Re: [CentOS] Fan speed control on Supermicro X8DAL board with CentOS
On 06/02/11 07:00, Chuck Munro wrote: Hello folks, I'm having a difficult time trying to figure out why the CPU cooling fans run at full speed on my Supermicro X8DAL-3 motherboard. There doesn't seem to be any variable speed (the fans are PWM compatible) ... they either idle at almost nothing, or suddenly burst into a high-pitched scream that gets my ears bleeding after a few seconds. Once they jump to warp-10, they remain there. The Super-I/O chip on this board is a Winbond W83627DHG which does the temperature and voltage monitoring. Is anyone aware of which driver or kernel module I need for that chip in order to get control of the fans? The Supermicro web site and the board's manual aren't any help. Fresh installs of CentOS-5.5 and RHEL-6 don't exert any control by default. Installing the lm_sensors package and probing with the 'sensors' command didn't help either. Slowly going deaf ... Chuck Hi Chuck, The correct kernel module for your chipset is w83627ehf.ko. I'm not sure the driver actually controls fan speed, I thought it was more for monitoring (fan speeds, temps, voltages) but I could be wrong. My current system (not a Supermicro) controls variable fan speed from options within the BIOS. I can enable/disable fan speed control and select either voltage or PWM based control. The stock w83627ehf driver in RHEL5.5 is oldish (they were updated in 5.5 I think but are still over a year old now). ELRepo.org have an updated driver available (kmod-w83627ehf) based on a backport from kernel-2.6.34. I've just checked upstream and a few more patches have been committed since kernel-2.6.34 and the current kernel-2.6.37 so I'll look at updating the elrepo driver with those latest patches. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Fan speed control on Supermicro X8DAL board with CentOS
On 06/02/11 17:15, Chuck Munro wrote: On Sun, 06 Feb 2011 12:09:12 + Ned Slider wrote: On 06/02/11 07:00, Chuck Munro wrote: Hello folks, I'm having a difficult time trying to figure out why the CPU cooling fans run at full speed on my Supermicro X8DAL-3 motherboard. There doesn't seem to be any variable speed (the fans are PWM compatible) ... they either idle at almost nothing, or suddenly burst into a high-pitched scream that gets my ears bleeding after a few seconds. Once they jump to warp-10, they remain there. The Super-I/O chip on this board is a Winbond W83627DHG which does the temperature and voltage monitoring. Is anyone aware of which driver or kernel module I need for that chip in order to get control of the fans? The Supermicro web site and the board's manual aren't any help. Fresh installs of CentOS-5.5 and RHEL-6 don't exert any control by default. Installing the lm_sensors package and probing with the 'sensors' command didn't help either. Slowly going deaf ... Chuck Hi Chuck, The correct kernel module for your chipset is w83627ehf.ko. I'm not sure the driver actually controls fan speed, I thought it was more for monitoring (fan speeds, temps, voltages) but I could be wrong. My current system (not a Supermicro) controls variable fan speed from options within the BIOS. I can enable/disable fan speed control and select either voltage or PWM based control. The stock w83627ehf driver in RHEL5.5 is oldish (they were updated in 5.5 I think but are still over a year old now). ELRepo.org have an updated driver available (kmod-w83627ehf) based on a backport from kernel-2.6.34. I've just checked upstream and a few more patches have been committed since kernel-2.6.34 and the current kernel-2.6.37 so I'll look at updating the elrepo driver with those latest patches. Hope that helps. Thanks Ned! I did go through the board's BIOS menus several times and could find only one fan control option, which ranges from always-fast for maximum performance to almost-silent for workstation use. No matter what the setting, the fans may start out slow but eventually jump to high speed. Updating the BIOS to the latest version made no difference. I also noticed that at all times the BIOS reports the CPU temperatures as Low no matter what the fan speed. The coolers are always cold to the touch. I sure hope I don't have a defective board ... it's a royal pain to have to remove one from a large server. I booted Ubuntu but the live-CD version doesn't have a working 'fancontrol' utility. I'd be tempted to install Ubuntu Server but I much prefer staying with CentOS and KVM to match all of the guest virtual machines it'll be running. Time to go through the mobo manual with a fine-tooth comb. :-) Chuck You're welcome Chuck. Your question prompted me to update the elrepo kmod-w83627ehf driver package to the latest upstream source (kernel-2.6.37): http://lists.elrepo.org/pipermail/elrepo/2011-February/000488.html By all means give that package a try, but I'm not convinced it will address your problem in this case. Either way, it should be relatively quick and painless to test - updated packages should be available shortly. Maybe someone with more experience of this particular Supermicro M/B will pop up on the list :-) Regards, Ned ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSH AllowUser WildCard
On 07/02/11 06:08, Stephen Cox wrote: Is it possible to allow a user to login from an changing hostname like: username@*hoststringfixed.com man sshd_config AllowUsers This keyword can be followed by a list of user name patterns, separated by spaces. If specified, login is allowed only for user names that match one of the patterns. `*' and `?' can be used as wildcards in the patterns. Only user names are valid; a numerical user ID is not recognized. By default, login is allowed for all users. If the pattern takes the form USER@HOST then USER and HOST are separately checked, restricting logins to particular users from particular hosts. So wild cards can be used although it doesn't specifically state they can be used with the HOST part. Try it and see, my guess is it will work. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Unable to connect to wireless network
On 04/02/11 22:51, Always Learning wrote: On Fri, 2011-02-04 at 21:45 +0530, Jatin wrote: I just installed the CentOS 5.5 version on my toshiba laptop. I did the configuration that i had for the wireless settings but still i could not connect to my home wireless network. So someone please guide me on how i can connect my laptop to my wireless home network. Hi Jatin, I'm a kind of expert on this. In the last 2 weeks I've done 2 laptops and one notebook. The biggest problem is Centos may not have the necessary wifi drivers. Centos 5.5 kernel is 2.6.18. Some wifi drivers were added to the Linux kernel 2.6.27. Red Hat constantly backports updated drivers into each update set. The kernel in 5.3 contained support for many new wireless devices as did the 5.5 kernel. The current CentOS kernel bears little to no resemblance to a stock 2.6.18 kernel wrt wireless support. Drivers for devices not directly supported by the kernel (and many wireless firmware packages) can be found at elrepo.org. Once we know the device then I'm sure we can point the OP in the right direction. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Let's talk about HTTPS Everywhere
On 19/01/11 18:42, John R. Dennison wrote: On Wed, Jan 19, 2011 at 10:33:59AM -0800, Mark wrote: Let's talk about CentOS on this list, shall we? Presumably the OP is running firefox on CentOS. So... how it this not about CentOS? You are kidding, right? I do my accounts on CentOS - does that make this a suitable venue to discuss my tax returns? The SNR of this list is shocking and encouraging the above doesn't help any. This thread is already 10 posts and contains not one single relevant (to this list) piece of information. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nvidia failure with new kernel
On 17/01/11 18:44, Jason Brown wrote: The kernel modules are only for that kernel, so anytime you update it you also have to reinstall the nvidia drivers. Alternatively, you could use the nvidia driver packages from elrepo.org: http://elrepo.org/tiki/kmod-nvidia which are kABI-tracking kmod packages that work seamlessly over a kernel update. They even work with the new 5.6 kernel and there are packages for el6 too. If you do decide to switch to the elrepo packages, please make sure you *uninstall* the current NVIDIA provided driver first. The page above has details on how to do that. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] nvidia failure with new kernel
On 17/01/11 20:08, Michael D. Berger wrote: On Mon, 17 Jan 2011 19:07:03 +, Ned Slider wrote: On 17/01/11 18:44, Jason Brown wrote: The kernel modules are only for that kernel, so anytime you update it you also have to reinstall the nvidia drivers. Alternatively, you could use the nvidia driver packages from elrepo.org: http://elrepo.org/tiki/kmod-nvidia which are kABI-tracking kmod packages that work seamlessly over a kernel update. They even work with the new 5.6 kernel and there are packages for el6 too. If you do decide to switch to the elrepo packages, please make sure you *uninstall* the current NVIDIA provided driver first. The page above has details on how to do that. Hope that helps. After looking at the recommended web site, I did the uninstall, and then ran: yum --disablerepo=\* --enablerepo=elrepo install kmod-nvidia nvidia-x11- drv 21 | tee el.log I got: Loaded plugins: fastestmirror Error getting repository data for elrepo, repository not found It seems that there may be another step. Please see the Getting Started instructions here: http://elrepo.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hardware problem with 5.6
On 14/01/11 17:22, mahmoud mansy wrote: hey every one i got the centos 5.5 and the following problem occuered: 1- the video display doesnot probe my card right. 2- the wireless card doesnot installed . my laptop is dell studio1569: ( display card is intel hd arrandle , the wireless card is intel advanced centrino n6200 series ) but the fedora 14 did it will with both also the ubuntu? The Intel Wireless WiFi Link 6200AGN and 6300AGN Adapters are supported by the iwlagn driver in 5.5 and 5.6. You will need the appropriate firmware installed, in this case iwl6000-firmware available from elrepo.org: http://elrepo.org/tiki/iwl6000-firmware ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Grub upgrade for CentOS 5.5?
On 03/01/11 07:23, Ron Blizzard wrote: Stupid question (I'm guessing). I'm currently tri-booting (or would like to be) VectorLinux 6 Deluxe, CentOS 5.5 and an evaluation copy of Red Hat 6. I'm using CentOS's grub. VectorLinux and CentOS boot fine, but Red Hat won't load. I think I read somewhere that CentOS's grub is too old for ext3, 256 (something or others). So, is it possible to download and install a newer version of grub for CentOS 5.5? (This has been a problem with other tri-boot attempts). If not, is their a way to boot Red Hat from the install DVD? Since it's only a 30 day evaluation, booting from DVD or CD would be fine, but I don't see the option. Thanks for any pointers. You don't need to upgrade grub, I'm quite happily dual booting rhel6 GA on a CentOS-5 system (using C-5 GRUB). Only thing I did differently is the rhel6 /boot partition is mounted on an ext3 partition whereas I _think_ the default might be ext4 which, as a wild guess, is probably unsupported by CentOS-5 GRUB ? The rest of the system is quite happily sitting in an ext4 partition using md raid on lvm. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Grub upgrade for CentOS 5.5?
On 03/01/11 10:37, Ron Blizzard wrote: On Mon, Jan 3, 2011 at 4:15 AM, Ned Slidern...@unixmail.co.uk wrote: You don't need to upgrade grub, I'm quite happily dual booting rhel6 GA on a CentOS-5 system (using C-5 GRUB). Only thing I did differently is the rhel6 /boot partition is mounted on an ext3 partition whereas I _think_ the default might be ext4 which, as a wild guess, is probably unsupported by CentOS-5 GRUB ? The rest of the system is quite happily sitting in an ext4 partition using md raid on lvm. Hi Nick, Thanks for writing back. I'm using ext3 also. Is it possible to see your RHEL 6 grub entry? Did you install grub on the RHEL boot partition and use a chainloader, or were able to just do a normal entry? Again,t hanks for any ponters. Yes, I installed rhel6's grub to the rhel6 /boot partition during the rhel6 installation and then added a chainloader entry to the end of the CentOS-5 /boot/grub/grub.conf to boot rhel6: title RHEL6 Buildsys rootnoverify (hd0) root (hd0,1) chainloader +1 Adjust to suit your partitioning scheme :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] WNA1100 Netgear Wireless USB
On 03/12/10 18:22, r...@saf.com wrote: Any chance this wireless USB can be made to work on 32 bit CentOS 5.5? [r...@young ~]# /sbin/lsusb Bus 001 Device 003: ID 0846:9030 NetGear, Inc. Bus 001 Device 001: ID : Bus 001 Device 002: ID 413c:0108 Dell Computer Corp. [r...@young ~]# uname -a Linux young 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:40 EST 2010 i686 i686 i386 GNU/Linux Thanks in Advance I think that's an Atheros 9271 chipset using the ath9k_htc driver: http://wireless.kernel.org/en/users/Drivers/ath9k_htc It might require a newer kernel to compile though. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Total Number of conecctions
On 03/12/10 20:57, Alejandro Rodriguez Luna wrote: I have the need to know how many connection the server has, i run this command but i don't know how to sum all the results and get a final number. any ideas? netstat -an | grep -E 'tcp|udp' | awk '{print $6}' | sort | uniq -c | sort -n 1 CLOSE_WAIT 1 FIN_WAIT_2 1 LAST_ACK 1 TIME_WAIT 4 SYN_SENT 15 37 LISTEN 44 ESTABLISHED How about just counting the number of lines of output with 'wc -l': netstat -antu | wc -l ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 27/11/10 18:57, Benjamin Franz wrote: On 11/26/2010 05:17 PM, Patrick Lists wrote: What's with people recommending to turn off SELinux?! That's just bad advice and like recommending people keep their doors unlocked at all times. Really, stop doing that. SELinux is there for a reason. SELinux is like a automatic collision avoidance system for an airplane that unpredictably crashes the plane during normal flight. While the basic idea is good, until it stops crashing planes without warning it isn't going to be accepted. It is not enough that it mitigates certain classes of attacks when it actively breaks running systems *more often* than it mitigates attacks. And that is my personal experience. Every year or two I try turning it on on a few systems. And then, after it suddenly decides to break a previously stable system - it gets turned back off. This is where, as a sysadmin, you need to invest just a little time and effort learning the system. Honestly, the vast majority of issues are trivial to solve if you just spend a few hours reading the docs/guides, and even if you really can't be bothered there are kind folks on this list (and others) that will likely solve your issues for you. How is that not worth the extra security SELinux affords? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 27/11/10 06:33, Alison wrote: Thanks for all the input. Particularly John and Patricks URL's for reading material. Starting with the stuff here http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml Which is really good. There is also a guide to SELinux on the CentOS Wiki: http://wiki.centos.org/HowTos/SELinux Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Best way to configure proprietary NVidia driver on CentOS ?
On 15/11/10 10:21, John Hodrien wrote: On Mon, 15 Nov 2010, John Doe wrote: I use dkms-nvidia-x11-drv and it works fine between kernel updates... While I know kmod is said to be better, last time I tried it, I failed to make it work. Maybe I will retry kmod later... I'd previously had an identical experience to yours with kmod-nvidia, but when I recently tried it all worked without a hitch. dkms-nvidia from rpmforge is just too far out of date now really. The dkms driver is deprecated in favour of the elrepo kmod-nvidia driver. If you have problems with the kmod-nvidia driver, please do subscribe and post to the elrepo mailing list and someone will be more than happy to assist you. Most problems are likely caused by not properly uninstalling any previous incarnations of the nvidia driver, be it dkms or the NVIDIA installer. Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] updating to gtk+ = 2.0
On 14/11/10 22:33, aurfal...@gmail.com wrote: Hi all, Any know the best way to up gtk+ on Centos 5.5 to something being at least 2.0 or greater? yum install gtk2 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] large numbers of linux system user for postfix
On 08/11/10 08:30, ahmad riza h nst wrote: hello, i need to setup a mail server with postfix + dovecot + webmin + virtualmin + virtual user with linux system user. the virtual user may reach to thousands user from several hundreds virtual domains. what i concern is large numbers of linux system user which used in these setup, is it good or bad? maybe somebody would share their experience about this setup ? any links would be good. postfix 2.6.7 dovecot 2.0.6 centos 5.x webmin + virtualmin thank you. Other that centos 5.x, none of the rest is shipped by CentOS so you're unlikely to get much help here. Also, please don't cross post the same question to multiple lists - you have an active thread on the postfix users list and most postfix users on this list will also be subscribed there too. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kernel bug fixed in later kernels
On 03/11/10 22:59, Philip Manuel wrote: Does anyone know if this is going to be fixed in CentOS ? Only if it gets fixed in RHEL. Did you file a bug? If so, where is it? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] heads up - on latest rpmforge perl-NetAddr-IP update and spamassassin 3.3.1 conflict on Centos4
On 28/10/10 06:57, R-Elists wrote: heads up and fyi folks... CentOS 4 latest... SpamAssassin version 3.3.1 running on Perl version 5.8.8 :-) i noticed on a centos 4 box after doing a manual yum update and getting 2 updated perl packages from rpmforge again, just a heads up as rpmforge has been rock solid for us for years so we are no bashing It's a known issue with perl-NetAddr-IP-4.034 https://rt.cpan.org/Public/Bug/Display.html?id=62521 As you've discovered, downgrading is the temporary fix. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] temp dir, httpd and selinux
On 21/10/10 11:57, admin lewis wrote: Hi, I have a php software installed on a centos server with selinux enforced activeted. The php software (glpi -- http://www.glpi-project.org) have a plugin that must write on a temp dir... but selinux dont give access to that dir to write. How should i do ? lewis Take a look at the Troubleshooting section of the SELinux guide on the Wiki: http://wiki.centos.org/HowTos/SELinux#head-02c04b0b030dd3c3d58bb7acbbcff033505dd3af ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing Adaptec Storage Manager - needs libstdc++-libc6.1-1.so.2
On 16/10/10 18:07, Peter Crighton wrote: I'm trying to install the Adaptec Storage Manager for the 21610SA SATA RAID controller on Centos 5.5. rpm reports that it failed on the dependency on libstdc++-libc6.1-1.so.2 yum provides */libstdc++-libc6.1-1.so.2 reports no matches found So widen your search slightly: yum provides */libstdc++-libc6* How can I install the required files to all the Adaptec Storage Manager to be installed? yum install compat-libstdc++-296 then create a symlink in /usr/lib ln -s libstdc++-3-libc6.2-2-2.10.0.so libstdc++-libc6.1-1.so.2 Hopefully that should do the trick. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wireless problem
On 15/10/10 13:37, Giles Coochey wrote: On 15/10/2010 06:06, David wrote: Hi folks I just installed Centos 5.5. I heard about the new changes in wifi support. I tried a USB wifi card from Netgear, and It works fine. It didn't en Centos 5.4, so that's great news. The problem is I have a Linksys WUSB54GC USB wifi card and I want to make it work. I get this messages in /var/log/messages as soon as I plug it in. Oct 14 22:56:20 lila kernel: usb 1-1: USB disconnect, address 2 Oct 14 22:56:21 lila kernel: usb 1-1: new full speed USB device using uhci_hcd and address 3 Oct 14 22:56:22 lila kernel: usb 1-1: configuration #1 chosen from 1 choice Oct 14 22:56:22 lila kernel: Registered led device: rt73usb-phy1::radio Oct 14 22:56:22 lila kernel: Registered led device: rt73usb-phy1::assoc Oct 14 22:56:22 lila kernel: Registered led device: rt73usb-phy1::quali Oct 14 22:56:22 lila kernel: usbcore: registered new driver rt73usb Oct 14 22:56:23 lila firmware_helper[2605]: Loading of /lib/firmware/rt73.bin for rt73usb driver failed: No such file or directory Oct 14 22:56:23 lila kernel: phy1 - rt2x00lib_request_firmware: Error - Failed to request Firmware. I googled it but nothing re Hi, Didn't google enough... please try installing the firmware available from Elrepo for this card: http://elrepo.org/tiki/rt73usb-firmware Indeed, and it's even covered on the CentOS wiki: http://wiki.centos.org/HowTos/Laptops/Wireless#head-a7388039af96da5400e599133447452d2ca61fb5 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] *** OFF LIST *** Was: Re: should i (theoretically) be able to boot a git cloned kernel on 5.5?
On 10/10/10 16:09, Akemi Yagi wrote: You can find the answer here :-) http://blog.toracat.org/2010/03/want-a-custom-kernel-on-centos-noo-really/ Akemi Quoted from the above link: As always, Alan and Ned engaged their brains and we tried several things to find a solution. We were not going anywhere when vanecka posted a fix in this forum thread. Just thought I'd mention, although not grammatically incorrect, the phrase is going nowhere, as in We were going nowhere when vanecka posted a fix in this forum thread. Made me smile, but we all understand exactly what you mean :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] *** OFF LIST *** Was: Re: should i (theoretically) be able to boot a git cloned kernel on 5.5?
On 10/10/10 17:05, Ned Slider wrote: On 10/10/10 16:09, Akemi Yagi wrote: You can find the answer here :-) http://blog.toracat.org/2010/03/want-a-custom-kernel-on-centos-noo-really/ Akemi Quoted from the above link: As always, Alan and Ned engaged their brains and we tried several things to find a solution. We were not going anywhere when vanecka posted a fix in this forum thread. Just thought I'd mention, although not grammatically incorrect, the phrase is going nowhere, as in We were going nowhere when vanecka posted a fix in this forum thread. Made me smile, but we all understand exactly what you mean :-) Apologies - that was obviously intended to be off list :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] Suggestion for how to section: easy way to install the JDK?
On 09/10/10 08:32, Manuel Wolfshant wrote: snip At least the jre package (and I am almost sure jdk too) from Sun comes with the following structure: lrwxrwxrwx 1 root root 16 Apr 10 01:25 default - /usr/java/latest drwxr-xr-x 7 root root 4096 Jun 28 23:34 jre1.6.0_20 lrwxrwxrwx 1 root root 21 Jun 28 23:35 latest - /usr/java/jre1.6.0_20 Using /usr/java/latest and / or /usr/java/default in your scripts makes them immune to upgrades, as long as you stick with Sun's packages ( which - sad but true - make the java-openjdk / gcj packages useless and offer ( for the moment ) better compatibility with the real world. At least from I where I stand. Are these redistributable? I'm sure they are as Red Hat has Sun's Java packages on it's RHEL Supplementary disk for RHEL5 which it (re)distributes to customers. In which case why doesn't someone just repackage these and stick them in CentOS Extras/rpmforge or somewhere and the problem largely goes away. Or am I missing something? If we had decent packages that Just Worked, we wouldn't need convoluted documentation on how to install Java. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] Suggestion for how to section: easy way to install the JDK?
On 09/10/10 13:13, R P Herrold wrote: On Sat, 9 Oct 2010, Ned Slider wrote: Are these redistributable? I'm sure they are as Red Hat has Sun's Java packages on it's RHEL Supplementary disk for RHEL5 which it (re)distributes to customers. No, not without exposing oneself to some liability and obligations to Sun / Oracle. -- Russ herrold OK, thanks for that Russ, and probably explains why no one has done the obvious before now! Regards. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] update HOWTO page for how to copy ssh pub keys
On 07/10/10 12:29, Robert P. J. Day wrote: here: http://wiki.centos.org/HowTos/Network/SecuringSSH the recipe for how to copy your id_rsa.pub file to a remote system is given as: Copy the public key (id_rsa.pub) to the server and install it to the authorized_keys list: $ cat id_rsa.pub ~/.ssh/authorized_keys i suspect it would be better if that were rewritten in terms of using ssh-copy-id, just to be simpler and less error-prone. rday Thanks for volunteering :-) Please submit your proposed changes to this list and we can make it happen. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] does having a centos wiki acct grant edit access?
On 25/09/10 11:36, Robert P. J. Day wrote: i just registered for a centos wiki account, and was wondering if this gives me edit capability. i'm prepping for the first of a number of RHEL/centos basic admin courses and currently working my way thru the wiki, collecting neat tricks and ideas and, occasionally, i'll stumble over typoes -- some minor, some not so much. for instance, here: http://wiki.centos.org/TipsAndTricks/YumAndRPM#head-61731905d2e34ac343baeef06e5dd296aeed67b9 the command is listed as: yum --disable * --enable rpmforge list available i'm guessing that should actually be: yum --disablerepo * --enablerepo rpmforge list available no? but even if i got edit access, i'd still be happier if someone eventually checked out any changes i made to validate them. whatever works best. rday No, an account does not automatically give you edit rights, and you need to take this to the centos-docs list where a wiki editor will be happy to make the edits for you. Obtaining wiki edit rights isn't hard - you just need to demonstrate that you wish to contribute. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ac1dB1tch3z Vs Linux Kernel x86_64 0day
On 18/09/10 20:11, Gerhard Schneider wrote: Are there any 64bit CentOS5 kernels available that are immune against the exploit mentioned in the subject? Turning off 32bit support is no option to me.. Gerhard Schneider P.S.: Source code can be found at http://seclists.org/fulldisclosure/2010/Sep/268 and is working well on 2.6.18-194.11.3.el5.centos.plus Not at present AFAIK. Red Hat are currently working on backporting a fix. You can track progress here: https://bugzilla.redhat.com/show_bug.cgi?id=634457 https://access.redhat.com/kb/docs/DOC-40265 Given CentOS tracks what Red Hat releases, there's not much CentOS can do until Red Hat release a fix and Red Hat are unlikely to rush a fix out of the door before it's been thoroughly tested. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Iptables questions
On 11/08/10 00:12, Bob Hoffman wrote: Forgive me if this does not go with the right topic, I am on digest and responding to a topic sometimes makes it start a new one. My reason for the iptables questions is to not follow the practice of putting up a wall and ignoring hackers. I want to be more proactive. If I have set my ssh port to 55994 and am not using port 22, but hackers are pounding on my port 22 looking for Ssh, then I want to not only know about it, I want to log them and prevent them access to my server and web applications. At least temporarily. Do you have any evidence that those IPs banging away on port 22 are also attacking other ports? Don't get me wrong, I'm all for getting proactive with security but I'm not convinced site wide blocking of IPs probing port 22 will translate to other services. After moving ssh to an alternative port, I typically see around 3 probes a day on port 22 in my firewall logs. How many are you seeing? If it's significantly more than that, why? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to ensure systems users strong passwdors enabled
On 07/08/10 14:12, Agnello George wrote: how to ensure systems users have strong passwords enabled Take a look at the section on password policies here: http://wiki.centos.org/HowTos/OS_Protection#head-c09e77a13f234131e96f8d3cb95dca1f7ff41427 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] WAS/CentOS 5.5 latest revisions seem really slow//Now Where are the Kernels?
On 04/08/10 10:08, JohnS wrote: UPDATE ! Replying to my self those you see missing are not on Red Hats Public Mirror Site so evidently those are not built to go in CentOs. I presume those come out in the fastrack repository? Can someone correct me here if I am wrong. No, they are internal Red Hat builds and are not publicly released. CentOS release every kernel that Red Hat releases. Typically Red Hat will only release a kernel when a security issue makes it pertinent to do so and in the mean time there are often a number of internal bug fix releases that don't get released to customers or the public. FasTrack typically contains trivial bug fixes that will get rolled into the next update set, but are made available early via the FasTrack channel to those that wish to consume them: https://rhn.redhat.com/errata/rhel-server-fastrack-errata.html So effectively they not missing in action as I thought. Sorry Now they would be a nice inclusion. John ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CORRECTED] Postfix SMTP authentication on remote relay serve
On 30/07/10 13:22, Rudi Ahlers wrote: Sorry about the previous post, I see the subject had a typo. So here's the correct one :) Does anyone know how to configure Postfix to use SMTP authentication on a relay host? i.e. I have a Linux server, running PostFix on an ADSL line with a dynamic IP. Thus I can't just send out emails from this server but need to relay it via our ISP's SMTP server, which is very unreliable. Now I want to relay the email via another SMTP, running cPanel server where a user account with the same domain has already been setup, but I got no idea how to get it to work on SMTP authenticiaion. Any suggestions? Try reading: http://wiki.centos.org/HowTos/postfix_sasl http://www.postfix.org/SASL_README.html http://postfix.state-of-mind.de/patrick.koetter/smtpauth/ and references therein. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KTorrent on CentOS 5.5 does not exist
On 30/07/10 19:59, MGW-Discussions wrote: Greetings guys. What repo do I need to install to be able to install ktorrent? RPMForge has it. http://wiki.centos.org/AdditionalResources/Repositories/RPMForge ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] edit by AlanBartlett
On 29/07/10 21:03, Akemi Yagi wrote: So, here comes the positive thinking part: what would have worked better if placing the query within the page did not do the job? 'Asking on this mailing list' comes to my mind. That way, chances of getting attention will be quite good. Posting here will also be useful especially if a question is something that is best discussed by people on the -doc list rather than something the person who wrote the sentence decides. Akemi I agree 100% IMHO discussion should best take place on this docs discussion mailing list, not within the docs themselves. If you feel a paragraph/doc is broken, feel free to fix it - that's the purpose of a Wiki. If you simply want to point out that a paragraph/doc is broken, raise it here for discussion on how/who best to fix it. I feel much the same way about this edit: http://wiki.centos.org/HowTos/postfix_sasl?action=diffrev2=22rev1=21 It adds nothing to the document and merely leaves the target audience confused. If there's a simpler/better way then take 5 minutes to edit the document to make that change. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] Trigger after yum update
On 21/07/10 14:50, przemol...@poczta.fm wrote: Hello, we have installed non-repository based software on our centos servers (e.g. vmware tools). Each time we do 'yum update' we have to run several scripts to check if these software works after update. Sometimes we forget ... It it possible to configure any sort of triggers which will run automatically after 'yum update' ? I'd like to avoid writing shell wrappers for yum and looking for yum-way solution ;-) Regards Przemyslaw Bak (przemol) How about using RPM's %triggerin scriptlet? http://www.rpm.org/api/4.4.2.2/triggers.html http://www.ibm.com/developerworks/linux/library/l-rpm2/ For example, you could create a dummy rpm package containing a %triggerin scriptlet to run your scripts in the event that package foo gets installed/updated. Lets take vmware as an example (although it's probably not a very good example). I assume you need to run vmware-config.pl after each kernel update and you sometime forget to do that. You could build and install a dummy package that contains a %triggerin scriptlet that triggers on installation of the package kernel. In an ideal world the %triggerin scriptlet would simply run /usr/bin/vmware-config.pl, but as that script requires user interaction, you'd probably have to call it with the --default flag to provide the default answers to all questions. Alternatively, you might decide not to run the vmware-config.pl script automatically but rather send an email to root or something else to remind you to run it. Is that the type of solution you're looking for? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Audio fails on centos 5.5 sony laptop - snd-hda-intel
On 20/07/10 03:08, Rob Kampen wrote: Still no joy - I am at a loss to know what to check - if I boot a 194 kernel no sound, 164 kernel is fine - why the regression? Same configs, same modules loaded but now no sound - what can I check to determine problem and find a solution? no errors in logs or dmesg I would suggest you start checking back through the changelogs between kernel-2.6.18-194.el5 and kernel-2.6.18-164.el5, find likely candidates that may have caused your issue and then rebuild a testing kernel with that patch reverted. If that testing kernel fixes your issue then you've identified the issue and can file a bug report upstream. To start you on your way, this patch looks like a likely candidate for you to investigate further: * Mon Dec 21 2009 Jarod Wilson ja...@redhat.com [2.6.18-183.el5] - [sound] alsa hda driver update for rhel5.5 (Jaroslav Kysela) [525390] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] lm_sensors and Shuttle
listmail wrote: On Sat, 10 Jul 2010 11:48:50 +0100, Ned Slider wrote On 10/07/10 03:07, Yves Bellefeuille wrote: On Friday 09 July 2010 21:37, listmail wrote: I'm trying to get lm_sensors to work on a Shuttle with an AMD K10. The version of lm_sensors in the main CentOS repo is 2.10.7, which is two years old now. Support for the K10 was added about a year ago. So, does anyone know if there are binaries available for more recent versions of lm_sensors? The version at ElRepo works with my Phenom II: http://elrepo.org/linux/elrepo/el5/i386/RPMS/lm_sensors-2.10.8-2.el5.elrepo.i386.rpm ELRepo also has a kernel module for the AMD K10 core temperature sensor: http://elrepo.org/tiki/kmod-k10temp Many thanks to both Yves and Ned for the pointers. You're welcome. Now I just have to get the ranges set correctly. Unfortunately, Shuttle publishes absolutely nothing in the way of documentation, and their tech support people refuse to provide information, claiming that it is proprietary. I guess I'll post it in their user forums once I figure which measurements are meaningful. The folks over at the lm_sensors list are very helpful in helping you figure out the configuration for your sensors. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] lm_sensors and Shuttle
On 10/07/10 03:07, Yves Bellefeuille wrote: On Friday 09 July 2010 21:37, listmail wrote: I'm trying to get lm_sensors to work on a Shuttle with an AMD K10. The version of lm_sensors in the main CentOS repo is 2.10.7, which is two years old now. Support for the K10 was added about a year ago. So, does anyone know if there are binaries available for more recent versions of lm_sensors? The version at ElRepo works with my Phenom II: http://elrepo.org/linux/elrepo/el5/i386/RPMS/lm_sensors-2.10.8-2.el5.elrepo.i386.rpm ELRepo also has a kernel module for the AMD K10 core temperature sensor: http://elrepo.org/tiki/kmod-k10temp ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch with Postfix and Amavisd-new
On 06/07/10 21:31, John Hinton wrote: I'm trying to get usable reports out of logwatch on this new system. Looks like the reports are running in an 'unformatted' mode under Postfix/Amavisd. I found a couple of programs, postfix-logwatch and amavisd-logwatch. These sound promising. I am running Amavisd as the frontend to Postfix. Also take a look at pflogsumm which is provided by the postfix-pflogsumm package. Example usage: pflogsumm -d today /var/log/maillog ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6b2 Release
On 30/06/10 16:25, Eero Volotinen wrote: is there package list with version numbers available? Not that I've seen, but you could just browse the source dir: ftp://ftp.redhat.com/pub/redhat/rhel/beta/6Server-beta2/source/SRPMS/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 5.5 on a Toshiba Satellite L1500D - Wireless networking - Realtek 8172
On 27/06/10 05:38, Frank Cox wrote: On Sat, 2010-06-26 at 19:28 -0700, Mark wrote: You could try to contact RealTek to see if they have a solution, or check for a compatible driver online Having spent most of the afternoon running google searches and reading resulting web pages, I get the impression that the Realtek 8172 is supported in the 2.6.32 kernel. So maybe it'll work with RHEL/Centos 6 when it comes around. Doubtful as these drivers are still in the kernel staging area and haven't even made it into the latest (2.6.34) mainline kernel yet. You'll probably have to wait for them to make it into the mainline kernel before it's worth filing an RFE to get them backported into RHEL6. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.5 gspca
On 18/06/10 14:10, JohnS wrote: On Thu, 2010-06-17 at 16:10 -0400, m.r...@5-cent.us wrote: snip Ok, so I got the src rpm from el repo. Lessee, first I tried rpmbuild, and that failed, because it *required* xen-devel. So I grabbed the tarfile from /usr/src/redhat/SOURCES, unbzip2'd it, untar'd it, and did a make. And ten or so later, I had 265 kernel modules. I don't want or need to install all of that, so I tried just building gspca, and that failed with unresolved errors. --- rpmbuild -ba --target=i686 --nodeps video4linux-kmod-rt.spec Wrote: /SRPMS/video4linux-kmod-0.0-5.20090615.el5.jerepo.src.rpm Wrote: /RPMS/i686/kmod-video4linux-0.0-5.20090615.el5.jerepo.i686.rpm Wrote: /RPMS/i686/kmod-video4linux-xen-0.0-5.20090615.el5.jerepo.i686.rpm Wrote: /RPMS/i686/kmod-video4linux-PAE-0.0-5.20090615.el5.jerepo.i686.rpm Wrote: /RPMS/i686/video4linux-kmod-debuginfo-0.0-5.20090615.el5.jerepo.i686.rpm Use that command to build it. You should get the above then trash xen, pae and debug. That builds and works on a pure kernel-rt install. Allthough there things said left to do get it built the right way but it is usable. lib/modules/2.6.24.7-149.el5rt/extra/video4linux/ has several gspca modules so your better off installing all to get the correct one. John No, define kvariants as appropriate and only build for the variants you want. http://wiki.centos.org/HowTos/BuildingKernelModules#head-b86b6eec08d5719cf1838929f26a64af88e2b7f0 rpmbuild -ba --target=i686 --define 'kvariants ' video4linux-kmod.spec If you don't, then by default the package will be built for *all* kernel variants and you will of course need the appropriate BuildRequires installed on your build system (eg, kernel-devel, kernel-xen-devel, kernel-PAE-devel). Also, you can't just install the modules you want as there are also kernel module dependencies to consider. For example, your required gspca module might depend on gspca_main which might depend on videodev, which might depend on v4l2-compat-ioctl32, v4l1-compat etc. And you can't just update those modules because something else might also depend on them and it's dependencies will then be broken. This is why we package the whole lot - so you don't get screwed up dependencies. I admit it's not a perfect solution, and is very much one size fits all but if your hardware is not detected by the EL5 kernel then it is the simplest option. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.5 gspca
On 18/06/10 16:34, m.r...@5-cent.us wrote: Fine, I tried running rpmbuild -ba --target=x86_64 --without xen video4linux-kmod.spec Go back and read my last reply, or read the SPEC file again. If you don't want to build for xen then you must define kvariants on the rpmbuild command line for the variants you do want to build for. As you only want the plain kernel, you must define kvariants as null: rpmbuild -ba --target=x86_64 --define 'kvariants ' video4linux-kmod.spec Alternatively, try with the latest src.rpm, which isn't compatible with xen kernels so support for xen has been removed (much as you tried to do): http://elrepo.org/linux/testing/el5/SRPMS/video4linux-kmod-0.0-7.20100410.el5.elrepo.src.rpm ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.5 gspca
On 14/06/10 18:58, m.r...@5-cent.us wrote: The standalone gspca code is old and deprecated. It's now maintained as part of the Video4Linux v4l-dvb tree here: http://linuxtv.org/ Thanks. However, that's not an overly friendly site for non-project developers - don't see any current tarballs, for poor, overworked systems administrators to d/l and build. Do you know what I might need to be able to run the motion daemon? All I've seen are vcs/mercurial, or git or whatever repositories, and I do *not* see version x.y.z stable, or current release. I know my manager's willing to let me look at smaller stuff, but not to spend days on building and debugging (whether or not I'd like to, I've got other stuff to do). AFAIK it's rolling development, so just grab the latest snapshot. At present the v4l-dvb tree is largely maintained by Douglas Schilling Landgraf and the gspca tree by Hans de Goede, both of Red Hat. The main v4l-dvb tree is here - just grab the latest tarball and build it. Here if you don't see it: http://linuxtv.org/hg/v4l-dvb/archive/tip.tar.bz2 Development work on the gspca branch appears to happen here: http://linuxtv.org/hg/~hgoede/gspca/ before being merged into the main v4l-dvb tree. Elrepo.org has a version built for el5 that supports many gspca based devices: http://elrepo.org/tiki/kmod-video4linux Don't need new versions, our video cams are years old, and inexpensive. We want stable. However, do you have a clue as to what the el repo package was built from? I just checked a CentOS mirror, and couldn't find either video4linux, or v4l*. Isn't it obvious from the package names? For example, kmod-video4linux-0.0-7.20100410.el5.elrepo is build from the v4l-dvb source code snaphot dated 2010-04-10. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.5 gspca
On 14/06/10 20:24, m.r...@5-cent.us wrote: I have absolutely no intention of taking the latest snapshot. Did you just skim over the last sentence I wrote, above? I don't need anything LATEST AND GREATEST, I just want something -STABLE- that will run the bloody old Labtech (Labtek?) cameras, and *not* spit out pointless error messages. It may be latest and greatest, but it is also hopefully the most stable version as a lot of the development work done involves fixing bugs, and that's generally how software becomes more stable. If you're getting errors, try reporting them upstream - in my experience they are very swiftly fixed. All this started because JohnS and yourself were talking about the old gspca driver that is deprecated, and over 4 years old now. All I'm trying to say is if you need a driver for gspca, don't use that (old unsupported) one, use this (newer supported) one. By the way, what is rolling development? Does this mean that there are *no* releases, or version numbers? If so, how can I tell what was the last stable version, and what is where they started adding features for the next release? There is no last stable version, releases or version numbers in much the same way that the kernel has no version numbers for the vast majority of individual drivers it contains. People fix bugs and add features as necessary on a continual basis. Rhetorical: What would you propose - every Monday at noon everything stops for an hour while they take a snapshot and call it STABLE. That is what I mean by rolling development. But as you run Enterprise Linux, and are rightly concerned with stability, rather than update your whole kernel to the latest and greatest, ELRepo gives you the opportunity to retain your stable Enterprise Linux kernel and run *only* the updated hardware drivers that you need to support hardware that isn't directly supported by your stable Enterprise Linux kernel. snip So I just need that, and *not* the apps? I mean, gspca is a video driver that motion can use. Yes, gspca is the driver for the webcam. The apps live in a separate branch here: http://linuxtv.org/hg/dvb-apps/ which you can build/package separately if you need them. ELRepo don't build/offer them as they are not kernel drivers. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.5 gspca
On 06/11/2010 10:38 PM, JohnS wrote: On Fri, 2010-06-11 at 17:10 -0400, m.r...@5-cent.us wrote: Kernel. gspcs is a module, used by the motion daemon. Quick Search found this for el5. You could get the src rpm and rebuild it for all machines. Or test a binary out first with one. No idea the version that was compiled or against what just found it. http://atrpms.net/dist/el5/gspca/ You know 2007 is a good while ago and there are many compiler changes in between the time. I say it may be something getting introduced from the current compiler methods that is not supported now. The standalone gspca code is old and deprecated. It's now maintained as part of the Video4Linux v4l-dvb tree here: http://linuxtv.org/ Elrepo.org has a version built for el5 that supports many gspca based devices: http://elrepo.org/tiki/kmod-video4linux The most recent version, compiled from a 2010-04-10 snapshot, is in the testing repo here: http://elrepo.org/linux/testing/el5/ if you are looking for newer drivers. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] question on CPU
On 05/27/2010 01:47 PM, Jerry Geis wrote: I have centos 5.4 on an HP laptop, as below the /proc/cpuinfo shows Dual core, however, there is only 1 processor listed in /proc/cpuinfo. Is the OS only using a single core? jerry What's the status of ACPI? Is it enabled in the bios? Is the acpi service installed and running? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Calendar server software suggestions
On 05/26/2010 10:07 AM, sync wrote: Hello,guys: I've seen several suggestions for alternatives to exchange for mail, which I will be trying. My question is, does anyone know of any good open source shared calendar systems? Take a look at Zafara: http://fedoraproject.org/wiki/Features/Zarafa ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Amavisd-new from rpmforge and Courier
Bowie Bailey wrote: Does anyone know if the amavisd-new package in rpmforge has the Courier patch installed? I can't see any indication that it does... http://svn.rpmforge.net/svn/trunk/rpms/amavisd-new/amavisd-new.spec ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos release 5.5 issue
Philip Manuel wrote: Hi One of our developers has come across an issue with the new release. He provided this piece of code to show the problem:- snip Anyone else seen this or found a bug with these function definitions ? Yes, confirmed. You should file a bug. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Update successful. Thanks.
Robert wrote: snip Only disappointment so far is that lm_sensors still doesn't grok the AMD K-10 thermal sensors - a situation I grumble about even as I file it in the beggars can't be choosers folder. That's because your kernel does not have a k10temp driver - it was only introduced into the mainline kernel around 2.6.32. There is a backported driver in ELRepo: http://elrepo.org/tiki/kmod-k10temp yum install kmod-k10temp Red Hat did do a huge backport refresh of the /hwmon tree in el5.5, but they pulled from around kernel-2.6.26 which was before k10temp made it into the mainline kernel. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mail server best practices question
Coert wrote: Hello all, About a year ago I set up a mail server on CentOS using this howto: http://wanderingbarque.com/howtos/mailserver/mailserver.html I managed to add amavisd-new with clamav and spamassassin. It runs very well, but it runs on CentOS 5.2, and if I try to upgrade, amavisd-new and clamav break. we are now also at the point where a backup mx will need to be implemented. If necessary I am willing to implement a new mail server and a new backup mx. What I would like to know is what solution you guys would recommend for the mail server and the backup MX? Any pointers would be greatly appreciated. Regards, Coert I would follow the CentOS Wiki HowTo docs for Postfix, which are currently maintained for CentOS 5: http://wiki.centos.org/HowTos#head-0facb50d5796bee0bd394636c32ffa9a997a6ab5 http://wiki.centos.org/HowTos/postfix http://wiki.centos.org/HowTos/Amavisd If things break, report it and I'll fix the documentation. I'm running that setup so I do tend to notice when things break. I've recently updated to the latest amavisd-new, clamav and spamassassin - all largely without issue but I would always advise you read the release notes and track their respective mailing lists for potential issues. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] mail server best practices question
Rob Kampen wrote: Ned Slider wrote: Coert wrote: Hello all, About a year ago I set up a mail server on CentOS using this howto: http://wanderingbarque.com/howtos/mailserver/mailserver.html I managed to add amavisd-new with clamav and spamassassin. It runs very well, but it runs on CentOS 5.2, and if I try to upgrade, amavisd-new and clamav break. we are now also at the point where a backup mx will need to be implemented. If necessary I am willing to implement a new mail server and a new backup mx. What I would like to know is what solution you guys would recommend for the mail server and the backup MX? Any pointers would be greatly appreciated. Regards, Coert I would follow the CentOS Wiki HowTo docs for Postfix, which are currently maintained for CentOS 5: http://wiki.centos.org/HowTos#head-0facb50d5796bee0bd394636c32ffa9a997a6ab5 http://wiki.centos.org/HowTos/postfix http://wiki.centos.org/HowTos/Amavisd If things break, report it and I'll fix the documentation. I'm running that setup so I do tend to notice when things break. I've recently updated to the latest amavisd-new, clamav and spamassassin - all largely without issue but I would always advise you read the release notes and track their respective mailing lists for potential issues. +1 - I use this setup on a number servers / domains - it just seems to work - thanks for keeping this current. Ah, don't thank me, I just wrote the docs - the real thanks is due to the guys upstream who write the software and the packagers at rpmforge who make sure it integrates well into the distro :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] selinux
m.r...@5-cent.us wrote: Does anyone know? Are we, with CentOS, that far behind with something like this, which isn't even a port, but a policy? I dunno about CentOS but on Fedora I just look at the message in the log file (/var/log/messages IIRC) and it gives me a command to execute to view more details. When I do that, I get a window that comes up with a whole bunch of info, including a command I can use to permit this behavior from now on. Sometimes executing that command does not solve the issue, but usually there is a reasonably obvious way to tweak the command. If I can do it, anyone can. Because as far as selinux goes I know ZERO and am just fumbling around like a bull in a china shop. But I've been able to get that cruft out of my logs and allow stuff to work (on my desktop here at work) Yeah, I can use audit2allow. The trouble is that I don't know the ramifications of just adding that policy on an ad hoc basis - it might open it up for a real attack. Of course you should be cautious of opening up things you do not fully understand, but you're running in permissive mode meaning that you are already wide open from an SELinux perspective so adding a custom policy and putting SELinux back into enforcing mode isn't going to put you any more at risk other than maybe giving you some false sense of security. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centOS vs the upstream vendor
Kevin Kempter wrote: Hi All; I have a laptop running the workstation version of Linux from RedHat. I've enabled the EPEL and rpmfusion repos plus I'm subscribed to the following channels: * Red Hat Enterprise Linux Desktop (v. 5 for 64-bit x86_64) * Red Hat Network Tools for RHEL Client (v.5 64-bit x86_64) * RHEL Desktop Supplementary (v. 5 for 64-bit x86_64) * RHEL Desktop Workstation FasTrack (v. 5 for 64-bit x86_64) * RHEL Desktop Workstation (v. 5 for 64-bit x86_64) * RHEL Desktop FasTrack (v. 5 for 64-bit x86_64) I have openioffice version 3.1.1 I also have 2 employees running fully patched 5.4 CentOS. They also have the EPEL and rpmfusion repos enabled as well as the centos plus repo. They however have openoffice version 2.3.0 I *thought* that CentOS was basically the equivelant of RHEL. did we do something wrong? or is RHEL (at least in the case of openoffice) shipping a newer release than CentOS? RHEL is currently at 5.5 whereas CentOS is still at 5.4, with 5.5 pending. The update to OpenOffice 3.3.1 was part of the 5.5 update that will be coming to CentOS shortly. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] X Servers xorg.conf file changing.
Don Krause wrote: Twice now over the past year, I've had something edit the /etc/X11/xorg.conf file without user intervention. The machine in question is a 3 headed X-Terminal that displays the accelerator control system application for a medical proton accelerator, and operated by staff who do NOT have root or root like access (sudo) on the X-Term, as once it's configured, it should never need changing. It lives on a private network (Network? Actually a crossover cable to the Sun box in a protected environment) with no reachable route even from within the organization. Out of the blue, on 2 occasions now, an entry for 1 of the video cards (out of 3) has changed it's driver entry from nvidia to nv. This, of course, prevents X from starting. This morning, while of the phone with the field service tech, I corrected the entry, set the xorg.conf file to 444, and when they rebooted the X-Term, it again changed the entry from nvidia to nv. Again, I corrected the xorg.conf file, reset it to 444, and rebooted the X-Term again, and it started fine, no changes. This box does get rebooted quite frequently, yet the unexpected change has only happened 3 time total, once 6 months and probably 30+ reboots ago, and again twice this morning on back to back reboots. (Yet the third and forth reboots did NOT change the file) I've never seen this happen before, and am at a bit of a loss wondering where to look. CentOS 5.3, 2.6.18-128.1.6.el5 #1 The X-Term is diskless, boots via PXE from a Solaris 10 box. Diskless boot configured using stock Cent tools (system-config-diskless and friends) Any suggestion where to look would be appreciated. Had any updates to xorg-x11-server-Xorg recently on the affected systems as that can make changes to xorg.conf? Also, how are you handling nvidia.ko over kernel updates? Could a reboot have booted to a new kernel, xorg failed due to nvidia.ko not matching the present kernel, and reconfigured to use nv? Using the elrepo kmod driver or rpmforge dkms nvidia driver would alleviate this. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cve-2010-0436 patch for CentOS 5.4
Olaf Mueller wrote: Hello, I am using a self compiled kde-3.5.10 from ftp.kde.org as a desktop system under CentOS 5.4. Does anybody knows where to get a cve-2010-0436 patch (kdebase, kdm) for kde-3.5.10? Thanks! Maybe use the same patch Red Hat have backported into the distro package as your starting point: $ rpm -q --changelog kdebase | more * Sun Mar 28 2010 Than Ngo t...@redhat.com - 6:3.5.4-21.1 - Resolves: #570622, CVE-2010-0436 kdm privilege escalation flaw * Thu Mar 12 2009 Than Ngo t...@redhat.com - 6:3.5.4-20 - Resolves: #469723, Cannot mount floppy disk - Resolves: #472295, KDE Desktop icons do not refresh correctly The SRPM is on Red Hat's public ftp server. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.x and Fedora
Jobst Schmalenbach wrote: why dont you download the source and compile it, its really easy. Source installs are not encouraged: http://wiki.centos.org/PackageManagement/SourceInstalls ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apparent BIND problem doing RBL lookups for Postfix
sys Admin wrote: What happens if you change your resolv.conf to google's dns ? Changing dns to public services such as google or OpenDNS is not going to help as DNSBLs like Spamhaus will have blocked access by these services. Otherwise it would be simple to avoid paying for (business) access to Spamhaus. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Apparent BIND problem doing RBL lookups for Postfix
Larry Vaden wrote: On Thu, Apr 15, 2010 at 3:03 PM, Ned Slider n...@unixmail.co.uk wrote: Changing dns to public services such as google or OpenDNS is not going to help as DNSBLs like Spamhaus will have blocked access by these services. Otherwise it would be simple to avoid paying for (business) access to Spamhaus. Au contraire, there are benefits/economies of scale to spamhaus.org from having an aggregator like opendns. Indeed, but not if you are charging for high volume and/or commercial use. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] pkcs11-helper-devel is needed
cahit Eyigünlü wrote: how could i install pkcs11 on 64 cent os 5.4 :S it always asking me for pkcs11-helper but i've already installing [r...@vpn VpnSetup]# rpmbuild -tb openvpn-2.1.1.tar.gz snip Anything wrong with: yum install openvpn rpmforge has packages: http://wiki.centos.org/AdditionalResources/Repositories http://wiki.centos.org/AdditionalResources/Repositories/RPMForge However, I'd seriously recommend you stop. Take a week to read the documentation or hire someone who knows what they are doing as you are falling over at every step you try to take. I fear you are in for a long painful journey. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] wifi
Davy Leon wrote: Hi folks I'm trying to use a Netgear WG111-2 USB-wifi adapter on a Centos 5.3 Box. Someone has done it? It seems not to be supported by the kernel. Thanks David It should work. However, I'd strongly suggest updating from 5.3 as many improvements to the wireless stack and drivers have been backported since 5.3. Here's what I see when plugging one of these into my box... # lsusb Bus 001 Device 003: ID 0846:6a00 NetGear, Inc. WG111v2 54 Mbps Wireless [RealTek RTL8187L] so it's a RealTek RTL8187L. Now lets see if the kernel has a driver for it: # grep -i 0846 /lib/modules/*/modules.alias | grep -i 6a00 /lib/modules/2.6.18-128.el5/modules.alias:alias usb:v0846p6A00d*dc*dsc*dp*ic*isc*ip* rtl8187 /lib/modules/2.6.18-164.11.1.el5/modules.alias:alias usb:v0846p6A00d*dc*dsc*dp*ic*isc*ip* rtl8187 /lib/modules/2.6.18-164.15.1.el5/modules.alias:alias usb:v0846p6A00d*dc*dsc*dp*ic*isc*ip* rtl8187 /lib/modules/2.6.18-164.el5/modules.alias:alias usb:v0846p6A00d*dc*dsc*dp*ic*isc*ip* rtl8187 /lib/modules/2.6.18-194.el5/modules.alias:alias usb:v0846p6A00d*dc*dsc*dp*ic*isc*ip* rtl8187 Yes, it's supported by the 5.3 (-128.el5), 5.4 (-164.el5) and 5.5 (-194.el5) kernels. The modules loaded themselves: # lsmod | grep 8187 rtl818791077 0 mac80211 183745 1 rtl8187 cfg80211 191369 2 rtl8187,mac80211 eeprom_93cx6 35393 1 rtl8187 I've not actually used the device, only plugged it in, so you'd need to configure it from here or just let NetworkManager handle the device. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] wifi
Ned Slider wrote: I've not actually used the device, only plugged it in, so you'd need to configure it from here or just let NetworkManager handle the device. I just fired the device up to test and it works fine out of the box with NetworkManager connecting to a WPA encrypted WAP. Didn't test it for long, just pinged a couple sites and opened google in a browser to establish connectivity. http://wiki.centos.org/HowTos/Laptops/NetworkManager Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 5.5 released
Stephen Harris wrote: On Wed, Mar 31, 2010 at 06:24:20PM +0300, Pasi K?rkk?inen wrote: And yes, CentOS team does know about this, and is working on CentOS 5.5. Please be patient :) Is it ready yet? *grins, ducks and runs* (patient? me?) Stay up to date on progress here: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=25548forum=53 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] ACL changes...
Cris Rhea wrote: I would like to know if there's a more proper way to get stuff done (fixing ACLs and updating Contents/Index pages) than sending to this list. Not that I'm aware of - sending to this list is the way to go :) BTW, nice job on the nvidia/xen page :) ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] Multiple FreeNX servers and SSH ports
Niki Kovacs wrote: Hi, I've setup a small LAN of two desktops running CentOS 5 in a medical office. Both are connected to the Internet via a small modem/router. Recently I played around with FreeNX on my own desktop, and I'd like to install it on these two computers. On my PC, I just redirected port 22 in the router, so SSH (and thus FreeNX) requests from the outside get redirected to my desktop PC. (And yes, I have a strong password :oD) I'd like to handle the two PCs from the medical office remotely with FreeNX. I figured that the best way to distinguish them would be to assign a different port for SSH to each of them, and then redirect each of the ports respectively. 1) How do I choose different port numbers for SSH ? Any conventions or caveats for this ? Choose a random unused high port number (above 1023) http://www.iana.org/assignments/port-numbers. 2) How do I configure these different ports ? By that, I mean : how do I tell SSH to use them instead of port 22 ? http://wiki.centos.org/HowTos/Network/SecuringSSH#head-3579222198adaf43a3ecbdc438ebce74da40d8ec ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Multiple FreeNX servers and SSH ports
Les Mikesell wrote: Niki Kovacs wrote: Hi, I've setup a small LAN of two desktops running CentOS 5 in a medical office. Both are connected to the Internet via a small modem/router. Recently I played around with FreeNX on my own desktop, and I'd like to install it on these two computers. On my PC, I just redirected port 22 in the router, so SSH (and thus FreeNX) requests from the outside get redirected to my desktop PC. (And yes, I have a strong password :oD) I'd like to handle the two PCs from the medical office remotely with FreeNX. I figured that the best way to distinguish them would be to assign a different port for SSH to each of them, and then redirect each of the ports respectively. 1) How do I choose different port numbers for SSH ? Any conventions or caveats for this ? 2) How do I configure these different ports ? By that, I mean : how do I tell SSH to use them instead of port 22 ? You don't really need to change the ports on the hosts. Just configure the router to accept different ports on the internet side and redirect to port 22 at the different IP addresses on the inside. Then you only have to change the client settings for access from outside. I'd move both of them away from port 22 on the outside, though - you'll avoid a lot of password guessing attempts that will happen otherwise. Not all home/consumer routers will allow redirection to another port - some only allow packet forwarding to the *same* port at another IP address. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Looking for experiences with filesystem choices....
Tom Bishop wrote: Lots of opinions out there and I have read and read, so I have a home server that I have finally setup with a hot swap hdd cage and what I am planning on doing is copying my data drive every other day and rotating them offsite, haven't figured out how often though. So I did my first test last night and the backup drive was formatted with ext3 but looking to try to speed things up and was wondering what would be my best choice. Most of my data is on VM's and the hdd files on some of them are quite large, I have used JFS and reiser in the past and was leaning on going with JFS but am tempted to look at XFS. So what I was wondering are what are folks experiences (instead of opinions) with different filesystems and while I want speed it needs to be reliable since it will be my back up datarunning centos 5.4 x64 Thanks in advance... Not the question you asked, but I'm guessing the choice of backup method for copying the data will have far more effect than the choice of filesystem. How are you backing up the data? Presumably something like rsync will speed up matters considerably over a straight copy once the first pass is done. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] bruteforce protection howto
Larry Vaden wrote: On Sat, Mar 20, 2010 at 5:17 PM, Vadkan Jozsef jozsi.avad...@gmail.com wrote: What's the best method to ban that ip [what is bruteforcig a server] what was logged on the logger? I need to ban the ip on the router pc. http://www.fail2ban.org/wiki/index.php/Main_Page but you may have to run fail2ban on the server instead of on the logger. Fail2ban is of limited effectiveness against ever more common distributed attacks. Don't make it your only line of defense but rather combine it with other effective measures: http://wiki.centos.org/HowTos/Network/SecuringSSH ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] dkms
m.r...@5-cent.us wrote: On Thu, Mar 18, 2010 at 12:56 PM, m.r...@5-cent.us wrote: ls -l `find /lib/modules -name nvidia.ko` How 'bout find /lib/modules -name nvidia.ko -ls? 309659070 lrwxrwxrwx 1 root root 48 Mar 18 09:48 /lib/modules/2.6.18-164.2.1.el5/weak-updates/nvidia.ko - snip It's a mess. :-( That's after I did a yum remove of the 184 (I think it was). You have missing symlinks (If you run the original command, you'd see red-blinking lines). nvidia.ko built by dkms is still there, etc. If I were you, I would completely remove dkms and all nvidia.ko and symlinks above. Then do a clean install of the kmod package ( http://elrepo.org/tiki/kmod-nvidia-173xx ). Don't need that - I've got NVIDIA-Linux-x86_64-173.14.20-pkg2.run from NVidia, I think, and I run that, and it rebuilds the drivers. The reason 2 people suggested you use the elrepo nvidia package(s) is so you don't have to rebuild the driver from the nvidia installer every time you update your kernel. The elrepo kmod-nvidia packages are kABI-tracking so will work seamlessly across kernel updates - will even work seamlessly for 5.5 when that is released too. So it's install once and forget, couldn't be easier. Furthermore, elrepo has the latest version of your driver (173.14.25) and you will continue to receive updates automatically through yum rather than having to manually update the driver from nvidia (if you were to even notice a new version has been released). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to monitor,or be notified of email blacklisting ?
Rudi Ahlers wrote: Hi, Does anyone know how I can monitor our server's for blacklisting? We run a large amount of shared hosting reseller hosting servers and from time to time one of the IP's will get blacklisted. I'm looking for a way to be notified if any of our IP's get blacklisted. Is this possible? You could manually check your IP address(es) here: http://www.dnsbl.info/ Alternatively, just read your logs (or write a simple script to parse them for you). You'll receive a 5xx rejection and usually a reason/URL from the main blacklists whenever you are blocked. If you're using postfix as your MTA, check out pflogsumm. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] General FAQ addition
Karanbir Singh wrote: I dont want to get in the way or be irritating, but if there is an attempt to do something, I dont see any harm in making that into a more useful tool that might benefit a few more people. Which is exactly the point of bringing it to this list for discussion, so what started life as a (suggestion for a) tool to assist forum community members/helpers may also be considered by helpers in other community support channels (i.e, IRC and mailing lists). ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] good centos/rhel source for latest spamassassin?
Eero Volotinen wrote: Is there any good rpm source for latest spamassassin for centos/rhel ? Currently using from dag's, but is is a bit old version nowdays. You could try Warren's RHEL5 builds here: http://wtogami.livejournal.com/33674.html http://people.redhat.com/wtogami/temp/spamassassin/3.3.0/ and if you don't like EPEL, you could probably use rpmforge to meet the dependencies. You could probably even rebuild the package against rpmforge perl packages if you are so inclined... not that I've tried any of the above. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization software to install Windows as guest on CentOS 5 as host ?
John R Pierce wrote: I may be mistaken, but I thought those were only available to RHN subscribers, and are not open source or free to redistribute. The virtio block drivers? Really? I think I remember something about it being leaked...need to check Nope http://www.linux-kvm.org/page/WindowsGuestDrivers/Download_Drivers ah, good. that was a big gap a year or so ago when I was investigating free virtualization for Windows I might be wrong, but I don't think the freely available drivers are signed, unlike the virtio drivers supplied by Red Hat through the Supplementary channel which are signed. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenSSH-5.3p1 selinux problem on CentOS-5.4.
James B. Byrne wrote: snip I am not sure what effect disabling SELinux support in SSH actually has from a security standpoint. So, if anyone cares to enlighten me on the the consequences I would like to know. I was under the impression that sshd runs unconfined in the current CentOS? $ ps axZ | grep sshd system_u:system_r:unconfined_t:SystemLow-SystemHigh 2766 ? Ss 0:00 /usr/sbin/sshd For example, you don't need to change the ssh_port in SELinux when running the sshd on an alternative port, I assume because sshd is running unconfined. Also, it makes little sense to me to run sshd in a confined domain as an ssh login will give the user a login (bash) shell, which also runs unconfined: $ ps axZ | grep bash user_u:system_r:unconfined_t 8504 pts/3Ss 0:00 /bin/bash user_u:system_r:unconfined_t16789 pts/4Ss 0:00 /bin/bash Or maybe I totally misunderstand? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Virtualization software to install Windows as guest on CentOS 5 as host ?
Frank Cox wrote: On Thu, 2010-02-04 at 12:36 +, Ned Slider wrote: I might be wrong, but I don't think the freely available drivers are signed, unlike the virtio drivers supplied by Red Hat through the Supplementary channel which are signed. The download page that was just posted here says: QUOTE: Code signing drivers for the Windows 64bit platforms Drivers should be signed for Windows 64bit platforms. Here are some links how to self sign and install self signed drivers: END OF QUOTE so I guess you can do that part yourself. Yes, you can sign the drivers yourself, but the issue as I understand it is that for the drivers to work with Windows (Vista, Server 2008, Win7 ??), they need to be signed by a cert that has a chain of trust to Microsoft's root cert. Red Hat (and others) have such a cert and have appropriately signed drivers for their customers. I /believe/ the drivers are redistributable, but they are not signed. Disclosure: I am not a Windows expert! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenSSH-5.3p1 selinux problem on CentOS-5.4.
James B. Byrne wrote: Note: I am digest subscriber so if you could copy me directly on any reply to the list I would appreciate it very much. snip After a modest amount of research we decided that the best answer was to use a more recent version of OpenSSH (5.3p1)that supports chroot as a configurable option. I've not tested it, but I believe the chroot stuff was backported some while ago: # rpm -q --changelog openssh | more * Tue Dec 01 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-40 - close error file descriptor before running external subsystem (#537348) * Tue Sep 15 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-36.2 - minimize chroot patch to be compatible with upstream (#522141) * Tue Jun 23 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-36 - tiny change in chroot sftp capability into openssh-server solve ls speed problem (#440240) * Tue May 26 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-35 - workaround to plaintext recovery attack against CBC ciphers CVE-2008-5161 (#502230) * Fri May 15 2009 Tomas Mraz tm...@redhat.com - 4.3p2-34 - disable protocol 1 in the FIPS mode * Thu Apr 30 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-33 - fix scp hangup on exit (#454812) - call integrity checks only on binaries which are part of the OpenSSH FIPS modules * Mon Apr 20 2009 Tomas Mraz tm...@redhat.com - 4.3p2-32 - log if FIPS mode is initialized (#492363) - check the integrity of the binaries in the FIPS mode (#467268) * Wed Apr 08 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-31 - fix ssh hangup on exit (#454812) * Fri Mar 27 2009 Jan F. Chadima jchad...@redhat.com - 4.3p2-30 - add chroot sftp capability into openssh-server (#440240) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenSSH-5.3p1 selinux problem on CentOS-5.4.
James B. Byrne wrote: snip The new server software works fine for regular ssh/sftp users. However, when logging on as a member of the chroot group we obtain this error: ssh_selinux_getctxbyname: ssh_selinux_getctxbyname: security_getenforce() failed snip # sestatus SELinux status: enabled SELinuxfs mount:/selinux Current mode: permissive Mode from config file: permissive Policy version: 21 Policy from config file:targeted What happens if you enable SELinux, i.e, set it to enforcing? Do you still see the same error message above? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Skype and problem with ALSA mixer driver?
Andrew wrote: On Fri, 2010-01-29 at 11:03 -0800, Akemi Yagi wrote: On Fri, Jan 29, 2010 at 10:44 AM, Andrew andy.al...@virgin.net wrote: What version of ALSA driver are you using? Have you tried updating ALSA as the version within CentOS is quite old now (1.0.14rc3). Elrepo has an updated ALSA driver package here: http://elrepo.org/tiki/kmod-alsa Thanks for that useful information, but can you tell me exactly how to perform the update? I tried 'yum update *alsa*' as I have the Elrepo repository installed, but it came up with 'No Packages marked for Update'. Do I need to completely remove all the currently installed ALSA packages and then do 'yum install kmod-alsa? Any advice gratefully received, thanks. Perhaps, you do not have elrepo enabled (default behavior) ? In that case, try: yum --enablerepo=elrepo install kmod-alsa Akemi Many thanks, I've installed kmod-alsa OK but the mic is still not working (with skype). Do I need to remove the old ALSA packages alsa-lib and alsa-utils? - because when I type 'yum erase alsa-lib alsa-utils' it wants to remove 123 packages! Andy No, do *not* remove alsa-lib or alsa-utils (they are core CentOS packages). Have you rebooted since installing kmod-alsa as the kernel will need to load the new drivers? If not, please reboot and retest. If it's still not working after updating ALSA using kmod-alsa from elrepo (after a reboot), then you might want to consider removing that package as it hasn't fixed the problem in your case: yum erase kmod-alsa Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5.4 64-bit: Java web browser plugin for 64-bit FireFox?
This is all documented on the Wiki for anyone who cares to search: http://wiki.centos.org/TipsAndTricks/PluginsFor64BitFirefox [rhetorical] Why does this mailing list insist on reinventing the wheel rather than perform a simple search of existing documentation first? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Skype and problem with ALSA mixer driver?
Andrew wrote: Having used skype successfully in the past with previous CentOS versions, I haven't yet been able to get it working fully with CentOS 5.3 - the playback sound works OK but I can't get the mic working. I previously used the skype version installed with yum from the skype repo but thought maybe this was faulty, so have just installed the static version (cd skype_static-2.1.0.81). However, the mic still doesn't work and I've notice the following (repeated) error messages on the command line (currently this version has to be executed from the command line): snd_pcm_avail_update() returned a value that is exceptionally large: 203032 bytes (1057 ms). Most likely this is a bug in the ALSA driver. Please report this issue to the ALSA developers. snd_pcm_avail_update() returned a value that is exceptionally large: 201176 bytes (1047 ms). Most likely this is a bug in the ALSA driver. Please report this issue to the ALSA developers. snd_pcm_avail_update() returned a value that is exceptionally large: 199280 bytes (1037 ms). Most likely this is a bug in the ALSA driver. Please report this issue to the ALSA developers. ..etc Does anybody have any information about this issue/bug and any idea how to solve the problem? Thanks, Andy What version of ALSA driver are you using? Have you tried updating ALSA as the version within CentOS is quite old now (1.0.14rc3). Elrepo has an updated ALSA driver package here: http://elrepo.org/tiki/kmod-alsa ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] 5.2 to 5.4
Jerry Geis wrote: I am trying to update x86_64 from 5.2 to 5.4 I am trying to update glibc first (before yum -y upgrade) with the command yum update glibc glib-devel glibc-headers gives me the following: package glibc-devel needs glibc-headers = 2.5-24.el5._2.2 this, is not available package glibc-devel needs glibc = 2.5-24.el5._2.2, this is not available. am I missing something? usually this works fine. Jerry Looks like a typo to me, glib-devel should presumably be glibc-devel. Probably easier to just do: yum update glibc\* ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos security sshv1
On 01/22/2010 06:37 PM, m.r...@5-cent.us wrote: Hi all! I was scanning my servers with nmap, ( i have installed ssh), and the result gave me this: 22/tcp open ssh sshv1: Server Supports SSHv1 Yes. Turn off sshv1 in the configuration file. mark http://wiki.centos.org/HowTos/Network/SecuringSSH ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] wiki contribution
On 01/15/2010 03:32 AM, R P Herrold wrote: On Thu, 14 Jan 2010, Ned Slider wrote: Again, I would reiterate Ralph's request for you to use plain English[1] when communicating with this list, especially considering that it's a documentation list. Shall I use crayons as well, to make the pictures easier for you? Words of not more than two syllables? No -- I will not kowtow to the shallow end of the gene pool. Pick your fights elsewhere. Not picking a fight Russ, just reiterating Ralph's concern that many people have absolutely no idea what you are on about in many of your postings (not just to this list). It's not about kowtowing to some perceived lesser intelligence, but rather about getting your point across in a clear and concise fashion, as you have clearly demonstrated above you do have the ability to do. Wrapping your point in cleverly constructed prose to the point where it gets lost in translation doesn't really achieve anything. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] wiki contribution
As this thread is alive again... On 11/30/2009 11:35 PM, R P Herrold wrote: On Mon, 30 Nov 2009, Ralph Angenendt wrote: Am 30.11.09 22:49, schrieb R P Herrold: I was considering 'axes' to refactor it along over the weekend Please do consider plain English too, while doing so, as I have no idea what you mean by what you wrote in your last sentence:) hey -- I did 'highlight' the hard term, after all ;) Axes -- pl. of axis -- a collection of vectors of classification. Axes -- pl. of axe -- a tool used to chop (traditionally wood) into smaller pieces. As a native English speaker, I assumed you were metaphorically going to take an axe to the page and chop it up. Here a series of partitions of the Repositories page refactor problemspace, which I will use to carve it up into a more intelligible (and one hopes, more useful) taxonomy yes -- I really did think thru the problem (and many other tecnical matter problems) just that way. ;) -- Russ herrold Again, I would reiterate Ralph's request for you to use plain English[1] when communitcating with this list, especially considering that it's a documentation list. [1] http://www.plainenglish.co.uk/ Thanks ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] NetworkManager won't save wireless keys
On 01/14/2010 05:42 PM, Kevin Kempter wrote: On Thursday 14 January 2010 10:28, Frank Cox wrote: On Thu, 2010-01-14 at 10:07 -0700, Kevin Kempter wrote: Hi all; I'm running KDE 3.5 on CentOS 5.4 I have wireless working however every time I boot I have to enter the wireless key. Anyone know how to get NetworkManager to save the keys? I've tried going to the 'edit connections' and adding the key there as well with no luck. gnome-keyring stores the keys on (of course) gnome. Do you have something similar on kde that is, perhaps, either not installed or disabled? I have kwallet installed but the KDE NetworkManager seems to not be using it I think this is because NetworkManager is really a gnome application. Here's how I have my laptop set up to automatically authenticate using KDE... If you have gnome installed, log into gnome, set up gnome-keyring and store the key there and make sure it's working. Then, log into KDE and use nm-applet. If you use the same password for your keyring as you do to log in (not always the best idea security wise), you can then configure pam_keyring to use your login password to automatically authenticate you on the wireless network using your stored keys. Details for configuring pam_keyring can be found here: https://www.centos.org/modules/newbb/viewtopic.php?topic_id=19782forum=40post_id=74422#forumpost74422 Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] digikam and mp3 sound on RHEL
On 01/12/2010 07:28 AM, Kevin Kempter wrote: Hi All; after years of running free Linux distros I've finally come to a place where I must have solid stability for my work laptop so I've purchased RHEL Workstation. I like it well enough - however I'd like to install digikam and get my system to play mp3's. I'm thinking I could get both of these from a centos repository. What do you'all think? If so, could someone point me to the correct repo(s) and the packages I'd need for playing mp3's? Start here: http://wiki.centos.org/TipsAndTricks/MultimediaOnCentOS http://wiki.centos.org/AdditionalResources/Repositories http://wiki.centos.org/AdditionalResources/Repositories/RPMForge and please make sure you read up on using 'priorities' before enabling 3rd party repos: http://wiki.centos.org/PackageManagement/Yum/Priorities That should hopefully get you going :) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Laptop for CentOS-5
On 01/09/2010 06:31 PM, Les Mikesell wrote: Christoph Maser wrote: Sure, your opinion. But to me the question was a suitable laptop for running CentOS not what is the best OS to run on a laptop And as you might have noticed, there weren't an overwhelming number of replies from people happy with their experience with CentOS on laptops. It's not unreasonable to use/recommend the best thing for the intended purpose and CentOS isn't a particularly good fit on a laptop. That's your opinion. I'm perfectly happy running CentOS on my Dell XPS M1330, and furthermore pretty much everything works fine straight out of the box: http://wiki.centos.org/HowTos/Laptops/Dell/XPS_M1330 Those that are happy don't always speak up. Mostly it's those who are unhappy or have things not working that you hear from. JMHO. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] centos 5.4 :: linux-2.6.32.2 compile error (via nano l2...@1600)
On 01/07/2010 10:12 AM, Adrian Sevcenco wrote: Jim Perrin wrote: On Wed, Jan 6, 2010 at 5:15 PM, Adrian Sevcencoadrian.sevce...@cern.ch wrote: Hi! I try to compile an vanilla kernel 2.6.32.2 on centos 5.4 and i have this error : Out of curiosity, why are you rebuilding the kernel? Is there a driver you need which isn't supplied by the elrepo repository folks? Well, the thing is that i lack power scaling (i understood that the module should have name something like overhaul .. or something) Given that this is an samba home server with very little load is a pity that it stays all the time at maximum freq.. elrepo guys are fantastic and from them i have the vt1211 driver for the sensors .. but i dint see that they would have also scaling drivers in their repo. Thanks, Adrian Depends what hardware you have. ELRepo has a fixed powernow-k8 driver for AMD processors that allows correct scaling on multicore processors. See here: http://blog.toracat.org/2009/08/go-green-with-newer-amd-processors/ http://elrepo.org/tiki/kmod-powernow-k8 Other than that, generally I've found most scaling issues to be hardware/bios related, rather than an issue within CentOS itself so I'd suggest checking you have the latest bios for your motherboard and that all power saving options within the bios are correctly set. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] IPTABLEs and port scanning
On 01/05/2010 03:30 PM, James B. Byrne wrote: I see many entries in /var/log/secure similar to these: . . . /var/log/secure.1:Dec 31 08:00:55 gway01 sshd[7220]: Received disconnect from 93.89.144.31: 11: Bye Bye /var/log/secure.1:Dec 31 08:00:58 gway01 sshd[7221]: Failed password for root from 93.89.144.31 port 60100 ssh2 /var/log/secure.1:Dec 31 08:00:58 gway01 sshd[7222]: Received disconnect from 93.89.144.31: 11: Bye Bye /var/log/secure.1:Dec 31 08:01:02 gway01 sshd[7223]: Failed password for root from 93.89.144.31 port 60962 ssh2 /var/log/secure.1:Dec 31 08:01:02 gway01 sshd[7224]: Received disconnect from 93.89.144.31: 11: Bye Bye /var/log/secure.1:Dec 31 08:01:05 gway01 sshd[7227]: Failed password for root from 93.89.144.31 port 33612 ssh2 /var/log/secure.1:Dec 31 08:01:05 gway01 sshd[7228]: Received disconnect from 93.89.144.31: 11: Bye Bye /var/log/secure.1:Dec 31 08:01:09 gway01 sshd[7229]: Failed password for root from 93.89.144.31 port 34504 ssh2 . . . As you can see, the ports are not those associated with the service requested. SSHD is configured to listen on the standard port (22) and only on a single IP address that is supposed to be reachable only from the internal network (this is a multi-homed system configured as a gateway). Those are the *source ports* from the attacking host, not the destination port on which you are running SSH. I /assume/ the number enclosed in '[]' to be the pid of the sshd instance associated with the connection attempt. Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trying to get lm_sensorts to work
On 12/31/2009 10:41 PM, Akemi Yagi wrote: On Thu, Dec 31, 2009 at 2:04 PM, Jerry Geisge...@pagestation.com wrote: hi all, I am trying to get lm_sensors to work. did the yum install lm_sensors service lm_sensors start sensor -s and it says no sensors found. did lsmod | grep it87 and it87 57061 0 Did you run sensors-detect, and if so, which variant of it87 did it detect? You may want to read this forum thread: https://www.centos.org/modules/newbb/viewtopic.php?viewmode=flattopic_id=24010forum=38 and give the packages from ELRepo a try. Akemi Indeed. The standard it87 driver in 5.4 only supports IT8705F and IT8712F. I backported additional support for IT8716F, IT8718F, IT8720F and IT8726F Super I/O chips into the it87 module in ELRepo (kmod-it87), which will also automatically update lm_sensors as a dependency from the same repo. I reported this upstream over 18 months ago and it's now scheduled to be fixed in 5.5, maybe. https://bugzilla.redhat.com/show_bug.cgi?id=446061 https://bugzilla.redhat.com/show_bug.cgi?id=448223 In the meantime, the ELRepo package has the latest updated driver for this hardware. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] via vb 8001 : vt1211 driver
On 12/28/2009 09:18 PM, Adrian Sevcenco wrote: Hi! I have an vb8001 and i try to make the lm_sensors to work .. i upgraded to latest version and in the end doesn't find the vt1211 driver ... is it packaged somewhere? (maybe elrepo but it doesn't find any vt1211 nor 1211 related packages) (of course this is on an Centos 5.4) Thanks, Adrian P.S. i tried to post to lm_sensors mail list but it seem that it is not working (nor http://lists.lm-sensors.org/mailman/listinfo/lm-sensors) Hi Adrian, If you make a request at elrepo.org (either on the bug tracker or mailing list), then I'm sure I can backport the vt1211 driver for you and make it available at elrepo.org. From a quick look, lm_sensors (in 5.4) appears to already support vt1211 so you should just need the kernel module for it. Thanks. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS-docs] Broadcom's BCM4311-, BCM4312-, BCM4321-, and BCM4322-based hardware install manual
On 12/13/2009 01:02 PM, Milos Blazevic wrote: Hello (again), I saw I've been granted the rights to edit the page. Thanks Ralph! I'd like to thank all for supporting me on this matter. And yes Ralph, good point about sending from the address I registered with,... never really thought about it. In the next few days I'll be editing the wiki page so the manual will become available and all critical input is welcome - we all want a comprehenssive manual, don't we? Also, I personally think we can't presume to bind this particular WLAN card to a particular laptop model (in respect of the manual), and vice versa. For instance, Inspiron 1525 I'm using usually comes with several different flavors of WLAN cards - don't be surprised if you find it working with iwl1395 driver because yes, they sometimes do come with Intel wireless card. Agreed. I would think the logical location would be in the Wireless page: http://wiki.centos.org/HowTos/Laptops/Wireless where there is already a small section near the bottom that could be replaced, or if your contribution is too large to fit conveniently on that page then do it as a separate page and link it from there. It might be a good idea to do it as a separate page in your own area first as a draft (Ralph can probably help with that?), then once this list has had a chance to review it, it can be moved to the correct location? That way we don't have draft content sitting on a finished page whilst being written, if that makes sense. As for the drivers RPM Fusion and that no-vim-distro repos :) provide, this is the matter which the developers will certainly much better explain, especially since ELrepo developers are engaged in this discussion. Also, I myself was under the impression that Phil (NedSlider) considered thoroughly the option of building and .rpm for this driver. I have no idea what the policy of others is on redistributing such content, but as others have said, when I looked at it for inclusion in ELRepo I was concerned by the terms for redistribution in the license, and sought advice from the Software Freedom Law Center. We concluded that we (ELRepo.org) couldn't redistribute it under the current terms, hence why I feel such a guide here would be hugely beneficial. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS-docs] the iredmail project
Hi, I'm not sure why this would be sent directly to me so I'm forwarding it to the CentOS Documentation mailing list as that would seem a more appropriate place. http://wiki.centos.org/Contribute#head-42b3d8e26400a106851a61aebe5c2cca54dd79e5 shake chen wrote: hello I am a team member of iRedMail. http://code.google.com/p/iredmail/w/list the iredmail is open source mail soultion , now it support centos 5x. we hope can add the iredmail to CentOS mail wiki. thank you. ___ CentOS-docs mailing list CentOS-docs@centos.org http://lists.centos.org/mailman/listinfo/centos-docs
Re: [CentOS] centos-release srpm
Shad L. Lords wrote: Back on Oct 31st Karanbir said he would take care of the missing centos-release srpm. It still hasn't shown up on any of the mirrors. Is this ever going to be fixed? -Shad Did you (or anyone) file a bug? If so, it would be useful to link to it here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wireless
Davy Leon wrote: Hi There is no encryption and my neighbour knows about it, we are just trying to build an small network for our computers. Centos doesn't recognize the USB device. I just plug ot in and nothing happens. Any suggestions? David What chipset does the device use? Elrepo has drivers and firmware for many wireless devices. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Wireless
Davy Leon wrote: [r...@linux ~]# lsusb Bus 001 Device 004: ID 0846:6a00 NetGear, Inc. WG111 WiFi (v2) Bus 001 Device 001: ID : Bus 001 Device 002: ID 046d:c016 Logitech, Inc. M-UV69a Optical Wheel Mouse Bus 002 Device 001: ID : so, is Realtek RTL-8187L chipset As suspected, grepping modules.alias shows that Vendor:Device ID to match rtl8187.ko: grep 0846 /lib/modules/2.6.18-164.6.1.el5/modules.alias | grep -i 6a00 alias usb:v0846p6A00d*dc*dsc*dp*ic*isc*ip* rtl8187 so try loading the module: modprobe rtl8187 if it's not already loaded. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] startssl and CA autority
fakessh wrote: how to incorporate the certificates in postfix? Does this help? http://wiki.centos.org/HowTos/postfix_sasl ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DoveCot and Postfix Setup? or Zimbra?
ML wrote: Hi All, I have not really setup e-mail serving on Linux before by myself. I have a setup now where it was setup for me running Dovecot and postfix. The setup works. I want to set this up again on my own system. Does anyone have a good tutorial? Yes, on the CentOS Wiki: http://wiki.centos.org/HowTos/postfix Zimbra...does it replace dovecot and postfx setup? I believe so. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos