 $i;
done; }

## start arrays
mdadm --assemble --scan

Best of luck,

-- 
lfr
0/0


pgpJmb6PiMVvk.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] - Estrutura de armazenamento de uma grande quantidade de arquivos

2009-11-27 Thread Luciano Rocha 
On Fri, Nov 27, 2009 at 09:42:54AM -0200, "Fábio Jr." wrote:
> Olá pessoal,

Posts para esta lista devem ser feitos em Inglês.

Posts to this list must be done in English.

Cumprimentos,
Luciano Rocha

-- 
lfr
0/0


pgpA2uWZ0v118.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] du vs df size difference

2009-10-01 Thread Luciano Rocha 
On Wed, Sep 30, 2009 at 06:30:08PM -0400, Ryan Pugatch wrote:
> 
> 
> Luciano Rocha wrote:
> 
> > Do this:
> > mount /dev/xvda3 /mnt
> > du -hc /mnt
> > 
> > And see if you can find the other 12GB.
> > 
> > I usually do:
> > du -mc --max-depth 2 /mnt | sort -n
> > 
> > Though I've recently learned:
> > du -hc --max-depth 2 /mnt | sort --human-readable or some such, but that
> > requires a very recent coreutils installation.
> > 
> 
> 
> That's interesting.. du is showing the same amount as df when I do this. 
>   I wonder why..

There's some data hidden by mount points. Check your mount points,
/home, etc., and there's probably old data there that may be removed.

-- 
lfr
0/0


pgpfXLfBXeQzf.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] du vs df size difference

2009-09-30 Thread Luciano Rocha 
On Wed, Sep 30, 2009 at 04:59:25PM -0400, Ryan Pugatch wrote:
> Hi all,
> 
> Curious issue.. looking in to how much disk space is being used on a 
> machine (CentOS 5.3).  When I compare the output of du vs df, I am 
> seeing a 12GB difference with du saying 8G used and df saying 20G used.
> 
> # du -hcx /
> 8.0Gtotal
> 
> # df -h /
> FilesystemSize  Used Avail Use% Mounted on
> /dev/xvda3 22G   20G  637M  97% /
> 
> I recognize that in most cases du and df are not going to report the 
> same but I am concerned about having a 12GB disparity.  Does anyone have 
> any thoughts about this or reason as to why there is a big difference? 
> I have read a few articles online about it and none have really shown 
> such a large difference.

Do this:
mount /dev/xvda3 /mnt
du -hc /mnt

And see if you can find the other 12GB.

I usually do:
du -mc --max-depth 2 /mnt | sort -n

Though I've recently learned:
du -hc --max-depth 2 /mnt | sort --human-readable or some such, but that
requires a very recent coreutils installation.

-- 
lfr
0/0


pgpM4QRWaw93w.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logrotate and regular expressions

2009-09-23 Thread Luciano Rocha 
On Wed, Sep 23, 2009 at 11:51:04AM -0400, Sol Fulop wrote:
> Is there a way around that??? Like run a command to get all the
> filenames then pipe it to the config directive
> /path/to/logs/access_log.www.*.(com|org|net|us) {} in logrotate.conf?

In that particular instance, you can use:
/path/to/logs/access_log.www.*.com /path/to/logs/access_log.www.*.org \
  /path/to/logs/access_log.www.*.net /path/to/logs/access_log.www.*.us {
  compress
  daily
 ...
}

I don't know if *.{com,org,net,us} works, never tried it. You could also
regenerate the configuration daily from a template file.

-- 
lfr
0/0


pgp5QCT8zMFFL.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] logrotate and regular expressions

2009-09-23 Thread Luciano Rocha 
On Wed, Sep 23, 2009 at 11:33:32AM -0400, Sol Fulop wrote:
> I am trying to use logrotate to rotate our web logs for our various
> vhosted sites to cut down on space and rotate out old logs that are not
> necessary to keep around personally.  What Im curious to find out, is
> how supported extended regular expressions is within the logrotate.conf
> file.  More specifically, will logrotate be smart enough to decipher the
> following:
> 
> /path/to/logs/access_log.www.*.(com|org|net|us)

AFAIK, logrotate doesn't support regular expressions, only wildcards (*
and ?).

-- 
lfr
0/0


pgpCDH4zYJ9s0.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] System Recovery

2009-09-04 Thread Luciano Rocha 
On Fri, Sep 04, 2009 at 11:24:16AM -0500, Robert wrote:
> I deleted one copy of the backup, as I've done in the past and made a 
> new crontab entry to try the backup again 2 or 3 minutes later. It was 
> still running several hours later, which couldn't possibly be right.  
> Next, I tried clearing the backup on the backup drive and manually 
> copying directories to it.  That didn't work too well, either.  At some 
> point, I tried to send an email using SeaMonkey and couldn't, because it 
> was unable "to write a temporary copy".  I quickly found that that 
> wasn't all it couldn't write, too.
> 
> I tried restarting KDE, which got nowhere.  Almost everything  worked 
> O.K. from the command line, the most obvious exception being that I was 
> unable to read any man pages as a non-privileged user until after I had 
> accessed that man page as root.

All symptoms that you've run out of space. Your backup has probably gone
to the root disk, not the backup one, and it ended backing up the backup
of the backup of the 

Free some space and everything should work OK.

-- 
lfr
0/0


pgp38Dhmp515E.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Encrypted File Storage

2009-08-10 Thread Luciano Rocha 
On Mon, Aug 10, 2009 at 05:23:48PM +, Joseph L. Casale wrote:
> Anyone got any experience/suggestions for a way to store a directory of
> sensitive information on a CentOS box? This directory contains many scripts
> and output files, I need it backed up but not unencrypted and don't want
> to store it in a tar file type archive as when it needs to be accessed and
> have scripts executed/data generated, it needs to be untarred/unencrypted and
> I don't know the ramifications of this wrt recovery once its retarred and 
> deleted.
> I was hoping it could be stored somehow such that it was decrypted on the fly 
> when
> needed by entering a pass/keyphrase before use.
> 
> Thus it could be backed up and remain encrypted. Is dm-crypt the simplest 
> option
> here?

If you want to backup the directory while it is still encrypted (not
mounted), look for encfs.

But I prefer luks myself (uses dm-crypt).

-- 
lfr
0/0


pgpj3qX1zkhMV.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] resize LVM (ext3)

2008-10-29 Thread Luciano Rocha 
On Wed, Oct 29, 2008 at 01:38:06PM +0100, David Hláčik wrote:
> >
> >
> > Now, for lvresize:
> > lvresize -L 80G system/home
> 
> Are you sure there should not be lvreduce -L 80G system/home ?

Same thing. I prefer the direction-neutral lvresize.

Regards,
Luciano Rocha

-- 
lfr
0/0


pgph8d6Kf9euL.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] resize LVM (ext3)

2008-10-29 Thread Luciano Rocha 
On Wed, Oct 29, 2008 at 12:58:32PM +0100, David Hláčik wrote:

>1. How can i be sure that i will shrink ext3 to exact size 80GB and that

dev=/dev/system/home
resize2fs $dev 80G

Then, to be sure of the real size:
blks=$(tune2fs -l $dev | awk -F: '/Block size/ { print $2/512 }')
fssize=$(tune2fs -l $dev |
  awk -v bs=$blks -F: '/Block count/{print $2*bs}')

Now, $fssize has the complete size in bytes. Verify it:
echo $fssize

Now, for lvresize:
lvresize -L 80G system/home

Verify that the printed target size matches the wanted value.

>3. Or can i just use lvreduce and my ext3 will shrink automatically?

NO! lvreduce doesn't care about what's inside, and will happily lose
data.

>4. Do i need to umount system/home when resizing?

Yes, and you must do a full fsck also:

e2fsck -f /dev/system/home

Regards,
Luciano Rocha

-- 
lfr
0/0


pgpNkocZH4oWf.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] compare directories

2008-10-23 Thread Luciano Rocha 
On Thu, Oct 23, 2008 at 11:53:20AM +0200, David Hláčik wrote:
> Hello guys,
> 
> I have two mirrors. I need to compare files and directories on both mirrors
> and as a result print list of those which are missing on mirror 2
> 
> What i did
> 
> find /data > find.mirror1
> 
> find /data > find.mirror2
> 
> Now i need to get list of those directories which are missing in mirror1.
> 
> Thanks in advance!

I use this bash function:
dirdiff ()
{
local src="$1" dst;
dst="${2:-.}";
if [ -z "$src" ]; then
err "missing original directory";
return 1;
fi;
if ! [ -d "$src" ]; then
err "$src: not a directory";
return 1;
fi;
if ! [ -d "$dst" ]; then
err "$dst: not a directory";
return 1;
fi;
diff -u <(cd "$src" && find . | LC_ALL=C sort |
  sed -e 's/^..//') <(cd "$dst" && find . | LC_ALL=C sort |
  sed -e 's/^..//')
}

-- 
lfr
0/0


pgptSufdK0Iis.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding the correct ext3-fs dm/LVM?

2008-10-20 Thread Luciano Rocha 
On Mon, Oct 20, 2008 at 06:36:30PM +0100, Luciano Rocha wrote:
> On Mon, Oct 20, 2008 at 07:31:22PM +0200, Kai Schaetzl wrote:
> > I'm getting ext3-fs maximal mount count warnings on logical volumes that 
> > are regularly mounted und unmounted for backup. Of course, I can just 
> > tune2fs all of them to stop that. But, if I wanted to find out for 
> > instance which one "dm-16" is, how do I do that?
> 
> ls -l /dev/mapper | grep \\b16\\b

A higher-level approach:

# dmsetup ls

-- 
lfr
0/0


pgpqz5OVBRFMv.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding the correct ext3-fs dm/LVM?

2008-10-20 Thread Luciano Rocha 
On Mon, Oct 20, 2008 at 07:31:22PM +0200, Kai Schaetzl wrote:
> I'm getting ext3-fs maximal mount count warnings on logical volumes that 
> are regularly mounted und unmounted for backup. Of course, I can just 
> tune2fs all of them to stop that. But, if I wanted to find out for 
> instance which one "dm-16" is, how do I do that?

ls -l /dev/mapper | grep \\b16\\b

-- 
lfr
0/0


pgpbnTy2Tcsi2.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] specialix module

2008-08-26 Thread Luciano Rocha 
On Tue, Aug 26, 2008 at 12:54:36PM -0400, Jerry Geis wrote:
>  I am wondering if it is possible to just grab the specialix.c file
>  and compile that one module (not the entire kernel) and of course load that 
>  module
>  and have it work.
> 
>  Is that possible?

Usually, yes.

But be wary of differences between the kernel versions (different
signatures for internal functions: INIT_WORK, kmem_cache_x, etc.;
or different types).

Regards,
Luciano Rocha

-- 
lfr
0/0


pgp4aCkhvFFVb.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] screen detatch

2008-07-22 Thread Luciano Rocha 
On Tue, Jul 22, 2008 at 01:02:07PM -0400, David Mackintosh wrote:
> The man page for screen says that I can create a detatched screen 
> running with a set command in it by doing this:
> 
> $ screen -dm $command
> 
> However, it doesn't work.  Screen exits without creating the detached
> screen.  

screen -dm isn't the same as screen -d -m. Try the latter.

-- 
lfr
0/0


pgpbJxf2ZgFj0.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT]: Passing password for a command on the fly

2008-05-16 Thread Luciano Rocha 
On Fri, May 16, 2008 at 09:38:17AM +0100, Mário Gamito wrote:
> Hi,
> 
> First things first, sorry for the off-topic, but I've already burned
> my eyes Googling and couldn't find the answer to what I need and I
> remembered asking here, because I'm a long time CentOS and its mailing
> list user.
> Again, my apologies.
> 
> I have this command to create an FTP account:
> 
> # pure-pw useradd mario -u 502 -g 502 -n 1000 -N 200 -d /home/pages/mario
> 
> This command asks for the password twice.
> 
> I need to pass the password (preferably without expect) so I can
> create the account without prompting.
> 
> If i run:
> 
> # echo secret | pure-pw useradd mario -u 502 -g 502 -n 1000 -N 200 -d
> /home/pages/gamito
> 
> It reads the first insertion, but asks for the second.
(echo secret; echo secret) | pure-pw ...

Or: echo -e 'secret\nsecret' | pure-pw

Or: pure-pw <

pgpM1Z15skrm4.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] exam txt file

2008-04-17 Thread Luciano Rocha 
On Thu, Apr 17, 2008 at 05:56:36AM -0700, Hiep Nguyen wrote:
>  hi all, i have centos 5 w/o gui.  i can only have access via ssh.
> 
>  i have a text file that contains special (unprintable) characters, what 
>  editor i can use to exam what those character are???
> 
>  i use vi, but i don't know what is ^@

^@ is the nul byte (zero byte).

>  may be an editor that can show ASCII as dec or hex.

xxd, included with vi, can show you the hex dump followed by the ascii
one, while hexedit allows you to edit the file either entering the
hexadecimal value or the ascii one.

Anyway, a text file with \000 is very unusual, maybe it got corrupted?

-- 
lfr
0/0


pgpRbzw1MxEJr.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Automatically send CTRL-D

2008-03-11 Thread Luciano Rocha 
On Tue, Mar 11, 2008 at 12:58:03PM +, Mário Gamito wrote:
> Hi Marcelo,
> 
> On Tue, Mar 11, 2008 at 12:52 PM, Marcelo Roccasalva <
> [EMAIL PROTECTED]> wrote:
> 
> > On Tue, Mar 11, 2008 at 10:35 AM, Mário Gamito <[EMAIL PROTECTED]> wrote:
> > [...]
> > > $ sha512sum | xargs echo "password" | cut -f2 -d' '
> >
> > read x;echo "$x" |  sha512sum | xargs echo "password" | cut -f2 -d' '
> >
> 
> Thank you for your answer, but unfortunately it still hangs waiting for the
> CTRL-D.

Not here. Could you show us the part of your script that uses sha512sum?


-- 
lfr
0/0


pgpWJZCARHTKh.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Linux vs Windows Drivers

2007-12-26 Thread Luciano Rocha 
On Wed, Dec 26, 2007 at 05:01:54PM -0500, Bit wrote:
>  ATI drivers are proprietary and closed-source.  So, for example, on my 
>  current desktop, I download the Linux drivers for my card from the link 
>  below and run the installer as per their instructions.
>  http://ati.amd.com/support/drivers/linux/linux-radeon.html
> 
>  It's doing *something* to make a kernel module that will insert into and 
>  work with my current running kernel.  At one time, I thought that it was 
>  compiling a module from source code, probably by invoking make, in much the 
>  same way I might download and install any open-source software in Linux from 
>  a tarball.
> 
>  However, I realized that this doesn't make sense since ATI's drivers are 
>  proprietary and closed-source.  So the installer I download can't possibly 
>  be compiling anything from source code, because that would mean I could 
>  almost certainly read the source code, which they don't want.  Which leaves 
>  me wondering what the installer is really doing.  Any ideas?
> 

The drivers are comprised of two things:
1. The X driver and OpenGL library, usually in binary form only;
2. The kernel driver for accessing and controlling the hardware.

Usually, the X driver/OpenGL library does most of the "3D" work, but
that isn't necessarily so.

Now, about the "can't possibly be compiling anything from source code".

Assuming you have compiled or developed a few things, you should know
that the final program is composed by several object files, .o.

Kernel drivers/modules aren't any different. What happens is that
there's at least one binary .o, without any source code, already compiled
in the installer/package.

There's also what is usually called a shim. A piece of source code that
does the bridge between your kernel and the real code. The real code is
thus a little abstracted from the kernel API, though not at all, as was
attested by recent breaks in the nVidia driver with new kernels. But
they are usually quick to respond to those changes.

So, there _is_ a make and compile involved, but is usually the
compilation of small code, linking with the big blob in an .o.

-- 
lfr
0/0


pgpQq8cumKPPA.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Linux vs Windows Drivers

2007-12-26 Thread Luciano Rocha 
On Wed, Dec 26, 2007 at 04:01:22PM -0500, Bit wrote:
>  Luciano Rocha wrote:
> > On Wed, Dec 26, 2007 at 12:48:52PM -0500, Bit wrote:
> >   
> >>  Thanks to both of you for the reply.  Good information, but that still  
> >> doesn't really answer my question.  I'm more interested in the technical  
> >> side of things.  What I really want to understand boils down to this:
> >>
> >>  Why is it that in Windows I can install ATI drivers once and never worry  
> >> about it again, while in Linux I may have to *reinstall* the drivers at a  
> >> later date after a system update to get my card working with them again?   
> >> Experience has proven to me that in Windows I can install the ATI drivers  
> >> once, leave those same drivers on there for eternity, update the system 
> >> over  and over with Automatic Updates, and never worry about it breaking 
> >> my video  card.  In Linux, every time I see a kernel update, I've learned 
> >> to be braced  for impact and just be ready with my ATI drivers to 
> >> reinstall to get my card  working again.  I've never understood this.  I'd 
> >> like a technical  explanation for why this is so.
> >>
> >> 
> >
> > Linux doesn't have a stable ABI (for drivers, userland is a different
> > thing), but Windows does.
> >
> > That means that drivers compiled for your kernel today may not install
> > on newer (or older) kernels. You'll have to recompile it. Also, changes
> > like support for more than 4GB, how the lower 4GB is split, architecture
> > options, gcc version, function calling convections, etc., creates
> > dependencies that have to be met by the binary driver.
> >
> > Windows guarantees that the exposed interface doesn't change, so there's
> > no need to recompile things if something internal changes.
> >
> > But Linux doesn't even have a stable API, so the module may not compile
> > on your newer kernels.
> >
> > Please see Documentation/stable_api_nonsense.txt, in the kernel sources,
> > or online at:
> > <http://scienceblogs.com/gregladen/2007/12/linux_stable_api_vs_not.php>
> >
> > Note that without a stable API, there is no change of a stable ABI.
> >
> >   
> 
>  Luciano, thank you very much.  I read your post, the link you provided, and 
>  a few other things from that link, and I at least understood enough to 
>  realize that it answers my question.  I think I *kind of* get it now.
> 
>  I think understanding the answer to my question really revolves around 
>  understanding an API and an ABI.  Would you please read the following and 
>  let me know if I at least get the gist of what these two things are?

FYI, when in doubt about these acronyms, search for "define: ABI", for
instance, in google.

>  An API influences what your source code will look like.  If they change the 
>  Linux kernel API, then you may need to make changes to your source code such 
>  as making "myLinuxKernelAPIFunctionCall( myparam1, myparam2 )" look 
>  something more like "myUpdatedLinuxKernelAPIFunctionCall( myparam1 )" in 
>  order to even make your code compile.

Yes, but also more important things. Like changing the use of semaphores
to mutexes, when appropriate (they "lock" something, mutexes can have
only one accessing the something at once, while semaphores can have N
accessing); changing the way stuff is exported to userland (sysfs,
configfs, debugfs, relayfs, procfs); etc..

>  The ABI is the interface between a compiled binary kernel module and the 
>  kernel.  It determines if an already compiled binary will properly interface 
>  with the kernel and run.  If the ABI changes and you find your kernel module 
>  won't run properly, you just need to recompile from source to get a kernel 
>  module that will run.  Hopefully the API hasn't changed and you won't need 
>  to change your source code to make it recompile...

Yes, that's it. The compiled modules include the dependency info, so
that you won't be able to insert it in another kernel:
$ modinfo ext2.ko
filename:   ext2.ko
license:GPL
description:Second Extended Filesystem
author: Remy Card and others
depends:
vermagic:   2.6.23.12lcfs1 preempt mod_unload PENTIUM4 4KSTACKS

>  BOTH kinds of changes happen with some degree of frequency in Linux.

Yes. Due to the nature of the kernel (open-source, GPL), and the current
policy, changes occur *very* frequently, especially in the 2.6.x series.

>  Did I get at least this much right?

I think you're doing fine. Note that this state of affairs is more due
t

Re: [CentOS] Linux vs Windows Drivers

2007-12-26 Thread Luciano Rocha 
On Wed, Dec 26, 2007 at 12:48:52PM -0500, Bit wrote:
> 
>  Thanks to both of you for the reply.  Good information, but that still 
>  doesn't really answer my question.  I'm more interested in the technical 
>  side of things.  What I really want to understand boils down to this:
> 
>  Why is it that in Windows I can install ATI drivers once and never worry 
>  about it again, while in Linux I may have to *reinstall* the drivers at a 
>  later date after a system update to get my card working with them again?  
>  Experience has proven to me that in Windows I can install the ATI drivers 
>  once, leave those same drivers on there for eternity, update the system over 
>  and over with Automatic Updates, and never worry about it breaking my video 
>  card.  In Linux, every time I see a kernel update, I've learned to be braced 
>  for impact and just be ready with my ATI drivers to reinstall to get my card 
>  working again.  I've never understood this.  I'd like a technical 
>  explanation for why this is so.
> 

Linux doesn't have a stable ABI (for drivers, userland is a different
thing), but Windows does.

That means that drivers compiled for your kernel today may not install
on newer (or older) kernels. You'll have to recompile it. Also, changes
like support for more than 4GB, how the lower 4GB is split, architecture
options, gcc version, function calling convections, etc., creates
dependencies that have to be met by the binary driver.

Windows guarantees that the exposed interface doesn't change, so there's
no need to recompile things if something internal changes.

But Linux doesn't even have a stable API, so the module may not compile
on your newer kernels.

Please see Documentation/stable_api_nonsense.txt, in the kernel sources,
or online at:


Note that without a stable API, there is no change of a stable ABI.

-- 
lfr
0/0


pgpb9uqRnFBTP.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Where are my VIM colors?

2007-12-07 Thread Luciano Rocha 
On Fri, Dec 07, 2007 at 09:49:39AM -0500, [EMAIL PROTECTED] wrote:
> Maybe, it's stupid question but I've just installed CentOS5 and when I'm
> going to edit some of my conf files I see no colors as it did in old
> CentOS4x...

Did you install vim-enhanced?

yum -y install vim-enhanced vim-X11 # for gvim, also

-- 
lfr
0/0


pgpayB9OvVN2f.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] typo in /etc/X11/xinit/Xsession

2007-10-27 Thread Luciano Rocha 
On Sat, Oct 27, 2007 at 11:44:52AM -0700, Akemi Yagi wrote:
> On 10/27/07, Luciano Rocha <[EMAIL PROTECTED]> wrote:
> >
> > line 15:
> > if ( unask 077 && cp /dev/null "$errfile" 2> /dev/null ); then
> >
> > Should be umask.
> 
> I assure you this is not Johnny's typo.  Looks like it will be corrected in 
> 5.2.
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=236629

I didn't assume it was, I was only surprised to see it. Granted, it's in
a seldom viewed file, but that file is executed all the time.

-- 
lfr
0/0


pgpdsK4CHmMWg.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] typo in /etc/X11/xinit/Xsession

2007-10-27 Thread Luciano Rocha 

line 15:
if ( unask 077 && cp /dev/null "$errfile" 2> /dev/null ); then

Should be umask.

-- 
lfr
0/0


pgpPXEZbwYz8L.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] script help

2007-10-26 Thread Luciano Rocha 
On Fri, Oct 26, 2007 at 11:52:50AM +0100, Luciano Rocha wrote:
> On Fri, Oct 26, 2007 at 11:28:37AM +0100, Tom Brown wrote:
> >  Hi
> > 
> >  I am sure the answer here is really easy but i am stuck!
> > 
> >  # mount | grep data | awk '{print$1,$2,$3}'
> > 
> >  gives me the info i require locally, however i need to execute this over 
> >  about 1000 hosts so i run things remotely using ssh something like
> > 
> >  # MOUNTER=`ssh $i 'mount | grep data | awk '{print$1,$2,$3}''`
> > 
> >  however this fails as at the end of the line there are 2 ticks eg ' 
> > together 
> >  -
> > 
> >  Can anyone offer me some syntax help please?
> 
> Well, you don't need to run the grep and awk on the other side:
> 
> MOUNTER=`ssh $i mount | awk '/data/{print $1,$2,$3}'`
> 
> But you can live without the call to mount, too:
> MOUNTER=`ssh $i awk "'/data/{print $1,$2,$3}'" /etc/mtab`

Oops, wrong c&p:
MOUNTER=`ssh $i awk "'/data/{print \$1,\$2,\$3}'" /etc/mtab`

-- 
lfr
0/0


pgpgNKGE83LSZ.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] script help

2007-10-26 Thread Luciano Rocha 
On Fri, Oct 26, 2007 at 11:28:37AM +0100, Tom Brown wrote:
>  Hi
> 
>  I am sure the answer here is really easy but i am stuck!
> 
>  # mount | grep data | awk '{print$1,$2,$3}'
> 
>  gives me the info i require locally, however i need to execute this over 
>  about 1000 hosts so i run things remotely using ssh something like
> 
>  # MOUNTER=`ssh $i 'mount | grep data | awk '{print$1,$2,$3}''`
> 
>  however this fails as at the end of the line there are 2 ticks eg ' together 
>  -
> 
>  Can anyone offer me some syntax help please?

Well, you don't need to run the grep and awk on the other side:

MOUNTER=`ssh $i mount | awk '/data/{print $1,$2,$3}'`

But you can live without the call to mount, too:
MOUNTER=`ssh $i awk "'/data/{print $1,$2,$3}'" /etc/mtab`

-- 
lfr
0/0


pgp1uB002Doex.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] fetchmail log messages I don't understand

2007-10-24 Thread Luciano Rocha 
On Wed, Oct 24, 2007 at 12:22:21PM -0500, Johnny Hughes wrote:
> Luciano Rocha wrote:
> > On Wed, Oct 24, 2007 at 11:46:34AM -0500, Chuck Campbell wrote:
> >> I see these messages every time fetchmail pops my mail.  I don't understand
> >> what certificates it is talking about, or how to straighten this out.
> 
> I would like to point out that the certificate in question resides on
> the server where you are getting ou mail from ... not your machine with
> fetch on it, so unless you own the mail server that it is pulling from,
> you are not going to fix the certificate.

I assumed the mail server was under the poster's control. It's unusual
to see a public server with so badly set up PKI.

-- 
lfr
0/0


pgp8wN3ZeN81I.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] fetchmail log messages I don't understand

2007-10-24 Thread Luciano Rocha 
On Wed, Oct 24, 2007 at 11:46:34AM -0500, Chuck Campbell wrote:
> I see these messages every time fetchmail pops my mail.  I don't understand
> what certificates it is talking about, or how to straighten this out.

A certificate identifies the server, i.e., the client gets a piece of
information about the server that can be used to start a private
conversation. The certificate must be signed by an entity, that you
trust.

> fetchmail: Server CommonName mismatch: localhost != mail.mydomain.com

The certificate was issued for the server: 'localhost', but you're
connecting to 'mail.mydomain.com'. This could be a man-in-the-middle
attack.

> fetchmail: Server certificate verification error: self signed certificate

The certificate is signed by itself, not by an external entity that you
trust. You can't be sure you're talking with the correct server.

> fetchmail: Server certificate verification error: certificate has expired

Every certificate has a validity (start and end date when the
certificate is valid). Yours has expired.

> What do I need to read up on to understand this and find a fix?

Public key infrastructure (PKI):

http://www.gtlib.cc.gatech.edu/pub/linux/docs/HOWTO/other-formats/html_single/SSL-Certificates-HOWTO.html
http://www.carillon.ca/library/howtos.php

-- 
lfr
0/0


pgpcBJn88kciK.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Hosed my software RAID/LVM setup somehow

2007-10-17 Thread Luciano Rocha 
On Wed, Oct 17, 2007 at 06:06:52PM +0200, Kai Schaetzl wrote:
> Luciano Rocha wrote on Wed, 17 Oct 2007 16:08:31 +0100:
> 
> > mount uses /etc/mtab for displaying current mounts, which is invalid
> > when starting the boot. Check /proc/mounts for the correct values.
> > 
> > You can switch to rw with:
> > mount / -o remount,rw
> > 
> > And then you'll be able to change fstab.
> 
> Yeah, this worked, thanks. I'll write that down :-)
> It would be nice if the system would ignore the problems with md2 and md3 and 
> boot nevertheless as in this case it would have been harmless.
> 
> > the b option to init/boot boots in emergency mode.
> 
> If needed, where would I do that? Can I do an init -b 3 in the repair shell 
> or 
> where would I do this?

In the bootloader (grub, lilo, syslinux). When selecting what to boot,
append the option to the kernel options (-b for emergency boot, 1 or s
for single user mode, init=/bin/bash to use bash as init).

In grub, you can edit entries with key 'e', and append directly (if not
booting Xen) with key 'a'.

> 
> > Seems to be OK. What is happening is that you're telling the system to
> > check the filesystems that where in the MDs in fstab. As there's none
> > (it's lvm now), the boot process complains and drops you to a shell.
> 
> Indeed. I thought that using LVM manager would make the necessary changes 
> (whatever they were) for me. I always avoided LVM as much as I could until 
> recently and when I used it I did that already during installation. This was 
> the first time I changed this stuff on a running system. I learned something 
> today :-) I added the /dev/mapper entries as mounts to fstab now and 
> remounted 
> all and everything is well. Thanks for the quick help!
> 
> I have a small question, though: one of the LVM partitions is used for a 
> (non-active) Xen VM and I cannot mount that as ext3. I know I have to unmount 
> before I can run the VM on it. I want to have a look in it. Is there a way to 
> mount it? xdva isn't recognized as a filesystem.

Mount outside the VM? The disks created under RHEL 5/Centos 5/Fedora 7
have partitions inside, you'll have to use kpartx to create local
partitions pointing to the correct areas in the image.

kpartx -va /dev/mapper/... should do that, see the manual page for more
details (man kpartx).

-- 
lfr
0/0


pgpZyptRYff83.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Hosed my software RAID/LVM setup somehow

2007-10-17 Thread Luciano Rocha 
On Wed, Oct 17, 2007 at 04:54:55PM +0200, Kai Schaetzl wrote:
> CentOS 5, original kernel (xen and normal) and everything, Linux RAID 1.
> 
> I rebooted one of my machines after doing some changes to RAID/LVM and now 
> the two RAID partitions that I made changes to are "gone". I cannot boot 
> into the system.
> On bootup it tells me that the devices md2 and md3 are busy or mounted and 
> drops me to the repair shell. When I run fs check manually it just tells 
> me the same. mdadm --misc --detail tells me that md2 and md3 are active 
> and fine. I wanted to comment out the md2 and md3 devices in fstab (and 
> hoped then be able to boot) but I get a "read-only" warning when writing 
> to it although mount tells me that / is mounted rw.

mount uses /etc/mtab for displaying current mounts, which is invalid
when starting the boot. Check /proc/mounts for the correct values.

You can switch to rw with:
mount / -o remount,rw

And then you'll be able to change fstab.

> 
> What can I do to boot into the system (the system is on /dev/md1 and seems 
> to be fine) or repair it?

the b option to init/boot boots in emergency mode. In extreme cases,
init=/bin/bash to jump directly to a shell, and then do the remount.

> The history of the changes is as follows.
> Originally I had several software-RAID 1 partitions /boot / /home /home2 
> on /dev/md0 etc. At the time of creation I didn't know I could use LVM on 
> RAID partitions. Yesterday I activated LVM on md2 and md3 as they didn't 
> contain anything valuable and put some data on them. What I did is 
> unmount, then remove from RAID, then initialized LVM, then created the 
> RAID devices again, then created the Volume Groups and Volumes, added 
> mount points etc. All succeeded without errors and was working well 
> thereafter. I worked several hours with data and xen virtual machines on 
> the LVM partitions. The LVM management was done with the LVM manager in 
> Gnome (as I'm not very familiar with LVM), the other stuff was done in a 
> terminal.
> I assume something is wrong with the LVM setup or LVM doesn't start at 
> all. What/how can I check?

Seems to be OK. What is happening is that you're telling the system to
check the filesystems that where in the MDs in fstab. As there's none
(it's lvm now), the boot process complains and drops you to a shell.

As soon as you fix fstab, you should boot ok. The lvm volumes/groups
should be already present, them.

-- 
lfr
0/0


pgp8lW2Mz1Hir.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Silly question - Anything faster than rm?

2007-09-29 Thread Luciano Rocha 
On Sat, Sep 29, 2007 at 04:43:43AM -0700, Jamie Lists wrote:
> Maybe this is a silly question, but i have a few million files i need
> to delete but i can't just reformat the volume.
> 
> Right now the fastest thing i can think of is
> 
> nice -20 rm -Rf /folder-i-want-to-delete
> 
> is there a better or faster way to do this?

No, but if you want to re-use the directory name, rename it before
removing it:
mv folder-i-want-to-delete _removed_folder
rm -fr _removed_folder &
keep working...

-- 
lfr
0/0


pgpaSjFAUn945.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OpenSSH multiple private key question

2007-09-26 Thread Luciano Rocha 
On Wed, Sep 26, 2007 at 02:42:51PM -0400, Von Landfried wrote:
>  I am using CentOS 4.5 with OpenSSH_3.9p1 and I am curious if anyone has a 
>  solution for this scenario. I have several pub/priv keys that I use for 
>  various tasks/reasons. My issue is that I want to have 2 private keys stored 
>  in ~/.ssh/ and I am not sure the best way to accomplish that. Currently I am 
>  using ssh-agent, and it works fine for manually performing tasks. I was 
>  curious if there is a simple way to have multiple private keys stored in the 
>  same ~/.ssh/ directory without using ssh-agent? Thanks for reading.

You can name them whatever you want, then add to ~/.ssh/config,
at the end:

host *
identityfile ~/.ssh/key1
identityfile ~/.ssh/key2

You can also restrict by host instead of a global definition, of course.

-- 
lfr
0/0


pgpBeZK4vcDpg.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Centos 5 or 5.0

2007-09-08 Thread Luciano Rocha 
On Thu, Sep 06, 2007 at 10:15:12AM -0300, Centos wrote:
>  Hello
> 
>  I am downloading Centos, but I don't know What is the difference between 
>  Centos 5 and Centos 5.0

The 5 is a link to the latest in the 5.x series. Currently it points to 5.0.

> 
>  also as far as I remember any rpm or file ending with 64 designed for AMD 64 
>  bit,
>  can I install CentOS-5.0-x86_64-bin-DVD.iso on Intel 64 bit as well ?

They're designed for an x86_64 processor. It includes AMD and Intel.

-- 
lfr
0/0


pgpPzvqmU0EsB.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] shrink LV with ext3 filesystem

2007-09-04 Thread Luciano Rocha 
On Tue, Sep 04, 2007 at 08:18:18PM +0200, Thomas Antony wrote:
> 
> >>  Is it possible that i log into the server with ssh and umount only /var 
> >> and  then resize the logical volume?
> > Yes, but you'll have to stop a lot of daemons and other processes that
> > run with files opened in /var.
> > You can find the processes accessing /var with lsof or fuser:
> > # fuser -mv /var
> > # lsof /var
> 
> 
>  I stopped all services except sshd and fuser and lsof doesn't show me any 
>  files, but i still can't unmount /var :-(
> 
>  # umount /var
>  umount: /var: device is busy
>  umount: /var: device is busy
> 
>  Ayn ideas?

Are you using chrooted BIND?

Do a cat /proc/mounts, search for var, and unmount anything in use.

-- 
lfr
0/0


pgp6YuR8J94u2.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] shrink LV with ext3 filesystem

2007-09-04 Thread Luciano Rocha 
On Tue, Sep 04, 2007 at 03:26:53PM +0200, Thomas Antony wrote:
>  Luciano Rocha schrieb:
> > On Tue, Sep 04, 2007 at 12:40:24PM +0200, Thomas Antony wrote:
> >>  Hi.
> >>
> >>  I want to make a snapshot from a logical volume and noticed that there 
> >> must  be enough free disk space in the volume group. Actually there is no  
> >>  free  disk space left.
> >>  How do i shrink online /var without losing any data or restore from 
> >> backup? 
> > You can't shrink ext2/ext3 filesystems online. You'll have to schedule a
> > downtime.
> > Another solution is to remove and use a file for swap (swapoff ... &&
> > lvremove ...), or reduce it (swapoff ... && lvreduce ... && mkswap && 
> > swapon).
> 
>  Hi.
> 
>  Is it possible that i log into the server with ssh and umount only /var and 
>  then resize the logical volume?

Yes, but you'll have to stop a lot of daemons and other processes that
run with files opened in /var.

You can find the processes accessing /var with lsof or fuser:
# fuser -mv /var
# lsof /var

-- 
lfr
0/0


pgp0QRc8Vc5Zz.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] shrink LV with ext3 filesystem

2007-09-04 Thread Luciano Rocha 
On Tue, Sep 04, 2007 at 12:40:24PM +0200, Thomas Antony wrote:
>  Hi.
> 
>  I want to make a snapshot from a logical volume and noticed that there must 
>  be enough free disk space in the volume group. Actually there is no   free 
>  disk space left.
>  How do i shrink online /var without losing any data or restore from backup? 

You can't shrink ext2/ext3 filesystems online. You'll have to schedule a
downtime.

Another solution is to remove and use a file for swap (swapoff ... &&
lvremove ...), or reduce it (swapoff ... && lvreduce ... && mkswap && swapon).

-- 
lfr
0/0


pgpWNyYQ1lIb9.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Install CentOS over FTP

2007-08-17 Thread Luciano Rocha 
On Fri, Aug 17, 2007 at 05:18:15PM +0100, Mário Gamito wrote:
>  Hi,
> 
>  Sorry for the newbie question, I've been searching the CentOS site and 
>  googled, but I couldn't find an answer (probably my bad).
> 
>  I want to install CentOS 4.5, but I'm having troubles with my CD reader.
> 
>  How can I install it from an FTP server ?

If you already have a linux system, use LILO or Grub to boot the initrd
and vmlinuz:
ftp://ftp.di.uminho.pt/pub/centos/5/os/i386/isolinux/vmlinuz
ftp://ftp.di.uminho.pt/pub/centos/5/os/i386/isolinux/initrd.img

No special boot arguments are required. The initrd should prompt you the
method for installation and then you specify the ftp install.

If you don't have linux already installed, but have Win9x or DOS, use
loadlin to boot.

Otherwise, use an USB boot pen.

Or try the smaller boot.iso, that may work better with your reader:
ftp://ftp.di.uminho.pt/pub/centos/5/os/i386/images/boot.iso

-- 
lfr
0/0


pgpWhkK8oqBeB.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] iptables rule (MAC filtering)

2007-06-25 Thread Luciano Rocha 
On Mon, Jun 25, 2007 at 09:46:22PM +0200, Jordi Espasa Clofent wrote:
> 
> >  ^ this is a very bad example
> >   
> 
>  It's understandable example; so, it's enough.

127.x is always private to each host, so it is confusing. I just assumed
it was one address that just came to your mind.

> 
> > Why MAC and not IP addresses?
> >   
> 
>  IP addresses are very easy to change. The idea is only a two concrete boxes 
>  with a concrete ubication can surfer the web freely.

MAC addresses are easy too, only less known.

> 
> > Yes, but ORing the two, all clients should have gone to the local http
> > service.
> >
> > The best thing, in this case, is to use chains:
> >
> > iptables -t nat -N twoboxen
> > iptables -t nat -N others
> >
> > iptables -t nat -A PREROUTING --mac-source aa -j twoboxen
> > iptables -t nat -A PREROUTING --mac-source bb -j twoboxen
> > iptables -t nat -A PREROUTING -j others
> >
> > iptables -t nat -A twoboxen -j ACCEPT
> > iptables -t nat -A others -p tcp --dport 80 -j REDIRECT
> 
>  I think this is a "large" solution. Two iptables code lines should be 
>  enough. I've modified the lines:
> 
>  iptables -t nat -A OUTOUT -p tcp -i eth1  -m mac --mac-source ! 
>  xx:xx:xx:xx:xx:xx --dport 80 -j DNAT --to-destination 192.168.1.1:80
>  iptables -t nat -A PREROUTING -p tcp -i eth1 -m mac --mac-source ! 
>  xx:xx:xx:xx:xx:xx --dport 80 -j DNAT --to-destination 192.168.1.1:80

Two of these for each of the two hosts? That's what I don't understand.

Let's suppose you have host A, B, C, D, E, and want only A and B to have
access to the web. So, the rules would look like:

1. iptables -t nat -A PREROUTING -p tcp -i eth1 -m mac --mac-source ! 
 mac(host A) --dport 80 -j DNAT --to-destination 192.168.1.1:80
2. iptables -t nat -A PREROUTING -p tcp -i eth1 -m mac --mac-source ! 
 mac(host B) --dport 80 -j DNAT --to-destination 192.168.1.1:80

Ditto for -A OUTPUT.

So, what happens when C, D or E send a packet? They don't match any mac
address, so they will be DNAT'ed to 192.168.1.1.

What about A? It doesn't match rule 1, but it matches rule 2, so it will
be DNAT'ed also.

And host B? It matches rule 1, so it is DNAT'ed.

Thus the use of chains, to send each host to the proper chain and there
do the work (dnat or don't dnat).

>  Of course, thank you for your help and comments Luciano. ;)

Not at all. :)

-- 
lfr
0/0


pgpCM5kr3KyJx.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] iptables rule (MAC filtering)

2007-06-25 Thread Luciano Rocha 
On Mon, Jun 25, 2007 at 06:20:04PM +0200, Jordi Espasa Clofent wrote:
>  Hi all,
> 
>  I've a CentOS box which as two NIC; this box is also a router for LAN 
>  subnet:
> 
>  
>  | eth0 (external) 172.0.0.1|
 ^ this is a very bad example
>  | eth1 (internal) 192.168.1.1 |
>  
>|
> LAN clients (192.168.1.2+)
> 
>  I want to allow http acces only for two LAN boxes; an only http access, 
>  which means that others protocols as smtp, pop3, imap and so on will be 
>  permited. The rest of LAN boxes will be redirected to a local http service 
>  (192.168.1.1:80)
> 
>  I think the best way is creating a iptables rules based on MAC address.

Why MAC and not IP addresses?

> So, 
>  the rules I've made are:
> 
>  iptables -t nat -A PREROUTING -p tcp -s 192.168.1.0/24 -m mac --mac-source ! 
>  xx:xx:xx:xx:xx:xx --dport 80 -j DNAT --to-destination 192.168.1.1:80
> 
>  iptables -t nat -A PREROUTING -p tcp -s 192.168.1.0/24 -m mac --mac-source ! 
>  xx:xx:xx:xx:xx:xx --dport 80 -j DNAT --to-destination 192.168.1.1:80
> 
>  Please, note the exclamation symbol, which means a logical negation.

Yes, but ORing the two, all clients should have gone to the local http
service.

The best thing, in this case, is to use chains:

iptables -t nat -N twoboxen
iptables -t nat -N others

iptables -t nat -A PREROUTING --mac-source aa -j twoboxen
iptables -t nat -A PREROUTING --mac-source bb -j twoboxen
iptables -t nat -A PREROUTING -j others

iptables -t nat -A twoboxen -j ACCEPT
iptables -t nat -A others -p tcp --dport 80 -j REDIRECT

-- 
lfr
0/0


pgpwPaChFLRIz.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] xterm

2007-06-21 Thread Luciano Rocha 
On Thu, Jun 21, 2007 at 11:00:25PM +0200, Web and Co sprl - Patrick DERWAEL 
wrote:
> Hi list…
> 
>  
> 
> I’m in the process of switching from a RedHat EL 4 to CentOS 5, and run into
> some problems…
> 
> I’m trying to open a X session to my Centos box, and got an error message
> stating that /usr/X11R6/bin/xterm is not found. 
> 
> Surprisingly, /usr/X11R6/bin is almost empty, as compared to my RedHat box.,
> and I am 100% sure I have selected X during the installation

/usr/X11R6 is deprecated, things have moved to /usr/bin, /usr/sbin,
/usr/lib, etc..

> Linking /bin/xterm to /usr/X11/bin/xterm allows me to start a session

xterm is now in /usr/bin/xterm. yum install xterm.

> Question: is this the right thing to do on CentOS, or is this just a
> workaround?

The right thing to do is set PATH as appropriate and then simply use
xterm. Why are you using an absolute path?

-- 
lfr
0/0


pgpPbv9mEb3WB.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CUPS driver for Panasonic DP-2330 printer?

2007-06-19 Thread Luciano Rocha 
On Tue, Jun 19, 2007 at 12:16:51PM -0400, James B. Byrne wrote:
> 
> Can anyone point me to a possible source of a linux cups driver
> specifically for this machine or to a work-alike driver for a similar
> piece of equipment. Failing this, does anyone have any suggestions as to
> any open source software guys who might be willing to develop one for a
> fee?

The printer spec page says:
  Computer Compatibility 
Linux (LPD/LPR)

   Protocol
 TCP/IP (LPD, Raw/Port9100, SNMP, DHCP)
 IPP (PCL, PS)  

   Page Description Language
PCL5e, PCL6, PostScript® 3

cups as is already supports all of that, so you shouldn't have any
problems.

Or are you refering to the other functions? (fax/scanner)

-- 
lfr
0/0


pgp65opTP14iJ.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] mounting an lvm partition via a USB adapter

2007-06-18 Thread Luciano Rocha 
On Mon, Jun 18, 2007 at 08:10:28AM -0400, Robert Moskowitz wrote:
>  I am trying to mount this (my old hard drive) from my Centos 5 install as a 
>  USB drive so I can copy files over.
> 
>  The second partition, /dev/sda2 is the one I really want and it is an lvm 
>  partition.  When I am booted from this drive (as the installed IDE drive, 
>  not as a usb drive) has for its  /etc/fstab:
> 
>  # This file is edited by fstab-sync - see 'man fstab-sync' for details
>  /dev/VolGroup00/LogVol01 /   ext3defaults1 1
>  LABEL=/boot /boot   ext3defaults1 2
>  none/dev/ptsdevpts  gid=5,mode=620  0 0
>  none/dev/shmtmpfs   defaults0 0
>  /dev/VolGroup00/LogVol02 /home   ext3defaults1 2
>  none/proc   procdefaults0 0
>  none/syssysfs   defaults0 0
>  /dev/VolGroup00/LogVol00 swapswapdefaults0 0
> 
> 
>  But I do not see any /dev/Vol... when I boot from my Centos 5 drive (oh, I 
>  have labeled the lvm partitions on that drive to start with Centos5 so that 
>  its labels are different from my Centos 4 drive lablels).

vgscan ; vgchange -ay VolGroup00

If the volume group happens to be the same as the one you're using on
your new system, then that will probably fail, and I suggest renaming
your current volume group using a rescue cd (don't forget to recreate
the initrd, as it has the vg hardcoded).

-- 
lfr
0/0


pgpz8L8jTzZgV.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT - IP Tables - forwarding to localhost

2007-06-18 Thread Luciano Rocha 
On Mon, Jun 18, 2007 at 11:46:42AM +0100, first last wrote:
> Hi,
> 
> I am trying to set up a firewall rule so calls to old_mailserver:25 get
> redirected to localhost:25. I have seen quite a few rules and none seem
> to work.
> 
> I have tried with the firewall enabled (configured to allow smtp) and
> disabled, but it doesn't seem to make a difference.
> 
> One of the commands I have been using is:
> /sbin/iptables -t nat -I PREROUTING -p tcp -d old_mailserver_ip/32
> --dport 25 -j REDIRECT --to 127.0.0.1:25

Try this:
iptables -t nat -I PREROUTING -p tcp -d old_mail_server_ip --dport 25 \
  -j REDIRECT
iptables -t nat -I OUTPUT -p tcp -d old_mail_server_ip --dport 25 \
  -j REDIRECT
 
> Am I missing anything?

Locally generated packets go through OUTPUT, but not PREROUTING, IIRC.

-- 
lfr
0/0


pgpjQxTJNWgqT.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] network raid file system/server

2007-06-14 Thread Luciano Rocha 
On Thu, Jun 14, 2007 at 11:35:30PM +0200, Farkas Levente wrote:
> afaik ocsf2 is not redundant:-(

It isn't redundant per se, but it allows you to access a shared storage
(hardware that supports it or network raid as I explained in my other
mail) simultaneously in multiple servers. Thus, you can have the service
available if multiple servers. If the service doesn't support multiple
instances, then you have to start it when the primary fails. In which
case, you wouldn't even need OCFS2 and could use ext3/xfs/...

-- 
lfr
0/0


pgp9ZRZ8SfGLk.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] network raid file system/server

2007-06-14 Thread Luciano Rocha 
On Thu, Jun 14, 2007 at 11:39:12PM +0200, Farkas Levente wrote:
> Luciano Rocha wrote:
> > On Thu, Jun 14, 2007 at 01:43:22PM +0200, Peter Kjellstrom wrote:
> >> On Wednesday 13 June 2007, Antonio da Silva Martins Junior wrote:
> >>> Hi Farkas,
> >>>
> >>>   I think a start is to look on PVFS2 (www.pvfs.org).
> >>>
> >>>   Or maybe using nbd and softwareraid ???
> >> Neither will eliminate servers and disks as single points of failiure.
> > 
> > You can add standard raid for eliminating disk failures as points of
> > failure.
> > 
> > Then there are drbd[1], ddraid[2] and (g)nbd + md for server raid.
> > 
> > I've been using drbd, and now I'm migrating to use ocfs2 + nfs on top of
> > it.
> 
> what will do the redundancy here?

Hm? They work as software raid over the network, keeping the data in
sync. So, if one fails, the other still has the data and can keep
serving it.

You can have more than one master[1], if you use a cluster filesystem
(GFS/OCFS2/?) or if you just export the redudant block device.
Otherwise, use heartbeat/ucarp/... to change the secondary to primary.

[1] drbd only supports two peers. drbd+, a commercial version, supports
more, I think.

-- 
lfr
0/0


pgpIVndKq9kJW.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] network raid file system/server

2007-06-14 Thread Luciano Rocha 
On Thu, Jun 14, 2007 at 01:43:22PM +0200, Peter Kjellstrom wrote:
> On Wednesday 13 June 2007, Antonio da Silva Martins Junior wrote:
> > Hi Farkas,
> >
> >   I think a start is to look on PVFS2 (www.pvfs.org).
> >
> >   Or maybe using nbd and softwareraid ???
> 
> Neither will eliminate servers and disks as single points of failiure.

You can add standard raid for eliminating disk failures as points of
failure.

Then there are drbd[1], ddraid[2] and (g)nbd + md for server raid.

I've been using drbd, and now I'm migrating to use ocfs2 + nfs on top of
it.

Coda also has a replicated server mode, but my system exceeded the
number of files supported by coda.

[1] http://www.drbd.org/
[2] http://sourceware.org/cluster/ddraid/

-- 
lfr
0/0


pgp7jDMLuKJXy.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PGP On Centos

2007-06-12 Thread Luciano Rocha 
On Tue, Jun 12, 2007 at 11:28:37AM -0700, Karl R. Balsmeier wrote:
>  Hey I need to run some pgp commands, -what's the name of the package 
>  supported by Centos that will allow me to work with pgp?
> 
>  I need to run pgp --fingerprint key.name

gnupg, and the command is gpg. It should be already installed,
otherwise, yum install gnupg.

-- 
lfr
0/0


pgpbxCHoVyYwr.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos