Re: XFS vs Ext4
For your system, I would not agonize over choice of ext4 or XFS, in practice you will see little difference. Some practical advice for your system: - bump the OS + home dirs from 1TB to 2TB (incremental cost of two 1TB SSD vs two 2TB SSD is small) - run this system on UPS power. your 200 TB data array will be RAID-6 with 12-16 of 20 TB HDDs, probability of one HDD failure is high, raid rebuild time will be about 2 days, if power goes out during rebuild, Bad Things Will Happen. - we have been using XFS for large data arrays since late 1990-ies (on SGI machines), it is very reliable, it will not corrupt itself (unless you have defective hardware, ZFS was developed to deal with that, checksums, self-healing, etc). - your server should have ECC DRAM. this is a standard feature for all server-class machines, use it. all our server machines have 64 GB of ECC memory. If I were building this system, I would make both the 2TB SSD array and the 200TB data array ZFS. Also you do not say how you will back up your data. You must have both backups and archives. Backups protect you against oops, I deleted wrong file", archives protected you against "oops, I deleted wrong file 2 years ago". Without backups and archives, if you have a fire, a flood, a crypto-ransomware attack, if your server is stolen, you lose everything. K.O. On Wed, Dec 06, 2023 at 11:37:54AM -0500, Edward Zuniga wrote: > Cc'ing supervisor to loop him in as well. > > On Wed, Dec 6, 2023, 9:18 AM Edward Zuniga wrote: > > > Thanks everyone for the feedback! I've learned so much from reading the > > discussions. > > > > For our application, we will have a LAN with a single server (1TB RAID1 > > array for OS, 200TB RAID5 array for data) and up to 16 workstations (1TB > > RAID1 array for OS). Our IT department is more familiar with Rocky Linux 8, > > which I assume will perform the same as AlmaLinux 8. Some of our MRI > > processing can take weeks to finish, so we need a system that is very > > reliable. We also work with individual files in the hundreds of gigabytes. > > > > While reading the Red Hat 8 manual > > <https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_documentation_en-2Dus_red-5Fhat-5Fenterprise-5Flinux_8_html_managing-5Ffile-5Fsystems_overview-2Dof-2Davailable-2Dfile-2Dsystems-5Fmanaging-2Dfile-2Dsystems&d=DwIFaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=NWrdCkO_Rv2xr06ZFmX0tmfqqeYNrrwhynckTqel03PtwMXxPfTvgwA0pa8NEDQP&s=PuCPAQ38-YIaby8e4N7dh0ORNT6UbvsXS04mQ0wfKnw&e= > > >, > > I found a few possible issues regarding XFS. I'm curious to see if anyone > > has experienced these as well. > > > > 1. Metadata error behaviorIn ext4, you can configure the behavior when > > the file system encounters metadata errors. The default behavior is to > > simply continue the operation. When XFS encounters an unrecoverable > > metadata error, it shuts down the file system and returns the EFSCORRUPTED > > error.*This could be problematic for processing that takes several > > weeks.*2. Inode numbers > > > > The ext4 file system does not support more than 232 inodes. > > > > XFS dynamically allocates inodes. An XFS file system cannot run out of > > inodes as long as there is free space on the file system. > > > > Certain applications cannot properly handle inode numbers larger than 232 on > > an XFS file system. These applications might cause the failure of 32-bit > > stat calls with the EOVERFLOW return value. Inode number exceed 232 under > > the following conditions: > > > >- The file system is larger than 1 TiB with 256-byte inodes. > >- The file system is larger than 2 TiB with 512-byte inodes. > > > > If your application fails with large inode numbers, mount the XFS file > > system with the -o inode32 option to enforce inode numbers below 232. > > Note that using inode32 does not affect inodes that are already allocated > > with 64-bit numbers. > > *Has anyone encountered this issue? *3. The Red Hat 8 manual also warns > > that using xfs_repair -L might cause significant file system damage and > > data loss and should only be used as a last resort. The manual does not > > mention a similar warning about using e2fsck to repair an ext4 file system. > > Has anyone experienced issues repairing a corrupt XFS file system? > > Thanks,Eddie > > > > On Tue, Dec 5, 2023 at 8:46 PM Konstantin Olchanski > > wrote: > > > >> On Mon, Dec 04, 2023 at 03:03:46PM -0500, Edward Zuniga wrote: > >> > > >> > We are upgrading our MRI Lab servers and workstations to AlmaLinux
Re: XFS vs Ext4
On Mon, Dec 04, 2023 at 03:03:46PM -0500, Edward Zuniga wrote: > > We are upgrading our MRI Lab servers and workstations to AlmaLinux 8. We > have used ext4 for the past 10 years, however we are considering using XFS > for its better performance with larger files. Which file system do you use > for your lab? > Historical background. XFS filesystem with the companion XLV logical volume manager (aka "partitioning tool") came to Linux from SGI IRIX, where it was developed circa late-1990-ies. XFS was copied to Linux verbatim (initially with shims and kludges, later, fully integrated). XLV was reimplemented as LVM. The EXT series of filesystems were developed together with the linux kernel (first ext filesystem may have originated with MINIX, look it up). As improvements were made, journaling, no need to fsck after crash, online grow/shrink, etc, they were renamed ext2/ext3/ext4 and they are still largely compatible between themselves. For many purposes, both filesystems are obsoleted by ZFS, which added: - added metadata and data checksums - to detect silent bit rot on current-generation HDDs and SSDs - added online filesystem check - for broken data, gives you list of filenames instead of inode numbers - added "built-in" mirroring - together with checksums, online fsck (zfs scrub) and monthly zfs scrub cron job, allows automatic healing of bit rot. - added "built-in" raid-5 and raid-6 - again, together with checksums and online fsck, allows automatic healing and robust operation in presence of disk bad sectors, I/O errors, corruption and single-disk failure. - other goodies like snapshots, large ram cache, dedup, online compression, etc are taken for granted for current generation filesystems. On current generation HDDs and SSds, use of bare XFS and ext4 is dangerous, SSD failure or "HDD grows bad sectors" will destroy your data completely. On current generation HDDs, use of mirrored XFS and ext4 is dangerous (using mdadm or LVM mirroring), (a) bit rot inevitably causes differences between data between the two disks. Lacking checksums, mdadm and LVM mirroring cannot decide which of the two copies is the correct one. (b) after a crash, mirror rebuild fill fail if both disks happen to have bad sectors (or throw random I/O errors). Ditto for RAID5 and RAID6, probability of RAID rebuild failing because multiple disks have have sectors and I/O errors goes up with the number of disks. ZFS was invented to resolve all these problems. (BTRFS was invented as a NIH erzatz ZFS, is still incomplete wrt RAID5/RAID6). Bottom line, if you can, use ZFS. Current Ubuntu installer has a button "install on ZFS", use it! -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Solution, Re: SL6 ssh fail
On Thu, Jan 05, 2023 at 08:18:14PM -0800, Konstantin Olchanski wrote: > I cannot ssh to SL6 machines from current MacOS or Debian 20 or 22: > root@daq00:~# ssh ladd00 > Unable to negotiate with 142.90.111.60 port 22: no matching host key type > found. Their offer: ssh-rsa,ssh-dss > bash-3.2$ ssh -oHostKeyAlgorithms=+ssh-rsa > -oPubKeyAcceptedAlgorithms=+ssh-rsa ladd00 A solution is to build and install openssh from BSD sources: xttps://daq00.triumf.ca/DaqWiki/index.php/SLinstall#Update_SL6_ssh Build openssh: ssh sl6-machine cd git git clone git://anongit.mindrot.org/openssh.git cd openssh autoreconf xemacs -nw ./configure ### fix syntax error: line 28124 empty "if/then/else" block bombs out, fill it with "AAA=aaa" ./configure --prefix=/opt/openssh make -j Install openssh: ssh root@sl6-machine cd .../git/openssh make install ### copies stuff to /opt/openssh /opt/openssh/sbin/sshd -p -d ### test sshd /opt/openssh/bin/ssh -v sl6-machine ### test ssh If you want to live dangerously, you are welcome to use my binary kit: ssh root@sl6-machine cd /opt git clone xttps://daq00.triumf.ca/~olchansk/git/openssh.git /bin/cp -pv /etc/ssh/*key* /opt/openssh/etc/ ### copy old ssh host keys /opt/openssh/bin/ssh-keygen -A ### generate any missing ssh host keys # test sshd /opt/openssh/sbin/sshd -p -d /bin/mv /usr/sbin/sshd /usr/sbin/sshd-SL6 /bin/ln -s /opt/openssh/sbin/sshd /usr/sbin/ /bin/mv /usr/bin/ssh /usr/bin/ssh-SL6 /bin/ln -s /opt/openssh/bin/ssh /usr/bin/ service sshd restart If you do this, do inspect the git commit history of ssh_config and sshd_config in cas eyou disagree with my customizations. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Perpetual Data (SL6 ssh fail)
On Tue, Jan 10, 2023 at 04:06:53PM -0500, Larry Linder wrote: > We used SL from 4.1 ... We started much earlier, 1998 or so, Red Hat Linux installed from floppy disks (soon from CDs). Choice of Debian vs Red Hat was settled by the very nice Red Hat graphical installer (featuring the sadly-now-defunct "install everything" button). > On of our dislikes is systemd and package manager. To give "them" credit, Ubuntu LTS 20 and 22 systemd is mostly problem free, it does try to take over most system functions (cron, NTP, DNS, etc) but does a 50% job at that (it works, but config files are bad and diagnostics are non-existant). > >From an industrial vantage point we really miss SL 5.11 and 6.5. I would say those were the best vintage of Linux. Since then, only one big improvement (ZFS) and many degradations. unfriendly UIs, systemd, grub, network manager, disfunctional boot system - "please shutdown! no! I must wait for all users to logout and all NFSes to unmount! (no matter that we are in the middle of a power outage and network is already dead). > We have basiacally abandoned RH and its following. They seam to pick up > the worst ideas and go with it. I feel opposite. RH abandoned us. They defaced linux with all kinds of laptop-centric crud (wayland, network manager, containers that do not work on NFS, etc) and then went "enterprise" where all this laptop-centric stuff only gets in the way. > Our security is pretty simple. - don't laugh too hard. We cron to turn > off network after 5:30 and turn it back on at 7 AM. good one! too bad we are a 24/7 shop... > Odd Notes. We hade two Toshiba high end laptops we were ready to junk. > After looking at them in detail. We replace the slow 125G HD with a 1 T SSD. So true, lots of old machines get a new life just be replacing SATA HDD with SATA SSD, unfortunately RAM limits (2G max, 4 GB max, 8 GB max) and limited CPU GHz takes their toll... > One of the real sad thing that has happened to our Engineering Comunity > is the during the China Virus shut down the students didn't learn much. So true. My favourite, I point physics student at a wall power outlet and ask "which plug is plus, which plug is minus?". You try it! > They are pretty good a running windows but they don't know how anything > works or how to connect a scope etc. The isolation is a disaster for > the new science / engineers who worked remotely. My contribution is > that we hire one or two bright students and teach them the real world > applications. TRIUMF has a big COOP and Summer student program. Lots of kids come through and learn how to use scope, screw driver, soldering iron, etc xttps://www.triumf.ca/academic-programs/undergraduate-program/coop-education > I encourage each when they are ready to explore other > oportunities. So far we have had 14 young men and ladies find their > lifes endever. The comments I get from companies is how does a student > get 4 years of engineering experience when they get their Deploma. > When I worked at GE one of my jobs was to train new engineers in the art > of digital control. The digital engine control (gray box) on side of > the CFM56 engines worked well and was certified in 1987. CFM56, legendary. Best the new generation could do is build and certify the 737-MAX airplane with a "fly down, down, down" feature in the control system (MCAS). Redundant sensors? Input sanity checks? Never heard of him! Discovered and fixed the hard way. K.O. > Another condecending Unix / Linux user. > By the way my great,great,great grandfather was a Hessian solder and > decided he like the country, jumped ship, married a lady and had 12 > Children. > > Larry Linder > > > > On Tue, 2023-01-10 at 11:49 -0800, Keith Lofstrom wrote: > > > From: Konstantin Olchanski > > > Subject: Re: SL6 ssh fail > > ... > > > It looks like my remaining option is to build openssh from OpenBSD > > > "portable" sources. > > ... > > > - "so old" - like a grand-father's axe, most our SL6 machines hardware > > > was upgraded 2-3 times by now, they run from SSDs on DDR3/DDR4 RAM > > > machines. > > > - exception is VME processors > > > > I'm on Konstantin's side here - although it is a side many > > light-years wide, with MANY of us spread thinly across it. > > > > While I do not have my grandfather's axe, I still use my > > great-grandfather's carpentry toolbox, which my grandfather > > brought from Sweden in 1911 (I also have my grandfather's > > steamship ticket, and his Swedish-to-English dictionary). > > > > https://urldefense.proofpoint.com/v2/url?u=http-3A__wiki.keithl.com_JohanSigfridLofstrom
Re: Perpetual Data (SL6 ssh fail)
Keith, thanks. In practice, experiment data is not "perpetual", life time of typical physics experiment is about 5-10 years after the last data taking. Afterwards, people tend to dissipate (retire, graduate and move on, just move on, lose interest, join different project, etc). after the last person who was involved with the experiment is "gone", experiment data is "orphaned" and nothing much can be done with it, even if the physical media and the data format is still readable and if the analysis software still can be compiled and still runs. That said, CERN support the "open data" approach, where general public has access to experiment data. But not to raw data, without calibrations and interpretations, raw data is dangerous, john q. public can easily "analyse it wrong". this is a hot debate topic in the physics community. https://opendata.cern.ch/ Re the TRIUMF photo, that's not my scope, I have a much newer one, but for some tasks, old scopes are better. The photo is taken in the walkway of the meson hall. Cyclotron is dead ahead. On the left side, attached to the He dewar is the brand new He compressor (makes liquid He: in Canada, we recycle!). Further left beyound the He compressor is the experimental hall with the cold neutron (0K cold, not just cold) machine and the muon beam lines for materials science experiments (MuSR). Outside of the picture (dead ahead behind the cyclotron) is the brand new state of the art e- accelerator. To the right (in a different building) is the unstable atom production (transmutation) machine (no, not lead to gold, we are not CERN!) and experiments that study these rare unstable atoms. Dead behind is a small cyclotron, it makes unstable atoms for medical use (radioactive tracers for medical imaging). This concludes your virtual tour of TRIUMF. You are welcome. K.O. On Tue, Jan 10, 2023 at 11:49:49AM -0800, Keith Lofstrom wrote: > > From: Konstantin Olchanski > > Subject: Re: SL6 ssh fail > ... > > It looks like my remaining option is to build openssh from OpenBSD > > "portable" sources. > ... > > - "so old" - like a grand-father's axe, most our SL6 machines hardware was > > upgraded 2-3 times by now, they run from SSDs on DDR3/DDR4 RAM machines. > > - exception is VME processors > > I'm on Konstantin's side here - although it is a side many > light-years wide, with MANY of us spread thinly across it. > > While I do not have my grandfather's axe, I still use my > great-grandfather's carpentry toolbox, which my grandfather > brought from Sweden in 1911 (I also have my grandfather's > steamship ticket, and his Swedish-to-English dictionary). > > https://urldefense.proofpoint.com/v2/url?u=http-3A__wiki.keithl.com_JohanSigfridLofstrom&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=iqT8zmlP56N56Jq9YP_a6cjE90PVa3LlHNdlKR14LBh4UY7CFKqQzSC6tQwZud2d&s=_bHbAaGb3b436-GEoRYnWCwPRLp6V7b_tiSALqhmBzY&e= > > > I use those tools to build the gizmos that help me imagine > space technology evolution into the 22nd century (and read > emails from my Swedish fourth-cousins). > > Science has plucked almost all of the low-hanging fruit; > future discovery lies in subtle manipulations of vast > amounts of both new and archived measurements made by > vast amounts of hardware accumulated over many decades. > > The huge problem with archived measurements is their origin > in imperfect and evolving hardware, software, procedures, > theories, and people. Those inputs color the data; new > data collected with new hardware, software, etc. can be > incommensurate with old data. This is a good reason for > keeping the old hardware/software sets alive, so you can > measure twice, with your great-grandfather's ruler and > with your laser interferometer, and cross-calibrate the > data taken both ways. > > Konstantin contributes to TRIUMF, Canada's premiere > particle accelerator. I am amused that the photo associated > with the TRIUMF Wikipedia page shows a Tektronix oscilloscope > designed in the 1960s: > > https://urldefense.proofpoint.com/v2/url?u=http-3A__en.wikipedia.org_wiki_TRIUMF-23_media_File-3ACanadian-5FScience-5F-2D-5FTRIUMF-5Fcyclotron-5F-2D-5FFlickr-5F-2D-5FCargo-5FCult-5F-2821-29.jpg&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=iqT8zmlP56N56Jq9YP_a6cjE90PVa3LlHNdlKR14LBh4UY7CFKqQzSC6tQwZud2d&s=VoPCz_dAeUSdH6dEptF53yurEpghrR-JZvyRjGJ0Sj0&e= > > > Also a large pipe and a huge dewar labeled "HELIUM", which > will probably be all used up and dissipated to outer space > by 2160. Data measured with instrumen
Re: SL6 ssh fail
On Mon, Jan 09, 2023 at 03:26:33PM -0800, Yasha Karant wrote: > > The SL6 issue is a different matter. Not only are various > applications vulnerable to compromises from the Internet, but so is > the kernel as well as kernel systems support software. > This is FUD. Which applications, which exploits? AFAIK, there is no remote exploits against SL6 ssh, there is no remote exploits against SL6 apache and there is no remote exploits agaist SL6 linux kernels. If you know otherwises, please post a list of applicable CVEs. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL6 ssh fail
On Mon, Jan 09, 2023 at 08:04:19PM -0500, Nico Kadel-Garcia wrote: > > ... you can validate the source tarballs and review any patches and the .spec > file. > no, I cannot validate and review this. I am not clever enough. Could never figure out even obfuscated C contest puzzles, forget about cyberwarefare malicious exploit codes. I looked at the stuff a few times, just for kicks. Yes, beyound my ken. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL6 ssh fail
On Sun, Jan 08, 2023 at 08:48:33AM -0500, Nico Kadel-Garcia wrote: > > There is a third party SRPM at: > > https://urldefense.proofpoint.com/v2/url?u=http-3A__rnd.rajven.net_centos_6_os_SRPMS_openssh-2D6.4p1-2D1cnt6.1.src.rpm&d=DwIBaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=APF_X_sbP87-U3byu32i-cPT0N0xHPBEhLmLSTRjCbrt6c02NpZBAfu3Z0LoBDLm&s=RoFP8HoZRy6liEx_Q1o6LAJzDhmsdUjdbqtBPSwXUrI&e= > > For the record, urldefence successfully obscures the fact that it points to rnd.rajven.net which happens to be registered in Moscow, Russia, per xttps://www.whois.com/whois/rajven.net A year ago, I would have said, yay, thanks! But after certain recent events, I say thank you, but no, thanks. P.S. It looks like my remaining option is to build openssh from OpenBSD "portable" sources. P.P.S. to answer some comments: - obsolete - only because you say so. like a mechanical bike, it does today what it did yesterday, users are happy. - "so old" - like a grand-father's axe, most our SL6 machines hardware was upgraded 2-3 times by now, they run from SSDs on DDR3/DDR4 RAM machines. - exception is VME processors - true Pentium-3 and Pentium-4 machines, fit for a museum. purported replacement ("core-2 duo" CPU) was a lemon (high mortality, all dead now). next purported replacement was okey, but went out of production too soon. "just replace it" people, should look at current prices for VME processors and VME hardware, then ask about delivery times, then come back with suggestions (and $$$). - insecure - exactly where? ssh insecure? nfs insecure? https insecure (A+ score from SSLlabs)? - "hide behind firewall!" - done, 1-2 layers of firewalls. external ssh and https access is required by function. - VMs, containers - shuffle chairs in the titanic, does not address any of the issues above. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL6 ssh fail
> > > > I cannot ssh to SL6 machines from current MacOS or Debian 20 or 22: > > SL 6 is obsolete, maybe time to upgrade? > Looking on my list of SL6 machines: experiment stations: dragon, musr, bnmr/bnqr, pol, titan. these are medium/small sized experiments, all software updates must be coordinated with experiment people. each experiment station has 2 or 3 SL6 computers (analysis station and VME frontend processor). install ubuntu 22.04, rebuild all experiment software, make experiment work again. takes about 1 month of calendar time per experiment station. two twist computers: upgrade by turning them off, they only exist to run Absoft and Intel F90 compilers. T2K/ND280 in Japan (JParc): update from SL5 recently completed. DEAP dark matter search at SNOlab: running SL6 and will not be upgraded. one former central server runs SL6 to run ruby-on-rails-based inventory database (does not work on ubuntu). likely "upgrade" is move from physical machine to a VM. ("Just rewrite your inventory database using the latest framework-du-jour!", "yessir! getting on it right away, sir!"). For some experiments, upgrade from CentOS-7 to Ubuntu 22 and upgrade from Ubuntu 20 to Ubuntu 22 has higher priority than upgrades from SL6. So SL6 machines exist, they perform useful function, it takes a significant effort to upgrade them (with no functional gain). In the mean time, nobody apprecates unnecessary rocking the boat (breaking SSH, HTTPS, etc). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
SL6 ssh fail
I cannot ssh to SL6 machines from current MacOS or Debian 20 or 22: root@daq00:~# ssh ladd00 Unable to negotiate with 142.90.111.60 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss Are there updated ssh rpm packages anywhere? In the mean time, this workaround works for me: bash-3.2$ ssh -oHostKeyAlgorithms=+ssh-rsa -oPubKeyAcceptedAlgorithms=+ssh-rsa ladd00 Last login: Thu Jan 5 19:18:20 2023 from daq07.triumf.ca ladd00:~$ -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Fermilab/CERN recommendation for Linux distribution
For the record, this view of CERN is very wrong. It implies that CERN keeps "the good stuff" hidden for itself, excludes scientists who are not "in". Actual situation is quite different, as many people know and most people can experience first hand by joining projects and discussion forums hosted at CERN. (true, not everything is open to all comers, you cannot join the ALPHA experiment mailing list except by invitation and you need a CERN account to use the CERN helpdesk). K.O. On Wed, Dec 07, 2022 at 02:22:47PM -0800, Yasha Karant wrote: > Hi Glenn, > > I find it unusual that HEP will find an AlmaLinux list of much use > in many circumstances. Internal to CERN, and perhaps Fermilab > and/or the various signatories to which HEP collaborations are > getting AlmaLinux from CERN/Fermilab (along with any experiment/data > analysis specific software that is required to be present at all > collaboration sites), will there be additional INTERNAL list/s > and/or support? I fully understand that these sources would only be > available to CERN/Fermilab/Collaboration-signatories -- but the > existence thereof is important for those of us who do NOT have > access to such resources. I also fully understand that this is not > the sort of "cradle-to-grave" support provided under vendor contract > to many for-profit enterprises as HEP has qualified professional > computer scientists and engineers as well as physicists who are well > versed on systems internals. > > Just curious. > > Kind regards, > > Yasha > > > > On 12/7/22 13:01, Glenn Cooper wrote: > >Hi Yasha, > > > >>Will CERN/Fermilab provide the same level of support to AlmaLinux that > >>currently is provided for Scientific Linux? > > > >AlmaLinux has its own support channels, so those are the way to go if you > >choose Alma. > > > >>Will this list transition into an AlmaLinux list? > > > >There are no plans for that. We'll continue to support Scientific Linux, and > >this list, until the end of upstream support in 2024. > > > >>Very few of these have the general professionalism that was present on the > >>SL list. > > > >Thanks to all for the helpful answers and friendly attitude! > > > >Yours, > >Glenn > > > > > >On 12/7/22, 2:11 PM, "owner-scientific-linux-us...@listserv.fnal.gov > ><mailto:owner-scientific-linux-us...@listserv.fnal.gov> on behalf of Yasha > >Karant" ><mailto:owner-scientific-linux-us...@listserv.fnal.gov> on behalf of > >ykar...@gmail.com <mailto:ykar...@gmail.com>> wrote: > > > > > >Will CERN/Fermilab provide the same level of support to AlmaLinux that > >currently is provided for Scientific Linux? Will this list transition > >into an AlmaLinux list? > > > > > >I have looked at the non-vendor lists for non-vendor ports of production > >RHEL current (CentOS basically is a vendor port). Very few of these > >have the general professionalism that was present on the SL list. I > >personally have transitioned to Ubuntu LTS current production; one thing > >I sorely miss is straightforward answers that the SL list provided. > >However, unlike RHEL, Ubuntu LTS does support a larger selection of > >recent laptop hardware platforms and allow for the most recent > >production versions of particular end-user applications. Nonetheless, > >there are situations in which a RHEL current tested production clone > >would be of use > > > > > >On 12/7/22 11:53, Glenn Cooper wrote: > >>CERN and Fermilab jointly plan to provide AlmaLinux as the standard > >>distribution for experiments at our facilities, reflecting recent > >>experience and discussions with experiments and other stakeholders. > >>AlmaLinux has recently been gaining traction among the community due to > >>its long life cycle for each major version, extended architecture > >>support, rapid release cycle, upstream community contributions, and > >>support for security advisory metadata. In testing, it has demonstrated > >>to be perfectly compatible with the other rebuilds and Red Hat > >>Enterprise Linux. > >> > >>CERN and, to a lesser extent, Fermilab, will also use Red Hat Enterprise > >>Linux (RHEL) for some services and applications within the respective > >>laboratories. Scientific Linux 7, at Fermilab, and CERN CentOS 7, at > >>CERN, will continue to be supported for their remaining life, until June > >>2024. > >> > > > > > > -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Fermilab/CERN recommendation for Linux distribution
On Wed, Dec 07, 2022 at 07:53:26PM +, Glenn Cooper wrote: > > CERN and Fermilab jointly plan to provide AlmaLinux as the standard > distribution for experiments at our facilities ... > I think "too late, too little". The ship has sailed and many people switched to Ubuntu. Switching "back" is possible if CERN and FermiLab offer of "provide AlmaLinux" provides more than a download mirror, but also addresses problems: - device drivers arbitrary removed from RHEL kernels. we wish to continue to use those devices (specifically, "obsolete" PCIe RAID controllers) and we want to hear that arbitrary removal of device drivers will not continue into the future. - device driver support for current hardware (specifically, laptops, but also latest AMD CPUs). historically RHEL was always behind Ubuntu in hardware support. - 64-bit ARM supoprt. As I understand it was removed from RHEL, so AlmaLinux has to restore/backport it back? indefinitely into the future? - 32-bit ARM support. I do not see an AlmaLinux download. So all 32-bit ARM hardware (RPI3s, FPGAs, etc) will run Debian/Ubuntu, breaking OS commonality - 32-bit Intel support. We still have hardware with 32-bit Intel CPUs, it will have to run Debian/Ubuntu, breaking OS commonality. - 3rd part hardware and software vendor support (specifically, CAEN). In recent years, I see many vendors dropping RHEL support while keeping Ubuntu/Debian support. CERN and FermiLan must work with the vendors to reverse this trend. - integrated ZFS support, boot from ZFS, install to ZFS (including mirrored boot disks, mirrored EFI, bootloader, etc) - NFS-Root support. Last I tried, RHEL-8 would not NFS-boot without major effort. - NIS support. ("LDAP need not apply"), scheduled for removal in RHEL, still works just fine in Ubuntu/Debian. - confusion of "streams", "split repositories" and other RHEL innovations/complications. - "GCC is always 1 version behind Ubuntu, nothing compiles", "python is always 1 version behind Ubuntu, all scripts do not run" - upgrade from version N to N+1 through reinstall only. RHEL 6-to-7, no go, 7-to-8 with difficulty, 8-to-9 does it work as well as "seamless" upgrades of MacOS? Will stay working for 9-to-10 and so forth? We still run SL6, "upgrade by reinstall" to AlmaLinux or to Ubuntu? Hmm? OS commonality is the serious issue here. In DAQ systems of recently built experiments, ARM boxes outnumber x86 boxes by a factor 5-10 (FPGA, RPI, etc). If RHEL/AlmaLinux cannot run on all of them, there is the good question, "why run RHEL on the one x86 DAQ box, why not run Ubuntu everywhere?". At CERN. having DAQ and online run on Ubuntu, but distributed offline analysis run on RHEL is an unwelcome complication. Bottom line. Run Ubuntu/Debian everywhere, why bother with "RHEL on a few boxes, Ubuntu/Debian everywhere else". P.S. Some users are comfortable with RHEL, they know how to use "yum", etc. Well with recent RHEL "yum" is replaced by "dnf", so that argument "for RHEL" is out the window now. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
cancel "root", Re: perfect chick / egg problem
> > The Linux community's decision to cancel "root" is the dumbest Idea I > have ever experienced. If you have another account with root priveladge > - what is the point. If its hacked the same result. > I was just looking at the same thing. As I understand, the fake non-root root user is needed as a workaround for an old problem. If you login as root and run "xterm", it will complain about disable/forbidden access to $DISPLAY. this has to do with security fixes in the X11 libraries against unsafe access to environment variables in suid executables. As result of all those/similar fixes, you cannot do a graphical login as root, applications like firefox and google-chrome cannot run if you start them as root, etc. As solution, current linux installers require that you create a fake non-root administrative user (with sudo and other special privileges), just so you can use this account to login into the machine (to enable NIS/LDAP and to create the real users). (as a bonus, documentation got smeared with "sudo this", "sudo that" noise). I do not think this adds much to security, but at least you can login and google. And of course the real root user is still there, it was not "canceled". Besides, alternative root users and alternative names for root is nothing new in the UNIX world, see https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_Wheel-5F-28computing-29&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=BKDVbYIeJ3JjTcyH776AZjH4S7cTX0nCx3dPPhiOOsgvsoap5Ow8c6oNZ9Doc4YZ&s=PnJeRPP6pHxJ6QMu1YLijSn0I7aoLUiM2fID8xm8jck&e= -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: perfect chicken egg Alma Web site.
Hi, Larry, obviously you are not limited to using USB and DVD install media, you can "dd" the install image to an HDD or SSD, boot and install from that. Not sure about your Gigabyte BS problems. I use ASUS mobos exclusively because BIOS is BS free. K.O. On Mon, Jan 03, 2022 at 05:26:21PM -0500, Larry Linder wrote: > Planning to upgrade a number of WS's to Alma 8.5. > I need to ask them a question but their web site says my brouser is too > old. So I can't ask them a question about installing Alma 8.5 > > Since some developers monitor this web page. I was hoping to get a > question answered by the back door. > > Problem: We have a number of GigaByte 970A DS3 Version 2 (black MB) > The bios on these MB will not boot from a USB Flash. Most of the stuff > on the internet is Noixe. > I can load Alma 8.5 minimal but need the full version that will not fit > on a DVD. I have it on a USB Flash but it will not boot. > Is there there anyway to load alma 8.5 minimal and later update via the > internet or ??? to the full 8.5 version. > > I have asked Gigabyte Support for a specific Bios update to remove the > security BS. They are working on finding it ! I know the bios update > version number but it does not exist anymore. > > I would be nice to be able to disable security to install a system and > then turn it back on. I guess it too logical. > > Maybe I should consult Dilbert. Got two new Dilbert books for Christmas > - there really a hoot. Reminds me of a place where I used to work. > > Happy New Year > Larry Linder -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Repo for updateso to an old SL
On Sun, Dec 19, 2021 at 09:34:57PM +0100, Elio Fabri wrote: > I'm stil using SL 6.2 (waiting for the fog about future SL, CentOS > ... to dissolve). > I'm in need to update firefox. A version for RHEL6 systems exists > (firefox-91.4.1esr) but yum finds no repo for that package. > Some help? Thx That is the true death of SL6. No google-chrome or other modern browser. There is firefox, true, but latest versions of firefox do wierd stuff and basically quickly approach unusable. With firefbox user base does not single digits it's only a question when firefox cannot open common web sites. But as likely as not, your SL6 computer is the size of a raspberry pi, universally available for $100, comes with raspbian/debian linux, no centos linux confusion needs to apply. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Need to add ftp to SL 6 machine
> > > > > > > Once I had a clue I was able to install the vsftpd rpm > > > > > > Running an unmaintained, out-of-date, password based service like FTP ... > > > > I would presume the OP has a clue ... > > Why would you presume this? ... > bah, hambug! He uses Linux, he has a clue. Most likely FTP is needed to support some piece of old hardware that cannot be trivially replaced or upgraded. With our MIDAS data acquisition software we have an important user with a standing requirement to support writing data to an FTP server (comlpete with clear-text password, etc), because that is the interface to their main sata store system. (*you* go and tell them "just write all your data to a usb drive!"). If ftp is needed, then it is needed, period. I just recently had to junk a very nice multiport 1gige switch, just because the management interface is an https web page, *but* supports only SSLv3 (predates TLS) and only obsolete cyphers (RC4 & co). Modern web browser absolutely refuses to connect, even though it is on a very secure private network (direct wire connection!). Very old web browser (SL6 firefox?) did manage to connect (after spewing nonsense about expired https certificates) but then my javascript was too old and the login page did not work. So sometimes you have to "turn back the clock" and use "obsolete" and "insecure" and even "it's so dangerous now!" software and connectivity. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Need to add ftp to SL 6 machine
> > > Once I had a clue I was able to install the vsftpd rpm > > Running an unmaintained, out-of-date, password based service like FTP > on an obsolete and unsupported operating system is begging for a lot > of trouble if the machine is ever probed by a rootkit. Are you sure > about doing this? I would presume the OP has a clue and they are running the ftp server on a private network or with firewall rules to restrict access to trusted machines. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Need to add ftp to SL 6 machine
On Thu, Nov 04, 2021 at 10:38:29AM -0400, Larry Linder wrote: > > > > Any one have an idea how to install ftp. > The ftp packages are right there on the SL download site: https://urldefense.proofpoint.com/v2/url?u=http-3A__ftp.scientificlinux.org_linux_scientific_obsolete_6x_x86-5F64_os_Packages_&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=C9Ly1502uXmpwpFORuIzoswDJgx64a9ltjaD4fSSLdOeM23DYcNKZurQ5xC8qDJw&s=oTmO9WSZkdJS0U1dWzD9z3e71xUzuxS37e9ezqL1Cf0&e= Download rpc files and install using "rpm --install *.rpm" or write a yum config file. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: timeshift
On Sun, Aug 08, 2021 at 07:38:07PM -0700, Yasha Karant wrote: > Apple products and the Apple OS (currently based upon BSD) are > proprietary. If one needs service (hardware or software), one > effectively must use an Apple store (at least in the USA). The > colleague is retired and has little money (this is the downward > mobile USA economy save for the neo-liberal profiteers). She got a > used/refurb Lenovo Carbon X1 and I just installed a working Linux on > it -- everything worked "out of the box". I am sympathetic with people on fixed income. All of us heading in that direction. But as the saying goes, a stingy person pays twice, a fool pays forever. A frugal person would do a careful evaluation after assigning $$$ numbers to the value of the data and to the number of hours spent (now and forever), as balanced against the $$$ cost of hardware, software and services. Cheapest solution may be a backblaze subscription. You never know until you do the numbers. You cannot have something for nothing, you have to spend real $$$ somewhere and you should never value your time at $0/hour. P.S. This would be $10 please. Payable to my paypal. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Disk reliability - and swap out`
In the Province of British Columbia, AC-side electrical equipment is designed by registered Professional Engineers (PE) and worked on by licensed electricians. At TRIUMF these people are better than average. Equipment we have built for SNOLAB and CERN was certified by an outside licensed inspector and has the CSA and CE marks. Inspectors were pretty strict and required a few changes in order to pass muster. Equipment below 50V generally does not need to be inspected/certified, but I, as an end-user, always ask "where is the fuse?" and "is this a fuse of the right type?" (I know there are different types of fuses but it is not my job to select the correct one). We take electrical safety very seriously. P.S. You cannot use a quarter to jumper blown fuses on current generation electronics. You are lucky if you can even see the fuse without a microscope. Replacing blown fuses is generally done by electronics technicians and they will not honor the request to "just jumper it!". P.P.S. A physics lab is not Boeing with their "only flies down" airplanes and "what time is now?" space ships. K.O. On Tue, Aug 10, 2021 at 04:10:26PM -0700, Yasha Karant wrote: > A proper circuit breaker, hopefully with external or simple panel > removal access (not remove from rack, open chassis, remove ... ), > will work fine and typically is better than a fuse. A "soldered in > place" fusible link also will work, but is much more difficult to > service and replace. Anyone who puts a jumper over an overcurrent > device (the "coin in the fuse box"), other than for diagnostic > testing, needs to be both educated and reprimanded. Note that if > there is a power supply (typically from the mains), one needs a > circuit breaker both for the power supply and for the items that the > power supply is supplying. Clearly, the safety engineering unit is > not verifying that any custom apparatus meets basic fail-safe > practices -- I am not suggesting actual UL, etc., testing and > certification for a specific experimental data or control device > (although I do look for such certifications on the actual circuit > breaker -- accidents are not nice). > > On 8/10/21 4:00 PM, Konstantin Olchanski wrote: > >On Tue, Aug 10, 2021 at 03:34:00PM -0700, Yasha Karant wrote: > >>One SSD had an internal short and turned into a space heater, > >>luckily there was no fire. End excerpt. > >> > >>Clearly, there is very poor safety engineering and/or quality > >>control > > > >you will not be amused to learn how many electronics lack > >proper fuses and protections against internal and external > >shorts. even here, I have seen good people forget to put fuses > >on newly built boards. > > > >>(as with certain Li batteries that did similar things in > >>personal devices being operated by the user). > > > >that's different. SSD stores bits, Li battery stores Joules, > >and "bits do not burn". > > > >>If that SSD had been inside a laptop (presumably, inside a rack mounted > >>disk farm and there were fire extinguishers and possibly a machine room fire > >>suppression system), things could have had a much worse outcome > >>(most laptops have combustible materials). > > > >tangled server rooms, laptops, men, guns, horses all together. > > > >laptop battery probably will not have enough oomph for a good SSD fire, > >cannot supply enough Amps, will shutdown before things get hot. ditto > >for laptop power supply (60 W vs 600 W PC power supply). > > > >server chassis with rack mounted SSD in a server room has such good cooling > >that the shorted SSD will only get slightly warm. also server power supply > >will probably shutdown quickly because of undervoltage condition. so no fire. > > > >in this particular case, the computer was in an experimental area, > >that has combustible materials, etc. > > > >> > >>As for the small amount of storage, the commentator is at a > >>reasonably well funded (through government sources and possible > >>tax-deductible or glamour philanthropy) HEP facility. > >> > > > >We also have a $$$ printing press in our basement (I have a key!) and > >we can transmute lead into gold (only slightly radioactive). > > > >K.O. > > > >> > >>Much of the world, including non-collaboration funded university research > >>facilities have rather poor funding at most entities within the USA > >>(not all faculty members can be at Harvard, Stanford, etc.) -- > >>administrative and some instructional facilities typically can get > &g
Re: Disk reliability - and swap out`
On Tue, Aug 10, 2021 at 03:34:00PM -0700, Yasha Karant wrote: > One SSD had an internal short and turned into a space heater, > luckily there was no fire. End excerpt. > > Clearly, there is very poor safety engineering and/or quality > control you will not be amused to learn how many electronics lack proper fuses and protections against internal and external shorts. even here, I have seen good people forget to put fuses on newly built boards. > (as with certain Li batteries that did similar things in > personal devices being operated by the user). that's different. SSD stores bits, Li battery stores Joules, and "bits do not burn". > If that SSD had been inside a laptop (presumably, inside a rack mounted > disk farm and there were fire extinguishers and possibly a machine room fire > suppression system), things could have had a much worse outcome > (most laptops have combustible materials). tangled server rooms, laptops, men, guns, horses all together. laptop battery probably will not have enough oomph for a good SSD fire, cannot supply enough Amps, will shutdown before things get hot. ditto for laptop power supply (60 W vs 600 W PC power supply). server chassis with rack mounted SSD in a server room has such good cooling that the shorted SSD will only get slightly warm. also server power supply will probably shutdown quickly because of undervoltage condition. so no fire. in this particular case, the computer was in an experimental area, that has combustible materials, etc. > > As for the small amount of storage, the commentator is at a > reasonably well funded (through government sources and possible > tax-deductible or glamour philanthropy) HEP facility. > We also have a $$$ printing press in our basement (I have a key!) and we can transmute lead into gold (only slightly radioactive). K.O. > > Much of the world, including non-collaboration funded university research > facilities have rather poor funding at most entities within the USA > (not all faculty members can be at Harvard, Stanford, etc.) -- > administrative and some instructional facilities typically can get > much more. Many universities now outsource to paid "cloud" storage, > with all of the issues that may entail. > > On 8/10/21 3:08 PM, Konstantin Olchanski wrote: > >Hi, Larry, thank you for this information, it is always good to see > >how other people do things. > > > >I am surprised at how little storage you have, only a handful of TBs. > > > >Here, for each experiment data acquisition station, we now configure > >2x1TB SSD for os, home dirs, apps, etc and 2x8-10-12TB HDD for recording > >experiment data. We use "sort by price" NAS CMR HDDs (WD red, etc). > > > >All disks are doubled up as linux mdadm raid1 (mirror) or ZFS mirror. This is > >to prevent any disruption of data taking from single-disk failure. > > > >(it is important to configure the boot loader on both SSDs to boot > >even if the other SSD is dead). > > > >I am surprised you use 1TB HDDs. We switched to SSD up to 2TB size (WD blue > >SATA SSDs). > > > >Failure rates of HDDs, the only reliable data is from backblaze: > >https://urldefense.proofpoint.com/v2/url?u=https-3A__www.backblaze.com_b2_hard-2Ddrive-2Dtest-2Ddata.html&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=NXYkiOfF7bPKBqi2iMgqsqrtLHRVdP7lIO-L5J4AmqQ&s=DgUuM1BVcm4jUkUWsi_DNMAjvkuy1zl1oaDQzrC4YAk&e= > >and > >https://urldefense.proofpoint.com/v2/url?u=https-3A__www.backblaze.com_blog_backblaze-2Ddrive-2Dstats-2Dfor-2Dq2-2D2021_&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=NXYkiOfF7bPKBqi2iMgqsqrtLHRVdP7lIO-L5J4AmqQ&s=lPk2j2mTwp6uDzrZYUsP2rIxyRiacBHZOU0o7R5mUqM&e= > > > >Failure rates of SSDs, seems to be very low, I only have 2-3 failed SSDs. > >One SSD had an > >internal short and turned into a space heater, luckily there was no fire. > > > >For backups of os and home dirs we use amanda and rsync+zfs snapshots. > >Backups > >of experiment data is not our responibility (many experiments use usb hdds). > > > > > >K.O. > > > > > >On Tue, Aug 10, 2021 at 10:55:35AM -0400, Larry Linder wrote: > >>There are 25 systems in our shop, all linux based, a linux based server, > >>and synology Disk Station running raid 1. The Disk Station has 12 TB > >>of space. 6 TB per for each raid level. > >> > >>We buy only one brand of disk with the black label. They are typically > >>1 TB. > >> > >>User boxes has a SSD drive for the OS and a 2 TB disk for th
Re: Back UP
On Mon, Aug 09, 2021 at 04:36:29PM -0400, Larry Linder wrote: > > Cron is now broken so you can't scehedule reliable backups. > This got broken in SL 6.9 worked in SL 6.5. > The reason is that it is looking for files from yum. Whot does yum have > to do with cron I heav yet to figure it out. > Cannot confirm. cron works just fine here. by design, it can bog down if some cron jobs never complete. this can happen to cron jobs that run "yum update". is that what you see? easy to fix by removing offending cron jobs. > > My advise if you don't want to be forever the support team - buy a MAC. > a "+1" on this one. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Disk reliability - and swap out`
Hi, Larry, thank you for this information, it is always good to see how other people do things. I am surprised at how little storage you have, only a handful of TBs. Here, for each experiment data acquisition station, we now configure 2x1TB SSD for os, home dirs, apps, etc and 2x8-10-12TB HDD for recording experiment data. We use "sort by price" NAS CMR HDDs (WD red, etc). All disks are doubled up as linux mdadm raid1 (mirror) or ZFS mirror. This is to prevent any disruption of data taking from single-disk failure. (it is important to configure the boot loader on both SSDs to boot even if the other SSD is dead). I am surprised you use 1TB HDDs. We switched to SSD up to 2TB size (WD blue SATA SSDs). Failure rates of HDDs, the only reliable data is from backblaze: https://urldefense.proofpoint.com/v2/url?u=https-3A__www.backblaze.com_b2_hard-2Ddrive-2Dtest-2Ddata.html&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=NXYkiOfF7bPKBqi2iMgqsqrtLHRVdP7lIO-L5J4AmqQ&s=DgUuM1BVcm4jUkUWsi_DNMAjvkuy1zl1oaDQzrC4YAk&e= and https://urldefense.proofpoint.com/v2/url?u=https-3A__www.backblaze.com_blog_backblaze-2Ddrive-2Dstats-2Dfor-2Dq2-2D2021_&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=NXYkiOfF7bPKBqi2iMgqsqrtLHRVdP7lIO-L5J4AmqQ&s=lPk2j2mTwp6uDzrZYUsP2rIxyRiacBHZOU0o7R5mUqM&e= Failure rates of SSDs, seems to be very low, I only have 2-3 failed SSDs. One SSD had an internal short and turned into a space heater, luckily there was no fire. For backups of os and home dirs we use amanda and rsync+zfs snapshots. Backups of experiment data is not our responibility (many experiments use usb hdds). K.O. On Tue, Aug 10, 2021 at 10:55:35AM -0400, Larry Linder wrote: > There are 25 systems in our shop, all linux based, a linux based server, > and synology Disk Station running raid 1. The Disk Station has 12 TB > of space. 6 TB per for each raid level. > > We buy only one brand of disk with the black label. They are typically > 1 TB. > > User boxes has a SSD drive for the OS and a 2 TB disk for the users > space and 32 G RAM. and a quad or six core AMD processor. The graphics > boxes get a Video card with lots of ram. 3 D rendering on a slow video > care wast's a lot of users time. > > The server has a SSD for the OS and 6 TB for user apps / > library /usr/local and /opt. It also has a mirror disk that keeps a > copy of the server locally. > > These systems are on 24 / 7 and accumulate a lot of hours. No matter > what the make mechanical disks have a life span. For grins I used to do > a post mortum on disk that failed. There were to types of failures, > the spring that returns the arm holding the heads cracks. The second > type of failure is the main bearings. Newer disk seem to have less of a > bearing failure rate. > To prevent operational problems we just swap out the disk on each box at > about 5,000 to 7,000 hr. The manufacturer says they are good for 10,000 > hr. See the fine print in the Waranty, You have to remember this is a > money making operation and down time is costly. > > Backups run at 12:29 and 0:29 in the AM. At the end of the morning back > up a copy is sent to a remote site. > > For security we shut down the network at 6:20 PM, bring it up at 0:01 AM > and shut it down after back up is complete. We bring it back up at 6:45 > AM. > 10 yeas ago we had a fixed IP and the Chineese found it by just > continually pounding on the door. The return IP was 4 hops to a city > north east of Shanghi. They had installed a root kit on our server, > disabled cron. When you changed the passwd to the server a few > millisecond later it was sent to china. We got rid of the fixed IP and > reloaded all the systems. So when you shout down the network to your > provider the next time your start it you get a different IP. > > We don't give the disks away as they contain a lot of design data, > SW,Cad programs, part programs for our mill etc. We donate them to a > charity that drills the disks and recycles the rest. > > Larry Linder -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: timeshift
On Sun, Aug 08, 2021 at 04:09:04PM -0700, Yasha Karant wrote: > > Assuming that she obtains a, say 1 Tbyte, external USB drive > (powered from the USB port and either mechanical or SSD), she plans > to do incremental backups to the backup drive. > > ... what ... would anyone recommend? > ... [need] tool [that] actually "works". > get a mac and use the built-in incremental backup tool called "time machine". spend more $$$, save on time, headache medicines and torn hair repair (assuming you still had any). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: customize Xsetup_0 , file is not executed
On Tue, Aug 03, 2021 at 09:37:53AM +0200, Ekkard Gerlach wrote: > > /etc/X11/xdm/Xsetup_0 in is NOT executed, what could be the reason? > you are not running xdm. you probably have gdm or lightdm or systemd-dm or whatever. the xdm startup scripts are pretty well documented and pretty well understood, but all this new stuff is an undocumented mess, different on every linux. IMO. one solution could be to run vanilla xdm, then your Xsetup should work. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Scientific Linux Advice
On Tue, Jun 29, 2021 at 06:43:12AM +, Nick Matchett wrote: > I hope that someone could help me identify an individual or business that > would be able to help me with the following problem. > My business has some software that we acquired the responsibility to maintain > and support, and currently sits on Scientific Linux version 6.3. > Unfortunately, we are at a stage where our customers are asking to bring the > software onto a more current version of a Linux platform. > We would like to migrate to Red Hat or CentOS version 7.9 (or perhaps > version 8) Oh, boy! We are on the receiving end of such problem with Altera. Their latest fpga compiler does not support cyclone-1 FPGA, the last version that does still by a miracle runs on ubuntu and centos7, and of course Altera will never update it. As if nobody needs to compile cyclone-1 fpga code. If, like in this case, your application still does something useful and your customers still want to run it, perhaps simplest is not to monkey around with it, just package it as a VM container that runs on current-ish linuxes. > I hope that someone could help me identify an individual or business I wish you best luck with hiring the right staff, contractor or consultant to resolve your trouble. K.O. > > > > We have been working on a migration from Scientific Linux 6.3 to Redhat 7.9. > > Unfortunately, we have limited Linux OS skills in our business, and we have > approached this with a fresh RH 7.9 install and then applying the RPM of our > software. There is a big mismatch between Scientific Linux 6.3 to Redhat 7.9 > in terms of libraries, file structure and type of libraries between the > software and we have not been able to reconcile those. > > > > I would appreciate any suggestion or advice on the best upgrade path to > achieve this update and would be happy to take recommendations on > individuals or companies who might be interested in a professional service > engagement to help solve the problem. > > > > Thanks in advance -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: any update on CERN Linux and CentOS-8 situation?
On Thu, May 06, 2021 at 12:19:18PM +, James M. Pulver wrote: > > Believe me, I'd prefer to not deal with technical licenses and have a simple > site licence option for software. I have more than enough commercial software > on Windows that I have to support that add way too much time just for their > crappy licensing changes etc... > To amplify. "free" licenses are only free in the sense that cost of my labour is valued at $0/hour. "A free license here, a free license there", can quickly add up to 1 FTE or more to handle them. K.O. > > -- > James Pulver > CLASSE Computer Group > Cornell University > > > > > From: owner-scientific-linux-us...@listserv.fnal.gov > on behalf of Mark Stodola > > Sent: Tuesday, May 4, 2021 4:42 PM > To: owner-scientific-linux-us...@listserv.fnal.gov > Cc: scientific-linux-users > Subject: Re: any update on CERN Linux and CentOS-8 situation? > > For our use, free is definitely a positive, but not a requirement. > > We deploy our product's control systems and are really looking for the > long term stability and security patches. I wouldn't have a problem > with purchasing licenses, as long as it didn't get in the way. That > meaning, not having to deal with serial numbers, subscriptions, and > phoning home. I want something I can buy, deploy, and forget about with > regards to licensing. This is a logistics issue. I don't want to dump > that responsibility on our customer long term and not all of our > machines are remotely accessible to manage ongoing license maintenance. > > This is likely in stark contrast to the HEP community, as I see that > more of a site-wide deployment managed by a team dedicated to the job. > > Best Regards, > Mark > > -- > Mr. Mark V. Stodola > Control Systems Manager > > National Electrostatics Corp. > P.O. Box 620310 > Middleton, WI 53562-0310 USA > Phone: (608) 831-7600 > Fax: (608) 831-9591 > > On 5/4/21 2:51 PM, James M. Pulver wrote: > > Honestly, I've seen a lot of the FLOSS community prefer Rocky over Alma, > > and I think it's because Rocky is actually not backed by any company. > > However, we see how that went before, and I just think Rocky as described > > is ripe for CENTOS 2.0 to me. It's even run by one of the CENTOS founders, > > so -- maybe he's learned his lesson, but I don't see that as a positive for > > Rocky - it's neutral at best. I mean, CENTOS was bought by Red Hat and then > > "killed". Oracle? not even a blip. CloudLinux? Not a blip. Princeton, not a > > blip. I.e. all the rebuilds with a organization behind them that isn't > > dependent totally on community funding were basically unaffected here. The > > major distros that are going strong are company backed (Including SuSE, > > Ubuntu, RHEL, etc), except for Debian that seems to be the exception that > > proves the rule to me. And most of what Yasha et al seem to be looking for > > is a professional rebuild that is free - which might be a contradiction in > > terms, except for communities maintaining what they need for their use. > > > > This is why I (and I guess Yasha etc) are so disappointed that all the HEP > > labs can't get together to fund what? 5 FTE across all of them to re-create > > SL for the HEP community? Or some sort of Internet2 license that is > > affordable of RHEL (maybe that's the secret goal). Is that really a huge > > part of the CERN, Fermilab, etc all the labs budget? I imagine it's less > > than the commercial RHEL license costs. But we do have Alma (and others, > > including Oracle - wish I trusted them even a little) donating that rebuild > > to the world at large, so there's some people interested in putting > > donations out there. > > > > Anyway, digression aside, it's hard to do more than wait and see I guess - > > and much of that waiting is maybe for EL9 and to see if Rocky releases > > something that creates a better community than Alma has managed. Though I'm > > still betting on a company backed project getting going and keeping going > > much better in the short term anyway. > > -- > > James Pulver > > CLASSE Computer Group > > Cornell University > > > > > > > > > > From: owner-scientific-linux-us...@listserv.fnal.gov > > on behalf of Jack > > Aboutboul > > Sent: Tuesday, May 4, 2021 2:39 PM > > To: Dave Dykstra > > Cc: Bonnie King; Konstantin Olchanski; scientifi
Re: any update on CERN Linux and CentOS-8 situation?
On Thu, May 06, 2021 at 01:22:06AM +0100, Mark Rousell wrote: > On 05/05/2021 23:13, Konstantin Olchanski wrote: > > > > Things seem to be much quieter and event-less in the BSD and Debian (& co) > > camps. > > I greatly fear that the BSDs are gradually losing the battle to keep up > with Linux in terms of newer features and support for certain classes of > hardware. > In a sense, that battle was lost years ago, when linux implemented a better TCP/IP stack and when SGI extended Linux to work well of 1000-CPU NUMA machines. And yet, the BSDs are still here. > > It saddens me to note that both iXsystems (TrueNAS, previously > FreeNAS) and Netgate (pfSense) are looking towards Linux, not BSD, for > their next generation of larger-scaling, higher-throughput systems. > For these applications, most important is performance of ZFS+NFS/Samba+TCP/IP. ZFS being an OS into itself, is reported to work well inside BSD kernels, but is not as happy inside the linux kernel, the ZFS and Linux tend to fight over data caching, i/o scheduling, etc So whale fights elephant, better ZFS on BSD, better networking on Linux, and who knows how it comes out. > > In the case of iXsystems, the new TrueNAS Scale is Linux based. And in the > case of Netgate, their new TNSR product is based on Linux. Eventually it > seems likely that both companies might well want to rationalise on one > underlying OS. > Those are also business decisions, not purely technical. I can see how they gain by standardizing everything on Linux, especially when anything embedded, anything SoC is "linux first". If they want to run the same code scaling from "Raspberry PI NAS" to "big iron NAS", Linux would be the way to go. > > And FreeBSD itself has recently experienced the Netgate-related > Wireguard incident. > Nobody is safe from such things. Strength of a project is in how well they can survive/recover. > > As for Debian, they certainly had what one might call an 'event' with > the decision to choose SystemD. ;-) > At least in Debian it is all above board, with voting, public discussion, and all. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: c++17,17,20... - was Re: [SL-Users] Re: any update on CERN Linux and CentOS-8 situation?
On Tue, May 04, 2021 at 11:00:00PM +0100, Andrew C Aitchison wrote: > On Tue, 4 May 2021, Konstantin Olchanski wrote: > > >- first slide of "distribution landscape" is nonsense, > >with everybody stuck with el7 for another 3 years and > >bye, bye, c++14, c++17, c++20. > > Is Red Hat Developer Toolset 10 > https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_documentation_en-2Dus_red-5Fhat-5Fdeveloper-5Ftoolset_10_html_10.0-5Frelease-5Fnotes_dts10.0-5Frelease-23Changes-5Fin-5FDTS&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Chv7ZrLnQII3dvv1o48KTg7YAxT9SNUUCkOkflNOCd4&s=bZUlWtCI03IJ95QWY-_DTkmqMdwOzXq8PVBkiR1dZLM&e= > not an option ? > > (OK, C++20 support in g++ 10.2.1 is "experimental). > And so what? I can take SL-6 and graft modern versions of all important packages, one does not even need the devtoolset, GCC is easy to build from sources. But this is no longer "SL-6", it is "SL-6-KO1", at best. Same thing, "CentOS-7 with devtoolset, php from webtatic, python from pip, kernel from ELREPO, etc" is not CentOS-7. It is an irreproducible Franken-monster-bashed-together-locally thing. Is this the new standard, the best way to go, "the new thing" for production environments? -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: any update on CERN Linux and CentOS-8 situation?
On Mon, May 03, 2021 at 05:54:35PM -0400, Jack Aboutboul wrote: > > I am a long time Fedora person and now the community manager of AlmaLinux. > Hi, Jack - good to hear from AlmaLinux. I wish you and your project best luck and speedy progress. I do not think of Alma Linux, Rocky Linux, etc as competitors ("who is better?"), to me they are partners at a common goal, like the two guys on both sides of a two-man wood saw. My biggest worry is with Red Hat throwing more unexpected curved balls, as they have now done 3 times (RH "E" Linux, "purchase" of CentOS, unexpected death of CentOS Linux). Things seem to be much quieter and event-less in the BSD and Debian (& co) camps. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: [SCIENTIFIC-LINUX-USERS] [SL-Users] Re: any update on CERN Linux and CentOS-8 situation?
On Tue, May 04, 2021 at 10:57:11AM +, Jose Marques wrote: > > My view is that Stream is exactly what RHEL say it is, a development > distribution to which 3rd parties can contribute to RHEL development and from > which 3rd parties can base their own distributions. It's not for end users, > or small organisations that need timely security updates and other fixes and > can't produce same themselves. > This is exactly what puzzles me. The food chain seems to be: {GNOME,systemd,Poettering,etc} -> Fedora -> CentOS Stream -> RHEL The purpose of RHEL seems to be clear: stuff that reaches RHEL has been hammered enough that it mostly works. The purpose of Fedora is clear: this is the bleeding edge; whatever work, works; whatever is broken, we fix tomorrow, but no promises. But what is CentOS Stream in the middle? How is it different from Fedora? Is it: a) stuff that is not good enough yet for RHEL? (needs more hammering until it works). (but "not good enough for RHEL" probably means "not good enough for me"?). b) just Fedora N-1? c) "best of" selection of packages from Fedora N, N-1, N-2, etc? d) all of the above plus secret/proprietary/NDA fixes for security and hardware bugs? Perhaps the answer truely is as Red Hat have been saying all along - "this is our internal development process". But in this case, how/why would anybody recommend "an internal development process" "thing" for any kind of production use? Hmm... If quality is good enough, maybe it is ok. Let's see how quickly they fix security CVEs... I pick https://urldefense.proofpoint.com/v2/url?u=https-3A__cve.mitre.org_cgi-2Dbin_cvename.cgi-3Fname-3DCVE-2D2021-2D20194&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sQ-t16h7TvSNSg14oOkP3OA9VQIwY5urkmx0Y8St1Ag&s=_KIWEZZuAYWDdj8EKFq_cRWj8pd7FVIpDRkwEgf5FLo&e= at random, I follow the references through https://urldefense.proofpoint.com/v2/url?u=https-3A__bugzilla.redhat.com_show-5Fbug.cgi-3Fid-3D1912683&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sQ-t16h7TvSNSg14oOkP3OA9VQIwY5urkmx0Y8St1Ag&s=Du4owy_SkXFPmqI1EwXiR4lZK-N8TXox9jLiT6UkCrw&e= - Fedora: all versions affected, fix available - RHEL: affected, see https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_security_cve_cve-2D2021-2D20194&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=sQ-t16h7TvSNSg14oOkP3OA9VQIwY5urkmx0Y8St1Ag&s=x3x-RjLGL0IsdZPTdzZXPZVEv5Gp0qpciVucyHZqwsU&e= - CentOS Stream: no info, google search for "CVE-2021-20194 centos" and "... centos stream" yields nothing. ("... ubuntu" yields the expected notvulnerable/fixreleased page) Ok, maybe some obscure CVE was bad choice. How about the "sudo" CVE-2021-3156? I do not see any notice of resolution for centos stream. (I see notices for RHEL, Ubuntu, Fedora, etc. Of course CentOS "Linux" follows the RHEL CVEs). Now I have to ask, does "CentOS Stream" even follow the CVE process? (notices of vulnerability, "fix available", etc). (CentOS "Linux" follows the RHEL CVE process, of course). Not that I am dumping on CentOS Stream, I am just trying to understand how it works as a suggested replacement for CentOS Linux. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: [SL-Users] Re: any update on CERN Linux and CentOS-8 situation?
On Mon, May 03, 2021 at 09:14:11PM +, Dave Dykstra wrote: > Here's a presentation at HEPiX'21 from CERN that's publicly available: > https://indico.cern.ch/event/995485/contributions/4256466/ Thank you for the link, I was not aware of this presentation. For further reading, it contains a link to the March meeting of the linux future committee: https://indico.cern.ch/event/1019875/ All materials are publically available, the zoom chat transcript requires a CERN login (which I have), I am reading through the stuff now. First impressions from the HEPIX presentation: - there is no explanation how CentOS Stream is a technically acceptable replacement for CentOS Linux. There is many questions here, none answered. - there is no suggestion of reviving the CERN+FermiLab collaboration (named SL or otherwise). This is surprising, if Princeton can roll out a "new centos", CERN+Fermilab have even more resources to do same. - there is no suggestion of CERN providing extended support for CentOS-8. To me, this would be the obvious path forward. - first slide of "distribution landscape" is nonsense, with everybody stuck with el7 for another 3 years and bye, bye, c++14, c++17, c++20. - second slide of "distribution landscape" has LHC experiments changing horses in the middle of Run 3. Good luck with that. - no discussion of "red hat takedown/takeover of centos, 2.0" scenario for Rocky Linux & co. First impressions from the "linux future" meeting in March: - 30 minutes of our Troy Dawson leading Red Hat's video presentation: https://videos.cern.ch/record/2756480 (where they say "rail", they mean RHEL, took me a while to catch this) - "CC7 is not an option to use for RUN3 at CMS", page 4, https://indico.cern.ch/event/1019875/attachments/2214410/3751654/lfc002.pdf - support for 64-bit ARM is a requirement (good, but what about existing 32-bit ARM and 32-bit x86 machines?) - page 5, key take away, "Most likely moving to CS8 is your best option, as this allows for a trivial upgrade path to EL8 at a later date". (Is this true? Can somebody point me to the instructions for upgrading Centos Stream 8 to RHEL 8? A quick google search finds nothing) - Linux BOF slides https://indico.cern.ch/event/995485/sessions/386343/attachments/2209929/3739897/hepixLinuxBoFMarch16th2021.pdf - Linux BOF 82 min video https://videos.cern.ch/record/2756412 - Ben Maurice slides https://codimd.web.cern.ch/p/Zcc5CqncC#/1 - zoom chat (requires cern login) - all questions raised are reflected in Ben Maurice slides. Bottom line. All arrows point at CentOS Stream, but there is no review/evaluation of it's technical suitability for HEP specific needs. Good/bad/etc compared to el7 and compared to non-RPM alternatives (ubuntu, etc). And there is many questions, none answered. It looks like everybody will have to do their own evaluation and decide for themselves. P.S. Do watch Troy's video! -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: any update on CERN Linux and CentOS-8 situation?
On Mon, May 03, 2021 at 11:25:22AM +, Bonnie King wrote: > > There hasn't been any official statement. On the Fermilab side we are holding > discussions and gathering feedback from experiments and other collaborators. > We are working on it and will make an announcement soon. > Ok, thanks. I hope you find the discussions on this mailing list as useful input into your deliberations. I wish it did not take 6 months to sort it out, but I guess (a) with covid, everything takes longer (true for me), and (b) it reflects the size of the doo-doo red hat have stepped on (instead of walking around it). At TRIUMF, my feeling is that there will be further splintering of Linux user base, the central computing group is likely staying with red hat, for the experiments, we replace SL6 with Ubuntu, one big experiment group just upgraded SL6 to CentOS-7 and is likely to stay there, for new installs we offer a choice of Ubuntu or CentOS-8 (with the caveat of no support after December). RaspberryPi, nano-pi, etc is all Raspbian (debian). Looks like a repeat of the UNIX fragmentation of the 1990-ies, where everybody's computer is just slightly different to cause trouble. The main driver of linux choice is "latest c++" (c++17, c++20) and "latest python". K.O. > Bonnie King > > > From: owner-scientific-linux-us...@listserv.fnal.gov > on behalf of Konstantin > Olchanski > Sent: Saturday, May 1, 2021 9:27 AM > To: Dave Dykstra > Cc: scientific-linux-users > Subject: Re: any update on CERN Linux and CentOS-8 situation? > > On Fri, Apr 30, 2021 at 09:35:02PM +, Dave Dykstra wrote: > > Both Fermilab and CERN have stated that they plan to use CentOS 8 stream > > for now (or Scientific Linux 7 or CentOS 7) and will evaluate later > > whether or not to switch to one of the clones. > > Interesting. I do not see any information about this and I believe > I receive both internal and external official communications from CERN. > > Do you know who and when made this "centos stream" statement? > > K.O. > > > > > > Dave > > > > On Fri, Apr 30, 2021 at 10:35:18AM -0700, Konstantin Olchanski wrote: > > > Any news or updates on the status of CERN Linux? > > > > > > Per https://linux.web.cern.ch/centos8/ CERN users are strongly encouraged > > > to use CentOS-8 while the same page states that support for CentOS-8 will > > > end at the end of this year. Update is promised "during Q1 2021", today > > > we are 1/3 into Q2 2021, and there is no new information. > > > > > > The CentOS forums are graveyard quiet. (censored?) > > > > > > Any information from the FermiLab side of things? Any information from > > > the SL side > > > of things? Any rumours? > > > > > > I opened a support ticket with CERN about this, let's see what they say. > > > > > > > > > -- > > > Konstantin Olchanski > > > Data Acquisition Systems: The Bytes Must Flow! > > > Email: olchansk-at-triumf-dot-ca > > > Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada > > -- > Konstantin Olchanski > Data Acquisition Systems: The Bytes Must Flow! > Email: olchansk-at-triumf-dot-ca > Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: any update on CERN Linux and CentOS-8 situation?
On Fri, Apr 30, 2021 at 09:35:02PM +, Dave Dykstra wrote: > Both Fermilab and CERN have stated that they plan to use CentOS 8 stream > for now (or Scientific Linux 7 or CentOS 7) and will evaluate later > whether or not to switch to one of the clones. Interesting. I do not see any information about this and I believe I receive both internal and external official communications from CERN. Do you know who and when made this "centos stream" statement? K.O. > > Dave > > On Fri, Apr 30, 2021 at 10:35:18AM -0700, Konstantin Olchanski wrote: > > Any news or updates on the status of CERN Linux? > > > > Per https://linux.web.cern.ch/centos8/ CERN users are strongly encouraged > > to use CentOS-8 while the same page states that support for CentOS-8 will > > end at the end of this year. Update is promised "during Q1 2021", today > > we are 1/3 into Q2 2021, and there is no new information. > > > > The CentOS forums are graveyard quiet. (censored?) > > > > Any information from the FermiLab side of things? Any information from the > > SL side > > of things? Any rumours? > > > > I opened a support ticket with CERN about this, let's see what they say. > > > > > > -- > > Konstantin Olchanski > > Data Acquisition Systems: The Bytes Must Flow! > > Email: olchansk-at-triumf-dot-ca > > Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
any update on CERN Linux and CentOS-8 situation?
Any news or updates on the status of CERN Linux? Per https://linux.web.cern.ch/centos8/ CERN users are strongly encouraged to use CentOS-8 while the same page states that support for CentOS-8 will end at the end of this year. Update is promised "during Q1 2021", today we are 1/3 into Q2 2021, and there is no new information. The CentOS forums are graveyard quiet. (censored?) Any information from the FermiLab side of things? Any information from the SL side of things? Any rumours? I opened a support ticket with CERN about this, let's see what they say. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: [EXTERNAL] Re: Code bias video, watch it ASAP
On Tue, Apr 27, 2021 at 04:49:00PM +, Queen, Steven Z. (GSFC-5910) wrote: > > I don't think this list is an appropriate place for political discussions. > I agree, I think the OP should not have brought this subject on this list. > > Hopefully an administrator will intervene. > If this continues, I will unsubscribe. > Unfortunately, technical, policy and political issues mix together and there is no avoiding that. Ignoring them is dangerous, they have a way of catching up to you in whatever cave or monastery or retreat you choose to hide in. K.O. > > From: owner-scientific-linux-us...@listserv.fnal.gov > on behalf of Nico > Kadel-Garcia > Sent: Tuesday, April 27, 2021 9:04 AM > To: LaToya Anderson > Cc: Andrew C Aitchison ; Keith Lofstrom > ; Mailing list for Scientific Linux users worldwide > > Subject: [EXTERNAL] Re: Code bias video, watch it ASAP > > On Sun, Apr 18, 2021 at 7:24 AM LaToya Anderson > wrote: > > > > Data does not remove bias. And one can and should both read the article and > > watch the movie. > > > > STEM Academy Instructor > > Data rather than mere exposition helps prevent bias. How do you refute > or counter unfair bias except with data? > > The movie is, itself, profoundly biased. It didn't explore at all why > a public housing project might benefit from cameras on the door of a > densely populated building with numerous poor, old, or unhealthy > tenants. The movie was an icon of "Critical Theory", portraying the > attempt to use science and engineering for social problems as a plot > against the oppressed. > > I've lived in scary neighborhoods of London. London accepts and > expects a degree of CCTV monitoring that is outrageous to Americans. > Sadly, citizens can't *get* the videos when a crime occurs, and > photographic evidence can be misused against the innocent. Been there, > done that, watched a London parking cop frame the photos they took to > document a parking ticket, really ticked him off when I very obviously > took photos at angles that showed the car was, in fact parked near a > sign that gave permission and curb markings that matched. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Code bias video, watch it ASAP
Thank you for highlighting this important issue. With recentish New York Times reports on image recognition software labeling US congressmen as monkeys and criminal courts using "algorythms" for bail and sentencing decisions, I think there is cause for severe concern. All involved with software and computer systems should be aware of such things. Given the general level of incompetence (see the Boeing 737-MAX airplane programmed to fly into the ground if one external sensor is hit by bird) and the incoming era of robocops firing "only non-lethal" weapons on targets identified "by algorithm", I think there is reason to worry. K.O. On Sun, Apr 18, 2021 at 07:24:39AM -0400, LaToya Anderson wrote: > Data does not remove bias. And one can and should both read the article and > watch the movie. > > STEM Academy Instructor > > On Sun, Apr 18, 2021, 6:59 AM Nico Kadel-Garcia wrote: > > > On Sun, Apr 18, 2021 at 6:22 AM Andrew C Aitchison > > wrote: > > > > > > On Sun, 18 Apr 2021, Nico Kadel-Garcia wrote: > > > > > > > The movie is very strong on "feels", very poor indeed on data. > > > > > > > > A much better article, with far less "feels" > > > ^^ > > > Is that a deliberate example of the bias in the video ? > > > > No, it's an evaluation of the video and a pointer to a much more > > succinct, more specific article. > > -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: FWIW: AlmaLinux now available.
On Sat, Apr 03, 2021 at 11:39:17AM -0400, Lamar Owen wrote: > > AlmaLinux stable release is now available. > Question is: but for how long? until red hat pulls a centos on them? P.S. My message is "FU!D". Fear, check! Uncertainty, check! Deception? Nope, happened before, will happen again. cease&desist letters, AT&T/BSDI and SCO/IBM-style law suits, offers-you-cannot-refuse to principal developers, etc. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: In search for SL 6.5 replacement - mint evaluation
even the ones that are set to mode 000. > These are Complete with account name and userID. ! > > 5. Last but not least: > I wanted to install KiCad using the SW manager. It worked, crated the > icon and put the files in /usr/bin/1001/bla/bla/bla. So I can install a > program. A typical system in our shop may have 12 logins from engineer, > software engineer, manufacturing, purchasing etc and the list goes on. > So each has to load a copy of the program. Remember owner, groups, > userID doesn't work properly. you can inspect the passwd and group, and > they look good. Run pwconv and grpconv to update shadows, run the check > programs it looks good, it still doesn't work. I have not stumbled on a > way to set it up so it works. > > 6. We downloade VMware 16, it install and worked. Thank You VMware. We > are going to buy it. > > 7. Now the real insidous part: I used the sw manager to remove the > KiCad and it worked. Ten minutes later I became root and tried to > install it again. It worked but the install was the same place as > before. I then removed it and went for another cafeene fix. It was > still removing files. What it was doing was doing was running rm -rf * > from / as root. All there disks about 1.5 T of file were gone. Nice > programming botch. > It tells you a lot lot about the lack of testing that has gone into > these systems. > Just think if you did this on cloud setup result, a clear blue sky. > > Fortunately we have several back ups. > > score: $4000 / 2 programs - 0 working system Not a costly as Cent8 > and non available RH. > Trashed DVD and removed. > > Conclusion: Systems using systemd are not able to be set up to do what > we need done. You basically have swaped "Bill" computer for "IBM's" > computer. You can't set /opt and /usr/local/bin to other disks. We > don't use LVM. I can only imagine the cost of running our 50 systems. > > We chucked Cent8, and Mint 20.1 DVD's, and reformated Flash drives. > > Next: Devian - a fork in Debian with out systemd is next. Std UNIX > flavor and then we will try BSD. > > If you look at Linux over the last 20 years it has gone no place. things > are still broken. Contributors have spent time working on eye candy, > hiding functionality and trying to make it like Windows 10 - another > convoluted disaster. It is "moron aware" sw. > > If Linux had any leadership group or company it could have been by now a > world class OS. the 20 years have been wasted, Windows 10 would never > have happened, you wouldn't have a zillion distrobutions that have the > same flaws. > > SystemD is a pleague that will kill linux. IBM will abandon the users > just as it did with the development of OS/2 and what MS did with windows > 3.0. Don't trust them. > > My Boss's words. Each keystroke or mouse click costs $, If you measure > the time it takes to find and run a task the new scheme is many times > more expensive than running an app with a 4 char. name. > > Sill in search of 6.5 replacement > > Larry Linder -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: scientific.org
To add. all official published results must be done using "official analysis", and for the purposes of this discussion, said "official analysis" often runs exclusively on RedHat-flavour linuxes. > > Most HEP (and sometimes other) "academic" collaborations have > collaboration agreements for all member institutions (or groups or ... > > That was my meaning of NDA. > That has nothing to do with Linux and Red Hat. I do not know why you bring it up. And you did not get it completely right, either. In Physics, we do not have to sign legal NDAs to participate in experiments and projects. It is basically an honor system, and everybody plays by the rules and/or breaks the rules per basic human nature. Books have been written about this stuff. K.O. On Fri, Mar 05, 2021 at 04:30:13PM -0800, Yasha Karant wrote: > Most HEP (and sometimes other) "academic" collaborations have > collaboration agreements for all member institutions (or groups or > individuals) that no work done by the collaboration may be published > or discussed without permission from the collaboration, typically a > set of PIs (often not a democratic vote -- one person whose name may > appear on the published papers or public presentations, one vote -- > but rather some of the "group leaders" or the like). These > limitations not only apply to announcement of research results, but > (often) deep details of the apparatus, that these days, can include > software, applications, and perhaps computer environments (e.g., > modifications to an OS, special OS drivers for specific hardware, > etc.). Once it has been decided that something can be released, > then it is -- equivalent to a NDA. Typically again under this sort > of NDA, all of these details may be revealed to the funding > agency/ies (those who "pay the bills") but the agency has agreed not > to release this in public. In the USA, save for classified > (weapons, clandestine services, etc.) material, those things > developed by Federal Government agencies are "public". > > That was my meaning of NDA. > > On 3/5/21 4:02 PM, Konstantin Olchanski wrote: > >>At some point ... > > > >Yasha you are writing some very strange stuff. > > > >>NDA collaboration contracts that exist for the various > >>CERN/Fermilab experiments ... > > > >if your NDA stands for "non-disclosure ...", then I must say that > >I do not believe there are any secret agreements between experiments > >and linux vendors. We do have NDAs with hardware vendors for > >access to secret documentation and secret firmware source code, > >but I never heard of any special agreements with any Linux vendors. > > > >if you know something we do not know, please tell us more. > > > >>... Your observations on RHEL indicate that except for those > >>who license RHEL for fee with an IBM RH support contract, RHEL is > >>not an viable stable long-term (nor immediate) alternative. > > > >I must put it on record that I did not say any such thing. > > > >I say: > > > >a) RHEL8 is here and you can use it free of charge (16 free subscriptions) > >b) you can upgrade your CentOS-8 machine to RHEL8 with minimum trouble (I > >posted instructions on this list here) > >c) Red Hat made a serious mistake back in December by announcing "the end of > >CentOS as we know it" without providing (a) and (b) ahead of time > >d) by not providing 32-bit x86 and 32-bit ARM versions of RHEL they are at a > >severe disadvantage in places like a typical Physics lab (CentOS used to > >provide both, but they killed it). > > > >So there. There is nothing wrong with RHEL8. If it works for you, use it! > > -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: scientific.org
> At some point ... Yasha you are writing some very strange stuff. > NDA collaboration contracts that exist for the various > CERN/Fermilab experiments ... if your NDA stands for "non-disclosure ...", then I must say that I do not believe there are any secret agreements between experiments and linux vendors. We do have NDAs with hardware vendors for access to secret documentation and secret firmware source code, but I never heard of any special agreements with any Linux vendors. if you know something we do not know, please tell us more. > ... Your observations on RHEL indicate that except for those > who license RHEL for fee with an IBM RH support contract, RHEL is > not an viable stable long-term (nor immediate) alternative. I must put it on record that I did not say any such thing. I say: a) RHEL8 is here and you can use it free of charge (16 free subscriptions) b) you can upgrade your CentOS-8 machine to RHEL8 with minimum trouble (I posted instructions on this list here) c) Red Hat made a serious mistake back in December by announcing "the end of CentOS as we know it" without providing (a) and (b) ahead of time d) by not providing 32-bit x86 and 32-bit ARM versions of RHEL they are at a severe disadvantage in places like a typical Physics lab (CentOS used to provide both, but they killed it). So there. There is nothing wrong with RHEL8. If it works for you, use it! -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: scientific.org
On Thu, Mar 04, 2021 at 06:27:07PM -0800, Yasha Karant wrote: > > Has anyone tried the Institute for Advanced Study Springdale (IAS) > EL 8 distro? > What for? I have my "16 free RHEL subscriptions" to run my 1 el8 machine for developing and supporting the MIDAS data acquisition package. As for everything else, at this very moment, I am: a) converting all our RaspberyPi and FPGA SoC machines (about 10 of them) from CentOS-7.3 to Raspbian (ARM Debian) b) converting our VME processors to Ubuntu and 32-bit Debian (and updating the VME kernel drivers to linux-5.8) c) telling everybody to install Ubuntu or wait for CERN ("We will keep you informed about any developments in this area during Q1 2021." with Q1 ending in 25 days or so). If RHEL8 (or clone) for 32-bit ARM and 32-bit x86 did exist... but... I think... The ship has sailed. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: not all ports detected on 7-port Sabrent usb hub
> > As for “$1 devices”, my Sabrent hub cost $36.99 before tax. I am curious > where one goes for a “real” hub (at least 7 ports) — although somehow I > have a hunch that there are many different definitions of “real” out > there. > I tend to go by manufacturer respectability rather than price. For network gear, joints like Juniper would be 1st tier, joints like ASUS and Linksys are maybe 2nd tier, stuff sold in London Drugs with "made in USA" label covering a "made in China" label convering a "make in Taiwan" label is 3rd tier. Have not looked at USB stuff recently, but same idea. > > # dmesg output # > [27424.944664] usb 5-1.3: new high-speed USB device number 24 using xhci_hcd > [27425.035451] usb 5-1.3: New USB device found, idVendor=0bda, > idProduct=5411, bcdDevice= 1.36 > [27425.035465] usb 5-1.3: Product: 4-Port USB 2.0 Hub > [27425.037951] hub 5-1.3:1.0: USB hub found > [27425.039281] hub 5-1.3:1.0: 4 ports detected > [27425.315678] usb 5-1.3.4: new high-speed USB device number 25 using xhci_hcd > [27425.416560] usb 5-1.3.4: New USB device found, idVendor=0bda, > idProduct=5411, bcdDevice= 1.36 > [27425.416574] usb 5-1.3.4: Product: 4-Port USB 2.0 Hub > [27425.418566] hub 5-1.3.4:1.0: USB hub found > [27425.419901] hub 5-1.3.4:1.0: 4 ports detected Looks like your device is 2 cascaded 4 port USB hubs. Only USB2 hub is detected, so possibilities: - the USB3 hub component is not supported - you are connected to a USB2 port in your computer - you have a USB2 cable between computer and hub USB idVendor 0BDA, idProduct 5411 is a Realtek RTS-5411 chip: https://urldefense.proofpoint.com/v2/url?u=https-3A__devicehunt.com_view_type_usb_vendor_0BDA_device_5411&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=9RT_QbE5MKyrbOu3FBU8XX_WGxM-cswGe02M-VBN0eo&s=O_-gbOH5EjVMaUHBPS8IdRgk608wYOy7h-cUTpCKxQ8&e= Data sheet: https://urldefense.proofpoint.com/v2/url?u=https-3A__datasheetspdf.com_pdf-2Dfile_1146777_Realtek_RTS5411_1&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=9RT_QbE5MKyrbOu3FBU8XX_WGxM-cswGe02M-VBN0eo&s=CBzYq4qVgEBTf5XOp2JAE2qcQOBDeH3AWDoaBJ3Y7sc&e= Per data sheet, is a 4 port USB2/USB3 hub (so 2x 4-port hubs detected by linux is correct). The best I can tell, linux drives it with the generic USB hub driver. So: a) all 7 ports should work (in USB2 mode, so plug a mouse or a keyboard to check) b) no idea why the USB3 component is not detected. most likely you are plugged into a USB2 port (or a USB3 port disabled in the BIOS, or blownup, etc) -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: not all ports detected on 7-port Sabrent usb hub
On Thu, Feb 11, 2021 at 04:17:46PM -0500, Stephen L. Talbott wrote: > > Is there an reason why a rather vanilla SL-7.9 system might report “4 > ports detected” on a new, Sabrent 7-port, powered USB 3.0 hub (HB-BUP7)? > Some of these usb switches have interesting internal structure (separate usb2 and usb3 hubs, two 4-port hubs cascaded from each other, etc) and the linux usb hub driver may be confused and fail to enable all the ports. You can see the bus structure that linux can see in the output of "lsusb" and in /sys/bus/usb/devices/. There may be some error messages in "dmesg" ("cannot enable port", etc). And possibility of defective device cannot be ruled out, these $1 products do not go through any QA. Also if you have reports of device "HB-BUP7" working for somebody, it means nothing. Makers of $1 USB devices are notorious for shipping completeley different devices (different chips, different linux drivers) under the same part number. Bait-and-switch in action. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: numfmt issue on SL 7.9; possible bug?
here goes, all on physical machines. sl6, macos: no numfmt, sorry ubuntu lts 20.04, centos-7, rhel-8 (ahem!): $ echo 0 | numfmt 0 perhaps your 80387 chip is faulty. (happened to us once on an R3000/R3010 SGI workstation) K.O. On Wed, Feb 10, 2021 at 06:17:26PM -0600, ~Stack~ wrote: > Greetings, > > Curious if anyone else can replicate this. I initially saw this in a > certain upstream vendor 7.9, but I'm having issues replicating it > and it's only in a certain environment (virtual and I've done > strange and awful things to that as I've been trying to understand > an unrelated project). However, I was trying to figure out if it was > other places as well. Sure enough, I can replicate it on every > single one of my SL 7.9 instances that I've tested. > > The short, numfmt should not return 'nan' when passed a zero. > > $ echo 0 | numfmt > nan > $ rpm -q coreutils > coreutils-8.22-24.el7_9.2.x86_64 > > If I try on any other distro (Ubuntu/Debian/CentOS 8), it returns 0 > as it should. > > $ echo 0 | numfmt > 0 > $ rpm -q coreutils > coreutils-8.30-8.el8.x86_64 > > I may not be able to replicate it as reliably as I would prefer on > upstream vendor, but every single SL 7.9 system I've tried has had > coreutils-8.22-24.el7_9.2.x86_64 and incorrectly returns 'nan'. > > I'm hoping the devs can confirm and/or offer suggestions. > > Thanks! > ~Stack~ -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: converting to RHEL8...
On Thu, Feb 04, 2021 at 10:07:43AM -0800, Konstantin Olchanski wrote: > > Here we go. Conversion from CentOS-8 to RHEL-8 in 5 easy steps. > > > > Instructions for converting CentOS to RHEL are posted here: > > https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_articles_2360841&d=DwIDAw&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=IBWdeVmMPbkgwCr8Ir6R307eFH3-2aZ9vYnQ7mEhhHM&s=Hhj0voUDSXlQKw63jIuVJYcerY5Bmru62tOJwbHKuMk&e= > > > > convert2rhel-0.15-1.el8.noarch.rpm from github is not signed > > To be continued... Updated version of convert2rhel is out. RPM still not signed. [root@daqlabpc ~]# rpm -vh --upgrade convert2rhel-0.16-1.el8.noarch.rpm ... [root@daqlabpc ~]# convert2rhel ... WARNING - By continuing you accept this EULA. Continue with the system conversion? [y/n]: y ... Running the 'rpm -Va' command which can take several minutes. ... ... ... (no kidding. but it is a slow computer) [02/07/2021 10:01:17] TASK - [Convert: List third-party packages] *** WARNING - Only packages signed by CentOS Linux are to be reinstalled. Red Hat support won't be provided for the following third party packages: certbot-1.11.0-1.el8.noarch Fedora Project@epel ganglia-3.7.2-33.el8.x86_64 Fedora Project@epel zfs-release-1-8.1.noarch N/A @@commandline ... Continue with the system conversion? [y/n]: y ... WARNING - The following packages will be removed... Package Vendor/Packager Repository --- --- -- centos-logos-80.5-2.el8.x86_64 CentOS Buildsys @AppStream centos-logos-httpd-80.5-2.el8.noarch CentOS Buildsys @AppStream rhn-client-tools-2.8.16-13.module_el8.1.0+211+ad6c0bc7.x86_64 CentOS Buildsys @AppStream python3-rhn-client-tools-2.8.16-13.module_el8.1.0+211+ad6c0bc7.x86_64 CentOS Buildsys @AppStream python3-rhnlib-2.8.6-8.module_el8.1.0+211+ad6c0bc7.noarch CentOS Buildsys @AppStream ... Continue with the system conversion? [y/n]: y ... [02/07/2021 10:04:34] TASK - [Convert: Subscription Manager - Download packages] Successfully downloaded the subscription-manager package. Successfully downloaded the subscription-manager-rhsm-certificates package. Successfully downloaded the python3-subscription-manager-rhsm package. Successfully downloaded the dnf-plugin-subscription-manager package. Successfully downloaded the python3-syspurpose package. ... [02/07/2021 10:04:49] TASK - [Convert: Subscription Manager - Replace] ** Removing non-RHEL subscription-manager packages. Upon continuing, we will uninstall the following subscription-manager pkgs: Package Vendor/Packager Repository --- --- -- dnf-plugin-subscription-manager-1.27.16-1.el8.x86_64 CentOS Buildsys @BaseOS python3-subscription-manager-rhsm-1.27.16-1.el8.x86_64 CentOS Buildsys @BaseOS subscription-manager-1.27.16-1.el8.x86_64CentOS Buildsys @BaseOS subscription-manager-rhsm-certificates-1.27.16-1.el8.x86_64 CentOS Buildsys @BaseOS Continue with the system conversion? [y/n]: y ... [02/07/2021 10:05:50] TASK - [Convert: Install RHEL certificates for RHSM] ** Installing RHEL certificate to the system. [02/07/2021 10:05:50] TASK - [Convert: Subscription Manager - Subscribe system] * Building subscription-manager command ... ... activation key not found, username and password required ... Username: hah...@hahaha.example.com (email address as usename will not work!) ... Password: letmein ... Registering system by running subscription-manager command ... Registering to: subscription.rhsm.redhat.com:443/subscription HTTP error (401 - Unauthorized): Invalid username or password. To create a login, please visit https://urldefense.proofpoint.com/v2/url?u=https-3A__www.redhat.com_wapps_ugc_register.html&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=rPpmkxaspgfc9oWErBJ6ENXC7F1bGr0WF49JwjMUCNg&s=CT3gIQCVO3HZE3pYHadDsBlSsh0IytjibeQ9PyxBbjY&e= ... Username: enter user name from "you are logged in as", no the email address ... Password: letmein ... Registering system by running subscription-manager command ... Registering to: subscription.rhsm.redhat.com:443/subscription The system has been registered with ID: ... The registered system name is: daqlabpc.triumf.ca ... Manua
Re: converting to RHEL8...
On Thu, Feb 04, 2021 at 01:59:08PM -0800, Yasha Karant wrote: > > Thus, it appears only an install from the web is available, not the > ability to create local images (e.g., on bootable optical media or > bootable USB flash drive). For reasons of both throughput > limitations as well as network interruptions, I prefer to do a > "fresh" install from local media. Is there a mechanism short of > duplicating an entire distro web site of producing such an image for > Springdale 8 EL? > Off-topic here. Please take it to the Springdale support forum. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: converting to RHEL8...
These instructions are insecure, set you up for a supply-chain attack: a) RPMs are loaded over plain "http" (no "https") b) RPM signature is not checked A more secure sequence would: - wget https://urldefense.proofpoint.com/v2/url?u=https-3A__somewhere_rpm-2Dsignature-2Dkey&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=OuX1i3RoFfYAZJrzTBCVE8ywgKYMw1puabTsB1I4ljM&e= - independantly verify this signature - rpm import it - rpm check signature before installing (or use yum, confirm package signature is enabled) K.O. On Thu, Feb 04, 2021 at 03:42:31PM -0600, Ching Him Leung wrote: > I have not tried RHEL yet, but I have some success converting from CentOS 8 > to Springdale 8 on a VM. Here are some instruction I found on rocky linux > forum > > dnf update -y > rpm -e --nodeps centos-backgrounds centos-indexhtml centos-gpg-keys > centos-linux-release centos-linux-repos centos-logos > rpm -ivh \ > > https://urldefense.proofpoint.com/v2/url?u=http-3A__springdale.princeton.edu_data_springdale_8_x86-5F64_os_BaseOS_Packages_springdale-2Dappstream-2D8-2D0.sdl8.2.noarch.rpm&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=3awxciVrCSZEziaUehriWnMttfwlCRKuMKjepx6bbz0&e= > \ > > https://urldefense.proofpoint.com/v2/url?u=http-3A__springdale.princeton.edu_data_springdale_8_x86-5F64_os_BaseOS_Packages_springdale-2Dcore-2D8-2D0.sdl8.2.noarch.rpm&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=xBX0ndIbr0GKnXILKqPO-qmzF3uRMRJoqW64SxEgvjE&e= > \ > > https://urldefense.proofpoint.com/v2/url?u=http-3A__springdale.princeton.edu_data_springdale_8_x86-5F64_os_BaseOS_Packages_springdale-2Drelease-2D8.3-2D0.42.el8.x86-5F64.rpm&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Bwvu8ORtdwu_qqgSySYBdSQ5VFU2sSZyj1XlHQ96Gz4&s=EB5q0Mf4XnrLhTF5rmgjfjnR71LWhzI4xDHIRPwvwx8&e= > > dnf distro-sync -y > > the distro-sync will reinstall every package > > Ching Him -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Pondering a switch to Debian
On Thu, Feb 04, 2021 at 10:56:39AM -0800, Patrick J. LoPresti wrote: > On Wed, Feb 3, 2021 at 4:58 PM Keith Lofstrom wrote: > > > > So - who else is contemplating a move to Debian? > > We will be following CERN and Fermilab's lead, whatever that is. > Same here. We build experiments that are located at CERN, and people who run these experiments are most comfortable if we use linux supported or at least approved/annointed by CERN. With the covid lockdown at CERN and everybody there working from home, my contacts do not have any insider information. I used ot have some contacts through ROOT, still watch that space and I see that ROOT have binary kits for every MacOS, for every Ubuntu, for recent Fedora, for CentOS-7, but NOT for CentOS-8. I think there is a message here. > > But the longer we go without knowing, the more uncomfortable we get. > Anybody have any inside information on their thinking? > We all know what happened last time this happened (RHL->RHEL kerfuffle). This time, I suspect that Red Hat did not see CERN, ATLAS, LHC experiments, US DOE Labs in their list of paying customers and went ahead without consulting with them. Me, I am not worried, between debian/ubuntu, "free" RHEL and upcoming CentOS reincarnations, our needs for open source operating systems are covered. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Pondering a switch to Debian
On Thu, Feb 04, 2021 at 09:45:03AM -0500, Lamar Owen wrote: > On 2/3/21 7:52 PM, Keith Lofstrom wrote: > >... I'm thinking about > >abandoning 25 years of Redhat experience and switching to > >Debian, while my aging brain can still handle change. > >... > >So - who else is contemplating a move to Debian? > > > [lowen] I am. > Lowen - thank you for your excellent write up. I am puzzled by a couple of things and I have a few comments: - you say good words about professionalism and make good noises about the high quality of Debian, but you do not elaborate why you think Ubuntu is lacking in this department. - you illustrate nicely the problem of linux - half the people worry about choosing the right linux for their personal laptop (to be groomed to perfection) and half the people need a linux to run 10-20 computers used by other people with requirements of minimum maintenance and maximum uptime. The same linux is not the right linux for both uses! - professionalism of Debian was recently put into the spotlight as they re-voted to re-confirm their commitment to systemd (the issue was that systemd prevented use of some other packages that some people felt they should have the freedom to use. they were voted down). check it out and make your own conclusions. - "feature parity" of all Linuxes is nicely illustrated. I think one would write pretty much the same report about migrating to BSD or MacOS - all opensource packages are available pretty much on all platforms, including Windows. > 4.) Speaking of Altera Quartus II version 13.0sp1 (NOT version > 13.1!) for MAX7000 CPLD and Cyclone II/IV/V FPGA development. The > simulation tools are substantially different between Quartus 9 and > 13.0sp1 for the MAX7000, and I have projects in both versions. This > was also a bit of a challenge, as I had to hand-build and install an > older version of libpng to get it to run. - yes, this is a battle. we have and we use Cyclone-1 FPGA boards, so running old versions of Quartus is a must. I am impressed that quartus 13.0sp1 can be made to run on current debian/ubuntu only "with little blood". Intel have now dropped support for even more FPGAs from the current quartus, so it looks like we will be battling this forever. (Our hardware guys are grumbling about switching to Xilinx, there is some unhappiness about Altera FPGAs...) -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: converting to RHEL8...
On Mon, Feb 01, 2021 at 12:26:00PM -0800, Konstantin Olchanski wrote: > > Here we go. Conversion from CentOS-8 to RHEL-8 in 5 easy steps. > > Instructions for converting CentOS to RHEL are posted here: > https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_articles_2360841&d=DwIDAw&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=IBWdeVmMPbkgwCr8Ir6R307eFH3-2aZ9vYnQ7mEhhHM&s=Hhj0voUDSXlQKw63jIuVJYcerY5Bmru62tOJwbHKuMk&e= > > convert2rhel-0.15-1.el8.noarch.rpm from github is not signed > To be continued... [root@daqlabpc ~]# rpm -vh --install convert2rhel-0.15-1.el8.noarch.rpm error: Failed dependencies: dnf-utils is needed by convert2rhel-0.15-1.el8.noarch python3-pexpect is needed by convert2rhel-0.15-1.el8.noarch [root@daqlabpc ~]# [root@daqlabpc ~]# yum install dnf-utils python3-pexpect [root@daqlabpc ~]# rpm -vh --install convert2rhel-0.15-1.el8.noarch.rpm [root@daqlabpc ~]# convert2rhel --disable-submgr --enablerepo --enablerepo --debug I do not know what REHEL_RepoID1 and ID2 are supposed to be. I do not have any Red Hat repos in my /etc/yum.repos.d, I only have CentOS, epel, etc. Dead end? Let's try to use the subscription manager... [root@daqlabpc ~]# convert2rhel --debug ... WARNING - By continuing you accept this EULA. Continue with the system conversion? [y/n]: y ... WARNING - The following packages will be removed... PackagePackager Repository --- -- centos-logos-80.5-2.el8.x86_64 CentOS Buildsys @AppStream centos-logos-httpd-80.5-2.el8.noarch CentOS Buildsys @AppStream centos-linux-release-8.3-1.2011.el8.noarch CentOS Buildsys @BaseOS centos-linux-repos-8-2.el8.noarch CentOS Buildsys @BaseOS rhn-client-tools-2.8.16-13.module_el8.1.0+211+ad6c0bc7.x86_64 CentOS Buildsys @AppStream python3-rhn-client-tools-2.8.16-13.module_el8.1.0+211+ad6c0bc7.x86_64 CentOS Buildsys @AppStream python3-rhnlib-2.8.6-8.module_el8.1.0+211+ad6c0bc7.noarch CentOS Buildsys @AppStream Continue with the system conversion? [y/n]: y ... WARNING - Only packages signed by CentOS Linux are to be reinstalled. Red Hat support won't be provided for the following third party packages: Package Packager Repository --- -- certbot-1.11.0-1.el8.noarch Fedora Project@epel convert2rhel-0.15-1.el8.noarch N/A @System ganglia-3.7.2-33.el8.x86_64 Fedora Project@epel google-chrome-stable-88.0.4324.146-1.x86_64 Chrome Linux Team @google-chrome-64 zfs-release-1-8.1.noarch N/A @@commandline ... and more Continue with the system conversion? [y/n]: y ... [02/04/2021 09:56:06] TASK - [Convert: Subscription Manager - Install] ** [02/04/2021 09:56:06] CRITICAL - The /usr/share/convert2rhel/subscription-manager directory does not exist or is empty. Using the subscription-manager is not documented yet. Please use the --disable-submgr option. Read more about the tool usage in the article https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_articles_2360841&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=iel0E8JL_svyu_6W2ZUso-H4dxqnH78q5ZLs2Y3GXAU&s=juJeIzssALq8uliLKAAoGsvuo4IptowyO_g8EO7iuq4&e= . Dead end? In the comments section of https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_articles_2360841&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=iel0E8JL_svyu_6W2ZUso-H4dxqnH78q5ZLs2Y3GXAU&s=juJeIzssALq8uliLKAAoGsvuo4IptowyO_g8EO7iuq4&e= there is some information on what to do next, with dates 1-3 Feb 2021 (i.e. fresh just now) and promises from a Red Hat person about "We are working on changes that will not require you to pre-download any package except convert2rhel." So dead end for now, until Red Hat update the instructions. To be continued...? -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: converting to RHEL8...
On Thu, Feb 04, 2021 at 02:24:57AM -0500, Nico Kadel-Garcia wrote: > > > Here we go. Conversion from CentOS-8 to RHEL-8 in 5 easy steps. > > Identically named RPM's do not necessarily have identical contents. To > do a really *thorough* switch, you need to reinstall *everything*. > So you recommend as last step of conversion to run this: foreach $rpm { yum reinstall $rpm } I suspect this is unnecessary, but you are right, one will have a mongrel system unless it is done. But do you know of any case where it makes a practical difference? Even way back when? > > I used to publish scripts for this, for switching from RHEL to CentOS to > Scientific Linux and other combinations. > Time to dust them off, I guess. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Pondering a switch to Debian
On Wed, Feb 03, 2021 at 04:52:54PM -0800, Keith Lofstrom wrote: > > So - who else is contemplating a move to Debian? > Count me in. All ARM stuff is already Debian (Ubuntu/Raspbian/Raspios). Tomorrow, I am converting my 3 ARM machines running CentOS-7 to Raspios, next day, I am converting my 8 or so 32-bit-only VME processors from SL6 to Debian (32-bit). If we could run RedHat-flavour stuff on all our hardware, there could be a question. But running Debian-flavour stuff on everything and RedHat-flavour only on x64_64? > > I very much hope to stay connected to the "scientific" > aspect of our community. Making big changes together > with other science computationalists would be easier. > I figure we stick together on this mailing list here. > > Easier still would be staying with an RPM distro, IF ... > ... if they did not mess with RPM (yum replaced with dnf) and made it easier to build RPM packages. For installing cross-platform scripts, I am switching from RPM to "git clone; make install (installs to /opt)". -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
converting to RHEL8...
Welcome to my "convert to RHEL8" blog. As you might know, I have been running Red Hat, SL and CentOS machines for about 25 years now. Lacking SL-8, latest incarnation of this series is CentOS-8 and now powers-that-be instruct us to use RHEL-8 instead. So, Here we go. Conversion from CentOS-8 to RHEL-8 in 5 easy steps. Main announcement of "16 free RHEL subscriptions" per "developer": https://urldefense.proofpoint.com/v2/url?u=https-3A__www.redhat.com_en_blog_new-2Dyear-2Dnew-2Dred-2Dhat-2Denterprise-2Dlinux-2Dprograms-2Deasier-2Dways-2Daccess-2Drhel-3Fsource-3Dblogchannel-26channel-3Dblog_channel_red-2Dhat-2Denterprise-2Dlinux&d=DwIDAw&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=IBWdeVmMPbkgwCr8Ir6R307eFH3-2aZ9vYnQ7mEhhHM&s=Nr6cQ40qpd7tUZVaiCs5XQ0MyOB6xi3VeKjzLmSVuYQ&e= I do have a RedHat developer account. A few weeks ago, there was nothing there, as of a few days ago, there is a "1 active subscriptions" page, as of today, there is a "using 0 out of 16 entitlements" page. (I do not see any email notices about all this activity and I do not see any blog messages about this. So communications can be improved). I also see a link to download RHEL8 ISO and DVD images, I did not try it yet. So far so good. BTW, when logging into the RedHat developer account, there is a number of click-through agreements to "agree" with. Read them. If you do not like them, tough! Instructions for converting CentOS to RHEL are posted here: https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_articles_2360841&d=DwIDAw&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=IBWdeVmMPbkgwCr8Ir6R307eFH3-2aZ9vYnQ7mEhhHM&s=Hhj0voUDSXlQKw63jIuVJYcerY5Bmru62tOJwbHKuMk&e= They start with "hire Red Hat to do the job" (fair is fair, nothing better than expert help!), and move to the Convert2RHEL tool. This tool, at https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_oamg_convert2rhel_&d=DwIDAw&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=IBWdeVmMPbkgwCr8Ir6R307eFH3-2aZ9vYnQ7mEhhHM&s=abbG4Y8cEtfUdozsmDGSszrCG5MueYPy9xL-1FiW348&e= , does not appear to be an official Red Hat or CentOS product and I see only one author/maintainer listed, from Vsetín/Czech Republic. A tool directly developed and maintained by RedHat/CentOS would have been much preferred, especially by those worrying about "supply-chain" integrity. convert2rhel-0.15-1.el8.noarch.rpm from github is not signed, not even by the author, so the chain of trust going from "everything signed by centos" to "everything is signed by redhat" is not preserved. The possibility of downloading and running a trojaned conversion script is not eliminated. Next, I see this: "Known issues: UEFI-based systems cannot currently be converted to RHEL. (BZ#1899314)", I am not sure if my CentOS-8 test system uses UEFI or Legacy boot, but I am not worries about this, fixing "broken grub" boot problems is routine. As likely as not I will replace the grub2 boot loader with syslinux, which is much more stable and also easy to debug. Next, I do not see in the instructions the step for obtaining and installing a Red Hat subscription activation key. I assume I get the activation key somewhere in my Red Hat developer account, but I did not find the button to do this yet, and I do not know what to do with the activation key anyway. To be continued... -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: sudo fix for SL6
On Thu, Jan 28, 2021 at 11:28:04AM +, Rhys Morris wrote: > ... from the official sudo webpage Ok, looks like this is it. from sudo.sw, version 1.9.5p2 fixes CVE-2021-3156, download the el6 rpm file, install, looks okey. both 64-bit and 32-bit RPMs are available. [root@ladd00 ~]# rpm --upgrade -vh /daq/daqstore/olchansk/linux/SL/sudo-1.9.5-3.el6.x86_64.rpm [root@ladd00 ~]# sudo -V Sudo version 1.9.5p2 -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
sudo fix for SL6
sudo is broken, CVE-2021-3156. Fixed packages are out for el7, el8, ubuntu. There is a fixed package for RHEL6, sudo-1.8.6p3-29.el6_10.4.x86_64.rpm, see https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_errata_RHSA-2D2021-3A0227&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=DdnVo6dknCRTqounMfG7Q82qFx2i7ANhA2ba5RkXC4g&s=R-6UJIwBbW5KnUMkSLmGuGA03CoQQ0nkVLXkC2ogupA&e= Now, any chance of fixed package for SL6? (just checked, no fix in CERN SLC6, no fix in EPEL). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Rhel 8
On Mon, Jan 25, 2021 at 11:31:08PM +, Miles ONeal wrote: > > | For me, the issues are not policital, but technical: > > Agreed. One of mine is that the surety of being able to drop a lower runlevel > and back up is gone. ... > If you ask me, systemd was designed and built to solve one and only one problem, boot it's author's personal 1 core 300 MHz laptop as fast as possible. Today, with 4 core 3000 MHz laptops and 16 core 4000 MHz "servers", many features of systemd look quaint. ("waiting for USB devices to settle", really?). Benchmarks that report "old" and "slow" SysV initscripts boot as fast as systemd tend to support this viewpoint. Each time I look at the systemd boot sequence trace, I see things like "waiting 10 sec for disks that are not needed for booting" and "waiting 10 sec for network not needed for booting". If unlucky, also see "waiting forever for disk that failed and was removed" (hello, booting from degraded btrfs raid array). How this stuff got into "E" linux and why paying customers put up with this, is a mystery to me. Perhaps said paying customers "never reboot" and never see systemd shortcomings (and get no benefit from "systemd fast booting"). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Rhel 8
On Sat, Jan 23, 2021 at 06:41:39PM -0600, ~Stack~ wrote: > > TL;DR synopsis. > Mr. Stack, Sir! Thank you for writing up this historical overview, I read it with great enjoyment. Of course I have a few comments. > It's just a tool. I feel blindsided by this systemd business. I cut my teeth starting with SGI IRIX circa 1992, and I am well aware of the shortcomings of SysV init scripts. I am also well aware and I celebrate it's main feature. Any and all problems I ran into could be fixed in a couple of hours using "vi". (hack the bad script until it works). So years later, "upstart", etc start showing up and I thought "whatever...", it cannot be worse than SysV scripts. And sure enough. (SL4, SL5, SL6 era). Then I read in the news this whole "systemd kerfuffle", and I think, "whatever...", it cannot be that bad, if it is good enough for Red Hat *Enterprise* Linux, should be good enough for me. Must be a tempest in a tea pot, another vi/emacs holy war, for sure they will fix all the bugs by the time I see it. Then it shows up in all it's glory in SL7, and? With my eyes I see that, yes, it is as bad as the worst naysayers have proclaimed. For me, the issues are not policital, but technical: - cannot ask "what order will you start things on boot?" - does not start things on boot in the order I specified in the service files - designed-in chicken-and-egg problem with systemd and dbus each starting first and registering with each other - documentation is for latest version, but my computer has version N-5, half of advertised functions are absent - the infamous bug report about systemd rejecting valid user names (in the nutshell, systemd author decreed "I decide what usernames are valid" and closed the bug) - broken-out-of-the-box, "shutdown -r now" does not shutdown "NOW!!!". Tries to logout interactive users, unmount NFS filesystems (after shutting down the network), waits until programs users run in background terminate). By this list, clearly, basic debugging and basic system operational needs are not important to the systemd designers and developers. And I guess it is all my fault, I should have rooted for the right team back in 2002 (or whenever) on the Fedora and Debian mailing lists. Instead, I was asleep at the switch, being a happy user of SL4/5/6. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: [EXTERNAL] Re: arstechnica: "CentOS is gone-but RHEL is now free for up to 16 production servers"
On Thu, Jan 21, 2021 at 07:04:14PM +, Queen, Steven Z. (GSFC-5910) wrote: > > Appropriately, it was IBM that invented FUD as a sales-technique in the first > place. > Alarming that IBM FUD is working against IBM. Decline of the mighty. Boeing airplanes only fly down, NASA rockets cannot go to the Moon, etc. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: arstechnica: "CentOS is gone—but RHEL is now free for up to 16 production servers"
> From the Arstechnica URL: > https://urldefense.proofpoint.com/v2/url?u=https-3A__arstechnica.com_gadgets_2021_01_centos-2Dis-2Dgone-2Dbut-2Drhel-2Dis-2Dnow-2Dfree-2Dfor-2Dup-2Dto-2D16-2Dproduction-2Dservers_&d=DwIDaQ&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=5UNRADR6PpQVqP97Jl4VT9V4oTZCHRSZp5Php98SpHI&s=HmS-gVxXfw2RalHvyfiHtb9c1M1J1HQ20J613PRjRDE&e= Me, waiting for the dust to settle, still too much BS and FUD flying around right now: - articles titled "rhel is now free" with small print "... starting in february..." - cost of managing licences counted under "free" - artificial limits of 16 systems (what if I need 17 for a couple of days?) - red hat reported as officially stating "[this] ... isn't a fly-by-night ... program" (echoes of Mr.Nixon famously saying "I am not a crook") - false dichotomies of individual vs team users, development vs production systems - "free this year", next year, a maybe. I think I will convert my one Centos-8 machine to the "starting in february" free rhel license, just to experience the "new and improved". P.S. And what about CentOS/RHEL on ARM? Today, we run CentOS-7 on ARM just fine, but going forward? Does somebody expect us to run ARM with Raspbian/Debian/Ubuntu, but stick with RHEL on x86? Really? In our detector lab, ARM machines just about outnumber x86 machines. The direction that is going, maybe red hat got it right and the "16 systems" limit will be a non-issue. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Way Off Topic - HEP Network Symphony Orchestra
On Tue, Dec 22, 2020 at 04:24:33PM -0800, Keith Lofstrom wrote: > > There are probably more symphony fans than high energy > physics fans (many physicists are both) ... > Hmm... I am not a fan. I am a blower of flutes and whistles! -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Update from Rocky EL
Rumination time, I jump in. > >Why did monolithic kernel Linux, based primarily upon the > >non-production-environment OS Minix from Tanenbaum used as an > >implemented example for teaching OS at the undergraduate level, > >achieve sector dominance over micro-kernel BSD-derivatives? ... Linux killed everybody with superiour performance, for every competitor, both microbenchmarks and real-use performance of the Linux kernel were/are measurably better. > [what happened to BSD & derivatives?] > ... it boils down to a great deal of uncertainty around BSDI, > UCB's CSRG, Bill Jolitz, and 386BSD, all of which descended from > the Unix codebase ... The USL-BSD lawsuit came just at the right moment to cut the BSD movement down at the knees. By the time the dust settled and BSDs were running on PC hardware, Linux was already established. correlate the timelines of lawsuit against Linux and BSD timeline: https://urldefense.proofpoint.com/v2/url?u=https-3A__en.wikipedia.org_wiki_UNIX-5FSystem-5FLaboratories-2C-5FInc.-5Fv.-5FBerkeley-5FSoftware-5FDesign-2C-5FInc&d=DwIDAw&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=47s95Ne0aOss4Lm0rou8QPxpzTQCi3wXRAuoDuFUQCk&s=RFr_K56_2XQYOg5Dxhg6Opq3kewSaB-o7k4ldfvsSwk&e= . > Linux is greenfield I tend to think that was the key. Linux always had the advantage over BSD in three areas (if you studied, programmed and used both, you already know this): - better TCP/IP stack in Linux - better virtual memory system in Linux - better filesystems in Linux In all three, Linux had the "green field" advantage, plus the incentive to beat competitors (at the time, BSD UNIX, SGI/IBM/DEC/SUN Unix derivatives). In the TCP/IP stack, Linux people implemented zero-copy transfers and support for hardware-acceleration pretty much right away. In the VM system they figured out just the right balance between application memory, kernel memory and filesystem caches, compared to BSD "active/inactive" (and nothing else). In filesystems, Linux was the first to solve the problem of "no corruption, no need for fsck" after unexpected system reboot (i.e. on crash or power loss). (with ext3/ext4). (ok, maybe SGI was there first for the rich people, with XFS, but look what happened, XFS is now a mainstrean Linux filesystem). > > Although, re-think your statement; Darwin with the macOS skin on it > has a great deal more marketshare than Linux. In many ways the > BSD-system-layered-on-a-microkernelish core did win; just not the > hearts of developers. > I would say, MacOS "won" not because but despite it's BSD foundations. If you look behind the curtain (heck, if you look *at* the curtain), you will see a BSD-ish kernel firmly stuck in the 1990-ies. No semtimedop() syscall, incomplete pthreads (no recursive locks), no /dev/shm (no command line tool to see and control POSIX shared memory). The only visible kernel level innovation are the "never corrupts" filesystem (mostly due to "never crashes" hardware, I suspect) and improved VM (encrypted *and* in-memory compressed, impressive!). Anyhow, today, MacOS wins at ping-pong while the game is hockey, if Apple still built hardware for serious computing, for sure the MacOS BSD "win" would count. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Springdale Linux
On Mon, Dec 14, 2020 at 01:27:31PM -0800, Yasha Karant wrote: > >> > >>>and ... CentOS RPMs are not 100% safe ... > > > >This is a very unexpected statement. I feel it should not be passed > >unquestioned. > > To followup on myself. Need a definition of "unsafe". Must make a distinction between "centos is unsafe" vs "redhat is unsafe" vs "linux is unsafe" vs "any use of computer is unsafe". ("safe as certified by recognized authority" need not apply, cars and airplanes are certified for safety, but still crash). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL7 with security and bug fixes forever - how much work?
On Mon, Dec 14, 2020 at 12:54:27PM -0800, Yasha Karant wrote: > ... Out of curiosity, how similar are the Apple Mac ARM CPUs to the CPU used > in > the Fujitsu Fugaku HPC machine (A64FX 48C 2.2GHz)? Hard to tell. (easy to tell, "just read the specs") The Intel "magic souce" was always the "cache + memory controller" combo that consistently runs a few cycles faster compared to competition (IBM, SGI, AMD, Altera, Xilinx, etc), and people see this difference in real-world applications. How good is the generic ARM cache and memory controller and the Apple cache and memory controller, and in real world applications, remains to be seen. As of a few years ago (1 GHz era), ARM chips built for embedded use had pretty slow memory (i.e. single channel vs Intel dual/quad channel, DDR3-1066 vs DDR4-3200, that kind of slow). Today's ARM? I guess I should run my memory benchmarks on my RPi3/RPi4 boards and on the latest Xilinx ARM board we have in the lab... And then there are the "performance/$$$", "performance/watt" and "performance/kg" metrics. ARM always did well in "performance/watt", meaning that you can cram more of them in the same cooling-limited volume, yielding good "performance/m^3", important for building supercomputers. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Springdale Linux
> > > and ... CentOS RPMs are not 100% safe ... > This is a very unexpected statement. I feel it should not be passed unquestioned. Is there any meat there or it's just a general statement on the security of the CentOS build process vs the security of the Red Hat build process vs the security of the Princeton build process? (including signatures of source code, signatures of binary packages, security of the mirror network, etc). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL7 with security and bug fixes forever - how much work?
> > > ... Apple is leaving the X86-64 platform for an ARM platform. ... > > The recent releases of macOS went 64-bit only ... > ... transitioned from PPC to x86. > ... cut out a lot of old software > I have one leg in the MacOS world and I went through both transitions, PPC to Intel and 32-bit to "64-bit only". I remember both were pretty much no-events. Ran "fink update", "ports update", and all the linux-side software was good. Joints like VLC, Firefox, Google-chrome, issued updated packages quickly. Commercial things like the "amazing slow downer", I remember paying for an updated license (an app well worth the money, recommended. but very specialized of course). Moving our linux work from x86 to ARM is similarly a non-event, except for the need to cross-compile for some non-self-hosting embedded machines. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL7 with security and bug fixes forever - how much work?
On Mon, Dec 14, 2020 at 02:36:20PM -0500, Serguei Mokhov wrote: > > > > I have done this in the past with mixed success, typical problems > > include "cmake is too old", "autoconf/autotools are too old". > > Having run into this at a smaller scale for one of the projects I ended up > using > devtoolset-6 (and -7 as appropriate) that ships all this stuff such as > newer GCC, > GLIBC, etc. > Yes, devtoolset is the advertised solution. I bought into it myself, and then got burned after discovering that is it is missing one critical 32-bit shared library and it cannot be used to cross-compile 32-bit executables, a "must have" for a couple of experiments that use hardware with 600-1200 MHz Pentium-3 processors. (replacement hardware is in the USD$5000 price ranges, quantity "to be upgraded" is around 10, none of this has been budgeted and 64-bit upgrade is not needed for the function they perform). Anyhow, is there commitment to devtoolset updates to c++17, c++20, c++21, etc? For our MIDAS Data Acquisition package, we just started using c++11 recently, and already we desire to use c++14 and c++17 features. (cannot, because of el7). Then, there is the question whether SL7 "upgraded to latest versions of everything" is still SL7. ("grand father's axe", etc). For a purist, SL7 is something installed from an official installer image, adding packages from EPEL and ELREPO starts pushing it. SL7 with custom-built linux kernel, glibc, sshd, httpd, kde, php100 and python3000 is probably not SL7 anymore. The label "SL7" is only useful if it refers to something well defined. If every instance of SL7 has a different linux kernel, different versions of devtoolset, different cmake, different python, etc, I would say SL7 no longer exists. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL7 with security and bug fixes forever - how much work?
On Sun, Dec 13, 2020 at 05:36:30PM -0800, Keith Lofstrom wrote: > New distro releases imply: > > 1) security fixes, > 2) bug fixes, > 3) new hardware drivers, > 4) new applications, > 5) and changed behavior (ie, Gnome2 to Gnome3). > (the list is probably not complete) > I think "SL7 forever" is a good idea. I think "SL6 forever" is not practical due to lack of c++11, and el7 will run into same problem eventually (c++14, c++20, etc). I think in practice, one would want to retrofit el7 machines to the current-release linux kernel. This is not difficult to do, as linux kernel backward compatibility is exemplary. elrepo already provides the required kernel packages, and it is easy to retrofit them into the el7 installer image. (ask me). If you go this route, items (3) is fully covered, items (1) and (2) are covered for kernel security and bugs. For application side security, you need to scan all open network ports, and ensure all applications that talk on that port are covered for security and bug fixes. A partial list would include sshd, httpd, email server, dhcp client, ntp client, nfs client and server (userland components), and this brings us to items (4) and (5). For items (4) and (5), one has to take the current source code of the applications (and critical system services like httpd), and "back port" them to el7. I have done this in the past with mixed success, typical problems include "cmake is too old", "autoconf/autotools are too old". Each "xxx too old" problem is solved by rebuilding "xxx" from current sources, this usually creates a few more "xxx is too old" dependancies. By the time you run into "glibc is too old" and "gcc is too old", it is time to give up. (notice how there is no KDE5 for el7!). All these problems are already solved by "ports" and "homebrew" in the Mac world, where these tools bring the latest versions of linux software to run on the antique bsd-ish operating system hidden behind the glamour/glitter of MacOS. As summary, "SL7 is forever" is possible: a) retrofit current production release linux kernels (i.e. from elrepo, or build from source) b) retrofit the "ports" or "homebrew" system from the Mac world. How much work it takes? Ask elrepo people (linux kernel) and homebrew people. P.S. RedHat already do "b" with their "software collections", minus the "re-build from source" part. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Rocky Linux
On Thu, Dec 10, 2020 at 12:19:11PM -0500, Larry Linder wrote: > > I would never consider using a volunteer OS for operation of a real > world money making endever. > > Nice to play with but most are short lived and longterm support is non > existent. They also don't take constructive critisim well. > Every good rule is proven by exceptions. Slackware and Knoppix. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Dose any of this surprize you.
On Wed, Dec 09, 2020 at 10:25:36AM -0500, Larry Linder wrote: > > Everytime I am forced to use Windows 10 my neurons rebel at the moron > aware SW. > I am sorry you are in the position where you are forced to use Windows, I feel lucky that I can "just say no!". > > As the supporters of GNU retire and die off - the new generation has no > desire to stay the course. > This works both ways. I used to think Richard Stallman was a cook and a crank. Today I see his apocalyptic predictions for evils of "unfree" software come true (and then some) in the cell phone universe. If we live through covid, I may yet become an FSF card carrying member! (Likely with the Torvaldskist schismatic branchnicks who refuse to say "GNU/Linux"). > > The bright side is that there is no automatic self destruct mechanism in > Linux so even when the official support is ended we can still user what > we have but not be able to upgrade our applications. > So true, if not for C++11, I would say "SL6 forever!". > > ... the cost of just dumping 50 systems and install new OS's and > applications is beyond our budget. ... > Even for people with deep pockets, administrative, logistics, downtime and man power costs make it impractical, except for "once every 5-10 years". People who just invested in a migration to el8 to be told now that they have to migrate again next year must be severely unhappy right now. I cannot fathom how Red Hat did not "ask around" before going public with their decision. (unless the decision was forced on them externally). > > So the sword had many sharp edges. > Well, it is the dull sword that is most dangerous (to the user). Join your local Iaido club and find out for yourself. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: CentOS 8 EOL; CentOS Stream?
> > Very curious how CERN and Fermilab will respond to this. > I guess that CERN was caught red-handed as well. (wrong metaphor? you wanted "with pants down" or "off guard" or something like that? there is no evidence that CERN was "in" on this change, yes?) > They have already started to port their internal systems to CentOS8 according > to the > recent site report at HEPiX: > https://indico.cern.ch/event/898285/contributions/4015535/attachments/2120621/3569557/CERN_Site_Report_-_HEPiX_Autumn_2020_v2.pdf As one may remember, CERN Linux, SL and CentOS only exist because CERN could not agree with Red Hat on the licensing scheme for LHC-scale computing. (I guess, at the LHC scale, even small numbers like $1/license become unworkable). BTW, in other news, I see the CentOS wiki was changed to read "CentOS-8 full updates and Maintenance Updates" from "May 2024 and May 2029" to "December 2021 and December 31, 2021", see https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.centos.org_action_recall_About_Product&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=m57TS8KUJogsGkZGVKvoL8D7gIzlEIxZsrqSEhDOgqk&s=eQQfaXijQiDmBJz_iRNxOctSQXnzptQdtMj7Xk8N340&e= and https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.centos.org_action_recall_About_Product-3Faction-3Drecall-26rev-3D122&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=m57TS8KUJogsGkZGVKvoL8D7gIzlEIxZsrqSEhDOgqk&s=Hgd0S_7BGuuCKHIfyfpJaucFixwNwISvlHKpHhHwg4E&e= -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: CentOS 8 EOL; CentOS Stream?
On Tue, Dec 08, 2020 at 04:39:32PM -0800, Patrick J. LoPresti wrote: > > It has been almost exactly seven years since Red Hat bought CentOS > The way I remember it, RedHat approached CentOS lead developers and made them an offer they could not refuse. > > Very curious how CERN and Fermilab will respond to this. > Nothing from CERN yet. But to sense where the wind is blowing, note how ROOT still do not provide a binary kit for CentOS-8. https://root.cern/releases/release-62206/ Our experiment at CERN (ALPHA anti-hydrogen trapping and spectroscopy) uses CentOS-7 and we are in discussions over upgrading to CentOS-8 or Ubuntu LTS 20.04. All our RaspberyPi machines will probably become converted from CentOS-7 to Raspbian (Ubuntu/Debian). For DAQ and analysis machines, there is a preference for CentOS-8, but if we they tell us now that CentOS-8 is a dead end and in 1 year will will have to upgrade *again*, Ubuntu may become the preferred solution. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Retiring SL 6.10
Hi, Larry, thank you for the wonderful overview of things on the industrial side. On the experimental physics side, things are very similar, except that our typical experiment life time is only 3-5-10 years and people turn-over drives software turn-over. New people want new c++, new python, etc. > We do not plan to re-evaluate RH 8 or Cent 8. Our conclusion is they > are not acceptable for plant wide use. A sad end to a good product. Others seem to have come to same conclusions. The ARM world (Raspbian, etc), Xilinx (FPGA ARM, rolled their own), etc. Cannot name a single embedded operation that stayed with Redhat/Centos. > Continuing to evaluate linux versions as possible OS's to jump to. The > only one we have see so far is the chineese linux - it works wonderful > and the desk top is direct and to the point. I am not surprised, as chineese linux (and russian linux) are driven by industrial users (civil more than military I would say). Everything must be open-source - open for review in fear of backdoors and boobytraps. Plus I would say in those no-nonsense do-more-with-less industrial cultures, things like "we start things randomly" systemd and "you must have top-of-the-line 3D accelerator" gnome do not last long. K.O. On Tue, Dec 01, 2020 at 10:00:20AM -0500, Larry Linder wrote: > In the commercial world we have to support our customers for 20 + years. > If you want to stay in business. Machines are typically run to wear > out. > > We install VMWare and load the OS's we need under it. Dos to windows 10 > and several Linux systems. The only thing we use of the host OS is the > file system and its security. > > We avoid the DUMB convoluted desk tops and use what is necessary to > support our customers. > > With processor power ever increasing and disk space headed to penneys / > giga byte. It a way to insulate your self from some terrible mistakes > by well meaning people who make decisions on eye candy alone and have > obviously never used or managed systems. > > An example is to count mouse click and key strokes to get thing done. > > Anyone heard of motion related injuries? > > We do not plan to re-evaluate RH 8 or Cent 8. Our conclusion is they > are not acceptable for plant wide use. A sad end to a good product. > > Continuing to evaluate linux versions as possible OS's to jump to. The > only one we have see so far is the chineese linux - it works wonderful > and the desk top is direct and to the point. However we cannot use an > imported OS due to some of our business being military related. > > The solution for people who need Fortran or other out of date > compilers / debuggers - Load a current OS, install VMWare, load the OS > you need under VMware, and use it. Our subscription to VMWare > workstation is 168 $ . You don't need it for everyone but its a good > solution for others. Another + is you avoid the obsolete lib errors. > You avoid the goofy Gnome desk top as you can set up your box to boot > and run VMware and all you do is point and click on the OS you need to > run. All your data and disk files reside on the hosts file system so > system back up is still used. That is what we do to ovoid * - 8 OS's. > As long as they don't louse up the file system this is a good way to > work. > > My two cents worth. > Larry Linder -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: cernlib on SL7 ?
On Sat, Nov 21, 2020 at 11:53:06PM +0900, Takashi Ichihara wrote: > > Is there any porting of cernlib to SL7 (RHEL7) ? > The big problem is removal of the "g77" Fortran compiler from GCC (maintainer retired). It's supposed replacement, "gfortran", was originally written to the Fortran-90 specs and did not know anything about Fortran-4, Fortran-77, VAX and IBM extensions, and could not compile most HEP-style Fortran codes. (the goals and targets of gfortran have changed since then, but I doubt they include "must compile cernlib!"). If you must run cernlib codes, I think simplest is to cross-compile them - run SL4 or SL5 (whatever was the last one to have g77) in a VM, build your code as a statically linked executable (so it does not depend on any shared libraries) - copy to your real computer and run there. A statically linked executable will usually run on any version of SL or Ubuntu or ... , as it does not care about shared libraries. But also look at the ROOT distribution - they include something called "minicern" in misc/minicern/src - maybe it is enough for what you need? My general advice on this topic was always - learn C++ and ROOT - as all knowledge of things Fortran is fading away as people retire and/or move on. Most of the stuff that made cernlib so useful have now been migrated into ROOT, minuit, geant3, you name it. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL 6
On Sat, Oct 17, 2020 at 12:39:13AM -0400, Nico Kadel-Garcia wrote: > > > > If you know the magic incantation to boot old SL/RHEL images (tarballs or > > rsync's) > > in a container on RHEL 7 or 8 or on Ubuntu LTS 20.04, or if you can point > > me to such incantations, > > I would greatly appreciate it! > > The "incantation" sepends, once again, on your specific needs. > So you do not know the incantations, either. bummer. To remember the problem: I have SL4, SL5, etc images (tarballs of the original machines), how do I run them on RHEL-7/RHEL-8/Ubuntu-LTS-20, in a VM, in a container, by hook or crook. (Assume I know how to untar a tarball). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: [SCIENTIFIC-LINUX-USERS] RedHat have broken Grub again
On Fri, Oct 16, 2020 at 09:09:47PM +, Jose Marques wrote: > > On 16 Oct 2020, at 22:06, Jon Pruente wrote: > > That article is from July. It's been fixed. Is there another issue you are > > having? That's right. Old news. Red Hat broke the bootloader way back when by switching to grub and later switching to grub2. grub2 "is good" only for people who never worked with other boot loaders (syslinux/pxelinux, uboot, etc). On modern machines, UEFI BIOS can boot Linux directly (with a secureboot shim), and grub is an unnecessary. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL 6
> > > > Is it "too hard" to provide a solution for the OP and for myself? How come > > RHEL/SL/CentOS-8 does not come preinstalled with a package > > to "boot an SL3/SL4/SL5/RHEL6/RHEL7 VM image now!". (Yes, we still have > > hardware that required an m68k crosscompiler that runs on SL4. We even have > > a physical machine for this, a dual 500 MHz Pentium-II tower). > > Yes it's kind of sad. However, containers have been mentioned in this thread > already, and they do scratch a lot of those itches in a very elegant and > cheap way. > If you know the magic incantation to boot old SL/RHEL images (tarballs or rsync's) in a container on RHEL 7 or 8 or on Ubuntu LTS 20.04, or if you can point me to such incantations, I would greatly appreciate it! I am sure I am capable of figuring it out myself, this task has been roughly in the middle of my to-do list for the last 2-3 years. Thanks in advance! -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: SL 6
> > ... you have locked licenses for expensive old CAD software? > ... vendor has failed to keep their software up to date with operating > system releases ... > ... not Scientific Linux's fault. > Ah... the sound of Linux walking away from old-time Linux users... To me it looks like "Linux people" play with python, wayland and systemd and ignore the needs of long time scientific and industrial linux users (places like TRIUMF live in both camps). In my part of the universe, we have Altera Cyclone-I FPGA boards, the FPGA compiler is Altera Quartus (expensive CAD software), for sure, latest Altera Quartus is all up to date to run on latest Linux, but the last Quartus to support Cyclone-I FPGAs is 5 years old out of date and it will not be updated. But we still need to run it (or throw all Cyclone-I FPGA hardware into the dumpster). So, a problem. For solution, what do we hear from the Linux side? All these answers are not the same: "here is the fix", "we will try to help you", "we tried to help, but failed, sorry", "it's too hard" and "not our fault/problem". Is it "too hard" to provide a solution for the OP and for myself? How come RHEL/SL/CentOS-8 does not come preinstalled with a package to "boot an SL3/SL4/SL5/RHEL6/RHEL7 VM image now!". (Yes, we still have hardware that required an m68k crosscompiler that runs on SL4. We even have a physical machine for this, a dual 500 MHz Pentium-II tower). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: {Suspected Spam} [SCIENTIFIC-LINUX-ERRATA] Security ERRATA Moderate: grub2 on SL7.x x86_64
Yes, there is a problem, read this: https://urldefense.proofpoint.com/v2/url?u=https-3A__access.redhat.com_solutions_5272311&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=O-y8hu7ALede3w1l9Y5qHb0usICwIZWs-0Xs22GY-RA&s=MHMG3S-km6PEM1c20aXsBiqG8Q1iKHcBNlRaSBj6Sds&e= K.O. On Fri, Jul 31, 2020 at 09:12:55PM +0100, Jose Marques wrote: > > On 31 Jul 2020, at 14:04, Farhan Ahmed wrote: > > > > Synopsis: Moderate: grub2 security and bug fix update > > Advisory ID: SLSA-2020:3217-1 > > Issue Date:2020-07-29 > > CVE Numbers: None > > Ars Technica is reporting that the grub2 patch is breaking the boot process > on updated servers. > > See: > https://urldefense.proofpoint.com/v2/url?u=https-3A__arstechnica.com_gadgets_2020_07_red-2Dhat-2Dand-2Dcentos-2Dsystems-2Darent-2Dbooting-2Ddue-2Dto-2Dboothole-2Dpatches_&d=DwIFAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=ZJFLG-LZXHbZaOOov5YYtDvNbEGgJLbZ-4qfeU8texw&s=IJoGo8uh2FpBogxuemlmB1gOAOfqHhBmhPrrDgTb0-8&e= > > > The University of St Andrews is a charity registered in Scotland, No. > SC013532. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Recovering root password
On Wed, Jun 24, 2020 at 09:36:58AM -0700, Konstantin Olchanski wrote: > > Well, we do not have to tell them *all* of our secrets, do we? > Funny, enough, just stumbled on this: https://linux.web.cern.ch/centos8/docs/singleuser/ -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Recovering root password
On Wed, Jun 24, 2020 at 11:20:28AM +0200, Stephan Wiesand wrote: > > It seems surprisingly little known that there's a *much* simpler and faster > way. > 1) In the boot loader, hit 'e' and add "init=/bin/sh" to the kernel > commandline. ... > Well, we do not have to tell them *all* of our secrets, do we? -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Recovering root password
On Tue, Jun 23, 2020 at 10:49:48AM +0200, Elio Fabri wrote: > Hi all, > I need help (at lest a link) as to how to recover my root password. > I'm using SL6.2. The password I remember by heart is no longer > accepted, neither for the su command nor for sudo. > Thx While you cannot "recover" the root password, if you have physical access to the machine, you can bypass it, login as root and reset the password: remove the boot disk from problem machine, attach it to a 2nd computer, mount the root partition, go to root/.ssh and install your ssh key. unmount, reassemble problem computer, boot, ssh into root, done. While the boot disk is mounted on the 2nd computer, in addition to installing the ssh key, you can also reset the password (edit /etc/shadow) or setup "sudo" for password-less "sudo root" (recent Ubuntu are setup this way, you never actually use the root password to login into root). -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: off SL
On Tue, May 26, 2020 at 12:54:02PM -0700, Troy Dawson wrote: > Although in the past the official policy of Red Hat was that you needed to > do a fresh install going from EL N to N+1, that is starting to change. ... > "we're working on it." I think those "we" are about 5 years too late. Everybody is too used to the RHEL/CentOS standard of "install from scratch", and if I install from scratch, of course, I consider the competition. As I understand this is "business 101" kind of stuff. So why was this not taken care of years ago? (and where is "install on ZFS", and where is MATE/KDE/Cinnamon, and where is all the "deprecated" drivers, and where is the replacement for "deprecated" NIS, and where is the "we take systemd bugs seriously"?). "Something is rotten in the state of Denmark" as they say, and we sense it and we vote with our feet. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Mate for CentOS 8
On Thu, May 21, 2020 at 03:45:30PM -0400, Larry Linder wrote: > > We are going to upgrade servers to 6.9 and a workstations to 7.6 and > hold our breath for the next 4 years. > I agree. el6 was probably the best vintage. el7 much suffers from systemd bogosity (starts things in the wrong order at boot time, cannot reliably stop everything at shutdown time, plus all the problems inbetween boot and shutdown). > > So far we have evaluated a lot of Linux varients and most were pretty > bad. Nice to tinker with but basically not industrial. > Hardware vendors drive it for us. Raspberry Pi type of machines now come with "YOU MUST INSTALL RASPBIAN" written on them in big letters, and that is pretty much vanilla Debian, one step away from Ubuntu. And new people follow these instructions, and everything works quite okey without too much trouble. Then we look at the versions of python, php, gcc, etc, and again Ubuntu seems to be the direction. So the writing is on the wall, I can see it and I can read it. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Mate for CentOS 8 (thanks)
Metoo. I use the MATE desktop, as the least annoying of all desktops available on all three of el6, el7 and Ubuntu LTS 18.04. As for el8, officially everything except some gnome is removed, KDE was never available, probably still not available, so meh. FWIW, I am evaluating el8 and ubuntu LTS 20.04 in parallel, so far, el8/ubuntu package versions: python 3.6/3.8, gcc 8.x/9.x, php 7.2/7.4; Ubuntu can boot from zfs (18.04 you have to follow a check list, 20.04 supposedly the installer can install straight to ZFS). On el8 I will not even try boot from ZFS, for sure there is some systemd bogosity that will prevent it from working (like systemd refused to boot from degraded btrfs). Sorry to bring this up again, but other than for nostalgia and inertia, there is not much point to el8. K.O. On Tue, May 19, 2020 at 09:48:28PM -0700, Keith Lofstrom wrote: > On Tue, May 19, 2020 at 4:45 PM Keith Lofstrom wrote: > > I've done my feeble best to compile Mate for CentOS 8; my > > result is not completely broken, but not ready for use. > > Some of the graphics fails. "Mate8" seems to leak memory. > > On Tue, May 19, 2020 at 05:08:34PM -0700, Akemi Yagi wrote: > > There is a thread on the CentOS mailing list about Mate for el8 that you > > may want to take a look: > > > > lists.centos.org/pipermail/centos/2020-May/350284.html > > Thanks for that; about six messages down that thread is > a pointer to a webpage discussing compiled packages: > > https://urldefense.proofpoint.com/v2/url?u=https-3A__copr.fedoracloud.org_coprs_stenstorp_MATE&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=Q6LCVHs6caad7nOhlIGsnO-ZZUhyem88W6GHqfhenh8&s=7XyJM3wNZhcVzu5ozYZvc9sKtl4zp0lRlr7HMXiXXP8&e= > > > I will copy my borked home compilations to backups, then > install that version of MATE. Many of us are installing > MATE; I probably made my clumsy attempts prematurely. > > > > To others who suggest alternate ways to use linux ... thanks, > but I'm an old dog, and a gnome2 user since it was a puppy. > MATE comes closest. > > My "new trick" schedule is overloaded with math and physics > skills that I hope to learn soon, skills that would have > been much easier to learn 50 years ago. > > - > > Finding the gnome3 text rendering flaw will be more difficult. > That flaw is why my subnotebooks still run SL6. > > > Keith > > -- > Keith Lofstrom kei...@keithl.com -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Revisiting Cent 8
On Wed, Mar 18, 2020 at 10:38:38AM -0400, Larry Linder wrote: > > So where do real engineers who need a stable platform turn to. ... > All the cool kids are hanging out with RaspberryPi, FPGA ARM SoC demo kits and similar toys. That's where all the action seems to be these days. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Revisiting Cent 8
On Tue, Mar 17, 2020 at 12:38:11PM -0400, Larry Linder wrote: > Boss asked us to take another look at Cent 8 because Cent 8 box in > corner was using an IP address that is in middle of several machine > tools. Typical situation here, too. Mystery box using mystery IP address. To fix. > > When you run ifconfig -a > No, these days, you don't. ifconfig is now obsolete, you are supposed to use the "ip" tool. > > no eth0 or eth1 but you find enp3s0 > this is some scripts running at boot time and renaming eth0, etc into these supposedly better enp3s0 names. in the past, you could disable it: /bin/touch /etc/udev/rules.d/75-persistent-net-generator.rules /bin/rm /etc/udev/rules.d/70-persistent-net.rules > > Something is very wrong. The manual pages from RH dont work, other > published directions are as if written for system zzz. Cent help pages > are useless as they cover Cent 7 and little of no Cent 8 real help. > The admin guides at RedHat have instructions for setting up the network, these guides usually show up in the google searches. > > Anybody who has actually changed the IP to static sucessfully - please > tell me how they did it. > I use the gui tool "nm-connection-editor". Setup a "wired connection", set the IP address, netmask, gateway IP address, DNS IP address, "save". No need to restart NetworkManager. This tool seems to work okey. (My main complaint is about the NetworkManager doing strange things that are not documented and are impossible to debug. Latest example is on a two-network-port machine, NetworkManager insisted in assigning the static ip address to the port that has no network cable plugged in). > > The boss looked at the bill for switching to another OS that is not a > derivative of RedHat and maybe a Macks and he wanted us to really look > at Cent 8 again. As a business it all the bottom line, there is nothing > free. > I see very little practical difference between el7/el8 and Ubuntu LTS, same systemd, same NetworkManager, etc. Big difference is in the package managers, but now we have 3 (apt in ubuntu, rpm/yum in el7, rpm/dnf in el8). > > We have a considerable investment in SL from 4 to 7.6 and I would hate > to think of the cost of just tossing it all. > For, us, old OS obsoletes itself. Evolution of C++ is driving it, no C++11 in el6, incomplete C++11 in el7 (no working std::regex). Same for php, python, etc. > > Is there an alternative desk top as Gnome as it is terrible, You can't > have two terminals open at once at least on this system. > No alternative desktop is very bad. Ubuntu has: gnome, mate, cinnamon, kde, lxde (I think), maybe a few more. > > As you all can guess is that I am an engineer and not an IT person. > Thank goodness. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Who Uses Scientific Linux, and How/Why?
On Tue, Feb 25, 2020 at 09:15:35AM -0500, Brett Viren wrote: > > You might ask "why is there a HEP monoculture based on Red Hat?". That > would be an interesting story if someone knows the details. ... > > I suspect the actions of a small number of early movers led to RH's > dominance in HEP. I can point a finger at a few from FNAL and BNL. > That's right. I was at BNL at the time, it was right in front of my eyes. The first guy installed RH linux. it worked. end of story. This happened right after the first quad-PentiumPro machines became available, with Dell dual-PentiumII/III to follow soon after. These USD$2k desktop boxes had performance better than USD$250k SGI "mainframes", they had 100Mbit ethernet (SGI did not), they plugged into 110V wall power (SGI required 3 phase AC). so. end of SGI. SGI IRIX out, Linux in. > > Debian and RH started at the same time (1993) so my guess is these early > movers just happened to be more exposed to RH and less to Debian. The > network effect then did its thing. > I am not sure what happened with Debian at that point. We certainly knew about it, one of Debian founders worked with us. We also knew about Slackware. It is hard to remember that far back, but I would say that Red Hat was probably the better distribution at the time, having a business funded with startup money behind it. Small things like the sadly missed tools "redhat-config-users", "redhat-config-network", interactive installers, etc must have all added up somehow. > > The second, maybe coupled, dynamic is that (I suspect) there was a > seduction by the corporate backing of RH of HEP lab management. Or, > maybe a "comfort" is a less loaded term. > At BNL, "management" only got involved in this by the time RHIC and LHC experiments started looking at their computing needs. By that time everybody already was running Red Hat Linux. > > I think it natural that management types would cozy up to arguments > like: "RH is corporate, just like Sun, but cheaper" compared to Debian's > scary form of *gasp* self-organization. > I think that's right. Certainly Red Hat sales and corporate people had a presence (and Debian, lacking both, did not). Incoming hardware from IBM & co all had "OS: Red Hat Linux" written in the specs (not "Debian"), etc. > > Of course, and maybe only in hindsight, we know Debian's organization is > more robust an entity than RH's ended up being. Ironically, Debian also > contains far far more science-related packages than the distribution > with "science" in its name. > Yes, intersting how that turned out. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Is Scientfic Linux Still Active as a Distribution?
On Sun, Feb 23, 2020 at 12:41:13AM -0600, Eremey Valetov wrote: > > 1.I think that it is very likely that CentOS or a similar Linux > distribution will be available in the long-term ... > 2.It makes sense for a scientific distribution based on CentOS or similar > to be maintained. > If Scientific Linux is no longer maintained by Fermilab, a dedicated > nonprofit organization may take over. > The elephant in the room is CERN. There will be a "free" "CERN Linux" until the need to run scientific machines the size of the LHC and the need to analyze data from LHC sized experiments goes away (not today, not tomorrow). At those scales of computing, commercial pricing schemes ("per core", "per cpu", "per user", "per seat") break down and lose meaning. (how do you count "users" of embedded magnet controllers? how do you count the number of cpu cores in LHC tier-1, tier-2, tier-3, etc computing centers spread across 50 countries? Then multiply that number by any non-zero "per core" price and you get dollar numbers bigger than the GDP of Elbonia). Anyhow, CERN has been effectively running a linux distribution ever since Red Hat went with paid subscriptions, SLC based on SL at back then (with Fermilab & co), CC based on CentOS now. Of course CERN Linux is available to all the CERN member states, and probably to states that have cooperation agreements with CERN. (link to cern linux) http://linux.web.cern.ch/linux/ and (link to list of cern members) https://home.cern/about/who-we-are/our-governance/member-states And the issue is bigger than just the Linux base OS: (link to cern-ends-trial-facebook-workplace) https://home.cern/news/news/computing/cern-ends-trial-facebook-workplace (link to CERN Microsoft Alternatives project) https://home.cern/news/news/computing/migrating-open-source-technologies (link to CERN "drop box") http://information-technology.web.cern.ch/services/CERNBox-Service -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: EL 8
Danger Will Robinson! Study the past to avoid misunderstanding the present. There was never a "one unix". Pretty much from day one there was the AT&T Unix and the BSD Unix (East coast vs West coast, if you wish). There *was* a "one BSD Unix" (I still have the 386BSD CDs), but then it split into NetBSD, FeeBSD, OpenBSD (and kept splitting). Then there was never "one linux", there was the "Red Hat package manager" and the "Debian package manager" from very early on. To my amazement, there is a "one linux kernel" (if you ignore all the special linux kernels for embedded ARM machines, the Android linux kernel, uclinux, etc). Behind each of these splits there are some good stories and good reasons and good people. K.O. On Sun, Feb 02, 2020 at 11:26:26AM -0800, Pwillis wrote: > From my personal, outsider, view the ‘Distribution’ thing is a major > bottleneck with the long term stability of Linux. Distributions dilute the > focus on maintenence by dividing the available labour resource over a foolish > duplication of tasks. This is usually a marketing thing of some kind (ie: > Oracle Redhat fork, Ubuntu vs. Debian, Slack vs. Gentoo, CentOS vs. Redhat). > > If all the people who are maintainers, globally, held thier noses a bit and > actually came together on a single distro there would be more hands on. > I know, one can appreciate that eveyone wants a custom OS for their own > purposes and this drives people to fork. > If there was more focus on the generics of system building, package > selection, and optimized kernel driver boiler-plate, there would be no need > for so many distributions. People could just set up builds of predefined > package compilations against the master public distribution. > > The issues seen today with distributions are the same issues seen early in > the history of UNIX where everyone had a different proprietary version and > nobody’s soiftware worked with anyone else’s distro. > > Resolution of real technical issues now seems to get lost in the noise of > endless discussions of distribution religion. > > I normally sign on to mail lists to resolve a problematic technical issue. > What I am seeing on mailing lists, in general (not just this one), is a > marked decline of useful technical feedback to the point where: > > religion = ~100% > technical support = ~0% > > So the war over distributions becomes the elephant in the room while the > effectiveness of the actual software begins to decline as a result. > > Oracle is in competition with IBM in the database market. In my opinion, > neither of those organizations should be managing a distribution due to the > inherent conflicts of interest involved with respect to the user community at > large; Unless they can disengage personal corporate interests from the > process, which is doubtful and historically never happened. > > > > On Feb 2, 2020, at 2:26 AM, Stephan Wiesand wrote: > > > >> On 31. Jan 2020, at 19:10, Jon Pruente wrote: > >> > >> On Thu, Jan 30, 2020 at 7:58 PM Yasha Karant wrote: > >> soon to be forced to go to another Linux. The options appear to be drop > >> EL entirely and go to Ubuntu LTS ("stable") current, or to stay with EL > >> and use Springdale (Princeton) EL8 when (if?) it is available, or Oracle > >> 8 EL. Thus far, everyone I have contacted who did a clean install of > >> > >> Is there a reason you have to avoid CentOS? The SL devs have stated that > >> they will not develop SL8 and instead put their resources into CentOS. > > > > I hate to say this, but CentOS is pretty slow these days getting out daily > > updates, minor releases and corresponding SRPMs. No distinction between > > security errata and other ones either. SL has been doing better. OL is > > doing better, including release 8. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: EL 8
soap, wash, rince, repeat for Debian, FreeBSD, MacOS). > > I have been saying the above to everybody for the last 6 months and not a > > single > > person so far had answered with "let's stick with Red Hat" or "let's stick > > with Red Hat > > because of important reason X". > > Well we had a couple of folks speaking up here already. > I guess I meant our local users here, not the whole universe. Sorry for confusion. > > There are a few more major differences (and the different package managing > systems are rather peanuts compared to those): > > * Support life time. EL: 10 years (admittedly, with limitations during the > last 3). Ubuntu: 5 years (but limited to 3 years for a great many packages - > especially quite a few important on desktops/laptops). > This turned out to be the wrong life expectancy measure. What we see is the prefectly servicable SL6 is obsoleted overnight by ROOT (root.cern.ch) suddenly starting to require C++11. Then things like MediaWiki ask for newer PHP, certbot asks for newer python, etc. So you install devtoolset for C++11, PHP from webtatic, pyhton3 from EPEL, but can this mongrel OS still be called SL6? The usual mantra is "never upgrade!", but users demand "upgrade early, upgrade often!". Rock, hard place, etc. > > * Stable kernel ABI. EL: stable over the whole lifetime for whitelisted > interfaces, stable within minor releases for others. Ubuntu: no such thing. > Actually, may backport ABI-changing changes from the lates mainline kernel > anytime. > Not in SL-6, not in CentOS-7. Each new kernel update breaks nvidia and/or ZFS drivers. True, the (very simple) kernel drivers that I write and maintain do load and work with each kernel, so some stability, for sure. (But latest kernels complain, "you must recompile you driver with new GCC to deal with latest Intel CPU exploits"). > > * Hardware enablement: EL: at least 5-7 years, with a single kernel flavour > (with the above advantages regarding ABI stability). Ubuntu: May require > "HWE" kernels (different base version) rather early. Actually will upgrade > you automatically to those unless you're using a server installation. > No way around this, if stock kernel does not have a driver for your hardware, you have to use some other kernel, by hook or crook. Build kernel from sources, in the worst case. True for any Linux, for any OS, Windows, BSD, etc. Only MacOS has hardware and software in lock-step. (severe and unescapable lock-step). > > Again, I like Ubuntu. Nor do I want to start a big argument. Just felt > compelled to add a few minor pieces of information to your statements. > Yes, good discussion. A shift away from Red Hat Linux after 15 years with SL, and not quite 10 years with RHL (before "E") is a big deal, worthy of big argument. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: EL 8
On Fri, Jan 31, 2020 at 02:42:53PM +0100, Jean-Paul Chaput wrote: > > Just to supply another point of view, I'm sticking (i.e. the whole > network I manage) to SL7 (and CentOS8 afterward) because RHEL is the > only open source OS that is qualified for big VLSI CAD tools > (Cadence, Mentor, Synopsys). This is my only reason, but it's a > mandatory one... > Definitely valid consideration. In data acquisition the scope of what we must provide is very small, but still we use some big commerial tools, FEMLAB (electric and magnetic finite element simulations), assorted FPGA compilers (Altera, Xilinx), and they all seem to work ok on both centos and ubuntu. Some other major tools, SolidWorks (3D mechanical design), Altium (PCB design), do not run on Linux at all (any Linux), so those people are suck with Windows laptops and desktops. Also luckily, our stuff does not need to be qualified or certified, so as long as things work and lights blink and data flows, all is good. Actually, for vendor support, I see a consolidation on Debian-based Linux, RaspberryPi comes with Debian based OS, Nanopi seems to be Ubuntu, Phidget toys come with Debian drivers, a brand new board with Xilinx FPGA just arrived in the mail, also runs ARM Debian. If not Debian, then it is a custom rolled userland, often based on busybox. No RedHat/Centos/Fedora anywhere in sight. > > I take this occasion to send a big thank for the SL team and it's > great jobs all those years. > Seconded. Certainly carried us through what, 15 years of worry free and trouble free Linux OS? Yup, since SL3 in 2005 on our first 64-bit AMD Opteron machines, until 2020 today. K.O. > > Best regards, > > On Thu, Jan 30, 2020 at 06:25:34PM -0800, Konstantin Olchanski wrote: > > On Thu, Jan 30, 2020 at 05:57:24PM -0800, Yasha Karant wrote: > > > > > > At this point in terms of application support for EL 7 (including SL > > > 7) from external entities (such as Calibre -- there are others), I > > > am going soon to be forced to go to another Linux. ... > > > > > > Any advice would be appreciated. > > > > > > > We are looking at Ubuntu - > > > > - direction is very stable, each next release is "the same as the previous > > release", > > no surprises, no strange changes, no confusion. > > - trivial upgrade path from version N to version N+1. (works as well as > > MacOS). > > - easy to google problems and solutions > > - works well on laptops (Red Hat was always behind on Wifi and other > > important drivers) > > - commonality with Raspberry Pi and other SoC systems (everything is Debian > > or Ubuntu based, nothing is Red Hat based). > > - many hardware vendors now supply Ubuntu and Debian centric drivers and > > support > > > > Now that both Ubuntu and Red Hat use systemd, NetworkManager & co management > > of both has become very similar. > > > > Only big remaining difference is the package manager - apt vs rpm/yum, but > > even > > here Red Hat have muddied the waters by switching to dnf and a new package > > format > > (new checksum algorythms). > > > > Since building rpm packages was always a major pain, I am not sure I want > > to figure > > it all out again with CentOS/EL-8 just to find out that I cannot (or I > > can?) build > > RPM packages that work on all three - el6, el7 and el8. Might as well cut > > out > > the middleman and use "git pull; make install" to install and manage the > > 2-3-4 scripts > > that I manage with RPM packages right now. > > > > I have been saying the above to everybody for the last 6 months and not a > > single > > person so far had answered with "let's stick with Red Hat" or "let's stick > > with Red Hat > > because of important reason X". > > > > -- > > Konstantin Olchanski > > Data Acquisition Systems: The Bytes Must Flow! > > Email: olchansk-at-triumf-dot-ca > > Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada > > -- > .-. J e a n - P a u l C h a p u t / Administrateur Systeme > /v\ jean-paul.cha...@lip6.fr > /(___)\ work: (33) 01.44.27.53.99 > ^^ ^^cell: 06.66.25.35.55 home: 01.47.46.01.31 > > U P M C Universite Pierre & Marie Curie > L I P 6 Laboratoire d'Informatique de Paris VI > S o C System On Chip -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: EL 8
On Thu, Jan 30, 2020 at 05:57:24PM -0800, Yasha Karant wrote: > > At this point in terms of application support for EL 7 (including SL > 7) from external entities (such as Calibre -- there are others), I > am going soon to be forced to go to another Linux. ... > > Any advice would be appreciated. > We are looking at Ubuntu - - direction is very stable, each next release is "the same as the previous release", no surprises, no strange changes, no confusion. - trivial upgrade path from version N to version N+1. (works as well as MacOS). - easy to google problems and solutions - works well on laptops (Red Hat was always behind on Wifi and other important drivers) - commonality with Raspberry Pi and other SoC systems (everything is Debian or Ubuntu based, nothing is Red Hat based). - many hardware vendors now supply Ubuntu and Debian centric drivers and support Now that both Ubuntu and Red Hat use systemd, NetworkManager & co management of both has become very similar. Only big remaining difference is the package manager - apt vs rpm/yum, but even here Red Hat have muddied the waters by switching to dnf and a new package format (new checksum algorythms). Since building rpm packages was always a major pain, I am not sure I want to figure it all out again with CentOS/EL-8 just to find out that I cannot (or I can?) build RPM packages that work on all three - el6, el7 and el8. Might as well cut out the middleman and use "git pull; make install" to install and manage the 2-3-4 scripts that I manage with RPM packages right now. I have been saying the above to everybody for the last 6 months and not a single person so far had answered with "let's stick with Red Hat" or "let's stick with Red Hat because of important reason X". -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Red Hat on the Desktop - was Re: Calibre current
On Thu, Jan 30, 2020 at 10:10:21PM +, ONeal, Miles wrote: > > That makes sense, and I agree. As far as I can tell, RH remains committed to > the desktop > (although more and more that means only GNOME). > Red Hat direction is confusing. "committed to the desktop" - removal of choice of desktop environments (vs on Ubuntu: GNOME3, MATE, KDE, Cinnamon, plus a few more) - removal of support for NIS (LDAP is "light weight" is like Titanic is a row boat). - boneheaded defaults, i.e. login screen does not show the machine name, shows 100 icons for 100 available users instead of asking the user name "shifts towards enterprise" - ModemManager and NetworkManager enabled by default - both tools are most useful for mobile laptops, do nothing useful for fixed location and hardwired installations - PackageManager asks the currently logged user "please enter root password, let's install system updates NOW!" - systemd prevents reliable reboot and shutdown (I have a scheduled power outage in 30 minutes, systemd waits for 10 minutes for the "currently logged user" to logout then waits forever to umount an NFS filesystem where the NFS server was already shutdown). - systemd prevents reliable boot (does not honor the services startup order specified in the service config files, no explanation, no error message, reporting systemd bugs to red hat pointless, reporting systemd bugs to systemd developer pointless, see the famous bug report about systemd rejecting some otherwise valid user names). "dept of wtf" - removal of popular device drivers - clearly friendly to all three - laptop, desktop and server use. - no "install all packages" button when doing a fresh install (yes, "everything" will fit on my 120GB SSD) - no upgrade tool to go from version N to version N+1. To me this smells like "we started with Red Hat Linux 9.0, added tons of laptop-centric stuff, branded it as 'enterprise linux', and BTW we are also desktop friendly". -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: centOS 8
and you > will become hungry. > They found another profit center - make cat-video machines for the mass market (capture cat videos, post them on youtube; watch cat videos on youtube, this is the full list of supported functions). > > Another weekend almost shot- I am going back to sleep. > Not for me. I am heading for this (today, dancing; tomorrow, playing the music) https://urldefense.proofpoint.com/v2/url?u=https-3A__www.youtube.com_watch-3Fv-3DduKis8cFhXk&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=pfzG3uuoqYjYPqIwza_-0fPiS-zqH6OlMSDK4cxCrdU&s=fpSVOrqYHsfvlRpkTsGbaR6Ge1LrHJGGt4Iy-Lvv9JU&e= K.O. > Larry Linder > > I reminds me of the release of Windows 3.0 in early 90's that only did > business cards and nothing else. It was pretty short lived > On Thu, 2019-10-03 at 17:24 -0700, jdowjunkm...@earthlink.net wrote: > > A quick search suggests there are some problems in this regard. Ideal is > > "don't > > install the cloud related modules in the first place." If you have you can > > uninstall or disable the cloud service initialization. If you have been > > running > > awhile you may have to create new ssh etc keys. Installing the cloud > > "stuff" > > apparently alters the keys. > > > > VMs are an excellent way to test the install process for these kinds of > > pitfalls > > and find workarounds. They seem to be highly recommended. > > {^_^} Joanne > > > > On 20191003 09:43:21, Dave Dykstra wrote: > > > Larry, > > > > > > There are typically lots of rough edges for the first few point releases > > > in RHEL major releases. They need people to test and report problems > > > including instructions on how to reproduce the problems in order to get > > > them fixed for later. I wouldn't expect it to be suitable for > > > production use until 8.2 or 8.3. > > > > > > Dave > > > > > > On Wed, Oct 02, 2019 at 05:02:12PM -0400, Larry Linder wrote: > > >> Nothing should be this hard to configure and set up. > > >> > > >> 1. The install did not recognize two other disks on system. > > >> if you run "fs" you get a list of disks and a number of /tmp partitions. > > >> When you try to edit "fstab" it is non-sensical. Didn't try to run > > >> "mount" as the man pages are not what you see. > > >> > > >> 2. Video is basic VGA and it ignored my GForce dual monitor card. > > >> > > >> 3. Tried to install printers and didn't see "cups" even though I > > >> selected it to install. > > >> > > >> 4. I tried to run a couple of our linux cad packages and bash could not > > >> run the process. Permissions and ownership was Checked but no luck. > > >> > > >> 5. Even setting up the sytem name and UID to what we use on the other > > >> systems had to be manually. Graphic network didn't give you a clue. > > >> > > >> 6. When it shuts down you have to pound on the key-board and try every > > >> key and then after a long time it finally wakes up. Couldn't what key > > >> did it. > > >> Just don't have time to screw with it. > > >> > > >> After spending two days I gave up. > > >> This whole think looks like a very low level business workstation for > > >> the mentally challanged. Run my IBM computer the way I designed it or > > >> just go away. You can only run my programs you can download. Most look > > >> retarded such as "CHEESE" is there a connection between title and > > >> function - its a major stretch of the immagination. > > >> > > >> It wants you use a cloud for everything - we don't want to use the cloud > > >> for anything. Our internet provider sometimes takes a 1/2 hr nap during > > >> the day. Its very fast when it works. (Spectrum) - AT&T in our > > >> location was hopeless, bad service, bad price. > > >> > > >> For now we are going to upgrade all systems to SL 7.7 and then look for > > >> a linux that is usefull for real engineering, manufacturing and > > >> business. > > >> > > >> The labs should look at building there own. > > >> > > >> Any suggestions? > > >> > > >> I will go back to work and give up on centos 8. If I had purchased > > >> RedHat 8 I would be really ped for getting ripped off. > > >> > > >> Larry Linder > > >> > > > -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: centOS 8 install crash
Hi, Larry, sorry to hear about your trouble. I wonder why you talk about "reinstalling SL6", when you could have popped the SL6 SSD out, put a blank one in, try el7/el8/whatever, if it bombs, put your SL6 SSD back in. Cost of SSD is zero compared with the time saved. On the other hand, I wonder if you see a hardware fault. Over the years I came to rely on the SL/CentOS installer as a hardware test tool - if I have seen so many cases where we have an iffy machine, memtest runs just fine, but the OS installer fails with strange symptoms (freeze, nonsense package errors, etc) - replace the RAM, and now installer works, machine runs fine - conclusion - machine was problematic because of bad ram (bad cpu fan, bad power supply, etc). It is not impossible that originally you installed SL6 and all was fine, then a hardware fault developed, and now the el7/el8 installer bombs. But you do not tell us if you tried several different machines and what the actual failure was (freeze, kernel panic, kernel oops, unexpected reboot, etc), so maybe you see something else. P.S. true, problem reporting to Red Hat has been ineffective for the last 10 years or so. On the other hand, I reported a ZFS problem to ZFS and got lively replies, some of them even helpful, and got my ZFS problem solved. So not all doom and gloom, not everywhere. K.O. On Sun, Sep 29, 2019 at 12:52:11PM -0400, Larry Linder wrote: > This really off topic but there REL error reporting does not work. > It is not a centOS tool but RedHat. > > Saturday PM - first failure. At least we could reboot system. > Sunday AM - second failure. System is dead and SL 6.9 must be > reinstalled before Monday. > > Tried to install centOS 8 and it gets to point where I sets up disks in > classical scheme, so as not to clobber users files, > it asks for root pass word and it crashes. The crash is reproducible > but the result Saturday was recoverable, Sunday's crash is not > recoverable. > > I checked download for errors and it agrees with their check sums. > > Have been a SL user since 4.1 and never seen anything like this. I wish > SL could continue as the centOS 8 is half baked. You can't send an > error message to them !!! The Red Hat bug reporting tool goes no where. > This is why we never used Fedora - you couldn't thrust it. > > We had planned to up date our business to centOS 8 but I think we will > stick with SL 7.6 and update all system to that level and quit for a > year. > > I would like to thank all the troops and contributors to SL for an > outstanding work. > > If anyone know how to forward the error messages to centOS I will try a > third time next weekend. > > Thank You > Larry Linder > MicroControls LLC -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Q&A: Centos vs SL
On Sun, Sep 15, 2019 at 12:29:20PM -0700, Patrick J. LoPresti wrote: > > Now that Red Hat owns CentOS and IBM owns Red Hat, I wonder when CentOS 8 > will be released. > The place to watch is "google CERN linux", which takes you to http://linux.web.cern.ch/linux/ click on "next version" which takes you to http://linux.web.cern.ch/linux/centos8/ which states "Next linux version will be based on CentOS 8" and links to https://urldefense.proofpoint.com/v2/url?u=https-3A__wiki.centos.org_About_Building-5F8&d=DwIBAg&c=gRgGjJ3BkIsb5y6s49QqsA&r=gd8BzeSQcySVxr0gDWSEbN-P-pgDXkdyCtaMqdCgPPdW1cyL5RIpaIYrCn8C5x2A&m=gLjKarHYkkZKBGl5US1kEKkaCLHtdsX_5TDAFMpyBFk&s=W0LpFflr0nI9lunzHip-MyRCsc9VyA9Fxa3PyHiTGKo&e= which states "The final release will be on September 24". with the explanation that work on CentOS-8 was delayed to release 7.7 first. CERN, through the LHC experiments, through the major US DOE Labs and Universities are a big traditional user of "Red Hat flavour" Linux. The thought of CERN and all who follow them switching to a competing product (hello, Ubuntu!) or rolling their own Linux distribution (which the CERN organization is perfectly capable of) ensures the continuation of CentOS, I would think. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: Help with root password
You need a root password to ssh into and reboot a remote machine that stopped accepting logins from normal users (stuck NFS, stuck NIS, out of memory, dead user home directory disk, borked pam, etc). Definition of remote machine? Not under your desk; takes longer than 5 minutes to walk to a different building to press the reset button; it's at CERN and you have to send an email to somebody to go find it and press the reset button. etc. Why not "login as normal user and sudo into root?", see above, machine is borked and does not accept login from normal user. K.O. On Mon, Jul 22, 2019 at 01:52:35PM -0400, R P Herrold wrote: > On Sat, 20 Jul 2019, Nico Kadel-Garcia wrote: > > > > sudo passwd root > > > > If he had sudo access, why would he need or want a root password? > > a root password, rather than mediated 'sudo' access is needed > from time to time > > Before the system is up and recognizing, to do fsck' and such > which require the root password to be executed, comes to mind > > > -- Russ herrold -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: RE Future:
On Mon, Apr 29, 2019 at 03:40:11PM -0400, Larry Linder wrote: > > As a private company we need the stability and consistency of a > commercial product supported by a Gov agency for long term stability. > > Will we stay with CentOS is a big [question] > I think you are safe sticking with "CERN Linux" (where "6" was SL6, "7" is CentOS7). In a way, CERN is a "super gov agency", with major decisions about Linux and software made be consensus between LHC experiments which are themselves collaborations between the big US govt labs - Brookhaven, Berkley, FermiLab, etc. For the decision on "8", as they say "watch this space": http://linux.web.cern.ch/linux/ Also read the echoes of the decision on "7": http://linux.web.cern.ch/linux/nextversion.shtml If anything goes wrong with Red Hat or CentOS, the CERN organization, in collaboration with US and European Physics labs, has the technical capability of carrying the Red Hat flavour of linux forward forever. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada
Re: question regarding the future
On Sat, Apr 27, 2019 at 02:15:42PM +0200, Maarten wrote: > Hello fellow SL users, > I having been using SL for a while now, ... > there will be no SL8... > the future [?] I look at the future throught the mirror of today's problems. And today's problems in the RH/CentOS/SL universe do not project a bright sunny future: - systemd is a mess up. with luck IBM's purchase will clean house on this one. - c++, cmake, python, php, etc are always 1-2 versions behind those required by packages we need to use - ZFS is not part of the base system, does not play well with kernel updates - NIS will be removed in el8, with no replacement (LDAP need not apply unless they sorted out handling of autofs maps) - incoming mess up of X11 via Wayland graphics On the data analysis side we are married to CERN via the ROOT data analysis package, and the vibes I get from ROOT developers is that CERN Linux 7 (CentOS7) is not their primary target. (for example we had a problem with ROOT graphics where ROOT's LLVM collided with LLVM inside the el7 OpenGL library. For sure, Mesa has it fixed "in the latest version", but for us running vanilla CentOS7, nothing worked. And still does not work, the best I know). So it looks like we will be looking at Linuxes other than RH/CentOS, especially if a popular systemd-free variant somehow emerges. A move to Ubuntu is quite likely just because it tends to have recently recent c++, python, php & co. P.S. What's the beef with systemd? Apart from sundry bugs (for example, sometimes it does not respect the startup order specified in the unit files), we have been forced to disable all automatic updates (usually a nightly cron job). This is because an update of the systemd package triggers/forces the restart of every system service (nis, nfs, autofs, etc), effectively a reboot of the machine (minus rebooting of the linux kernel). Not a nice thing to happen on production machines on random nights whenever updated systemd is pushed out (usally 2-3 times a year). Of course in our experience, about 50% of the time something goes wrong and one of the services restarted by the systemd update does not restart correctly yielding a dead machine. Rant over. -- Konstantin Olchanski Data Acquisition Systems: The Bytes Must Flow! Email: olchansk-at-triumf-dot-ca Snail mail: 4004 Wesbrook Mall, TRIUMF, Vancouver, B.C., V6T 2A3, Canada