[CentOS] Not getting updates?
I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring server. Clean install, nothing real complicated just the server version with no GUI, just command line/SSH. I have noticed over the last 3 months that I've not had ANY updates when I run 'yum update'. I have run 'yum clean all' to see if that might be a problem, and I've made sure the updates repo is enabled (it is), but I'm getting no CentOS updates. Did something change that I'm not aware of? I'm even clueless how to being debugging this. I'm no noob to RPM based systems as I run Fedora pretty much everywhere else. Ideas? -- Mark Haney Sr. Systems Engineer, VIF International Education mark.ha...@vifprogram.com 919-265-5006 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
Yeah, I just don't get it. I've looked at several mirrors and haven't found /any/ updates dated this month. That's really odd, I would think. I'm not talking installed updates on my system, ANY updated packages on the mirrors from 3/2015. Has anyone else updated packages this month? Also, as an aside, what's the difference between CentOS 7 and CentOS 7.1406? And does that make a difference? I know I don't have a ton of actual packages on this machine, it doesn't really need any more than what I have on it, which is pretty minimal, but I'm worried I'm missing security updates for some reason, and I don't want to have this system vulnerable even if it isn't accessible from outside my office. On Fri, Mar 27, 2015 at 2:52 PM, Les Mikesell wrote: > On Fri, Mar 27, 2015 at 1:45 PM, Mark Haney > wrote: > > I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring > > server. Clean install, nothing real complicated just the server version > > with no GUI, just command line/SSH. > > > > I have noticed over the last 3 months that I've not had ANY updates when > I > > run 'yum update'. I have run 'yum clean all' to see if that might be a > > problem, and I've made sure the updates repo is enabled (it is), but I'm > > getting no CentOS updates. > > > > Did something change that I'm not aware of? I'm even clueless how to > being > > debugging this. I'm no noob to RPM based systems as I run Fedora pretty > > much everywhere else. > > > > Ideas? > > Try something like "yum info kernel". > It should show the repos it is checking, the installed version and the > repo it is from, plus available newer versions. If your installed > version isn't from anaconda, maybe you have automatic updates enabled > and there is nothing newer when you check. > > -- >Les Mikesell > lesmikes...@gmail.com > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Mark Haney Sr. Systems Engineer, VIF International Education mark.ha...@vifprogram.com 919-265-5006 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Not getting updates?
I have no excludes in yum.conf. But I noticed something odd in the CentOS-Base.repo file. The [updates] section didn't have an explicit 'enabled=1' in it. Though, when I added it in, it made no difference. I have noticed that I do have some updated packages (like httpd) that are from February and appear to be the most recent based on the mirrors, but every mirror I hit I see no updated packages listed for this month. Maybe there's just not been any and I'm overreacting. But to give an example, we run several Ubuntu 14.04 LTS virtual machines and I've have a dozen or so security related updates that I've not seen for CentOS, like openssl (which I do have installed on it) and gnutls. I know package names don't always match up, but these are recent known vulnerabilities and I don't like the feeling I'm not securing my systems properly. Does that makes sense? On Fri, Mar 27, 2015 at 2:58 PM, wrote: > Mark Haney wrote: > > I installed CentOS 7 late last year to use as my Nagios/Cacti Monitoring > > server. Clean install, nothing real complicated just the server version > > with no GUI, just command line/SSH. > > > > I have noticed over the last 3 months that I've not had ANY updates when > I > > run 'yum update'. I have run 'yum clean all' to see if that might be a > > problem, and I've made sure the updates repo is enabled (it is), but I'm > > getting no CentOS updates. > > > > Did something change that I'm not aware of? I'm even clueless how to > > being debugging this. I'm no noob to RPM based systems as I run Fedora > pretty > > much everywhere else. > > > > Ideas? > > There's been a bunch. Two ideas: first, are the repos enabled (check in > /etc/yum.repos.d, and make sure enabled=1, and second, do you have any > excludes (and wildcards count) in /etc/yum.conf? > > mark > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Mark Haney Sr. Systems Engineer, VIF International Education mark.ha...@vifprogram.com 919-265-5006 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization
ESX(i) 6 and vCloud Air. At home, KVM and Vagrant. On Tue, Jun 16, 2015 at 10:46 AM, Numan Fatih YARCI < fatih.ya...@linux.org.tr> wrote: > KVM - Vagrant - Docker :) > > On Tue, 16 Jun 2015 at 17:41 Alessandro Baggi > wrote: > > > Hi list, > > what solution do you use for virtualizzation? > > > > thanks in advance. > > ___ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* International Education P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.vifprogram.com <http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <http://twitter.com/vifprogram> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT Advantage of running DNS server?
I suppose a lot of it depends on your needs. For us, we run internal DNS servers for all the VMs we have running; mostly for software development and monitoring. It makes sense for us to do so as we have mostly Macs (and my Linux workstation) that work better using DNS. Had we been a mostly Windows shop, we'd likely use NetBIOS internally with some Dynamic DNS for win clients. We also have external DNS servers for our cloud based servers, web servers primarily. We could have stuck with Network Solutions (our Domain Registrar) for DNS, but we have a LOT of domains across the globe and we prefer handling them ourselves. Management can be a bit of a headache at time, but it's worth it, IMHO. On Mon, Jun 22, 2015 at 8:14 AM, Timothy Murphy wrote: > What is the advantage, if any, of running one's own DNS server? > Surely the link between domain name and IP address > must already have been established? > > -- > Timothy Murphy > gayleard /at/ eircom.net > School of Mathematics, Trinity College, Dublin > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* International Education P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.vifprogram.com <http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <http://twitter.com/vifprogram> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OT Strange IP address on home network
Sounds like you have a host with a NIC that's configured for DHCP but either can't communicate with the DHCP server, or there are no free IPs for the DHCP server to give it. On Wed, Oct 28, 2015 at 10:12 AM, Jason Warr wrote: > It's a Zero Config IP address. Most likely a host with zero config > enabled, pretty much all Windows by default, was unable to get an IP from > DHCP. > > On 10/28/2015 9:04 AM, Timothy Murphy wrote: > >> Why does "arp -a" show IP address 169.254.192.123 >> on my 192.168.2.0 home network? >> I recall seeing this IP address somewhere, >> but don't remember where. >> >> > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* International Education P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.vifprogram.com <http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <http://twitter.com/vifprogram> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitor Dummy Device
I'm curious as to what exactly you are needing what appears to be a second monitor without an actual second monitor? For what purpose do you think you need such a setup? Maybe there's another method to get what you want if you can give us more detail. On Tue, Jan 19, 2016 at 10:53 AM, Joey wrote: > Am 2016-01-19 02:01, schrieb Mark LaPierre: > >> On 01/17/16 11:42, Joey wrote: >> >>> Hello List, >>> >>> i want to use a Dual-Screen Solution without connected a second Monitor. >>> >>> Its a solution available, that a physical monitor/Device is simulated? I >>> want to use it on KDE. >>> >>> Thank you. >>> >>> Joey >>> >> >> Hey Joey, >> >> Does your current physical monitor support multiple connections? Most >> modern monitors do. If it does then you can connect a second video >> cable from your computer to your monitor. There you have it. A duel >> monitor connection. >> > > Hey, > > thx for this tricky idea! Unfortunately i need it for notebooks .. > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* International Education P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.vifprogram.com <http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Monitor Dummy Device
IIRC, back when I did presentations regularly there was a way to screen share a second virtual desktop and leave the primary on the display itself. But that was 5 years ago and I"ve slept since then. On Tue, Jan 19, 2016 at 11:11 AM, Joey wrote: > When i do presentation i have this workflow: > > I connect the beamer on my notebook so i have dualscreen. On my notebook > screen i have all icons/windows i need. The things i want to show i move to > the 2. desktopscreen (the beamer). > > If i want to be independent of the cable-end of the beamer i do this: > > i connect a second monitor to my notebook and i stream the screen of the > 2. monitor with ffmpeg / ffserver (installed on my notebook). a other > device eg notebook, which is connect to beamer, show my stream on the > beamer. > > Very nice solution for me :). I want to extend the solution that i dont > need a monitor connected to my notebook. I dont know how can i get a second > desktop is useable like a dualscreen. > > Greetings Joey > > > > Am 2016-01-19 16:57, schrieb Mark Haney: > >> I'm curious as to what exactly you are needing what appears to be a second >> monitor without an actual second monitor? For what purpose do you think >> you need such a setup? Maybe there's another method to get what you want >> if you can give us more detail. >> >> >> On Tue, Jan 19, 2016 at 10:53 AM, Joey wrote: >> >> Am 2016-01-19 02:01, schrieb Mark LaPierre: >>> >>> On 01/17/16 11:42, Joey wrote: >>>> >>>> Hello List, >>>>> >>>>> i want to use a Dual-Screen Solution without connected a second >>>>> Monitor. >>>>> >>>>> Its a solution available, that a physical monitor/Device is simulated? >>>>> I >>>>> want to use it on KDE. >>>>> >>>>> Thank you. >>>>> >>>>> Joey >>>>> >>>>> >>>> Hey Joey, >>>> >>>> Does your current physical monitor support multiple connections? Most >>>> modern monitors do. If it does then you can connect a second video >>>> cable from your computer to your monitor. There you have it. A duel >>>> monitor connection. >>>> >>>> >>> Hey, >>> >>> thx for this tricky idea! Unfortunately i need it for notebooks .. >>> >>> ___ >>> CentOS mailing list >>> CentOS@centos.org >>> https://lists.centos.org/mailman/listinfo/centos >>> >>> >> >> >> -- >> >> Mark Haney ::: Senior Systems Engineer >> *VIF* International Education >> P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA >> 919-265-5006 office >> >> Global learning for all. >> www.vifprogram.com >> < >> http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF >> > >> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | >> Twitter <https://twitter.com/vifglobaled> | LinkedIn >> <http://www.linkedin.com/company/vif-international-education> >> >> Recognized as a ‘Best for the World’ >> <http://bestfortheworld.bcorporation.net/> B Corp! >> ___ >> CentOS mailing list >> CentOS@centos.org >> https://lists.centos.org/mailman/listinfo/centos >> > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* International Education P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.vifprogram.com <http://www.vifprogram.com/?utm_source=signature&utm_medium=email&utm_campaign=VIF> Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to set hostname and domainnmae in CentOS 7?
vi or your text editor of choice. Though there should be a 'domainname' command to set it as well, though I just prefer editing /etc/hosts directly. On Tue, Apr 5, 2016 at 3:24 PM, Joe Smithian wrote: > We can permanently set hostname using hostnamectl set-hostname. How can we > permanently set *domain name* in CentOS 7? > I found an article > < > http://unix.stackexchange.com/questions/239920/how-to-set-the-fully-qualified-hostname-on-centos-7-0 > > > that recommended setting FQDN using hostnamectl. Is that the right way to > set hostname and domainname at the same time using *hostnamectl > set-hostname* command? > > Running *hostnamectl set-hostname* will set the hostname in* > /etc/hostname* > but it doesn't change */etc/hosts*. What's the proper way of adding > hostname and FQDN to */etc/hosts *in CentOS 7? > > Thanks, > > Joe > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* *International Education* P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.viflearn.com Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to set hostname and domainnmae in CentOS 7?
Not sure about everyone else, but I always put my hostname in /etc/hosts. Maybe that's from years of not always having DNS available back when the earth was cooling. On Apr 5, 2016 16:30, "James Hogarth" wrote: > On 5 April 2016 at 20:24, Joe Smithian wrote: > > > We can permanently set hostname using hostnamectl set-hostname. How can > we > > permanently set *domain name* in CentOS 7? > > I found an article > > < > > > http://unix.stackexchange.com/questions/239920/how-to-set-the-fully-qualified-hostname-on-centos-7-0 > > > > > that recommended setting FQDN using hostnamectl. Is that the right way to > > set hostname and domainname at the same time using *hostnamectl > > set-hostname* command? > > > > Running *hostnamectl set-hostname* will set the hostname in* > > /etc/hostname* > > but it doesn't change */etc/hosts*. What's the proper way of adding > > hostname and FQDN to */etc/hosts *in CentOS 7? > > > > > Technically speaking one shouldn't put the hostname in /etc/hosts as it's > not required so long as your DNS is working ... which it should be ... > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Badlock bad luck
Slightly OT. A Windows NT4 PDC? Wow. I applaud you, sir! That is a name I've not heard in a long time. On Wed, Apr 13, 2016 at 12:53 PM, Bill Baird wrote: > I'm seeing the exact same behavior in my environment (NT4 PDC, not AD). I > had to downgrade samba get systems working again. > > The full error message is: > > "The trust relationship between this workstation and the primary domain > failed". > > Did you have any luck finding a solution? > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* *International Education* P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.viflearn.com Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7, container question
I've been wracking my brain, but for the life of me can't recall the exact program name, but back when I managed a HPCC, there was a tool that would let you restrict a running process to X number of CPUs/Cores natively. I keep thinking it was MPC, but nothing googles on that. Regardless, that might be a better way of running Sybase, as a container may not be beefy enough to handle the load Sybase is likely to generate. On Mon, May 23, 2016 at 10:51 AM, wrote: > Hi, folks, > >We would like to run a container on a server, the reason being the COST > of a Sybase license (it's by core), and what we can afford is a 4-core > license. Now, the server's a nice Dell w/ 32 cores, so, ideally, what > we want to do is set up containers, then, in one container, *only* have > it see 4 cores, while the rest of the server, including (possibly) > other containers, can see the other 28. The first try seems to have > disabled *all* the cores other than those four. > >Is it possible to do what we want, and if so, some pointers would be > most appreciated. > > mark > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* *International Education* P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.viflearn.com Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7.3 released
I'm with Matthew Phelps on this. If CentOS is built with the exact same sources as RHEL, why not keep the numbering scheme the same? That would make life easier for people like me who build CentOS RPMs from tarballs/SRPMS that run on RHEL and having to look up version numbers is just idiotic. I mean, that's a Microsoft pet peeve of mine. This is also why I don't deploy CentOS as much as I would like. I'd hoped the merger/acquisition/partnership with RH would eliminate some of that, instead it seems to be regressing. I don't get it. On Fri, Nov 4, 2016 at 9:48 AM, Alice Wonder wrote: > On 11/04/2016 06:14 AM, Phelps, Matthew wrote: > >> On Fri, Nov 4, 2016 at 8:59 AM, Johnny Hughes wrote: >> >> On 11/04/2016 04:38 AM, James Hogarth wrote: >>> >>>> As a heads up RHEL 7.3 is released: >>>> >>> >>> >>> >>> 1. Is CentOS-7.3 done yet? Answer: NO! >>> >>> And it is NOT CentOS-7.3 .. it is CentOS-7 (1611) based on RHEL-7.3 >>> Sources. The main tree will be labeled '7.3.1611' on the mirrors (along >>> side 7.0.1406 and 7.1.1503, and 7.2.1511, all of which are already there) >>> >>> >>> Obligatory objection to this version numbering scheme: >> >> Deviating from RHEL in such a basic way is crazy, dumb, stupid, annoying, >> wrong, etc, etc. >> >> There, done. >> > > Obligatory addition - the RPM %{release} tag often includes the RHEL minor > release, e.g. 7_2 currently, so I will just call it 7.2 and likely same > when 1611 tree is released. > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* *International Education* P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.viflearn.com Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 7.3 released
That's all well and good, but how about you actually include the minor number AND the release date? I.e. 7.3-1104 for CentOS 7.3 released today, for example. I'm all for the SIGs to keep track of their own upstreams, but surely there's a better way to do this that doesn't annoy the heck out of us Joe-Blows out here. A lot of us don't have the time (or inclination) to deal with oddball version discrepancies when there really doesn't need to be. I mean, there are dozens of Ubuntu distros and they all use the same basic versioning schemes. (Maybe not a completely fair example, but still.) Isn't the idea with CentOS to be a method of generating a larger testing base and interest in RHEL and it's products? If not, that's how I've always seen it, incorrect or not. On Fri, Nov 4, 2016 at 9:58 AM, Gianluca Cecchi wrote: > On Fri, Nov 4, 2016 at 2:14 PM, Phelps, Matthew > wrote: > > > > > > > > > 1. Is CentOS-7.3 done yet? Answer: NO! > > > > > > And it is NOT CentOS-7.3 .. it is CentOS-7 (1611) based on RHEL-7.3 > > > Sources. The main tree will be labeled '7.3.1611' on the mirrors > (along > > > side 7.0.1406 and 7.1.1503, and 7.2.1511, all of which are already > there) > > > > > > > > Obligatory objection to this version numbering scheme: > > > > Deviating from RHEL in such a basic way is crazy, dumb, stupid, annoying, > > wrong, etc, etc. > > > > There, done. > > > > > Please, before a new flame, please read all what related with release > numbering discussed on June 2014 thread of centos-devel mailing list: > https://lists.centos.org/pipermail/centos-devel/2014-June/thread.html > > with subject > CentOS 7 and release numbering > > started here by Karanbir: > https://lists.centos.org/pipermail/centos-devel/2014-June/010444.html > > Thanks, > Gianluca > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* *International Education* P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.viflearn.com Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to start a script to complete configuration
IIRC, there's a BootP module for Ansible. I'm not at a place where I can verify that though. On Tue, Nov 8, 2016 at 11:26 AM, Bernard Fay wrote: > It would be hard to use ansible, cfengine or whatever while there no IP > address on the new VM. > > > > On Tue, Nov 8, 2016 at 10:47 AM, wrote: > > > On 2016-11-07 14:35, Bernard Fay wrote: > > > Hi, > > > > > > We have a virtual environment based on XenServer. In this environment I > > > defined a template for CentOS 7 servers. > > > > > > I would like to start a script a boot time to complete the > configuration > > of > > > new VMs based on this template. How can I have a script started before > > any > > > login prompt to ask question to the user to complete the configuration > > such > > > as hostname, IP address, etc? > > > > Hi Bernard, > > > > My first impulse was "don't!", and that's probably the best > > advise. A popular model is that the "firstboot" package takes > > care of this at the first user login, and *nix systems sort of > > depend on this "logged in users do stuff" model. > > > > Even better, use ansible, cfengine, chef, or puppet to automate > > the task of setting things up. This is the _best_ solution and > > you will eventually come back to it. > > > > But, the darker, cynical part of my brain, the part that says > > "what, you're cutting down on coffee?" part, said "sure you > > can". Here's how it _could_ be done. > > > > DON'T DO THIS. TURN BACK NOW. > > > > Replace /sbin/init with a shell script that does what you want. > > It will be the first userland process started, have the console > > for I/O, and run as root. At completion, restore the original > > /sbin/init and reboot. Leave no traces behind. Do not document > > your awful hack, others will use your words against you. > > > > Best regards, > > -- > > Chuck > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > https://lists.centos.org/mailman/listinfo/centos > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- Mark Haney ::: Senior Systems Engineer *VIF* *International Education* P.O. Box 3566 ::: Chapel Hill, N.C. 27515 ::: USA 919-265-5006 office Global learning for all. www.viflearn.com Find VIF on Facebook <http://facebook.com/VIFInternationalEducation> | Twitter <https://twitter.com/vifglobaled> | LinkedIn <http://www.linkedin.com/company/vif-international-education> Recognized as a ‘Best for the World’ <http://bestfortheworld.bcorporation.net/> B Corp! ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS 6 dhcpd custom log issues
Hi all, I've got an issue with C6's dhcpd custom logging that I cannot figure out. Hopefully someone has an idea, or has seen a similar issue. We have dhcpd logging to /var/log/messages a custom header (DHCPUSER:) with MAC, IP and Circuit-ID. I'll not bore you with the guts, so here's the beginning of that line in dhcpd.conf: if exists agent.circuit-id { log (info, concat( "DHCPUSER:,", concat (suffix (concat ("0", binary-to-ascii. We log this specifically to have rsyslog dump that line (keyed on DHCPUSER) into a MySQL database for use by a web app our development team built so that our customers can get reports on their DHCP leases. (Neonova provides help desk, engineering and Tier 2 and 3 tech support to rural ISPs in the US.) Our problem is that this method logs every entry that has the CID in the packet. Which covers most DHCP requests. As such, with our bigger customers, this logging bogs down MySQL (and the file system on older ext3 based CentOS 6 boxes we have out in the field) to the point where, after a major outage and recovery, the DHCP server can't handle the load and people are unable to get new DHCP leases, resulting in calls to our help desk. What I want to do is have this data logged in the DHCPUSER line on the DHCPACK and only that. For some reason, when I try replace the above with 'if option dhcp-message-type = 5', nothing is getting logged. All the instances of this I've googled have similar, notably one from ~2008 that has: if exists agent.circuit-id and dhcp-message-type = 3 and that apparently worked fine. I know the circuit-id is included in the ACK packet (tcpdump is your friend), but even on the check to log for only the dhcp message type 5 isn't working. Are the newer dhcpd versions different syntactically? What's the correct method for logging on the DCHP Message type with the most recent C6 version? (dhcp-4.1.1-53.P1.el6.centos.x86_64) Any ideas? -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 dhcpd custom log issues
I've done more testing and I've found something very interesting. I've tested logging with our entire string (which will be below) with slight changes to the 'if' statement solely looking at the 'dhcp-message-type = ' parameter. Of the four message types we routinely see some work and some don't: (ie: if option dhcp-message-type = # { log...) Message-Type 1 (DISCOVER): logging works Message-Type 2 (OFFER): logging does NOT work Message-Type 3 (REQUEST) logging works Message-Type 5 (ACK) logging does NOT work And by 'does not work' I mean it doesn't log anything at all. As if it's not matching on those message types at all. I know they are being logged in syslog, where all these messages are logged to, so I know we're getting OFFERs and ACKs, as they are logged normally in syslog. So, anyone have any idea WTF is going on here? I suppose I could log based on REQUEST, but I'm afraid our data would be inaccurate if a request isn't ACK'd. On Fri, May 26, 2017 at 2:04 PM, Mark Haney wrote: > Hi all, > > I've got an issue with C6's dhcpd custom logging that I cannot figure > out. Hopefully someone has an idea, or has seen a similar issue. We have > dhcpd logging to /var/log/messages a custom header (DHCPUSER:) with MAC, IP > and Circuit-ID. > > I'll not bore you with the guts, so here's the beginning of that line in > dhcpd.conf: > > if exists agent.circuit-id > { > log (info, concat( "DHCPUSER:,", concat (suffix (concat ("0", > binary-to-ascii. > > We log this specifically to have rsyslog dump that line (keyed on > DHCPUSER) into a MySQL database for use by a web app our development team > built so that our customers can get reports on their DHCP leases. (Neonova > provides help desk, engineering and Tier 2 and 3 tech support to rural ISPs > in the US.) > > Our problem is that this method logs every entry that has the CID in the > packet. Which covers most DHCP requests. As such, with our bigger > customers, this logging bogs down MySQL (and the file system on older ext3 > based CentOS 6 boxes we have out in the field) to the point where, after a > major outage and recovery, the DHCP server can't handle the load and people > are unable to get new DHCP leases, resulting in calls to our help desk. > > What I want to do is have this data logged in the DHCPUSER line on the > DHCPACK and only that. For some reason, when I try replace the above with > 'if option dhcp-message-type = 5', nothing is getting logged. All the > instances of this I've googled have similar, notably one from ~2008 that > has: > > if exists agent.circuit-id and dhcp-message-type = 3 > > and that apparently worked fine. I know the circuit-id is included in the > ACK packet (tcpdump is your friend), but even on the check to log for only > the dhcp message type 5 isn't working. > > Are the newer dhcpd versions different syntactically? What's the correct > method for logging on the DCHP Message type with the most recent C6 > version? (dhcp-4.1.1-53.P1.el6.centos.x86_64) > > Any ideas? > > -- > [image: photo] > Mark Haney > Network Engineer at NeoNova > 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net > www.neonova.net <https://neonova.net/> > <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> > <http://www.linkedin.com/company/neonova-network-services> > -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum install does not downgrade
Personally, I would do one of three things: 1. Use the -m command to run 'yum install ' which /might/ work. 2. Uninstall the newer package and install the version you want. (Check the 'state' directive to do this.) 3. Pin that package version when creating the server/VM so as not to be updated. #3 is useful to us as we kickstart all our servers and VMs, and this eliminates the problem going forward. Then, when we're ready to upgrade the pinned package, we have an ansible playbook that unpins that version, installs the new version (even if not latest), then re-pins. HTH. On 06/01/2017 03:46 PM, Anand Buddhdev wrote: We're using ansible to configure our CentOS 6 servers, and we have a task to install a specific version of a package: - name: install thrift2 yum: name=ripencc-thrift2-{{ version }} In this ansible task, the "version" variable is set by the operator. When we want to upgrade, it works. But today we had to downgrade, and noticed that ansible wasn't downgrading it. So we tried by hand (the installed version was 1.0.8): # yum install ripencc-thrift2-1.0.3 I don't have the output handy, because a colleague was working on it, but basically, yum said something like "package already installed" and refused to downgrade it, even though the package is in our repository. I have a strong sense that yum _used to_ downgrade packages if asked to install an older version, but perhaps I am misremembering. Nevertheless, I want to ask: is this a bug in yum? If asked to install a specific version, should it not upgrade OR downgrade as needed? Regards, Anand ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] C7 ansible 2.3 become_method: su not working
I just don't know what else to try. I've beat my head on this for 3 days now and it's becoming obvious that either Ansible 2.3 is a complete disaster, or the CentOS 7 package is a complete cluster. Here's my problem. I am working on getting an ansible server to manage about 100 or so CentOS 6 servers. All have an unprivileged user account setup (up to 3 years before I got here in April) but that user account isn't setup with sudo access. The way to get to root is 'su'. I'm not a newbie with Ansible as I used it extensively in my previous position to manage ~70 or so Ubuntu servers. The Ansible is CentOS 7. I'm working on getting Ansible to play nice with privilege escalation using SU and NAFT has worked. Here's an example (very simple) playbook: Because I'm having to use 'su' I have to either add the user password to the inventory file or use the --ask-become-pass parameter to the command line. Every time I do, I get this: [root@ansible ~]# ansible-playbook playbooks/radtest.yml --ask-become-pass SUDO password: It bombs timing out on privilege escalation. Every single time. I'm absolutely frustrated and am almost ready to throw ansible to the curb for something that doesn't suck so bad. But before I do, I'm asking the list, anyone seen anything like this before? I could post to the ansible list, but it's a google group and God knows when I might get a reply. BTW, setting up root with key-only auth is an option, but would be a real PITA to configure 100+ external servers by hand with the keys and reconfig sshd for it. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C7 ansible 2.3 become_method: su not working
Well, it turns out, after 4 days of digging, that the become_method: su option has a catastrophic bug in it that makes it fail when the method is SU. At least for version 2.3.0 of Ansible. I just found v2.3.1 in EPEL testing that I may pull just to see if that fixes the problem. I can't believe that bug managed to get overlooked when released. Ah well. On 06/05/2017 02:02 PM, Gordon Messmer wrote: On 06/05/2017 10:40 AM, Mark Haney wrote: [root@ansible ~]# ansible-playbook playbooks/radtest.yml --ask-become-pass SUDO password: ansible-playbook --become-method su --ask-become-pass playbooks/radtest.yml ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C7, systemd, say what?!
I'm not sure why it's trying to open anything in /var/tmp to be honest. Jacked up filesystem maybe? Granted I know very little about systemd except it sucks on levels that I can't begin to explain. On 06/07/2017 10:10 AM, m.r...@5-cent.us wrote: I just updated a system - as in minutes ago, and log back in after it reboots, and this is in dmesg: [ 88.202272] systemd-readahead[484]: open(/var/tmp/dracut.fP4yj1/initramfs/usr/bin/loginctl) failed: Too many levels of symbolic links [ 88.202515] systemd-readahead[484]: open(/var/tmp/dracut.fP4yj1/initramfs/usr/lib/systemd/system/dracut-emergency.service) failed: Too many levels of symbolic links Anyone know what this is - some weird bug, a garbage message? mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C7, systemd, say what?!
Thanks for the info. Now, why it shouldn't have cleaned itself up when I gave it the reboot command... I see too many (that's defined as more than zero) cases where systemd WANTS TO BOOT FAST, and doesn't wait for things to finish - sush as not getting the hostname from dhcp, and so having to hardcode the name instead. Systemd, as I've said before, seems to be targeted towards laptops. Not servers. Not workstations. *bleah* I'm still thinking it's a jacked up filesystem. I'm not sure what fs you're using, though the default is xfs, but I'd look at dmesg and boot.log to see if the kernel is finding issues with the drives or just the fs. It's also possible that server had been up a long time and RAM was funky. I've seen both of these happen before. As far as using systemd based systems on servers, a month or so back, I pushed a new C7 kickstart for servers we send to customers and haven't seen anything to make me think systemd isn't good for servers. That doesn't mean it's not a giant POS for administrators. If only they hadn't jacked the syntax all to hell from initd, I might be slightly happier with it. That by itself has to be the most ridiculous thing any group of devs have ever done. And for no rational reason either. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C7, systemd, say what?!
On 06/07/2017 11:24 AM, James Hogarth wrote: Mark stop with the flame baiting please. This is nothing systemd specific - and keep in mind /var/tmp is a persistent temp area unlike /tmp which as it's tmpfs by default is of course emptie don boot. I would wholeheartedly disagree. This IS something systemd specific. I have never seen init.d blow itself up over bloody symlinks. The readahead, while /possibly/ nice isn't at all necessary on modern hardware. I want my hardware to boot consistently, not bomb like an Adam Sandler movie because of /symlinks/. But hey, call it flamebait if you want. I'd be willing to bet a year's salary most admins hate systemd with a passion. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C7, systemd, say what?!
On 06/08/2017 09:12 AM, Andrew Holway wrote: I think we had enough of Systemd flaming last month. Please stop polluting my inbox and find an operating system compatible with your worldview. It is really tiresome to keep on hearing about it. Huh. Okay, though I'm not sure when you became arbiter of this list. If you don't like 'our worldview' discussions, maybe you need to find a different OS that suits your childish attitude. Like Windows 95. Mailing lists now are so full of children it's hard to even use them. Maybe you should leave IT if heated discussions make you uncomfortable. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RDP for Centos 7
On 06/21/2017 11:22 AM, m...@tdiehl.org wrote: Hi, Does anyone know of a good program for doing RDP to windows servers on C-7? KRDC? I'm pretty sure KRDC works fine in C7. (Though, I never use CentOS as a desktop, so YMMV.) -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT]multi-master DNS
On 06/25/2017 12:22 PM, Vijay Rajah wrote: Hello all, We have quite a bit of environment on "cloud". We are using our own domain names. For this purpouse we stood up a BIND9 DNS instance on Centos 7. And, this being the cloud, we enabled key based dynamic DNS for instances to register themselves when they are spun-up. We have a single master and multiple slaves. all is well, untill mater goes down and we need to spin-up additional instances. Single master has become somewhat of a bottleneck I have looked around, not able to find any solution, for a stable Multi-master DNS setup (outside of Windows AD). Does any one have any specific pointers? I don't know about anyone else, but in no way would I use Bind9 and DDNS for anything, multi-master or not. I've never had any kind of stable success with DDNS and Bind. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] System Start-Up Issue
On 07/03/2017 10:52 AM, m.r...@5-cent.us wrote: Chris Olson wrote: On Monday, July 3, 2017 5:58 AM, "m.r...@5-cent.us" wrote: Chris Olson wrote: I went on vacation right after an update to one of our virtual CentOS 6.9 systems so it was not restarted for a period of time. Now it will not complete boot-up with the gnome display never fully launched. A progress bar at the bottom of the start-up screen never reaches completion. We have not been able to detect a running system on the network. Two options for stopping the CentOS 6.9 virtual machine have been tried. One is to "power off" and the other is to "send the shutdown message". Both of these options appear to work properly. The shutdown output Suggestion: boot to the previous kernel. If that works, reinstall the update, then reboot to it. We had real issues months back, where a yum-cron appeared to half-ignore the exclude=kernel line in yum.conf, and it would consistently fail to boot, but once the above was done, reinstalling the latest kernel, *then* it rebooted with no problem. Okay, stupid question, if yum-cron was jacked up months back are you still using it? And if so, why? Never in my life have I ever scheduled updates on any server for any reason. Mostly because I don't trust it to do it right. Also mostly because I use ansible to manage that, and that playbook is always manually run just in case there's an issue. But yeah, you might be hosed. If this is a VM, do you not have a snapshot handy? (I know, I'm late to the party but was camping this weekend. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] System Start-Up Issue
On 07/03/2017 02:52 PM, ken wrote: On 07/03/2017 02:41 PM, Gordon Messmer wrote: On 07/03/2017 05:07 AM, Chris Olson wrote: A progress bar at the bottom of the start-up screen never reaches completion. Press "alt+d" on the keyboard to disable the graphical (or text) progress bar and view the console output of the startup sequence. Is there a place (configuration file) where this can be made the default? Edit grub and remove 'rhgb' from the kernel line. Alternatively, you can boot to runlevel 3, which, I think, used to not have the graphical boot display. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] ntsysv and chkconfig update error
We have a couple of CentOS 7 boxes that were built before I was hired to clean up the kickstart script used for C7 boxes. We had a couple of rpm packages that were pre-C7 that were used and setup the old SysV Init way using ntsysv and chkconfig on these boxes. (I finally fixed that in the newer scripts.) These are out in the field and I'm having to deal with them as they are. One thing I'm having trouble with is updating them without this error: Error: Package: ntsysv-1.7.2-1.el7_3.1.x86_64 (updates) Requires: chkconfig = 1.7.2-1.el7_3.1 Installed: chkconfig-1.3.61-4.el7.x86_64 (@anaconda) chkconfig = 1.3.61-4.el7 You could try using --skip-broken to work around the problem ** Found 1 pre-existing rpmdb problem(s), 'yum check' output follows: ntsysv-1.7.2-1.el7.x86_64 has missing requires of chkconfig = ('0', '1.7.2', '1.el7') Now, I've verified the chkconfig v1.7.2 package is available on the mirror we're using, I've rebuilt the RPM database and nothing has worked. I'm not even sure what the problem is at this point. Anyone have any ideas? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ntsysv and chkconfig update error
It was just a standard 'yum update'. I suppose I could try removing ntsysv, but I"m not sure that'll fix it. It seems the 'pre-existing rpmdb problem is the issue here. The ntsysv and chkconfig versions match in the Error. But the error message after the '**' mentions different ntsysv and chkconfig versions. (ie 1.7.2-1.el7. instead of 1.7.2-1.el7_3.1). I'm not sure of the significance of that unless it's a problem in the RPM builds or the rpmdb is still wrong even after a full rebuild. I tried to do a yum check on that server but it seemed to hang, though since I've never run that command, it may just be REALLY slow. On Fri, Jul 7, 2017 at 4:43 AM, James Pearson wrote: > Mark Haney wrote: > > > > We have a couple of CentOS 7 boxes that were built before I was hired to > > clean up the kickstart script used for C7 boxes. We had a couple of rpm > > packages that were pre-C7 that were used and setup the old SysV Init way > > using ntsysv and chkconfig on these boxes. (I finally fixed that in the > > newer scripts.) These are out in the field and I'm having to deal with > > them as they are. One thing I'm having trouble with is updating them > > without this error: > > > >> Error: Package: ntsysv-1.7.2-1.el7_3.1.x86_64 (updates) > >>Requires: chkconfig = 1.7.2-1.el7_3.1 > >>Installed: chkconfig-1.3.61-4.el7.x86_64 (@anaconda) > >>chkconfig = 1.3.61-4.el7 > >> You could try using --skip-broken to work around the problem > >> ** Found 1 pre-existing rpmdb problem(s), 'yum check' output follows: > >> ntsysv-1.7.2-1.el7.x86_64 has missing requires of chkconfig = ('0', > >> '1.7.2', '1.el7') > > > > Now, I've verified the chkconfig v1.7.2 package is available on the > > mirror we're using, I've rebuilt the RPM database and nothing has > > worked. I'm not even sure what the problem is at this point. Anyone > > have any ideas? > > What yum command line did you use that gave the above errors? > > I'm not an expert on yum, but the above errors seem to indicate that 3 > versions of chkconfig are involved: 1.7.2-1.el7_3.1, 1.7.2-1.el7 and > 1.3.61-4.el7 - not sure of the significance of this ... > > I guess you could try removing ntsysv and then trying to update > chkconfig and then re-install ntsysv : > > yum remove ntsysv > yum update chkconfig > yum install ntsysv > > James Pearson > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] chkconfig madness CentOS 7
I have a couple of in use C7 boxes that were built with ntsysv and chkconfig for some old packages that needed to start using init.d. (The person setting these up didn't know about systemd creating service files for older packages, so we're stuck with these as-is. Here's my problem: Error unpacking rpm package chkconfig-1.7.2-1.el7.x86_64 error: unpacking of archive failed on file /etc/init.d: cpio: rename chkconfig-1.3.61-4.el7.x86_64 was supposed to be removed but is not! I can't update the entire system because of this boondoggle and I can't come up with a way to resolve this safely on a running system. WTH is going on, and why is this a problem? And how the devil do I fix it? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] chkconfig madness CentOS 7
On 07/10/2017 04:11 PM, Jonathan Billings wrote: On Jul 10, 2017, at 10:56, Mark Haney wrote: I have a couple of in use C7 boxes that were built with ntsysv and chkconfig for some old packages that needed to start using init.d. (The person setting these up didn't know about systemd creating service files for older packages, so we're stuck with these as-is. Here's my problem: Error unpacking rpm package chkconfig-1.7.2-1.el7.x86_64 error: unpacking of archive failed on file /etc/init.d: cpio: rename chkconfig-1.3.61-4.el7.x86_64 was supposed to be removed but is not! I can't update the entire system because of this boondoggle and I can't come up with a way to resolve this safely on a running system. WTH is going on, and why is this a problem? And how the devil do I fix it? /etc/init.d should be a symlink to /etc/rc.d/init.d. Someone must have created that directory after removing the symlink. You probably need to rename the directory, restore the symlink and move any files in the renamed directory to the correct directory. Well, it was slightly more complicated than that. But yeah, in essence that's what I needed to do. Unfortunately, the move to systemd is a bloody nightmare and after the systemd-resolved vulnerabilities, I'd pay good money for RH/CentOS to trash that pile of crap. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora bugs and EOL [was Re: CentOS users: please try and provide feedback on Fedora] Boltron
On 07/31/2017 07:15 AM, Johnny Hughes wrote: On 07/30/2017 02:07 PM, Walter H. wrote: On 30.07.2017 20:22, Johnny Hughes wrote: On 07/30/2017 09:41 AM, Walter H. wrote: On 30.07.2017 14:29, Johnny Hughes wrote: I personally have a Fedora machine that I keep updated and do some work on all the time learning/testing. I just seamlessly upgraded it from Fedora 25 to Fedora 26 using a couple of dnf commands .. awesome experience actually. because of this feature to upgrade from one release to the next, I thought to test this on my old computer; fedora itself works fine, but this upgrade from 25 to 26 broke the vmware workstaion completely ... it doesn't work any more, any hints in net which could be found don't work ... and this was the goal to have a linux running with vmware workstation instead of my old windows ... but as it seems there is no way of achiving this ... Looking at VMWare Workstation, it does not seem to run on Fedora at all. It seems to run on : Ubuntu 16.04 Red Hat Enterprise Linux 7.1 CentOS 7.1 Oracle Linux 7 openSUSE 13.2 SUSE Linux Enterprise Server 12 So, I'm not sure how it was running on Fedora 25 to get messed up by an upgrade to Fedora 26. with Fedora 25 everything worked fine, even the upgrade from VMware Wkst 12.5.6 to 12.5.7 with automatic recompilation of neccessary kernel modules without my intervention ... and the same when a kernel upgrade among other updates occured on Fedora 25, everything worked fine ... but the upgrade from F25 to F26 killed my VMware Workstation :-( even the updates which occured after this upgrade didn't help ... Running external things like VMWare Workstation (or other 3rd party custom compiled apps) is exactly what enterprise distros like RHEL, CentOS, Ubuntu LTS, SUSE SLES are designed for .. running things already compiled for a long period of time while providing security updates. It is not just kernel modules that need to be compiled to run on a give linux distribution, but everything that uses any specific shared libraries linked against has to be compatible as well as the main shared libraries (glibc). Uh, I run VMWare workstation just fine on my F26 upgraded machine. No, it didn't work when I upgraded, but it's trivial to fix. http://rglinuxtech.com/?p=1939 This link gets you a running workstation in about 5 minutes. No, this wasn't really a Fedora issue, it's a VMWare issue. You have to remember, Fedora /is/ bleeding edge packages and sometimes crap breaks. If you looked on the internet for a fix to this, you didn't look hard enough, this link is one of the first to pop up. In fact, anytime a new kernel is installed, I check this site to see how much of a PITA it'll be to reboot the kernel and install the modules. Personally, I would rather deal with these headaches on my Fedora box than I would on a CentOS box. Primarily because I like the latest packages (in some cases I need them) and, I'm not freaked out about little things like VMWare Workstation needing some massaging to get nice with the OS. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora bugs and EOL [was Re: CentOS users: please try and provide feedback on Fedora] Boltron
On 07/31/2017 11:59 AM, Walter H. wrote: On 31.07.2017 13:23, Mark Haney wrote: Uh, I run VMWare workstation just fine on my F26 upgraded machine. No, it didn't work when I upgraded, but it's trivial to fix. http://rglinuxtech.com/?p=1939 This link gets you a running workstation in about 5 minutes. not really, with this I only get the additional network interfaces listed with 'ifconfig', nothing more ..., I removed it, and wait for a VMware Wkst. Update ... (as this is just a test box, I can do this; if it were my essential box, I would have kicked Fedora from the harddisk and used Windows again, as I do on my essential box) No, this wasn't really a Fedora issue, it's a VMWare issue. doesn't really help me, the upgrade killed my VMware Workstation Did you try restarting the vmware service? systemctl restart vmware? I had to do that, or reboot, in order to get the loaded modules actually seen by Workstation. I have to be completely honest here. It sounds a lot like you're not the kind of person who wants to dig into the guts of things when they break. At least with computing/operating systems. If that's the case, then Fedora probably isn't for you, and I'm sure most on the list would agree. It's 'bleeding edge' packages that, even with a 'stable' release will possibly have some issues than need working out. That's been the case since the Fedora Core days. In that vein, I would recommend Ubuntu, but the Unity desktop implodes spectacularly with VMWare workstation, or I should say it /did/ with 16.04. That may have been fixed with later versions, but I changed jobs from an all Ubuntu shop to an all RH/CentOS shop, so I'm not certain. The thing is, this is NOT a Fedora issue. It's a VMWare issue. This is true as evidenced by the fact that those modules /can/ be compiled by GCC7, just not by vmware-modconfig script. It happens, and with Workstation, relatively often as of late. Seriously, if you're not happy with the issues with VMWare Workstation and Fedora, find another OS, like Ubuntu, that will provide you with more stable packages. It probably won't stop the Workstation shenanigans, but they should be fewer and farther between. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora bugs and EOL [was Re: CentOS users: please try and provide feedback on Fedora] Boltron
On 08/02/2017 07:36 AM, hw wrote: Don´t get me started on Fedora updates. One of the reasons to deprecate Fedora was that upgrading had turned out to be unreliable and mostly failing. Not being able to reliably upgrade disqualifies any distribution. I hate to break it to you, but since they began using fedup and dnf upgrade, it's never been an issue for me at all. Again, alot depends on what packages you have installed and _from what repos_ that determines a lot about your upgrade experience. Even Ubuntu LTS blows up when using non-standard repos. I'll say to you what I said to someone else on this list on Monday. If you're not willing to deal with the warts in Fedora, then you need to go elsewhere. It's really not that complicated. Continuing to spam the list with psuedo-flamebait is just silly. We're here to help with problems not listen to disgruntled people complain all the time. I, personally, get far too much email as it is for people like you to just add more junk to it. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora bugs and EOL [was Re: CentOS users: please try and provide feedback on Fedora] Boltron
On 08/02/2017 08:27 AM, hw wrote: Jonathan Billings wrote: I’m confused, are you talking about Gentoo, Fedora, CentOS or RHEL? I´m talking about Centos here and am referring to experiences with other distributions at the same time. Like Gentoo is great but horrible to keep up to date, and in doing so, you are expected to become a package manager yourself. Things introduced into Fedora might make their way into RHEL/Centos, and introducing multiversion-packages into Fedora might lead to introducing them into Centos. I ran very early Gentoo versions (2005 to 2010) on my work laptop (a Compaq of all things) without any trouble. I had very few issues with failed updates, since they are compiled on my system with my switches. The biggest PITA was to get the right switches added to get what you really wanted on the system. I tinkered with KDE options for a couple of weeks (and the long compile times), but there weren't any issues usually. Once they have been introduced, we need to become package managers much as with Gentoo in order to figure out which versions of which packages work together. And that´s just the tip of the iceberg. I don't this is as making us (the end user) package maintainers as much as package /controllers/. I would fail to see much need to maintain multiple package versions on a system except for debugging/testing. However, as a former developer, I think this would make debugging much quicker and that's not a bad thing. On the DevOps/Systems Engineering side (my focus over the last decade), this could possibly be a PITA if devs were allowed to run multiple package versions in production systems. That's still not package maintainers, but a measure of control over them. What will happen when you report a bug in version N of package foo, perhaps a bug that was fixed in version N+2? Are they going to fix it, or will they wait until the distribution goes EOL and/or tell you to use version N+2 --- which you can´t use because feature X is missing in that version, which is why you are using version N. They do that sort of thing all the time, it's called backporting. And lots of patches are backported. Most of that is a function of how /far back/ to be backported, etc. If they don't backport, you have a couple of options, backport it yourself, or find a comparable package with the features you need. Being able to use that very version N is the point of multiversion-packages. Not maintaining all provided versions of such packages accordingly would defeat the whole purpose. That's insane. Who in their right mind want to continue to maintain version 1.0 of a package when the current one is version 10.0 and there are 30 stable versions in between? No one. What are the odds the version 1.0 package would still be used in that situation? (even given short release times) Perhaps issues like this haven´t been considered yet, that´s why I´m providing feedback as was asked for, after finding out that the form they have prepared to get feedback doesn´t allow to do so. I´m aware that this is feedback they don´t want to hear and will either ignore or encounter with unkindness. Perhaps I´m entirely wrong and misunderstanding what they´re trying to do, yet so far nobody has said so. I don't think you're wrong, and I don't think you're misunderstanding either. It's kind of a bit of both, however contradictory that sounds. To me, Boltron seems to be a start on an idea whose time has come. Maybe it's too early for it, but I'm really looking to put it through it's paces to see how well it does work in real life situations. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora bugs and EOL [was Re: CentOS users: please try and provide feedback on Fedora] Boltron
On 08/02/2017 10:57 AM, hw wrote: It probably makes sense under the assumption that you do pretty much everything in one container or another and that it doesn´t bother you having to switch between all the containers to do something. That would require something like a window manager turned into a container manager, and it goes towards turning away from an operating system to some kind of BIOS to run containers and the container-window manager on. You could strip down the BIOS to no more than the functionality needed for that, resulting in having less need for different software versions of the platform (BIOS). Why hasn´t a BIOS like that already been invented? Or has it? Since copyright issues were mentioned, please keep in mind that I am now the inventor of a container manager that is like a window manager, potentially showing programs running in whatever container as windows on your screen, bringing them together seamlessly with no further ado, as if they were running on the same OS: A common window manager would show an emacs frame besides an xterm; a container-window manager would basically do the same, but emacs and xterm would be running in different containers. OS/2 already had something like that, but it didn´t have containers. Why hasn´t a container manager like that already been invented? Or has it? Wouldn´t it be much better being able to do this without needing containers? Sure there is such a thing. It's a tiled console package (tilix is what I use). In all honesty, I wouldn't want Libreoffice running in a container and I can't imagine why you'd want an xterm in its own container. Most containers I've built have been RESTful API containers, NGINX proxies/web servers, etc. I spend more time on the container host making changes, than in the containers themselves. If an API change has been made, I throw a new container up with that change and test, rarely, if ever, do I need access the container directly. And that's the idea behind containers if you ask me. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fedora bugs and EOL [was Re: CentOS users: please try and provide feedback on Fedora] Boltron
On 08/02/2017 11:13 AM, John Hodrien wrote: On Wed, 2 Aug 2017, Mark Haney wrote: Sure there is such a thing. It's a tiled console package (tilix is what I use). In all honesty, I wouldn't want Libreoffice running in a container and I can't imagine why you'd want an xterm in its own container. Most containers I've built have been RESTful API containers, NGINX proxies/web servers, etc. I spend more time on the container host making changes, than in the containers themselves. If an API change has been made, I throw a new container up with that change and test, rarely, if ever, do I need access the container directly. And that's the idea behind containers if you ask me. Lots of people think of containers being for servers, as you say. It's what Docker lives off, and really does feel like the focus of Docker. Singularity lets you think somewhat differently, and has proved very useful in areas like HPC, where you want to let a user bring a software environment to a machine. You get people like OpenFOAM releasing their software as a Docker container: https://openfoam.org/download/4-1-linux/ I've also used it to run Ubuntu packaged software on CentOS without having to jump through hoops trying to repackage it or otherwise rebuild a million dependencies in just the right way. I honestly had forgotten about Singularity. Mainly because it's been a couple of years since I managed any HPC equipment. But seriously, I think of containers the same way I do linux tools. Unlike MS, a linux does does one thing, and that thing very well, whereas MS has tried to be everything to everyone and is so-so at all of them. Perhaps that was the original intention of container and it's morphed into something else over time, which, if true, means I need to adjust how I define it rather than trying to beat that square peg into the round hole in my head. On a side note, as I write this, Pandora decided to toss 'Misunderstading' by Phil Collins into my playlist. It's playing as I type. Go figure. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VDQ Repos for CentOS 7
On 08/04/2017 02:35 PM, Alexander Dalloz wrote: Without a precise error messge (copy & paste what is printed out) it is hard to judge. rpm -V centos-release If that command does not print out anything then the default CentOS repo definitions are there and set. I then would guess the laptop does not have internet connectivity. Validate that ip a s prints out a valid network address. And that ip r s has a valid route to reach the internet. Is any internet address like www.google.com reachable from the system? Alexander Standard troubleshooting 101: Have you rebooted? Can you ping it? If no then hit us up. Had that as a sign forever on my wall. I probably should make a new one. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Errors on an SSD drive
To be honest, I'd not try a btrfs volume on a notebook SSD. I did that on a couple of systems and it corrupted pretty quickly. I'd stick with xfs/ext4 if you manage to get the drive working again. <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Wed, Aug 9, 2017 at 1:48 PM, hw wrote: > Robert Moskowitz wrote: > >> I am building a new system using an Kingston 240GB SSD drive I pulled >> from my notebook (when I had to upgrade to a 500GB SSD drive). Centos >> install went fine and ran for a couple days then got errors on the >> console. Here is an example: >> >> [168176.995064] sd 0:0:0:0: [sda] tag#14 FAILED Result: >> hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK >> [168177.004050] sd 0:0:0:0: [sda] tag#14 CDB: Read(10) 28 00 01 04 68 b0 >> 00 00 08 00 >> [168177.011615] blk_update_request: I/O error, dev sda, sector 17066160 >> [168487.534510] sd 0:0:0:0: [sda] tag#17 FAILED Result: >> hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK >> [168487.543576] sd 0:0:0:0: [sda] tag#17 CDB: Read(10) 28 00 01 04 68 b0 >> 00 00 08 00 >> [168487.551206] blk_update_request: I/O error, dev sda, sector 17066160 >> [168787.813941] sd 0:0:0:0: [sda] tag#20 FAILED Result: >> hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK >> [168787.822951] sd 0:0:0:0: [sda] tag#20 CDB: Read(10) 28 00 01 04 68 b0 >> 00 00 08 00 >> [168787.830544] blk_update_request: I/O error, dev sda, sector 17066160 >> >> Eventually, I could not do anything on the system. Not even a 'reboot'. >> I had to do a cold power cycle to bring things back. >> >> Is there anything to do about this or trash the drive and start anew? >> > > Make sure the cables and power supply are ok. Try the drive in another > machine > that has a different controller to see if there is an incompatibility > between > the drive and the controller. > > You could make a btrfs file system on the whole device: that should say > that > a trim operation is performed for the whole device. Maybe that helps. > > If the errors persist, replace the drive. I悲 use Intel SSDs because they > seam to have the least problems with broken firmwares. Do not use SSDs > with > hardware RAID controllers unless the SSDs were designed for this > application. > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > > -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] BIND 9.9 RRL
I can't seem to find anything clear on this, but is the C7 version of BIND 9.9 built with Request Rate Limiting? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BIND 9.9 RRL
On 08/10/2017 04:16 PM, Leon Fauster wrote: Am 10.08.2017 um 21:00 schrieb Mark Haney : I can't seem to find anything clear on this, but is the C7 version of BIND 9.9 built with Request Rate Limiting? _Response_ Rate Limiting - I think its possible since EL6: https://access.redhat.com/errata/RHSA-2013:0550 Yeah, that's my bad, I was doing two things at once and didn't double check before sendinig. Apologies. I'll look at the link as soon as I can. Thanks. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Btrfs going forward, was: Errors on an SSD drive
On Fri, Aug 11, 2017 at 1:00 PM, Chris Murphy wrote: > Changing the subject since this is rather Btrfs specific now. > > > > >> > >> Sounds like a hardware problem. Btrfs is explicitly optimized for SSD, > the > >> maintainers worked for FusionIO for several years of its development. If > >> the drive is silently corrupting data, Btrfs will pretty much > immediately > >> start complaining where other filesystems will continue. Bad RAM can > also > >> result in scary warnings where you don't with other filesytems. And I've > >> been using it in numerous SSDs for years and NVMe for a year with zero > >> problems. > > > > > > > LMFAO. Trust me, I tried several SSDs with BTRFS over the last couple of > years and had trouble the entire time. I constantly had to scrub the drive, > had freezes under moderate load and general nastiness. If that's > 'optimized for SSDs', then something is very wrong with the definition of > optimized. Not to mention the fact that BTRFS is not production ready for > anything, and I'm done trying to use it and going with XFS or EXT4 > depending on my need. > As for a hardware problem, the drives were ones purchased in Lenovo professional workstation laptops, and, while you do get lemons occasionally, I tried 4 different ones of the exact same model and had the exact same issues. Its highly unlikely I'd get 4 of the same brand to have hardware issues. Once I went back to ext4 on those systems I could run the devil out of them and not see any freezes under even heavy load, nor any other hardware related items. In fact, the one I used at my last job was given to me on my way out and it's now being used by my daughter. It's been upgraded from Fedora 23 to 26 without a hitch. On ext4. Say what you want, BTRFS is a very bad filesystem in my experience. > > > -- > Chris Murphy > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cyrus spool on btrfs?
On 09/07/2017 01:57 PM, hw wrote: Hi, is there anything that speaks against putting a cyrus mail spool onto a btrfs subvolume? I might be the lone voice on this, but I refuse to use btrfs for anything, much less a mail spool. I used it in production on DB and Web servers and fought corruption issues and scrubs hanging the system more times than I can count. (This was within the last 24 months.) I was told by certain mailing lists, that btrfs isn't considered production level. So, I scrapped the lot, went to xfs and haven't had a problem since. I'm not sure why you'd want your mail spool on a filesystem and seems to hate being hammered with reads/writes. Personally, on all my mail spools, I use XFS or EXT4. OUr servers here handle 600million messages a month without trouble on those filesystems. Just my $0.02. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cyrus spool on btrfs?
I hate top posting, but since you've got two items I want to comment on, I'll suck it up for now. Having SSDs alone will give you great performance regardless of filesystem. BTRFS isn't going to impact I/O any more significantly than, say, XFS. It does have serious stability/data integrity issues that XFS doesn't have. There's no reason not to use SSDs for storage of immediate data and mechanical drives for archival data storage. As for VMs we run a huge Zimbra cluster in VMs on VPC with large primary SSD volumes and even larger (and slower) secondary volumes for archived mail. It's all CentOS 6 and works very well. We process 600 million emails a month on that virtual cluster. All EXT4 inside LVM. I can't tell you what to do, but it seems to me you're viewing your setup from a narrow SSD/BTRFS standpoint. Lots of ways to skin that cat. On 09/08/2017 08:07 AM, hw wrote: PS: What kind of storage solutions do people use for cyrus mail spools? Apparently you can not use remote storage, at least not NFS. That even makes it difficult to use a VM due to limitations of available disk space. I´m reluctant to use btrfs, but there doesn´t seem to be any reasonable alternative. hw wrote: Mark Haney wrote: On 09/07/2017 01:57 PM, hw wrote: Hi, is there anything that speaks against putting a cyrus mail spool onto a btrfs subvolume? I might be the lone voice on this, but I refuse to use btrfs for anything, much less a mail spool. I used it in production on DB and Web servers and fought corruption issues and scrubs hanging the system more times than I can count. (This was within the last 24 months.) I was told by certain mailing lists, that btrfs isn't considered production level. So, I scrapped the lot, went to xfs and haven't had a problem since. I'm not sure why you'd want your mail spool on a filesystem and seems to hate being hammered with reads/writes. Personally, on all my mail spools, I use XFS or EXT4. OUr servers here handle 600million messages a month without trouble on those filesystems. Just my $0.02. Btrfs appears rather useful because the disks are SSDs, because it allows me to create subvolumes and because it handles SSDs nicely. Unfortunately, the SSDs are not suited for hardware RAID. The only alternative I know is xfs or ext4 on mdadm and no subvolumes, and md RAID has severe performance penalties which I´m not willing to afford. Part of the data I plan to store on these SSDs greatly benefits from the low latency, making things about 20--30 times faster for an important application. So what should I do? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cyrus spool on btrfs?
On 09/08/2017 09:49 AM, hw wrote: Mark Haney wrote: I hate top posting, but since you've got two items I want to comment on, I'll suck it up for now. I do, too, yet sometimes it´s reasonable. I also hate it when the lines are too long :) I'm afraid you'll have to live with it a bit longer. Sorry. Having SSDs alone will give you great performance regardless of filesystem. It depends, i. e. I can´t tell how these SSDs would behave if large amounts of data would be written and/or read to/from them over extended periods of time because I haven´t tested that. That isn´t the application, anyway. If your I/O is going to be heavy (and you've not mentioned expected traffic, so we can only go on what little we glean from your posts), then SSDs will likely start having issues sooner than a mechanical drive might. (Though, YMMV.) As I've said, we process 600 million messages a month, on primary SSDs in a VMWare cluster, with mechanical storage for older, archived user mail. Archived, may not be exactly correct, but the context should be clear. BTRFS isn't going to impact I/O any more significantly than, say, XFS. But mdadm does, the impact is severe. I know there are ppl saying otherwise, but I´ve seen the impact myself, and I definitely don´t want it on that particular server because it would likely interfere with other services. I don´t know if the software RAID of btrfs is better in that or not, though, but I´m seeing btrfs on SSDs being fast, and testing with the particular application has shown a speedup of factor 20--30. I never said anything about MD RAID. I trust that about as far as I could throw it. And having had 5 surgeries on my throwing shoulder wouldn't be far. That is the crucial improvement. If the hardware RAID delivers that, I´ll use that and probably remove the SSDs from the machine as it wouldn´t even make sense to put temporary data onto them because that would involve software RAID. Again, if the idea is to have fast primary storage, there are pretty large SSDs available now and I've hardware RAIDED SSDs before without trouble, though not for any heavy lifting, it's my test servers at home. Without an idea of the expected mail traffic, this is all speculation. It does have serious stability/data integrity issues that XFS doesn't have. There's no reason not to use SSDs for storage of immediate data and mechanical drives for archival data storage. As for VMs we run a huge Zimbra cluster in VMs on VPC with large primary SSD volumes and even larger (and slower) secondary volumes for archived mail. It's all CentOS 6 and works very well. We process 600 million emails a month on that virtual cluster. All EXT4 inside LVM. Do you use hardware RAID with SSDs? We do not here where I work, but that was setup LONG before I arrived. I can't tell you what to do, but it seems to me you're viewing your setup from a narrow SSD/BTRFS standpoint. Lots of ways to skin that cat. That´s because I do not store data on a single disk, without redundancy, and the SSDs I have are not suitable for hardware RAID. So what else is there but either md-RAID or btrfs when I do not want to use ZFS? I also do not want to use md-RAID, hence only btrfs remains. I also like to use sub-volumes, though that isn´t a requirement (because I can use directories instead and loose the ability to make snapshots). If the SSDs you have aren't suitable for hardware RAID, then they aren't good for production level mail spools, IMHO. I mean, you're talking like you're expecting a metric buttload of mail traffic, so it stands to reason you'll need really beefy hardware. I don't think you can do what you seem to need on budget hardware. Personally, and solely based on this thread alone, if I was building this in-house, I'd get a decent server cluster together and build a FC or iSCSI SAN to a Nimble storage array with Flash/SSD front ends and large HDDs in the back end. This solves virtually all your problems. The servers will have tiny SSD boot drives (which I prefer over booting from the SAN) and then everything else gets handled by the storage back-end. In effect this is how our mail servers are setup here. And they are virtual. I stay away from LVM because that just sucks. It wouldn´t even have any advantage in this case. LVM is a joke. It's always been something I've avoided like the plague. On 09/08/2017 08:07 AM, hw wrote: PS: What kind of storage solutions do people use for cyrus mail spools? Apparently you can not use remote storage, at least not NFS. That even makes it difficult to use a VM due to limitations of available disk space. I´m reluctant to use btrfs, but there doesn´t seem to be any reasonable alternative. hw wrote: Mark Haney wrote: On 09/07/2017 01:57 PM, hw wrote: Hi,
Re: [CentOS] cyrus spool on btrfs?
On 09/08/2017 01:31 PM, hw wrote: Mark Haney wrote: I/O is not heavy in that sense, that´s why I said that´s not the application. There is I/O which, as tests have shown, benefits greatly from low latency, which is where the idea to use SSDs for the relevant data has arisen from. This I/O only involves a small amount of data and is not sustained over long periods of time. What exactly the problem is with the application being slow with spinning disks is unknown because I don´t have the sources, and the maker of the application refuses to deal with the problem entirely. Since the data requiring low latency will occupy about 5% of the available space on the SSDs and since they are large enough to hold the mail spool for about 10 years at its current rate of growth besides that data, these SSDs could be well used to hold that mail spool. See, this is the kind of information that would have made this thread far shorter. (Maybe.) The one thing that you didn't explain is whether this application is the one /using/ the mail spool or if you're adding Cyrus to that system to be a mail server. BTRFS isn't going to impact I/O any more significantly than, say, XFS. But mdadm does, the impact is severe. I know there are ppl saying otherwise, but I´ve seen the impact myself, and I definitely don´t want it on that particular server because it would likely interfere with other services. I don´t know if the software RAID of btrfs is better in that or not, though, but I´m seeing btrfs on SSDs being fast, and testing with the particular application has shown a speedup of factor 20--30. I never said anything about MD RAID. I trust that about as far as I could throw it. And having had 5 surgeries on my throwing shoulder wouldn't be far. How else would I create a RAID with these SSDs? I´ve been using md-RAID for years, and it always worked fine. That is the crucial improvement. If the hardware RAID delivers that, I´ll use that and probably remove the SSDs from the machine as it wouldn´t even make sense to put temporary data onto them because that would involve software RAID. Again, if the idea is to have fast primary storage, there are pretty large SSDs available now and I've hardware RAIDED SSDs before without trouble, though not for any heavy lifting, it's my test servers at home. Without an idea of the expected mail traffic, this is all speculation. The SSDs don´t need to be large, and they aren´t. They are already greatly oversized at 512GB nominal capacity. There´s only a few hundred emails per day. There is no special requirement for their storage, but there is a lot of free space on these SSDs, and since the email traffic is mostly read-only, it won´t wear out the SSDs. It simply would make sense to put the mail spool onto these SSDs. It does have serious stability/data integrity issues that XFS doesn't have. There's no reason not to use SSDs for storage of immediate data and mechanical drives for archival data storage. As for VMs we run a huge Zimbra cluster in VMs on VPC with large primary SSD volumes and even larger (and slower) secondary volumes for archived mail. It's all CentOS 6 and works very well. We process 600 million emails a month on that virtual cluster. All EXT4 inside LVM. Do you use hardware RAID with SSDs? We do not here where I work, but that was setup LONG before I arrived. Probably with the very expensive SSDs suited for this ... Possibly, but that's somewhat irrelevant. I've taken off the shelf SSDs and hardware RAID'd them. If they work for the hell I put them through (processing weather data), they'll work for the type of service you're saying you have. If the SSDs you have aren't suitable for hardware RAID, then they aren't good for production level mail spools, IMHO. I mean, you're talking like you're expecting a metric buttload of mail traffic, so it stands to reason you'll need really beefy hardware. I don't think you can do what you seem to need on budget hardware. Personally, and solely based on this thread alone, if I was building this in-house, I'd get a decent server cluster together and build a FC or iSCSI SAN to a Nimble storage array with Flash/SSD front ends and large HDDs in the back end. This solves virtually all your problems. The servers will have tiny SSD boot drives (which I prefer over booting from the SAN) and then everything else gets handled by the storage back-end. If SSDs not suitable for RAID usage aren´t suitable for production use, then basically all SSDs not suitable for RAID usage are SSDs that can´t be used for anything that requires something less volatile than a ramdisk. Experience with such SSDs contradicts this so far. Not true at all. Maybe 5 years ago SSDs were hit or miss with hardware RAID. Not anymore. It's just another drive to the system,
[CentOS] CentOS 6.4 apparent rpm problem
Well, after three days of beating my head against my desk, I'm waving the white flag. I've got a CentOS 6.4 box (yeah, I know) that I blew away the OpenLDAP client and installed the freeipa-client as we're transitioning off this terrible OpenLDAP implementation here. Everything installed fine, and while I'm still tweaking the ansible playbook for completely flushing PAM and OpenLDAP stuff off the box (we have more than 100 other C6 boxes to migrate), everything works fine with logging in using our IPA credentials. The only thing that /doesn't/ work is sudo. While debugging it, it was suggested (on the FreeIPA list) to update sudo. I've got a C6.4 box that I fully updated and sudo works fine on it. Unfortunately, I can't update this one fully, so I'm trying to update sudo only. The current version on this box is 1.8.6-7.el6.x86_64. Here's the head scratcher. I cannot, in any fashion get yum to update sudo, it says no packages are marked for update. I tried simply downloading the RPM and installing and I get this: [root@secure nnsops]# yum localinstall sudo-1.8.6p3-29.el6_9.x86_64.rpm Loaded plugins: changelog, fastestmirror Setting up Local Package Process Examining sudo-1.8.6p3-29.el6_9.x86_64.rpm: sudo-1.8.6p3-29.el6_9.x86_64 Nothing to do A couple of people on the IPA list suggested explictly using the 6.9 repo URL. Nothing. So, I ran a yum update to see what packages would update and sudo isn't one of them. I've rebuilt the RPM database with no change in result. I'm completely at a loss here, and I've been using RPM and Yum for two decades. Any other ideas? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6.4 apparent rpm problem
Please ignore this, some ignorant cretin here excluded sudo from being updated. Never in my life will I understand anyone's reason for excluded THAT particular package. On 09/15/2017 08:40 AM, Mark Haney wrote: Well, after three days of beating my head against my desk, I'm waving the white flag. I've got a CentOS 6.4 box (yeah, I know) that I blew away the OpenLDAP client and installed the freeipa-client as we're transitioning off this terrible OpenLDAP implementation here. Everything installed fine, and while I'm still tweaking the ansible playbook for completely flushing PAM and OpenLDAP stuff off the box (we have more than 100 other C6 boxes to migrate), everything works fine with logging in using our IPA credentials. The only thing that /doesn't/ work is sudo. While debugging it, it was suggested (on the FreeIPA list) to update sudo. I've got a C6.4 box that I fully updated and sudo works fine on it. Unfortunately, I can't update this one fully, so I'm trying to update sudo only. The current version on this box is 1.8.6-7.el6.x86_64. Here's the head scratcher. I cannot, in any fashion get yum to update sudo, it says no packages are marked for update. I tried simply downloading the RPM and installing and I get this: [root@secure nnsops]# yum localinstall sudo-1.8.6p3-29.el6_9.x86_64.rpm Loaded plugins: changelog, fastestmirror Setting up Local Package Process Examining sudo-1.8.6p3-29.el6_9.x86_64.rpm: sudo-1.8.6p3-29.el6_9.x86_64 Nothing to do A couple of people on the IPA list suggested explictly using the 6.9 repo URL. Nothing. So, I ran a yum update to see what packages would update and sudo isn't one of them. I've rebuilt the RPM database with no change in result. I'm completely at a loss here, and I've been using RPM and Yum for two decades. Any other ideas? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update problem - dependancy problem
On 09/26/2017 09:23 AM, James B. Byrne wrote: You have a conflicting package installed from repository @atrpms. You need to remove that package and/or disable that repository to get past the dependency issue. 'Skip broken' is not going to handle this situation nor will any other set of yum options. Christ, how long as ATRPMs been dead? I think I stopped using it in 2008/9. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
On 10/01/2017 11:21 AM, hw wrote: Hi, how can I prevent files/directories like /var/run/mariadb from being deleted on reboot? Lighttpd has the same problem. This breaks services and makes servers non-restartable by anyone else but the administrator who needs to re-create the needed files and directories every time and has to figure out what selinux labels they need. This causes unnecessary downtimes. This is entirely inacceptable. This totally sucks. What did you put in there that causes such issues in the first place? There shouldn't be a thing in that directory except the PID of the running process. It stands to reason that would be emptied on restart since the service would be shutdown cleanly (usually) before rebooting. If you've got stuff in there that a) you need to keep across reboots and/or b) data that requires root access, you're simply not doing it right. Might I suggest reading up on how CentOS/RHEL's directory structure and what should go where? It seems to me you're trying to put a square peg in a round hole and getting frustrated because it won't fit. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
On 10/03/2017 01:12 PM, hw wrote: See https://developers.redhat.com/blog/2016/09/20/managing-temporary-files-with-systemd-tmpfiles-on-rhel7/ how to manage tmpfiles. Thanks, I´ll look into that. I wouldn´t consider a directory like /var/run/mariadb in any way as only temporary --- and wouldn´t consider directories that are required for the system to work as temporary, either. That directory isn't temporary. The files almost always are, but not the directories. As I said, whatever it is you're doing, it's wrong. I wouldn't continue to keep a setup like that as it's not standard practice to keep data in /var/run that isn't temporary. However, you seem to be insistent on doing things contrary to best practices so. Curious, how did you install MariaDB that you have such a problem? The package shipping with CentOS does not create such issue. I´m using the packages from mariadb.org. The old version that comes in Centos isn´t recommended, and I need features only the newer versions provide. Lighttpd is from epel, and it has basically the same issue. What issue? That the PID is dropped on reboot? What else are you putting in there? I'm beginning to question whether you know what you're doing or not. Lighttpd doesn't store any persistent info in /var/run/ because, like everything else, /var/run isn't for persistent data. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
On 10/04/2017 04:23 AM, Gary Stainburn wrote: Mark, Many Non-Centos originated packages create directories in /var/run as part of the install, and expect them to still exist after a reboot. They then fail when starting the service because they're trying to create a PID / Lock file in a directory that no longer exists. This problem has been around ever since /var/run was moved to tmpfs. Unfortunately, sometimes we have to use packages other than the official Centos ones, usually as in this case because we need newer versions. There is a solution that saves /var/run to disk at shutdown and restores it at bootup but I can't remember what it is. Sorry, but if you have to use packages that don't originate from CentOS and they do that, then I wouldn't use them. Period. I'd compile from source before I used something configured that way. Why is it so hard for people to understand that var/run IS NOT PERSISTENT and was never meant to be? Do they not teach basic Unix concepts anymore? If you think that setup is acceptable, I wouldn't hire you to water my lawn as you'd likely water the electrical box along with said lawn. These are VERY VERY basic concepts. Banging a square peg into a round hole, even in a test environment is a good way to get fired and become unemployable. And believe me, word gets around quickly in IT circles. If you can't build from source to keep from using non-standard packages, then you really shouldn't be doing whatever it is you were hired to do. This is extremely basic arithmetic here. You don't do surgery with dirty scalpels, you don't drive without brakes, these are axiomatic just like /var/run isn't persistent. It's been that way at least since I was in HS and college in the 80s and very very likely since the early Unix days. Honestly, I feel bad for your employer if you think this is an acceptable way to get a system working. There, I've said my piece. Call it a flame if you want, truth hurts and ignoring basic rules is a good way to hurt yourself or other people. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
On 10/04/2017 08:22 AM, Gary Stainburn wrote: On Wednesday 04 October 2017 12:54:44 Mark Haney wrote: Sorry, but if you have to use packages that don't originate from CentOS and they do that, then I wouldn't use them. Period. I'd compile from source before I used something configured that way. This perspective to some extent employs cutting your nose of dispite youre face. Before Packages were introduced, everyone compiled from source. That was a pain, and a long process, especially when you had dependancies that you also had to compile. Packages eased this process but kept the dependancy issue. If you think using non-standard packages that put /persistent/ items in non-persistent locations like /var/run in production environments is far more acceptable than compiling from source because of package management 'benefits' then (to me anyway) you're lazy and dangerous with critical data. My statement still stands. Let me be clear: THIS. IS. NOT. ACCEPTABLE. The fact you'd rather bandaid a problem (in production no less) than follow proper standards or compile from source to avoid said bandaid would be a fire-able offense in any IT shop I've ever worked at. Package managers got round (mostly) both the dependancy problem and updating too. The problem with package maintainers not keeping up to date shows that this still isn't perfect. However, if you go back to compiling from source then you lose all of these benefits. Thankfully I do not earn my keep by watering lawns. I do not believe that this is acceptable, but by the same token I have to earn my keep and that involves having working production servers and services. I have managed to get round this problem in the past through manually doing the same function as systemd-tmpfiles. It is a small price to pay to have a working, (relatively) up to date server. The fact you find this acceptable means you're either the only 'qualified' (and even that is subject to doubt) person there, or your management is too ignorant to understand the danger. I'm sorry, but in no way is this acceptable for production level servers. I'm sure, if you asked 100 IT people you'd get 100 to agree with me. Being flippant with production servers is never acceptable. Of course, most people refuse to listen to logic and reason because they are convinced they are right despite evidence (and best practices over 40+ years of Unix) to the contrary. I'll end this by saying, I hope the production servers you have don't provide critical services that could jeopardize the lives of people. I'd ask who you work for, to make sure I avoid them at all costs, but I'm not sure I'd be told. Again, denying 40+ years of Unix design and best practices because you're too lazy to manage compiling from source to avoid denying those practices is truly one of the most astonishing things I've ever seen in the 25 years I've been in IT. Then again, maybe I'm old-fashioned when I expect to do something and do it right rather than half-ass it. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
On 10/04/2017 08:46 AM, Gary Stainburn wrote: On Wednesday 04 October 2017 13:39:30 Mark Haney wrote: I'll end this by saying, I hope the production servers you have don't provide critical services that could jeopardize the lives of people. I'd ask who you work for, to make sure I avoid them at all costs, but I'm not sure I'd be told. The company I work for, and the livelihood of the hundreds of employees depend on my servers. In the 30 years I've been in the industry, I've never had problems as you've described ___ In 30 years you've obviously learned nothing about Unix/Linux. I'd be embarrassed to claim that length of IT service and do something as catastrophically stupid as what you're doing now. Just because it 'hasn't been a problem' doesn't mean it won't. Seriously, if it were me, I'd either retire or hire someone better than you with production servers. You'd think, with your supposed experience, you wouldn't use the 'well it's never happened before' as a viable reason for doing something. That's ignorant, immature and far more dangerous for your organization than I would be happy with as a CEO or Manager. That attitude is never excusable. This conversation is over. You refuse to listen to literally EVERYONE ELSE ON THE LIST and therefore not worth anyone else's time trying to help you. (Especially mine.) I showed my daughter this thread, she's a freshman in the Honors College of Engineering at Virginia Tech majoring in Math and CpE, has been using linux since she was old enough to sit at a keyboard and even she was appalled. If that doesn't tell you something, nothing will. Do us all a favor and don't post to the list unless you are willing to listen to rational human beings. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to prevent files and directories from being deleted?
It's quite obvious you aren't using Centos packages. If you refuse to do as best practices insist (and have for nearly HALF A CENTURY) then no one here can help you. It seems to me that 1) you'd be better off compiling from source for your environment, or 2) that you need to follow practices established (probably) before you were born or 3) that you stop asking the list for thing no one in their right mind would do. How hard is that math? On Thu, Oct 5, 2017 at 5:32 AM, hw wrote: > Mark Haney writes: > > > On 10/03/2017 01:12 PM, hw wrote: > >> > >>> See > >>> > >>> https://developers.redhat.com/blog/2016/09/20/managing- > temporary-files-with-systemd-tmpfiles-on-rhel7/ > >>> > >>> how to manage tmpfiles. > >> Thanks, I´ll look into that. I wouldn´t consider a directory like > >> /var/run/mariadb in any way as only temporary --- and wouldn´t consider > >> directories that are required for the system to work as temporary, > >> either. > > That directory isn't temporary. The files almost always are, but not > > the directories. As I said, whatever it is you're doing, it's wrong. > > I wouldn't continue to keep a setup like that as it's not standard > > practice to keep data in /var/run that isn't temporary. > > Well, what am I supposed to do? The socket (or what it was) needs to be > put somewhere, and IIRC, it wasn´t my choice to put it there but is a > default. With mariadb, there are some defaults you can´t reasonably > change because other software expects files where they usually are. And > I don´t want to change that, I just want mariadb and lighttpd and other > things to start on reboots rather than being broken because someone > decided that files/directories they require are to be deleted on reboots > before they can start. > > > However, you seem to be insistent on doing things contrary to best > > practices so. > >>> Curious, how did you install MariaDB that you have such a problem? The > >>> package shipping with CentOS does not create such issue. > >> I´m using the packages from mariadb.org. The old version that comes in > >> Centos isn´t recommended, and I need features only the newer versions > >> provide. > >> > >> > >> Lighttpd is from epel, and it has basically the same issue. > >> > >> > > What issue? That the PID is dropped on reboot? What else are you > > putting in there? I'm beginning to question whether you know what > > you're doing or not. Lighttpd doesn't store any persistent info in > > /var/run/ because, like everything else, /var/run isn't for persistent > > data. > > IIRC, lighttpd won´t start unless you mess with where it puts its pid > file. I think I had to resort to put it into /tmp or something like > that because the place where it´s supposed to put it gets deleted on > reboots. > > I´ve never before had issues like this. > > > -- > "Didn't work" is an error. > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Flame war police
On 10/10/2017 11:03 AM, Andrew Holway wrote: Hiya everyone, Is there a way to disable a thread that has degenerated into flaming? The recent "discussion" on /var/run descended into some quite nasty places and perhaps a lid should have been put on it. This seems to happen every few weeks and is somewhat embarrassing when I'm trying to persuade people of the "active and friendly Centos community" It was a shame that no one actually read past the belligerence his original post enough to come up with a solution. It was quite clearly a problem with third party packages not coming with SELinux policies. Also just as clearly, everyone on the list said this wasn't standard CentOS practice, the third party repo/packages OP used was not built properly and to either find a package that did, or compile from source. At no point will anyone on this list try to fix a 'problem' by ignoring the 40+ years of UNIX design. Liability aside, if someone doesn't like what the majority say on the list, that's their problem. Trying to stick persistent data in /var/run isn't standard (or best) practice and, indeed, /var/run is literally designed to not be persistent. Any sane admin wouldn't countenance that, and most of us are sane, and experienced. Let me ask, would you allow your kids to do something that was obviously dangerous? This is the same thing. We're here to guide those willing to learn the /best/ method of resolving problems. Some aren't willing to learn and refuse to believe the majority here know what we're talking about. The true answer to OPs question wasn't what he wanted to hear and continued ad nauseum to insist that's what he wants to do. Sometimes people just have to fail to learn. Most of us make a living in IT, and get paid to do things within the parameters of the systems we manage. How hard is it to understand such a simple concept? What you insist on calling a flame war, was some of us, me included, trying to get people to understand that 1) OP is wrong trying to do it this way 2) that OPs package wasn't standard CentOS packaging and was dangerous to use on CentOS systems and 3) that there's no way any of us would offer a work around for something that will almost certainly result in lost data. OP appeared, to me at least, to be quite immature in insisting going against how CentOS (and RHEL) is designed and would very likely have come back to the list raising hell over losing data and how it's our fault for his inability to listen to us. Don't you think that would have been a bigger blow to the 'active and friendly community' if we'd actually offered advice contrary to design/best practice? Would you take advice from someone you know has given dangerous advice in the past? We have this discussion on every list I've ever been, or currently are on about every 6 months or so. I do my best to contribute to the list as often as I can, but I can't help people when they are deadset on doing dangerous things. Posts like his, and posts like yours make it harder for me to bother trying to help those unwilling to listen. I don't take it from my children, and I certainly won't from adults who won't listen. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Flame war police
On 10/11/2017 02:44 PM, Lamar Owen wrote: On 10/10/2017 11:22 AM, Mark Haney wrote: We have this discussion on every list I've ever been, or currently are on about every 6 months or so. I do my best to contribute to the list as often as I can, but I can't help people when they are deadset on doing dangerous things. Posts like his, and posts like yours make it harder for me to bother trying to help those unwilling to listen. I don't take it from my children, and I certainly won't from adults who won't listen. Hi Mark, been a while since I saw you last in Asheville. Hey Lamar, long time no see. It's been a real long time actually, left ERC in late 2009 after 3 surgeries on my feet and couldn't walk enough to do anything useful (ended up having 2 more, an elbow rebuilt and just had surgery #7 to reconstruct a knee). We moved to Durham in 2013 and have been here since. Just got my last 2 daughters off to Virginia Tech this fall and it's empty nest time. I still don't know what to do with all my free time. The core issue in the /var/run thread is one of lack of civility. There is a civil way of calling someone to see their need for further thought and investigation; calling someone 'stupid' or 'an idiot' over something as small as /var/run directory persistence is, to my mind at least, its own brand of immaturity and will typically cause the person so being attacked to go on the defensive and harden their stance, and this is the textbook genesis of a flame. I do agree, to a point. Being Irish, my temper is always simmering, usually over ignorance or willful stupidity. But, sometimes you just have to be the bad guy when people are recalcitrant. Hence my stance in this thread. I honestly have no problem being the bad guy if I have to be. In this case, it was a situation where OP was already on the defensive after the first posts. My input was much later, and was civil, even if not completely polite. The fact remains trying slam that square peg into that round hole, despite repeated attempts to explain /why not to do it/ seems to me to be willfully stupid (or stubborn). I made my case in my replies that forcing this issue absolutely will result in lost data and few people who get paid to do this for a living will countenance such a thing. In a lot of ways, we view things from the perspective of our own jobs/environment/culture, putting ourselves in their position as it were. A lot of people join the list simply to get a question answered, a lot more hang out and help when they can. I think no one wants to see anyone put their data, or livelihood in jeopardy and certainly not with advice given by (other) professionals. Sometimes you just have to be the 'disappointed parent', and that's how I replied after a while. Right or wrong, I stand by it. I've been involved in Unix and related pursuits long enough to know that different people consider different things to be polite. And I've said my share of impolite things, especially back in the day when I had a Usenet leaf node over uucp and participated in news.admin and alt.flame, so I'm not being self-righteous here, just practical and realistic. I've been plonked before, and I've plonked before. (If anyone isn't familiar with the term 'plonk' it means to put in your killfile or ignore list, and there are a few people that have been on this list that I have killfiled in the past, several especially right around the releases of CentOS 5.6 and CentOS 6.0). Heh. I haven't seen that word in a long time. Plonk and netiquette are widely unused words these days. So, for the last several years, I have set a protocol for myself where, if words that would be considered uncivil by most people were present in my post, or if my wording became too much of an attack over the person, I simply don't send it. My wife and I have five children, so I'm more than a little familiar with a certain rabbit named Thumper and his famous adage "f you can't say something nice, don't say nothin' at all." Now, I don't agree with that adage as written, as I would rather use the word 'civil' instead of 'nice,' because 'civil' doesn't mean nice. Civil just means 'not nasty' even when you need to have 'Radical Candor.' But I reserve that sort of 'harsh civility' for my staff here when necessary, who get a much more civil tone than my children at home would, incidentally. But my staff aren't children. And the members of this list aren't my staff, and I will be civil to everyone on this list. I'll drop a brief note about my opinion of /var/run later, so that anyone who wants to ignore that thread before I post can do so. I get it. I really do. And there were t
[CentOS] [OT] Bash help
I know this is for CentOS stuff, but I'm at a loss on how to build a script that does what I need it to do. It's probably really logically simple, I'm just not seeing it. Hopefully someone will take pity on me and at least give me a big hint. I have a file with two columns 'email' and 'total' like this: m...@example.com 20 m...@example.com 40 y...@domain.com 100 y...@domain.com 30 I need to get the total number of messages for each email address. This type of code has always been the hardest for me for whatever reason, and honestly, I don't write many scripts these days. I'm struggling to get psuedocode that works, much less a working script. I know this is off topic, and if it gets modded out, that's fine. I just can't wrap my brain around it. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Bash help
On 10/25/2017 12:33 PM, Robert Arkiletian wrote: here is a python solution #!/usr/bin/python #python 2 (did not check if it works) f=open('yourfilename') D={} for line in f: email,num = line.split() if email in D: D[email] = D[email] + num else: D[email] = num f.close() for key in D: print key, D[key] ___ That gets me closer, I think. It's concatenating the number of messages, but it's a start. Thanks. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Bash help
On 10/25/2017 12:47 PM, Warren Young wrote: You’re making things hard on yourself by insisting on Bash, by the way. This solution is better expressed in Perl, Python, Ruby, Lua, JavaScript…probably dozens of languages. Yeah, you're right, I am. An associative array was the first thing I thought of, then realized BASH doesn't do those. I honestly expected there to be a fairly straight forward way to do it in BASH, but I was sadly mistaken. In my defense, I gave virtually no thought on the logic of what I was trying to do until after I'd committed significant time to a BASH script. (Well maybe that's not a defense, but an indictment.) As I said, I don't do much scripting anymore as the majority of my time is spent DB tuning and Ansible automation. Not really an excuse, and I appreciate your indulgence(s) in giving me a hand. As embarrassed as I am, I'll just go sit in the corner the rest of the day. Thanks again. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] Bash help
On 10/25/2017 01:24 PM, m.r...@5-cent.us wrote: This screams out for associative arrays. (Also called hashes, dictionaries, maps, etc.) That does limit you to CentOS 7+, or maybe 6+, as I recall. CentOS 5 is definitely out, as that ships Bash 3, which lacks this feature. Associative arrays? Awk! Awk! (No, I am not a seagull...) sort file | awk '{ array[$1] += $2;} END { for (i in array) { print i "\t" array[i];}' mark "associative arrays, how do I love thee? Let me tot the arrays..." Okay, I'm impressed with this one. I use awk for simple stuff when sed starts getting weird, but this is absolutely elegant. No offense to the other examples, they are all awesome, but I had no idea awk could do this with such little effort. Well, I know what I'm studying up on this weekend. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Kickstart ksdevice question
This should be easy to answer (I hope). We routinely kickstart boxes to use for managing our customers RADIUS/DHCP configurations (along with other things). We've had a C7 kickstart in place since I built one in May and are finally starting to roll it out for new installations. But, I'm curious as to what ksdevice= actually does. With the C6 we routinely used ksdevice=eth0 since we ship boxes with two NICs and knew interface 1 was always eth0. With C7 comes the interface naming convention changes and that's where questions have arisen about that option. It's been set as ksdevice=eno1 since I know these servers name the interfaces with the eno# convention (integrated dual-port). A coworker of mine insists on setting it ksdevice=enp2s0 which doesn't seem to work like it should (though, it could be a fault netinstall image, I'm not sure yet). In all honesty, we'd prefer to keep the eth# convention for C7 like C6. So, my question is, does setting ksdevice=eth0 dictate to the system the names of the interfaces? Is that just a name for the install process and the kickstart script assigns names? (We have the kickstart script setting them as eno1 and eno2, btw.) I've googled this to no end and haven't found a satisfactory answer. So, I'm hoping someone with more KS experience than I can explain it. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kickstart ksdevice question
On 11/01/2017 10:28 AM, m.r...@5-cent.us wrote: Nux! wrote: Hello, ksdevice specifies which NIC to be used during the network install. The new naming conventions indeed make this more complicated than it needs to be. To go back to the old naming scheme (eth0, eth1 ...) just add this to boot parameters (kernel cmdline): biosdevname=0 net.ifnames=0 Yes! Actually, the other admin I work with and I were just bitching about that a few minutes ago. I have no idea who thought the new enpxsyz was a "good idea", but for 99% of us, I look at the back of a system, and I want to know which one. the enxyz is significantly less than useful. Now, if only there were some tool, like there used to be HERD, to figure out on my supermicro which DIMM is complaining You'd think IMPI would do it, but no mark It's funny you should mention that vendor because we use only SuperMicro servers here. The really good thing about that is that our boxes, the interfaces are eno1 & eno2 and not the ridiculous enp2s0abcdefhwtf convention on VMs and such. It was easy to remember, even if counter-intuitive since if you're like most people who've been in this business long enough, interfaces (and arrays) always start with 0. To me, eno1 is the second interface and I have to actually pause to rethink things because of that. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kickstart ksdevice question
On 11/01/2017 01:57 PM, Tristan Hoar wrote: Strictly speaking it is depricated https://anaconda-installer.readthedocs.io/en/latest/boot-options.html#d eprecated-options Regards, Tris Okay, so it looks like I can simply change ksdevice=eth0 to bootdev=eth0, correct? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kickstart ksdevice question
On 11/01/2017 03:25 PM, Chris Adams wrote: Once upon a time, Mark Haney said: Okay, so it looks like I can simply change ksdevice=eth0 to bootdev=eth0, correct? I believe you can just leave both off (IIRC for CentOS 6 as well) if you add "ipappend 2" to the pxelinux stanza. I probably should have clarified that we're not using PXE and probably won't for the forseeable future. This is just a simple netinstall disc/flash drive boot. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Kickstart ksdevice question
On 11/01/2017 05:02 PM, James A. Peltier wrote: Leaving ksdevice= off the command line will prompt you for the location of the kickstart file and the device you want to use to kickstart Well, things just got weird with this. The first couple of times I included the biosdevname etc, on the command line with ksdevice=eth0 it worked perfectly. Sometime yesterday (and I verified this a few minutes ago) that stopped working. It's the same hardware (in fact, the exact same hardware as I tested earlier, as it's the same box) and now, it's naming the interfaces eno1/eno2 again. Honestly, not that I care, since taking the ksdevice= bit off worked just fine, even with the interface names changed to eth0/eth1 in the kickstart file. I have no idea why this happened, and finding an answer isn't critical to getting these boxes kicked, though I would like to understand why the BIOSDEVNAME NET.IFRAMES options stopped working suddenly. It's the same boot image, and the exact same server that renamed the interfaces correctly yesterday. Granted, it's Friday and maybe anaconda is tired of my crap and has decided to throw a tantrum. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 6 P2V alternatives?
On 11/03/2017 12:48 PM, Robert Nichols wrote: On 11/03/2017 09:02 AM, hw wrote: Robert Nichols wrote: How would you recover if that server were suddenly destroyed, let's say by a power supply failure that fried the motherboard and all the disks? If you can't bring up a machine on new, bare iron starting with nothing but your backups and a CD or USB stick with a recovery tool, you need to seriously reconsider your backup strategy. That´s a very good point. What options are there to make complete and consistent backups of machines and VMs while they are running? Just shutting down a VM to make a backup is troublesome because you sometimes need to run 'virsh shutdown xx' several times for the VM to actually shut down, and I have VMs that do not shut down no matter how often you try. If you manage to shut down the VM, there is no guarantee that it will actually restart when you try --- and that goes for non-VMs as well. Shutting them down manually frequently to make backups is not an option, either. Every backup tool that can be run on a physical machine can also be run in the VM. For databases that cannot be simply copied while they are active, there should be a way to generate a snapshot or other consistent representation that can be backed up and restored if necessary, and any database that does not provide such a capability should not be considered suitable for the task at hand. Long-running jobs should always have checkpoints to allow them to be continued should the machine crash. (I have such a job running right now. Coincidentally, it's verifying the consistency of 3 years of backups that I just reorganized.) There is no "one size fits all" answer. The needs of a transaction processing system that can never, ever lose a transaction once it's been acknowledged are radically different from those of a system that can afford to lose an hours, or days, worth of work. I'll toss my two cents worth in having dealt with a similar situation recently (well 2015, but close enough). If this server is /that/ important, I'd really consider building a completely new virtual instance on the hypervisor of your choice. Though, to be completely honest, Hyper-V is just awful in my testing. There are far more P2V options for VMWare, including it's own P2V software which I've not had particular trouble with in a half-decade, if you insist on a P2V migration. If we're just talking backups, Veeam for Hyper-V (and ESXi) works really well and you can bring up the backed up VM on the fly if you need to recover data from it, or for DR/BC. I've never had a problem with it and, at my last position, had it set to run the backups on a remote cloud in case of catastrophic damage to the office. Of course, there's no such thing as too many backups, so critical data on a server like you have was replicated to a warm/cold site, or part of a cluster for DBs to make sure data integrity was kept and uptime maximized. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mariadb server memory usage
On 11/04/2017 10:05 AM, hw wrote: Hi, is this ok for a database server, or do I need to turn the memory allowance down? The machine has 48GB and mariadb is allowed about 40. The machine is a dedicated database server. Mysql seems to go up to what top says is virtually allocated under some circumstances; I don´t know what mariadb does. I don´t want anything get killed because memory runs out. Swap should prevent that anyway, but perhaps I went a bit higher than I should? Usual advice is to use 80%, and there are probably reasons for that. Perhaps it´s better to allow for more disk cache? KiB Mem : 49449424 total, 291772 free, 45891836 used, 3265816 buff/cache KiB Swap: 16777212 total, 16742928 free, 34284 used. 2985816 avail Mem PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND 4138 mysql 20 0 48.908g 0.042t 14064 S 0.0 91.8 111:23.17 mysqld What exactly do you mean by 'memory allowance'? That's a pretty open question. It all depends on your databases and usage. The typical 'best practices' answer is to set the buffer pool to ~75-80% of RAM if the total size of all your DBs exceeds the total amount of RAM on the server. The idea being that you want to have as much (or all) of the databases in RAM as that's much faster than going to disk for it. If the total size of your DBs is less than the total RAM, I typically allocate enough to take all DBs into RAM +10-20% for projected growth. You haven't mentioned the size of the DB(s) you're running on the server, nor what your usage pattern might be (heavy reads, heavy writes or a balance of the two). You also didn't post the config file either. I know this is a bit OT, but config files are very helpful for any issue. Just looking at the RAM usage you posted, I would be a bit worried by the fact you only have ~300MB of 'free' RAM. If the total in the cache is all buffer pool, it should be fine, but I typically don't run a DB server that low on physical RAM. Swap is fine, but much slower than RAM, even on SSDs. We can take this offlist if you like, I'll be happy to help you take a look at the configs and offer suggestions. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP laptops with CentOS 7?
On 11/07/2017 01:41 AM, Sorin Srbu wrote: When I first started at this job almost twenty years ago fresh out of IT-school, I had an idea to use a Windows print server as this was what I knew. I wasn't trusted with the *nix farm yet then. Over the years I have tried at least once a year to get our Linux-computers to talk to our AD-connected Windows Servers, but haven't quite made it yet. I've also tried to get the AD-connected Windows-clients to talk to a Linux print server to no avail. Granted it's been awhile now since I tried. Maybe I'll give it another go. Both the Windows and Linux OS:es have developed quite a bit the last ten years... I've had no problems printing to AD connected print servers with Linux in a decade. Either with the Linux box (usually Fedora, but Ubuntu as well) as part of the AD domain or not part of the domain. Generally all the printer issues with Windows print servers is the print spool getting jacked up and having to be restarted. It's better in Server 2016, but still crap IMHO. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HP laptops with CentOS 7?
On 11/07/2017 08:24 AM, Sorin Srbu wrote: We don't run anything on Server 2016, only have a Server 2012 left. Last I tried was with Server 2012, a year or so ago. I dealt with 2012 print servers exclusively until 2016 was released. It worked better than anything prior especially considering we had 60+ Macs connecting to it for AD authentication and print services. (We were all Macs except two linux laptops, my Lenovo and a developer who ran Ubuntu on his Mac.) All in all, it didn't totally suck once you got it setup for your normal print load. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C6, lightweight window managers - opinions?
On 11/07/2017 10:37 AM, m.r...@5-cent.us wrote: So, on my old Netbook, now happily running C6.9, I'm looking for opinions for a lightweight window manager. Gnome surely ain't it Years back, I used to like IceWM, but not sure it's been kept up. So, opinions? mark ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos I have an old Gateway netbook that runs XFCE and LWM just fine. It's Ubuntu, not CentOS however. Granted it's a recent kernel and a heavier package size I would think. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Possibly [OT] ansible vmware inventory plugin
This might be OT, but it is CentOS related. I've been running Ansible on C7 for a handful of months now, and updated to 2.4 as soon as it was available. I've been building inventories by hand in that time (mostly due to the fact we had no actual documentation on the managed external customer servers). However, as we have a multiple VMware clusters, thought it might be time to tinker with dynamic inventories. The problem is that the vmware_inventory.py script didn't come with 2.4 in CentOS 7, even though it's in the stable branch. I'm curious, is this a deliberate omission on the CentOS maintainers part? I couldn't find a package that included it. Am I missing something obvious? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Possibly [OT] ansible vmware inventory plugin
Yeah, it's the Extras repo Ansible package. So, my next (probably stupid) question, is there a way to get the vmware_inventory plugin setup on my system? <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=icon> Virus-free. www.avast.com <https://www.avast.com/sig-email?utm_medium=email&utm_source=link&utm_campaign=sig-email&utm_content=webmail&utm_term=link> <#DAB4FAD8-2DD7-40BB-A1B8-4E2AA1F9FDF2> On Thu, Nov 9, 2017 at 6:18 AM, Johnny Hughes wrote: > On 11/08/2017 12:37 PM, Mark Haney wrote: > > This might be OT, but it is CentOS related. I've been running Ansible > > on C7 for a handful of months now, and updated to 2.4 as soon as it was > > available. I've been building inventories by hand in that time (mostly > > due to the fact we had no actual documentation on the managed external > > customer servers). However, as we have a multiple VMware clusters, > > thought it might be time to tinker with dynamic inventories. The > > problem is that the vmware_inventory.py script didn't come with 2.4 in > > CentOS 7, even though it's in the stable branch. I'm curious, is this a > > deliberate omission on the CentOS maintainers part? I couldn't find a > > package that included it. > > > > Am I missing something obvious? > > > > If you are talking about this Ansible: > > https://git.centos.org/summary/rpms!ansible > > Then that is as provided by Red Hat for RHEL-7 Extras. We (I) don't > make any changes to the source code, it is built source code as released > for RHEL. > > As to why the do things or do not do things, I have no idea. > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > > -- [image: photo] Mark Haney Network Engineer at NeoNova 919-460-3330 <(919)%20460-3330> (opt 1) • mark.ha...@neonova.net www.neonova.net <https://neonova.net/> <https://www.facebook.com/NeoNovaNNS/> <https://twitter.com/NeoNova_NNS> <http://www.linkedin.com/company/neonova-network-services> ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C6 and xfce
On 11/13/2017 02:26 PM, m.r...@5-cent.us wrote: Hi, folks, So I installed xfce on my Netbook. While I was in Chicago, I worked out how to tell it to bring it up. It came up. As root. With no obvious way to tell it to show a login screen first. Did I miss something? mark All the Google says is that you can select the session from the GNOME interface (assuming you've got another GUI on there). As my setup was on Ubuntu, I can't really help from my experience. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] C6, lightweight window managers - opinions?
On 11/13/2017 03:06 PM, m.r...@5-cent.us wrote: I used IceWM a long, long, tried it recently - it's unchanged. Love it! :-) Really? It didn't look like the executables had been updated in years. But if they have, I *really* need to take a second look. Thanks! mark You're in luck: Stable release <https://www.google.com/search?q=icewm+stable+release&stick=H4sIAOPgE-LQz9U3yC4yzdaSLC620i9PTUpLTC4ptiouSUzKiS9KzUlNLAYAd3z9xyc&sa=X&ved=0ahUKEwjjxMf0sLzXAhUEjVQKHWRDDs4Q6BMIqAEoADAX>:1.4.2 / July 30, 2017; 3 months ago -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] run bash from cron
This might be a bit OT, but I've never had to do this before and what I've googled doesn't seem to be working. I have an ansible playbook that I'm working on that I want to run as a cronjob. One task I'm having trouble with is where I have a text file with lines like: rd.pl "blah blah" rd.pl "blah blah blah" This text file has to be 'executed' using 'bash filename.txt'. (Don't ask why, I'm working on code that isn't mine.) When I run the playbook in a console this bit works perfectly. However, when it's being run from cron, it dies with 'rd.pl: command not found'. My original thought is that cron's $PATH is missing the location to this rd.pl file (it's in /root/bin), so one suggestion from the Google was to add the path into /etc/crontab, but I'm still having the same problem. At this stage, I've no idea what to try next. Any ideas? For the record, this was the only option to handle the task I'm having issues with inside cron. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] run bash from cron
On 11/15/2017 11:55 AM, Noam Bernstein wrote: On Nov 15, 2017, at 11:48 AM, m.r...@5-cent.us wrote: Mark Haney wrote: This might be a bit OT, but I've never had to do this before and what I've googled doesn't seem to be working. I have an ansible playbook that I'm working on that I want to run as a cronjob. One task I'm having trouble with is where I have a text file with lines like: rd.pl "blah blah" rd.pl "blah blah blah" This text file has to be 'executed' using 'bash filename.txt'. (Don't ask why, I'm working on code that isn't mine.) When I run the playbook in a console this bit works perfectly. However, when it's being run from cron, it dies with 'rd.pl: command not found'. My original thought is that cron's $PATH is missing the location to this rd.pl file (it's in /root/bin), so one suggestion from the Google was to add the path into /etc/crontab, but I'm still having the same problem. At this stage, I've no idea what to try next. Any ideas? For the record, this was the only option to handle the task I'm having issues with inside cron. Yes. Do not trust your environment, running as a cron job, to be what you think it is. Try testing it by have your cron job, at the top of the script, issue the env command. What about just giving the full path to the rd.pl script in the text file (i.e. /root/bin/rd.pl) ? Well, I'll be damned. That actually worked. In all honesty, when first building this playbook, giving the full path didn't work. (I swear it didn't). It's still not great, though because the out put is being generated without the full path. However, I think I can fix that without too much trouble. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] run bash from cron
On 11/15/2017 11:48 AM, m.r...@5-cent.us wrote: Mark Haney wrote: For the record, this was the only option to handle the task I'm having issues with inside cron. Yes. Do not trust your environment, running as a cron job, to be what you think it is. Try testing it by have your cron job, at the top of the script, issue the env command. mark I'm not sure I follow, where should the env command be placed? At the front of the cron line? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] run bash from cron
On 11/15/2017 11:57 AM, Paul Heinlein wrote: In your crontab, try env PATH="$PATH:/root/bin" bash filename.txt Maybe I wasn't terribly clear, for which I apologize. I'm not running the text file itself from cron. I'm running an ansible playbook from cron, which, as one of its tasks runs 'bash filename.txt'. It's possible I could try the command you recommend above in the task and see if that fixes it. However, I have another method that works in a similar fashion. I simply added BASH_ENV=$HOME/bash_profile to the top of my crontab, which has fixed the issue. I could have sourced the profile on the cronjob line, but this is a bit clearer for other who might access the system. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Failed attempts
On 11/27/2017 12:10 PM, Jerry Geis wrote: hi All, I happened to login to one of my servers today and saw 96000 failed login attempts. shown below is the address its coming from. I added it to my firewall to drop. Failed password for root from 123.183.209.135 port 14299 ssh2 FYI - others might be seeing it also. You're going to see this probably quite a lot on a server that has port 22 open to the world. All the linux boxes I have internet accessible have a couple of things setup to prevent a lot of that: Lock down SSH to accept only login requests from one IP (or a range, but I prefer a single IP most of the time if I can manage it). Use a non-standard SSH port (and not a variation like or some such, just make sure you remember what it is). Fail2ban is your friend. Seriously though, Fail2Ban is simply amazing. It will block IPs using IPtables without needing to write your own rules. Will email you a log if you like. And will generally help you sleep better at night. I've got a couple of web servers that I have running Fail2Ban with a maximum of 3 failed logins and once that's reached, the IP is blocked for a week. An hour just won't cut it nowadays, IMHO. It's pretty trivial to setup and uses very little in resources. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Admins supporting both RHEL and CentOS
On 11/28/2017 08:06 AM, Joseph L. Casale wrote: With a few exceptions, I see most admins treat CentOS as a single rolling release and rely on the ABI commitment assuming things just work between point releases. On the other hand I see the opposite with RHEL where admins constrain installations to the point release. What is the case with users on this list who support both? I can't really speak for anyone else, but for me, a lot depends on the use of the systems. I typically treat RHEL and CentOS the same way as far as updating to the latest point release. It's never bit me in the past that I am aware of. The only exception to that is with the SGI Altix 4300/4400s I used to manage. We migrated from SLES to RHEL and in those cases, barring a serious enough bug, those boxes were left alone until time came to refresh them, such as the move from RHEL5 to RHEL6. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Failed attempts
On 11/28/2017 04:09 AM, Pete Biggs wrote: - don't run ssh on 22, use a different port. (Things get a lot quieter when you do that, but it comes with it's own problems and don't get complacent because someone will find the port eventually.) I consider that pointless security-through-obscurity. That wasn't meant as a "security" thing - that's why it was under the heading "For your sanity ...". All these things do is to make it so that your machine is no longer the low-hanging-fruit! Pointless? I think not. Using (and locking down, which is implicit in my post) a non-standard port isn't pointless. I dare say, it's as valid as using fail2ban or iptables. Let me ask, since you're against pointless changes, do you also advertise the SSHd version you're running on your standard port? If not, isn't that the same thing? Besides, the idea is to /not be low hanging fruit/, is it not? The idea is to make the system as secure as possible. Security is something everyone should take seriously, and sometimes hiding the padlock is probably a better deterrent than just having it in plain sight. The harder you make it for someone to attack you, the better off you will be. Scoff if you will, I've been at this 20 years, I'd rather OVER secure than under if the circumstances require it. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Missing /usr/share/perl5 in C7
I'm under a bit of a crunch here, so any immediate help would be appreciated. We kickstart our customer boxes and have started migrating to CentOS 7. We're running Radiator 4.6 1 (I know, but bear with me) and we just deployed our first radius box to a customer to be turned up today. (I know, I know. I had no idea it wasn't being tested sooner than this.) I was brought in because the strict.pm perl module was missing and causing compilation errors. It turns out nearly the entire /usr/share/perl5/ directory was pretty much empty. I ended up having to copy that directory over from another C7 server which was intact. yum whatprovides /usr/share/perl5/strict.pm tells me it's the base perl-5.16.x package, which is installed on this box. Any idea what happened? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Perl fun part 2
I figured this needed it's own thread, so apologies for spamming the list. Along with the /usr/share/perl5 issues (which I did kinda fix with a manual copy of the directory from another box), we're having an issue with SystemD (go figure) stopping the radiator service, but failing to unbind the ports (1645/1646). It's complaining about 'killproc' not found. Is there a package that's in? Or how do I get this to work with SystemD properly? We can't have this thing jacked up like this. Any ideas? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Missing /usr/share/perl5 in C7
On 11/29/2017 01:43 PM, m.r...@5-cent.us wrote: Mark Haney wrote: Any idea what happened? No idea what could have happened, but if it were me, I wouldn't copy anything - I'd yum reinstall instantly. You have no idea what *else* is missing. Thinking about it... you might consider verifying the entire system. Since something's missing from initscripts, I'd worry a *lot*. mark Believe me, I am. Unfortunately and unbeknownst to me, this box has been in production on the customer side for a couple of weeks now. I've checked every other box that's been kickstarted for the last month and none show the same problems. It's really bizarre. And as far as the /etc/init.d/functions file goes, C7 doesn't place it there, it's in /etc/rc.d/init.d/functions, so symlinking to it from /etc/init.d/ fixed that particular problem. The weird issue with /usr/share/perl5/ is that there was some files and directories there, just not everything, so it wasn't completely empty. I have no real answer to that, though. But, right now, the box is stable for what it will be doing, and I've got a production MySQL server to troubleshoot why it's imploded twice the last two nights after being up for 400 days without trouble. The joys of dealing with multiple dumpster fires at a time is why I love (and hate) IT. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] time foo
On 12/01/2017 02:32 PM, hw wrote: Hm. Foo is a program that imports data into a database from two CVS files, using a connection for each file and forking to import both files at once. So this would mean that the database (running on a different server) takes almost two times as much as foo --- which I would consider kinda excruciatingly long because it´s merely inserting rows into two different tables after they were prepared by foo and then processes some queries to convert the data. The queries after importing may take like 3 or 5 minutes. About 4.5 million rows are being imported. Would you consider about 20 minutes for importing as long? There are far too many variables you've not mentioned to determine if that's good or bad (or very bad). Is the connection a local connection (ie the import is done on the DB server) or a network connection? What size are the CSV (CVS is a typo, correct?) files? 4.5M rows tells us nothing about how much data each row has. It could be 4.5M rows of one INT field or 4.5M rows of a hundred fields. I'm a bit confused by the last two sentences. Based on how I read this: 1. Foo is prepping (creating?) the tables 2. Processes queries to convert the data (to CSV?) 3. Runs more queries on those tables. Or it could be: 1. Foo preps the tables 2. Foo imports the CSV files 3. Foo does post-processing of the tables. It's not really clear the actual process, but I'll go on the assumption that Foo is creating the tables with the correct fields, data types, keys and hopefully indices. Then dumps the CSV files into the tables. Then does post-processing. (I've written similar scripts, so this is the most logical process to me.) If we assume network bandwidth is fine, that still leaves far too many server variables to know if 20m is about right or not. Amount of data to import, TYPE of data, database AND server configuration, CPU, RAM, etc and DB config for tunable paramters like buffer pool, read/write I/O threads, etc. IIRC, you posted some questions about tuning a DB server a while back, would this be data going into that server, perhaps? I'd like to offer a helpful suggestion when asking for list help. It's better to provide TOO MUCH information, than too little. There's a big difference between 'my printer won't print' and 'my printer won't print because it's not feeding paper properly'. -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.ha...@neonova.net www.neonova.net ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos