Re: dnsmasq and systemd

[Tom H]

On Fri, May 17, 2019 at 5:08 PM Orion Poplawski  wrote:


> Probably related:
>
>--tftp-secure
>   Enable  TFTP  secure  mode:  without this, any file which is
>   readable by the dnsmasq process under  normal  unix  access-
>   control  rules is available via TFTP. When the --tftp-secure
>   flag is given, only files owned by the user running the dns‐
>   masq  process  are  accessible.  If  dnsmasq is being run as
>   root, different rules apply: --tftp-secure  has  no  effect,
>   but  only  files  which  have the world-readable bit set are
>   accessible. It is not recommended to  run  dnsmasq  as  root
>   with  TFTP  enabled,  and  certainly  not without specifying
>   --tftp-root. Doing so can expose any world-readable file  on
>   the server to any host on the net.

Just read and sent the same :)


> I'm still surprised it made a difference starting it by hand or by systemd.

+1

dnsmasq runs as "nobody" if "/etc/dnsmasq.conf" doesn't have
"user=foo" or dnsmasq isn't started with "--user=foo" (or "-u foo").

Re: dnsmasq and systemd

[Tom H]

On Fri, May 17, 2019 at 3:07 PM Teh, Kenneth M.
<0864eace5c83-dmarc-requ...@listserv.fnal.gov> wrote:
> On 5/16/19 9:23 PM, Orion Poplawski wrote:
>> On 5/16/19 1:23 PM, Teh, Kenneth M. wrote:
>>>
>>> Systemd continues to baffle me.
>>>
>>> I've set up a router machine that provides pxe boot and tftp
>>> services on a private network with dnsmasq. Pxeboot works if I
>>> run dnsmasq manually, but not when I turn on the service with
>>> systemctl.
>>>
>>> I can't think through its layers of obtuseness and would
>>> appreciate someone with a fresher brain to point me in the right
>>> direction.
>>
>> You don't give us much to work with. When you start it manually,
>> what exactly do you run? What does 'journalctl -u dnsmasq' report?
>> Anything else that might be relevant?
>
> Sorry. You're right. A moment of exasperation and frustration with
> systemd whose bits of config/info are strewn all over the place
> instead of everything in init.d. I guess I resent learning new ways
> of doing old things. Must be my age. :)
>
> Turned out the problem is dnsmasq's tftp module has no permission
> to read pxelinux.0 even though the file is 0644. Checked audit.log
> for possible selinux problem. Nothing.
>
> Everything in /var/lib/tftpboot is selinux type tftpdir_rw_t except
> for pxelinux.0 (plus a few more) which are cobbler_var_lib_t. Tried
> an semanage fcontext/restorecon to change it just to see if dnsmasq
> would read it. Doesn't change. Nothing in journalctl. Used chcon.
> Changes it. But dnsmasq still cannot read the file.
>
> Finally set dnsmasq to run as root in its config. Works. Only thing
> I can think of is dnsmasq which apparently runs as nobody when
> started from systemd cannot read files it does not own.

1) From the manpage

--tftp-secure
Enable TFTP secure mode: without this, any file which is readable by
the dnsmasq process under normal unix access-control rules is
available via TFTP. When the --tftp-secure flag is given, only files
owned by the user running the dnsmasq process are accessible. If
dnsmasq is being run as root, different rules apply: --tftp-secure
has no effect, but only files which have the world-readable bit set
are accessible. It is not recommended to run dnsmasq as root with
TFTP enabled, and certainly not without specifying --tftp-root. Doing
so can expose any world-readable file on the server to any host on
the net.

Are you using this option?

2) When you were testing and running it manually, were you setting
command-line options or were you simply using the options in
"/etc/dnsmasq.conf" like the systemd unit?

Re: question regarding the future

[Tom H]

On Fri, May 3, 2019 at 5:59 PM Mark Rousell  wrote:
> On 03/05/2019 08:19, Tom H wrote:
>>
>> Red hat can limit access to its source RPMs to its paying customers
>> and prevent free rebuilds
>
> Although Red Hat have an extensive end user licence agreement, it is
> generally accepted that no terms in such an EULA can extinguish the
> software licence terms under which copyright holders have chosen to
> distribute heir software. In this case that is the GPL and both Red
> Hat and myself are bound by it.

If you violate the RH EULA, it can and will prevent you from accessing
RPMs and SRPMs to upgrade your installation.

But, as i said earlier, I doubt that RH'll go down that route because
it gains from having a free version.

I suspect that it's more likely that IBM decides that it's wasteful to
have a team re-brand RHEL and rebuild it, and chooses to follow the
Ubuntu model whereby RHEL would be free, with support licenses
available.

Re: question regarding the future

[Tom H]

On Wed, May 1, 2019 at 11:17 PM David Sommerseth
 wrote:


> First of all, it is Red Hat (two words) :)

Yes!

:)


> But I don't really understand this Red Hat scepticism.

Anti-corporate world attitude?


> What would Red Hat, even from a commercial standpoint, win by
> crippling CentOS or its open source efforts in any way? Yes, what
> Red Hat does costs money, but they also earn money on exactly what
> they do. I don't think Red Hat's biggest fear is that CentOS will
> "overtake" RHEL. I would suspect Red Hat biggest fear is users
> moving *away* from the RHEL universe, moving to other non-RHEL based
> distributions, that the mindset changes to be something else than
> RHEL - because migration from SL/CentOS to RHEL is simpler and
> smoother than any other distro. I would expect Red Hat to be far
> more concerned about users moving towards SUSE, Debian or Ubuntu.
> Nowadays in the container oriented world, even Alpine Linux might be
> a growing concern. And just because of this, it would be little
> market gain to "experiment" with CentOS and risk upsetting its
> users.
>
> I've lost count how big Red Hat has grown, but they're at least
> somewhere in the 12-15k people today. The vast majority here are
> geeks who embraces open source development. The company markets open
> source as its key motivation. Even Jim Whitehurst runs Fedora on
> his home computers (unless something has changed the last few
> years). If Red Hat does a bad move, I would expect quite an uproar
> inside the company as well. Keyword here is: memo-list [0].
>
> And *if* Red Hat messes up CentOS ... what do you think would
> happen? Red Hat can't shut-off complete access to the source code
> RHEL/CentOS requires.

Red hat can limit access to its source RPMs to its paying customers
and prevent free rebuilds, but it's not in its interest to do so.
CentOS gives Red Hat's customers a large pool of RHEL-compatible
sysadmins.

Re: IPv6 DUID

[Tom H]

On Fri, Jan 4, 2019 at 2:44 PM Stephen Berg (Code 7309)
<08e536c5aab1-dmarc-requ...@listserv.fnal.gov> wrote:
>
> Is there a file that contains, or command that will display, the DUID a
> system is using when communicating to a DHCPv6 server?  I need to know
> what the DUID is so I can set a static reservation for the client but
> I've not been able to figure out the DUID for a given system until after
> it gets a dynamic address.

I don't use dhcp or ipv6 but wouldn't the DUID be in the lease file,
under "/var/lib/dhcp/" or "/var/lib/dhclient/"?

Re: Re [EXTERNAL] kernel/firmware update made computer inaccessible

[Tom H]

On Sat, Feb 24, 2018 at 8:20 AM, Steve Talbott
 wrote:
> Miles O'Neal wrote:
>>
>> I would look into a new video driver. Which driver were you using?
>
> Nouveau, last updated a year ago in January. I have now found this in the
> 7.4 release notes (should have looked before!):
>
> "The default DDX driver has changed to be xf86-video-modesetting.
> The previous defaults were xf86-video-nouveau (Nvidia hardware)
> and xf86-video-intel (Intel hardware)."
>
> Sorry for my ignorance, but is there a way at the boot command to
> restore the old default? Or some other better approach?

Please bottom-post.

Not at boot but, if "xorg-x11-drv-intel-..." is still installed, you
can create an X snippet in "/etc/X11/xorg.conf.d/" to specify that
"intel_drv.so" be loaded.

FYI, Ubuntu switched almost two years ago. Post by maintainer:

https://tjaalton.wordpress.com/2016/07/23/intel-graphics-gen4-and-newer-now-defaults-to-modesetting-driver-on-x/

Re: Tip: when your terminal gets all screwed up

[Tom H]

On Sat, Nov 11, 2017 at 1:34 PM, jdow <j...@earthlink.net> wrote:
> On 2017-11-11 04:26, Tom H wrote:
>>
>> So it should be:
>>
>> PS1="\[\e[0m\][\u@\h:\l \w]\$ "
>
> Maybe. I got silly and experimented.
>
> PS1="\[\e[1m\][\u@\h:\l \w]\$ "
> and
> PS1="\e[1m[\u@\h:\l \w]\$ "
> and
> PS1="\e[1m[\\u@\\h:\\l \\w]\$ "
>
> all produce the same thing, which leaves the issue even more confused
> than when we started.

That's unsurprising because they're all the same (you're setting all
your text to bold, including what you type).

Re: Tip: when your terminal gets all screwed up

[Tom H]

On Sat, Nov 11, 2017 at 9:30 AM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Sat, Nov 11, 2017 at 8:10 AM, Tom H <tomh0...@gmail.com> wrote:


> [ Hundreds of lines of fine-tuning prompt manipulation code and theory
> snipped, especially involving quote handling ]

Hundreds?!

Hopefully someone find them useful!


> And *this* is why I ignore it all and just use "stty sane" when my
> console gets confused.

"ssty sane"
"reset"
"printf \033c"

Prefixed with a linefeed ("ctrl-j") so as to ensure that the actual
command doesn't start with any of the previous garbage.

Re: Tip: when your terminal gets all screwed up

[Tom H]

On Fri, Nov 10, 2017 at 10:15 PM, Steven Haigh  wrote:
>
> For what its worth, I've been using this for years:
> PS1="\[\033[01;37m\]\$? \$(if [[ \$? == 0 ]]; then echo \"\[\033[01;32m\]
> \342\234\223\"; else echo \"\[\033[01;31m\]\342\234\227\"; fi) $(if [[ ${EUID}
> == 0 ]]; then echo '\[\033[01;31m\]\h'; else echo '\[\033[01;32m\]\u@\h'; fi)\
> [\033[01;34m\] \w \$\[\033[00m\] "

If you use single-quotes for PS1, you can use unescaped double-quotes
and dollar signs within it. It makes it more legible:

PS1='\[\033[01;37m\]$? $(if [[ $? == 0 ]]; then echo
"\[\033[01;32m\]\342\234\223"; else echo
"\[\033[01;31m\]\342\234\227"; fi) $(if [[ ${EUID} == 0 ]]; then echo
"\[\033[01;31m\]\h"; else echo "\[\033[01;32m\]\u@\h";
fi)\[\033[01;34m\] \w \$\[\033[00m\] '

You might be better off using "printf" (it's a bash builtin) because
"echo" might not interpret escapes depending on the bash or shell
options that are set.

Re: Tip: when your terminal gets all screwed up

[Tom H]

On Fri, Nov 10, 2017 at 7:21 PM, jdow  wrote:
> On 2017-11-10 15:14, ToddAndMargo wrote:
>>
>> Ever cat a binary file by accident and your
>> terminal gets all screwed up.
>>
>> I had a developer on the Perl 6 chat line give me
>> a tip on how to unscrew your terminal and set it
>> back to normal. (He way helping me do a binary
>> read from the keyboard.)
>>
>> stty sane^j
>>
>> Note: it is , not "enter".
>
> Make "\033]0;" the first bit of your prompt. Never
> worry about it again.
>
> ESC-0 sets the terminal to have no attribute bits
> set. So it clears funny display. I've had that as
> a standard part of my prompts for decades, even
> back in the CP/M days.

It's "\033[0m" that resets attributes not "\033]0;".

"\033]0;" sets the xterm window title and the xterm icon name to the
text that follows (up until "\007").

Re: Unknown tag: Recommends: yelp ???

[Tom H]

On Tue, Nov 7, 2017 at 6:11 AM, ToddAndMargo  wrote:
>
> SL 7.4
>
> What am I doing wrong?
>
> $ rpmbuild --rebuild simple-scan-3.26.1-1.fc27.src.rpm
> Installing simple-scan-3.26.1-1.fc27.src.rpm
> ...
> error: line 25: Unknown tag: Recommends: yelp
>
> $ rpm -qa yelp\*
> yelp-3.22.0-1.el7.x86_64
> yelp-xsl-3.20.1-1.el7.noarch
> yelp-libs-3.22.0-1.el7.x86_64
> yelp-tools-3.18.0-1.el7.noarch

Fedora has introduced weak dependencies, "recommends" and "suggests",
like Debian/Ubuntu/etc.

You can either remove the "recommends" or change it/them to
"requires", with the latter solution being the safer one.

Re: software raid after the fact?

[Tom H]

On Sun, Aug 20, 2017 at 12:19 AM, ToddAndMargo <toddandma...@zoho.com> wrote:
> On 08/19/2017 05:04 AM, Tom H wrote:
>> On Fri, Aug 18, 2017 at 8:46 PM, ToddAndMargo <toddandma...@zoho.com>
>> wrote:
>>>
>>> Is there a way to create software raid 1 after the fact?
>>> Meaning, you already installed SL on a stand alone drive.
>>
>> https://raid.wiki.kernel.org/index.php/Converting_an_existing_system
>
> Awesome. Thank you!

You're welcome.

Re: software raid after the fact?

[Tom H]

On Fri, Aug 18, 2017 at 8:46 PM, ToddAndMargo  wrote:
>
> Is there a way to create software raid 1 after the fact?
> Meaning, you already installed SL on a stand alone drive.

https://raid.wiki.kernel.org/index.php/Converting_an_existing_system

Re: tip: Secondary Selection clipboard

[Tom H]

On Tue, Jun 27, 2017 at 8:19 AM, Andrew C Aitchison
<and...@aitchison.me.uk> wrote:
> On Tue, 27 Jun 2017, Tom H wrote:
>> On Tue, Jun 20, 2017 at 4:38 PM, ToddAndMargo <toddandma...@zoho.com>
>> wrote:
>>>
>>> I have been using UNIX and Linux for over 25 years and did not
>>> realize X11 has four clipboards. I recently discovered the Secondary
>>> Selection keyboard.
>>>
>>> It really saves a bunch of time when I am programming as I don't
>>> lose my cursor's hot spot.
>>>
>>> Here is a great 8 minute video demonstrating all four clipboards. It
>>> is must learn for anyone using Linux.
>>>
>>> http://www.cs.man.ac.uk/~chl/Secondary-Selection.mp4
>>>
>>> To support this clipboard, your program has to use the GTK Toolkit.
>>
>> Thanks. I didn't know about this secondary clipboard. I've just tried
>> it on my laptop running Ubuntu 17.10 but it didn't work. I suspect
>> that it's been deep-sixed in Gnome Shell and Unity.
>
> I was interested in the secondary clipboard too, and looked at
> http://www.cs.man.ac.uk/~chl/secondary-selection.html which makes
> clear that this is not a standard gtk feature; there are experimental
> modified gtk3 libraries which support secondary selection (no source
> yet).
>
> gtk3 means it doesn't run on SL6, so I haven't been able to explore further.

The author of "Secondary-Selection.mp4" asked about it on the gtk
development list

https://mail.gnome.org/archives/gtk-devel-list/2016-August/msg00036.html

and the answer was

https://mail.gnome.org/archives/gtk-devel-list/2016-August/msg00037.html

Part of the response:

We still (optionally) support the PRIMARY selection on the X11 backend,
and some compatibility layer for it on Wayland, but we have no plans on
adding support for the SECONDARY selection, as it's both barely
specified and, like the PRIMARY, highly confusing for anybody who is not
well-versed in 20+ years of use of textual interfaces on the X Windows
System. Personally, I would have jettisoned the PRIMARY selection a long
time ago as well, but apparently a very vocal minority is still holding
tight to that particular Easter egg. Adding support for the even more
esoteric SECONDARY selection on the X11 backend when we're trying to
move the Linux world towards the more modern and less legacy-ridden
Wayland display system would be problematic to say the least, and an ill
fit for the majority of graphical user experiences in use these days.

Re: tip: Secondary Selection clipboard

[Tom H]

On Tue, Jun 27, 2017 at 8:13 AM, Ken Teh <t...@anl.gov> wrote:
> On 06/27/2017 06:23 AM, Tom H wrote:
>> On Tue, Jun 20, 2017 at 4:38 PM, ToddAndMargo <toddandma...@zoho.com>
>> wrote:
>>>
>>> I have been using UNIX and Linux for over 25 years and did not
>>> realize X11 has four clipboards. I recently discovered the Secondary
>>> Selection keyboard.
>>>
>>> It really saves a bunch of time when I am programming as I don't
>>> lose my cursor's hot spot.
>>>
>>> Here is a great 8 minute video demonstrating all four clipboards. It
>>> is must learn for anyone using Linux.
>>>
>>> http://www.cs.man.ac.uk/~chl/Secondary-Selection.mp4
>>>
>>> To support this clipboard, your program has to use the GTK Toolkit.
>>
>> Thanks. I didn't know about this secondary clipboard. I've just tried
>> it on my laptop running Ubuntu 17.10 but it didn't work. I suspect
>> that it's been deep-sixed in Gnome Shell and Unity.
>
> Haha. I've been on fedora for almost a year and learning to unlearn
> everything I've learnt about Unix and X11 over 25 years.

Everything changes all the time... The wayland developers had intended
to drop the primary selection but they've had to reverse course:

https://wiki.gnome.org/Initiatives/Wayland/PrimarySelection

Re: tip: Secondary Selection clipboard

[Tom H]

On Tue, Jun 20, 2017 at 4:38 PM, ToddAndMargo  wrote:
>
> I have been using UNIX and Linux for over 25 years and did not realize
> X11 has four clipboards. I recently discovered the Secondary Selection
> keyboard.
>
> It really saves a bunch of time when I am programming as I don't lose
> my cursor's hot spot.
>
> Here is a great 8 minute video demonstrating all four clipboards. It
> is must learn for anyone using Linux.
>
> http://www.cs.man.ac.uk/~chl/Secondary-Selection.mp4
>
> To support this clipboard, your program has to use the GTK Toolkit.

Thanks. I didn't know about this secondary clipboard. I've just tried
it on my laptop running Ubuntu 17.10 but it didn't work. I suspect
that it's been deep-sixed in Gnome Shell and Unity.

Re: 7.4

[Tom H]

On Mon, Jun 19, 2017 at 6:18 PM, ToddAndMargo <toddandma...@zoho.com> wrote:
> On 06/19/2017 05:12 AM, Tom H wrote:
>> On Mon, Jun 19, 2017 at 12:16 AM, ToddAndMargo <toddandma...@zoho.com>
>> wrote:
>>>
>>> Any rumors on when 7.4 will hit SL?
>>
>> Why are you always so keen about dot-releases?
>
> Because when Red Hat fixed my bug reports, they always fix
> it in the next release. They don't care about the one I
> am using. It is appreciated that they fix them, although
> somewhat frustrations that I have to wait forever to see them.

Yes, non-critical bug fixes are published at dot-release time :(

You can enable the "fastbugs" repo to try to get them earlier; but
only closer to release time. RHEL 7.3 was released in Nov and SL 7.3
was released in Jan so it's going to take a few months.

Re: 7.4

[Tom H]

On Mon, Jun 19, 2017 at 12:16 AM, ToddAndMargo  wrote:
>
> Any rumors on when 7.4 will hit SL?

Why are you always so keen about dot-releases?

Do you perform installs for every dot-release or are you using
versioned yum repos (the latter doesn't make sense if you always
switch to the latest dot-release)?

Re: [SCIENTIFIC-LINUX-USERS] RAID 6 array and failing harddrives

[Tom H]

On Tue, Apr 11, 2017 at 4:30 AM, Jose Marques  wrote:
>> On 10 Apr 2017, at 18:23, David Sommerseth  
>> wrote:
>>
>> But I'll give you that Oracle is probably a very different beast on
>> the legal side and doesn't have a too good "open source karma".
>
> ZFS on Linux is based on OpenZFS
> (). Oracle has no input into its
> development as far as I can tell.

I'm not sure that David S is referring to. Sun open-sourced zfs and it
was at zpool version 28 when Oracle closed-sourced it. So the cat's
out of the bag up to v28. But the Solaris version's currently 36
(IIRC) and, in openzfs, you can enable extra, post-v28 features on a
case by case basis.

[Someone said up-thread that you couldn't expand a pool (or add disks
to a pool). That's incorrect. You can add a same-type vdev to a pool.]

Re: RAID 6 array and failing harddrives

[Tom H]

On Mon, Apr 10, 2017 at 1:23 PM, David Sommerseth
<sl+us...@lists.topphemmelig.net> wrote:
> On 10/04/17 09:15, Tom H wrote:
>>
>> zfs'll never be in-tree for licensing reasons.
>
> Well, "never" might be a too strong word. Stranger things have
> happened, like Microsoft embracing Linux and open source; even
> starting to open up some of their closed projects as open source ;-)
>
> But I'll give you that Oracle is probably a very different beast on
> the legal side and doesn't have a too good "open source karma".

No one can see Oracle changing the zfs license to one that's
gpl-compatible. The cddl is supposed to be gpl-incompatible by design.

Re: Examples of customized grub2 configuration files?

[Tom H]

On Sun, Apr 9, 2017 at 9:26 PM, Keith Lofstrom <kei...@kl-ic.com> wrote:
> On Mon, Apr 3, 2017 at 5:26 PM, Keith Lofstrom <kei...@kl-ic.com> wrote:
>>
>> I'm looking for examples (with explanatory comments) of customized
>> configuration files to use in the /etc/grub.d directory, somewhere
>> out there on the intertubes.
>
> On Thu, Apr 06, 2017 at 01:52:30AM -0400, Tom H wrote:
>>
>> If you set "GRUB_DISABLE_RECOVERY=false" in "/etc/default/grub", the
>> boot submenu will have single-user entry for every kernel.
>>
>> If you set "GRUB_DISABLE_RECOVERY=false" and "GRUB_DISABLE_SUBMENU=y"
>> in "/etc/default/grub", the menu will have single-user entry for
>> every kernel.
>
> Thanks, that was enough to develop a solution.
>
> I wrote up what I did here:
>
> http://wiki.keithl.com/grub2single

:)

Except for the fact that "GRUB_DISABLE_SUBMENU=true|false" won't have
any effect.

It has to be "GRUB_DISABLE_SUBMENU=y" for the submenu not to be created.

GRUB_DISABLE_SUBMENU was created by the Fedora grub maintainer and
neither he nor whoever committed his patch upstream thought of turning
his "y"/"whatever" into the usual "true"/"false".

Re: nmcli question

[Tom H]

On Sat, Apr 8, 2017 at 10:59 PM, Nico Kadel-Garcia  wrote:
> On Sat, Apr 8, 2017 at 5:36 PM, ~Stack~  wrote:


>> I will spare the details, but suffice to say I am in a position where
>> after many years knowing the 'network' commands I've been tasked to
>> learn nmcli much better than I do now. This is all on SL7.
>
> Oh, you poor beggar. I feel your pain. Notes that I published years
> ago for CentOS 5 and CentOS 6 pair bonding just went obsolete, in
> completely undocumented and unintelligible ways, with upstream RHEL 7
> and Fedora's fascination with "NetworkManager" instead of anything
> stable or scriptable. I feel your pain a *lot*.

You follow federo-devel@, so you must've seen one/two/three years a
post by one of the RH developers who works on the core packages of
Fedora saying that they didn't want to keep on maintaining the scripts
in "/etc/sysconfig/network-scripts/". Between that lack of interest
and the desire to have the network be handled dynamically by a daemon,
it wouldn't be surprising if a future RHEL8 or RHEL9 drops the
"/etc/sysconfig/network-scripts/" infrastructure.

It's unfortunate that distributions have always had an NIH attitude to
network management (other than NM and systemd-networkd). From the ones
that I use:

- Debian and Ubuntu have "/etc/init.d/networking", "/etc/network/*",
and "/sbin/if{up,down}" (the latter being compiled executables)

- Fedora and RHEL have "/etc/rc.d/init.d/network" and
/etc/sysconfig/network-scripts/*"

- Funtoo has "/etc/init.d/netif.tmpl", "/etc/netif.d/*", and
"/etc/conf.d/netif."

- Gentoo has "/etc/init.d/net.lo", "/lib/netifrc", and "/etc/conf.d/net"

- Slackware has "/etc/rc.inet{1,2}" IIRC (I had to manage some
Slackware servers for a few months two years ago so I might be
misremembering the script names)

:(


>> I've been reading documents, building and tearing down networks for
>> hours, and trying to put into practice what I'm learning (still a long
>> way to go; haven't touched the infiniband parts yet). Something keeps
>> coming up in documentation that bothers me.
>>
>> Here is an example of one of *many* documents:
>> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide/sec-Network_Configuration_Using_sysconfig_Files.html
>>
>> They mention taking down a network with:
>> $ nmcli dev disconnect interface-name
>>
>> but bringing it up with:
>> $ nmcli con up interface-name
>>
>> That is so infuriating to me. Why use different sub-commands? Especially
>> when there exist subcommands in the same context? Why not do this?
>> $ nmcli dev disconnect interface-name
>> $ nmcli dev connect interface-name
>
> Because they're trying to weld NetworkManagers's graphical interface,
> on top of poorly integrated command line interface, on top of the
> actual underlying bash scripts that do the real work. It's Fugly Out
> There(tm).

"nmcli conn ..." is for managing a network connection (ip addresses,
routes, nameservers, bonding/bridging/tagging) so you can bring down
the connection with "nmcli conn down ...".

The difference between "nmcli conn down ..." and "nmcli dev disconn
..." is that the latter prevents the connection from being
auto-activated.


> In case it's unclear I am *not* happy with NetworkManager for servers
> or stable environments. Laptops that have to wander from environment
> to environment need multiple VPN's, yeah, OK, I can see having a more
> complex tool. But for a VM? Or a server?

The lead NM developer's replied to you on fedora-devel@ or
fedora-user@ in the past that he and his fellow NM developers have
worked hard to add to NM configuration options for complex server
setups as well as a cli tool for managing settings. Sadly, NM seems to
be a project that can do nothing right in the eyes of its users even
though it's left the flakiness of its early years behind.


> I'd like to introduce you to wone of my favorite settins for
> /etc/sysconfig/network-scripts/ifcfg-* files, or even for
> /etc/sysconfig/network, or if you feel really paranoid, /etc/profile.
>
> NM_CONTROLLED=no
>
> Turn *off* NetworkManager manipulation for anything that doesn't need it.

I prefer to delete ifcfg-* files and use NM keyfiles. For a bridge:

# cd /etc/NetworkManager/system-connections

# cat bridge0-master
[connection]
id=bridge0-master
type=bridge
uuid=84eaf7e7-a020-481b-9709-28892d61701c
[bridge]
interface-name=bridge0
stp=false
[ipv6]
...
[ipv4]
...

# cat bridge0-en0
[802-3-ethernet]
mac-address=28:d2:44:0e:2f:53
[connection]
id=bridge0-en0
master=84eaf7e7-a020-481b-9709-28892d61701c
slave-type=bridge
type=802-3-ethernet
uuid=0617b1c0-becb-4921-905b-a70d2e61e12d

That way there's no confusion between the use of "network.service"
config files and "NetworkManager.service" config files. And there's no
need to learn nmcli commands.


>> Or even this?
>> $ nmcli con down interface-name
>> $ nmcli con up interface-name
>>
>> As far as I can tell, they are both 

Re: RAID 6 array and failing harddrives

[Tom H]

On Thu, Apr 6, 2017 at 5:01 PM, David Sommerseth
 wrote:


> I would never run btrfs on *any* production server, regardless of
> currently available kernel versions. Because it is not deemed ready
> for production yet. For testing I would be willing to experiment with
> it, as there I can tolerate data loss. But never ever in production.

It's being used in production at Facebook and in Oracle Linux and SUSE Linux.

I don't know how SUSE does it but Oracle Oracle has kernel and
kernel-uek packages. The kernel package is the same as SL's and the
kernel-uek package provides a more recent kernel that goes
hand-in-hand with the more recent btrfs tools.


>> But the "kmod" release of ZFS seems to work well enough. I do have to
>> disable automatic kernel updates, but that may be wise in some
>> configurations anyway, YMMV.
>
> By all means, if you feel confident you will get the needed help
> sorting out issues you hit on ZFS, go ahead. I would never do that,
> even for ZFS. Once Red Hat enabling ZFS on a kernel where it is native
> in the upstream kernel, not being labelled tech-preview - that day I
> will consider ZFS for production. If btrfs reaches this stage earlier,
> then I will consider btrfs instead.

As I said in a previous email, zfs isn't going to be in-tree (unless,
of course, Oracle changes its license...).

Other than having installed Ubuntu on btrfs twice in a VM and played
around with it, my knowledge of btrfs comes from gentoo-user@. Two
things stand out from those threads. The btrfs developers seem to be
more interested in adding features than in stability (in the words of
committed btrfs users; more interested in features doesn't mean that
stability is ignored) and, except for one or two kernels where there
were regressions, every new iteration seems to bring better stability.


> For me, the safest option _now_ is mdraid + LVM + XFS/ext4. Which
> combined is somewhat closer (but not directly comparable) to the
> features I like in both btrfs and ZFS. In addition, I know and
> understand the toolset needed for mdraid + LVM + XFS/ext4 fairly well,
> so I don't have to spend much extra time figure out the tooling if
> something bad happens. But I'm also not going to spend time learning
> btrfs/zfs tooling until it begins to be ready for production use.

Not quite. Unlike btrfs, zfs is stable but it doesn't fulfill your
in-tree criterion...

Re: RAID 6 array and failing harddrives

[Tom H]

On Thu, Apr 6, 2017 at 8:15 AM, David Sommerseth
<sl+us...@lists.topphemmelig.net> wrote:
> On 06/04/17 10:54, Tom H wrote:
>> On Wed, Apr 5, 2017 at 5:50 AM, David Sommerseth
>> <sl+us...@lists.topphemmelig.net> wrote:
>>>
>>> ZFS looks great, so does btrfs - on the paper. But until ZFS is native
>>> in Linux or btrfs stabilizes on the same level as ext4 and XFS, I'm
>>> not going that path for production environments.
>>
>> What do you mean by "native?"
>>
>> The upstream deb and rpm files use dkms (as well as kmod for RHEL and
>> clones) and Ubuntu ships zfs pre-compiled. This is "native" in my
>> book.
>>
>> I've used and am using zfs in production on Linux and it's good and stable.
>
> My meaning of "native" is that it is included in the upstream Linux
> kernel, not a side-loaded product/project/kernel module.

Thanks. I read a later email in which you said that.

zfs'll never be in-tree for licensing reasons.

Re: RAID 6 array and failing harddrives

[Tom H]

On Wed, Apr 5, 2017 at 5:50 AM, David Sommerseth
 wrote:
>
> ZFS looks great, so does btrfs - on the paper. But until ZFS is native
> in Linux or btrfs stabilizes on the same level as ext4 and XFS, I'm
> not going that path for production environments.

What do you mean by "native?"

The upstream deb and rpm files use dkms (as well as kmod for RHEL and
clones) and Ubuntu ships zfs pre-compiled. This is "native" in my
book.

I've used and am using zfs in production on Linux and it's good and stable.

Re: Examples of customized grub2 configuration files?

[Tom H]

On Mon, Apr 3, 2017 at 6:19 PM, Konstantin Olchanski  wrote:


> Hi, you may find it easier to do the work using the SYSLINUX/EXTLINUX
> boot loader.
>
> In my experience, it takes less time to learn how to use syslinux from
> zero, compared to doing anything at all non-standard in grub/grub2.

If I don't use grub, I use lilo on BIOS and systemd-boot on EFI. They
have fewer files and complications under "/boot".


> And with grub2 even having custom order of boot entries is now
> non-standard.
>
> This is addition to all the cases where grub/grub2 just plain does not
> work (gives you a blank screen, or tells you that existing files do
> not exist, or goes to the wrong disk, or in one case corrupted the
> CMOS settings, and etc of course).

grub2's quite flexible, unless you want to change the actual
labels/names of the menu entries.

These are the variables that you can set in "/etc/default/grub"

GRUB_ACTUAL_DEFAULT
GRUB_BACKGROUND
GRUB_BADRAM
GRUB_BUTTON_CMOS_ADDRESS
GRUB_BUTTON_CMOS_CLEAN
GRUB_CMDLINE_GNUMACH
GRUB_CMDLINE_LINUX
GRUB_CMDLINE_LINUX_DEFAULT
GRUB_CMDLINE_LINUX_XEN_REPLACE
GRUB_CMDLINE_LINUX_XEN_REPLACE_DEFAULT
GRUB_CMDLINE_NETBSD
GRUB_CMDLINE_NETBSD_DEFAULT
GRUB_CMDLINE_XEN
GRUB_CMDLINE_XEN_DEFAULT
GRUB_DEFAULT
GRUB_DEFAULT_BUTTON
GRUB_DEVICE
GRUB_DEVICE_BOOT
GRUB_DEVICE_BOOT_UUID
GRUB_DEVICE_UUID
GRUB_DISABLE_LINUX_UUID
GRUB_DISABLE_OS_PROBER
GRUB_DISABLE_RECOVERY
GRUB_DISABLE_SUBMENU
GRUB_DISTRIBUTOR
GRUB_ENABLE_CRYPTODISK
GRUB_FONT
GRUB_FS
GRUB_GFXMODE
GRUB_GFXPAYLOAD_LINUX
GRUB_HIDDEN_TIMEOUT
GRUB_HIDDEN_TIMEOUT_BUTTON
GRUB_HIDDEN_TIMEOUT_QUIET
GRUB_INIT_TUNE
GRUB_OS_PROBER_SKIP_LIST
GRUB_PRELOAD_MODULES
GRUB_RECORDFAIL_TIMEOUT
GRUB_RECOVERY_TITLE
GRUB_SAVEDEFAULT
GRUB_SERIAL_COMMAND
GRUB_TERMINAL_INPUT
GRUB_TERMINAL_OUTPUT
GRUB_THEME
GRUB_TIMEOUT
GRUB_TIMEOUT_BUTTON
GRUB_TIMEOUT_STYLE
GRUB_TIMEOUT_STYLE_BUTTON
GRUB_VIDEO_BACKEND

I have a Debian testing VM where I've run "chmod -x /etc/grub.d/*" and
created the following "/etc/grub.d/90-grub":

#!/bin/sh

cat <

Re: Examples of customized grub2 configuration files?

[Tom H]

On Mon, Apr 3, 2017 at 5:26 PM, Keith Lofstrom  wrote:
>
> I'm looking for examples (with explanatory comments) of
> customized configuration files to use in the /etc/grub.d
> directory, somewhere out there on the intertubes.
>
> Specifically, what I hope to add is a "11_single" file
> to /etc/grub.d that adds a boot menu option for booting
> the most recent kernel in single user mode.
>
> Yes, I know I can select a menu entry with "e", and
> then edit "SINGLE" onto the end of the kernel line.

If you set "GRUB_DISABLE_RECOVERY=false" in "/etc/default/grub", the
boot submenu will have single-user entry for every kernel.

If you set "GRUB_DISABLE_RECOVERY=false" and "GRUB_DISABLE_SUBMENU=y"
in "/etc/default/grub", the enu will have single-user entry for every
kernel.

Re: [solved] Re: Copying a system: no login possible

[Tom H]

On Tue, Mar 21, 2017 at 9:50 AM, Lars Behrens <lars.behr...@kit.edu> wrote:
> Am 21.03.2017 um 14:14 schrieb Tom H:


>> It's probably a relabel issue.
>>
>> You can either run, while chrooted, "touch ./autorelabel" (and the
>> relabel will happen at reboot) or "fixfiles relabel" (and the relabel
>> will happen within the chroot).
>
> Thanks a lot Tom and Mark,

You're welcome.


> relabeling did it.
>
> Will have a look in the docs what exactly has been going on there :)

You need to use a copy method that preserves labels; cp/star/tar.

Re: Copying a system: no login possible

[Tom H]

On Tue, Mar 21, 2017 at 9:05 AM, Nico Kadel-Garcia  wrote:
> On Tue, Mar 21, 2017 at 7:49 AM, Lars Behrens  wrote:
>>
>> * copy the origin to mounted target device
>
> How did you "copy the system"? Tar, for example, does not carry along
> SELinux permissions. The "star" tool can.

tar has an "--selinux" option.

AFAIR, star doesn't preserve contexts in SL5 but it does in SL7 (I
can't remember whether the SL6 version does); there is an xattr option
for doing so.

cpio and rsync don't preserve labels (if the OP used them) but "cp -a" does.

Re: Copying a system: no login possible

[Tom H]

On Tue, Mar 21, 2017 at 7:49 AM, Lars Behrens  wrote:
>
> After copying a system like I have done a million times before (but only
> with debianic, suse or arch systems) by
>
> * starting a live system on the target
> * copy the origin to mounted target device
> * chroot afterwards
> * adapt /etc/fstab and hosts/hostname files
> * install and config grub.
>
> after reboot I cannot log in to the resulting system neither as root nor
> as user.
>
> When I set selinux to permissive it works. So I am missing some basic thing.

It's probably a relabel issue.

You can either run, while chrooted, "touch ./autorelabel" (and the
relabel will happen at reboot) or "fixfiles relabel" (and the relabel
will happen within the chroot).

Re: Is there a qemu-kvm forum?

[Tom H]

On Sat, Mar 4, 2017 at 5:37 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Sat, Mar 4, 2017 at 3:44 PM, Tom H <tomh0...@gmail.com> wrote:
>> On Sat, Mar 4, 2017 at 2:06 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
>>> On Sat, Mar 4, 2017 at 4:52 AM, Tom H <tomh0...@gmail.com> wrote:
>>>>
>>>> https://www.redhat.com/mailman/listinfo/libvirt-users
>>>
>>> There is also a very active "centos-virt" mailing list
>>
>> For CentOS users
>
> I've done some casual testing with their repo for Xen tools. It seems
> to play well with Scientific Linux.

I meant using the list not the RPMs. I suspect that the RPMs would work on SL.

Re: Is there a qemu-kvm forum?

[Tom H]

On Sat, Mar 4, 2017 at 2:06 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Sat, Mar 4, 2017 at 4:52 AM, Tom H <tomh0...@gmail.com> wrote:
>>
>> https://www.redhat.com/mailman/listinfo/libvirt-users
>
> There is also a very active "centos-virt" mailing list

For CentOS users

Re: Is there a qemu-kvm forum?

[Tom H]

On Fri, Mar 3, 2017 at 7:55 PM, ToddAndMargo  wrote:
>
> I have a Windows 10 PE fash drive that won't fully start (stops at the
> blue window logo before the Annoy Balls start circling). The drive
> will boot natively. I am stumped.
>
> Google is failing me here. Is there a qemu-kvm forum hiding out there
> somewhere?

If you're using libvirt

https://www.redhat.com/mailman/listinfo/libvirt-users

Re: Integration with Apple iPad 2 air

[Tom H]

On Sun, Jan 15, 2017 at 10:30 PM, Yasha Karant  wrote:
>
> Are there any email apps, preferably licensed for free and not
> requiring an additional service, that will connect to arbitrary MAP
> servers and provide anything close to a Thunderbird email client
> end-user experience?

Isn't the iOS "Mail" app's interface close enough to Thunderbird's?
(It handles IMAP and POP3.)

Re: Adventures with 7.2

[Tom H]

On Tue, Jan 3, 2017 at 3:11 PM, jdow  wrote:
> On 2017-01-03 09:56, David Sommerseth wrote:
>>
>> Remember that firewalld provides an API over D-Bus for dynamic
>> firewall updates, so this is kind of to "seal" the configuration
>> without breaking any component depending on manipulating the firewall
>> as the system is running. NetworkManager and libvirt are two
>> components which adjusts the firewall on-the-fly, depending on which
>> network you're connected to or which VMs have been started, and so on.
>
> That still leaves me mumbling and led me down a midget rabbit hole.
> The "iptables" command is 777 root root system_u:object_r:bin_t:s0;
> but, that's OK. It's a link - to xtables-multi, which is rwxr-xr-x.
> root root system_u:object_r:iptables_exec_t:s0. Waitaminit says I to
> meself. (or is it me to iself? Whatever) Let's give that a try The
> results are reassuring:
> ===8<---
> [jdow@whereever ~]$ xtables-multi iptables -L -v
> iptables v1.4.21: can't initialize iptables table `filter': Permission
> denied (you must be root)
> Perhaps iptables or your kernel needs to be upgraded.
> ===8<---
> I guess the ancient philosophy of one task one command is passe' and
> now a monstrosity like xtables-multi finds itself masquerading as
> iptables and about a dozen other things.

/usr/sbin/iptables-restore
/usr/sbin/iptables-save
/usr/sbin/iptables
/usr/sbin/ip6tables-restore
/usr/sbin/ip6tables-save
/usr/sbin/ip6tables

are symlinks to "/usr/sbin/xtables-multi" because it's a multi-call
binary, like busybox.

There are others.

Off the top of my head, dnsdomainname, domainname, nisdomainname,
ypdomainname are symlinks to hostname; halt, poweroff, reboot,
shutdown are symlinks to systemctl; view is a symlink to vi; etc.

It's normal for "iptables" to fail if you call it as jdow; but if you
have polkit installed, "pkexec iptables" might work (depending on your
polkit policies; "sudo ..." and "su -c ..." will work if you're
authorized).

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 5:06 PM, jdow <j...@earthlink.net> wrote:
> On 2017-01-02 08:47, Tom H wrote:
>> On Mon, Jan 2, 2017 at 6:42 AM, jdow <j...@earthlink.net> wrote:
>>> On 2017-01-02 01:35, David Sommerseth wrote:


>>>> Anaconda is the installer. To be honest, I've never understood why
>>>> anaconda needs to be installed on a final production server. The
>>>> production boxes I have where firewalld is uninstalled also have no
>>>> anaconda installed. And these boxes do get their proper updates
>>>> through yum regardless.
>>>
>>> It's not involved with system maintenance past the initial
>>> installation? I had the impression it was intimately involved with
>>> the system's overall configuration including updates. But, I must
>>> admit that it's not something I have dug into in any serious way.
>>> Thanks for the suggestion. I'll keep this option in mind. This is
>>> good to know.
>>
>> I don't have anaconda installed on any RHEL or RHEL clone system -
>> and never have.
>
> So I erased it with this fascinating transaction report excerpt:
>
> Running transaction
>   Erasing: initial-setup-gui-0.3.9.30-1.el7.x86_64
> 1/7
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/gui/spokes/eula.pyo: remove
> failed: No such file or directory
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/gui/spokes/eula.pyc: remove
> failed: No such file or directory
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/gui/spokes/eula.py: remove
> failed: No such file or directory
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/gui/spokes/eula.glade: remove
> failed: No such file or directory
>   Erasing: anaconda-gui-21.48.22.56-1.sl7.1.x86_64
> 2/7
>   Erasing: initial-setup-0.3.9.30-1.el7.x86_64
> 3/7
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/tui/spokes/eula.pyo: remove
> failed: No such file or directory
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/tui/spokes/eula.pyc: remove
> failed: No such file or directory
> warning: file
> /usr/lib/python2.7/site-packages/initial_setup/tui/spokes/eula.py: remove
> failed: No such file or directory
>   Erasing: anaconda-core-21.48.22.56-1.sl7.1.x86_64
> 4/7
>   Erasing: anaconda-tui-21.48.22.56-1.sl7.1.x86_64
> 5/7
>   Erasing: firewall-config-0.4.3.2-8.el7.noarch
> 6/7
>   Erasing: firewalld-0.4.3.2-8.el7.noarch
> 7/7
> warning: /etc/firewalld/lockdown-whitelist.xml saved as
> /etc/firewalld/lockdown-whitelist.xml.rpmsave
>
> That smells amusing and puzzling but not dangerous to me.

So it's not fully or properly installed, :) and :(


> Thanks for the information.

You're welcome.

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 4:58 PM, jdow <j...@earthlink.net> wrote:
> On 2017-01-02 07:26, Tom H wrote:
>> On Mon, Jan 2, 2017 at 4:12 AM, jdow <j...@earthlink.net> wrote:
>>>
>>> The SYS5 stuff in 6.x and prior lacked flexibility, to be sure. It was
>>> simple enough that figuring out what was going on became easy. And
>>> where the documentation failed the workarounds were not all that
>>> difficult. But, then,the first 'ix I played with was one of the first
>>> commercial renditions of SVR4 - on the Amiga. So over about 25-ish
>>> years I'd learned it. I don't HAVE another 25 years to learn something
>>> with documentation that requires extreme google-fu to find. (I did
>>> manage to find a page that described /etc/sysconfig contents, FINALLY.
>>> I've been looking for that off and /on for 5 years or more.
>>
>>
>> /usr/share/doc/initscripts-9.49.37/sysconfig.txt
>
> "man --index" is needed methinks.
>
>>> Pointers to that list in the documentation for RHEL tuned systemd
>>> would be a good thing.)
>>
>> It's not a systemd directory - and it's a directory that systemd
>> upstream dislikes.
>
> It is intimately involved with systemd as used on RHEL based systems.
> Cross references can tie it all together in a nice logical package
> with bows on it.

Indeed but it's provided by the initscripts package so it should be
the latter's responsibility to provide, for example, "man sysconfig"
but it never has. AFAIR, neither upstart in EL6 nor sysvinit in
previous EL versions referred to "/etc/sysconfig/" in their
documentation (just as they don't refer to "/etc/default/" on
Debian/Ubuntu).

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 4:56 PM, jdow <j...@earthlink.net> wrote:
> On 2017-01-02 06:16, Tom H wrote:
>> On Mon, Jan 2, 2017 at 4:03 AM, jdow <j...@earthlink.net> wrote:
>>>
>>> systemctl unmask firewalld failed.
>>
>>
>> I run "systemctl disable firewalld" before running "systemctl unmask
>> firewalld" because otherwise the logs have the "firewalld is masked"
>> messages.
>
> Thought I did it in that order. But I'm not sure. (stop, disable,
> unmask.) I believe I also noticed that with it stopped I'd suddenly
> find a mishmash of my firewall and firewalld's firewall. Firewalld had
> started back up. So that might have left me in a "smash it over the
> head" frame of mind. I've discovered with the projects I worked on
> that if there is a command like mask it would stop, disable, then put
> a very heavy stone coffin around it. (I'd drive the stake through it,
> last, only if "uninstall" was indicated.) So it's likely I could have
> made a rash assumption somewhere. I need to remember that's doing
> multiple "things" in one command which is not the 'ix way, I suppose.
>>
>> Did you run "systemctl enable firewalld" after running "systemctl
>> unmask firewalld"? Having to re-install firewalld doesn't make sense.
>
> Indeed, it didn't make sense to me either. I got the same error
> message that was flopping around in the logs.

I've screwed up on Fedora and SL when masking firewalld before
disabling it because masking it doesn't remove the symlink in
"/etc/systemd/system/basic.target.wants/" or the dbus symlink in
"/etc/systemd/system/".

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 6:42 AM, jdow  wrote:
> On 2017-01-02 01:35, David Sommerseth wrote:
>>
>> Anaconda is the installer. To be honest, I've never understood why
>> anaconda needs to be installed on a final production server. The
>> production boxes I have where firewalld is uninstalled also have no
>> anaconda installed. And these boxes do get their proper updates
>> through yum regardless.
>
> It's not involved with system maintenance past the initial
> installation? I had the impression it was intimately involved with the
> system's overall configuration including updates. But, I must admit
> that it's not something I have dug into in any serious way. Thanks for
> the suggestion. I'll keep this option in mind. This is good to know.

I don't have anaconda installed on any RHEL or RHEL clone system - and
never have.

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 4:00 AM, Nico Kadel-Garcia  wrote:
>
> Number of man pages is not the same as good documentation. Part of the
> difficulty of documenting systemd is its sprawl into different systems
> that have nothing to do with daemon management itself, including
> logging, DHCP, network configuration, automounting, and more recently
> trying to replace SELinux with "brilliant security changes!!!" such as
> the ill-fated "KillUserProcess" tool that kills all background
> processes when a user logs out and which breaks nohup, screen, and tux.

"KillUserProcesses=yes" isn't replacing selinux, it's ensuring that
all freedesktop and DE stuff is killed when a user logs out.

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 4:24 AM, jdow  wrote:
>
> Did the second half. The first half had a large collection of dependencies
> that would be removed as well, little things like "anaconda-core". Erm, that
> might not be a good thing. I'm not interested in throwing the system into
> the dark ages.

You don't need anaconda-core on a running system. It's the installer!

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 4:12 AM, jdow  wrote:


> The SYS5 stuff in 6.x and prior lacked flexibility, to be sure. It was
> simple enough that figuring out what was going on became easy. And
> where the documentation failed the workarounds were not all that
> difficult. But, then,the first 'ix I played with was one of the first
> commercial renditions of SVR4 - on the Amiga. So over about 25-ish
> years I'd learned it. I don't HAVE another 25 years to learn something
> with documentation that requires extreme google-fu to find. (I did
> manage to find a page that described /etc/sysconfig contents, FINALLY.
> I've been looking for that off and /on for 5 years or more.

/usr/share/doc/initscripts-9.49.37/sysconfig.txt


> Pointers to that list in the documentation for RHEL tuned systemd
> would be a good thing.)

It's not a systemd directory - and it's a directory that systemd
upstream dislikes.

Re: Adventures with 7.2

[Tom H]

On Mon, Jan 2, 2017 at 4:03 AM, jdow  wrote:
>
> systemctl unmask firewalld failed.

I run "systemctl disable firewalld" before running "systemctl unmask
firewalld" because otherwise the logs have the "firewalld is masked"
messages.

Did you run "systemctl enable firewalld" after running "systemctl
unmask firewalld"? Having to re-install firewalld doesn't make sense.

Re: Amusing/Sad Gnome3/Wayland story

[Tom H]

On Tue, Oct 11, 2016 at 3:43 AM, Keith Lofstrom  wrote:


> Last week, a leader of the Gnome project spoke to our
> local Linux user's group. He had a new Lenovo laptop
> running Gnome 3 with the Wayland replacement for X. He
> could NOT get his HDMI port working with our projector;
> that's the first time we've had that problem in years.

Why was this Gnome's fault?

It looks more likely that Wayland's at fault.

The guy's using an experimental replacement of X and something didn't
work. No big deal; except that maybe he should've had a second,
less-bleeding-edge install on his laptop, for emergencies like this
one.

We should be grateful that there are people willing to experiment with
Wayland and help make stable enough for the rest of us.


> I offered my ancient SL6/Gnome2 laptop, but he demurred
> and went without slides. It seems that the Gnomesters
> are building another incompatible tool, this one to
> replace LibreOffice Impress.

The Gnome developers have macOS envy and Apple ships a
Powerpoint/Impress replacement called Keynote. So if Gnome wants to
ship a full OS with - presumably - simpler LibreOffice replacements,
why not?

I'm not a Gnome user but if this new app can be installed without
pulling most of Gnome (I doubt it but we'll see), I'll install it
rather than install LibreOffice for the very rare times that I need
Impress.

Re: [SCIENTIFIC-LINUX-USERS] Snap - the better,higher,faster etc

[Tom H]

On Sat, Jun 18, 2016 at 2:33 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Sat, Jun 18, 2016 at 7:09 AM, Tom H <tomh0...@gmail.com> wrote:


>> The first that I heard of snaps being available on non-Ubuntu systems
>> was on the fedora-devel@ list where the poster floated the idea of
>> banning snapd because it might get a first-to-market advantage over
>> flatpak, a more or less similar Red Hat and Gnome technology.
>
> Which got shot down fast as a bad reason to reject the software.

Thankfully!


>> It's interesting (and depressing) to see otherwise rational people
>> lose the plot like this, just like many did regarding systemd or many
>> are here in the UK regarding Brexit.
>
> Permit me to call "straw man argument fallacy" on this one. It was one
> person on a mailing list, who was shot down very quickly. The many
> reasons to dislike systemd's policies, practices, size, and creeping
> featuritis are well documented and remain a risk. Take a look at the
> threads when it tried to replace "/etc/resolv.conf" with an
> inconsistently managed symlink into systemd's DHCP configurations, and
> its more recent attempts to disconnect all background processes not
> tied to a user session that are not directly managed by systemd.
>
> Shall we break remotely run tmux, screen, ssh-agent, and nohup based
> long-running backgrounded tasks with no warning and no logging? What a
> magnificent idea, let's break stuff without telling anyone

My point about "losing the plot" wasn't just about the moron who
wanted to ban snap/snappy/snapd or whatever the actual package is
called.

There wasn't even one positive thing said, there wasn't any
fact-checking before saying "it sucks because of ...". It was an
unending attack on the technology because it originated at Canonical
and because it might pre-empt the use of RH's Flatpak.

The technology was intended as Ubuntu-only and, if Canonical/Ubuntu
are to be believed, people from other distros asked them about porting
snaps so they did some work towards that. And then there was a
premature press release...

resolv.conf: IIRC, the problem was that if you weren't using
systemd-resolved, you were left with a dangling symlink.

Disconnection of background processes: The current solution's an OTT
solution to what could easily be regarded as buggy Freedesktop and
Gnome software. No one brought up during the fedora-devel@ discussion
the possibility of creating a new systemd.special unit, logout.target,
that would kill all the misbehaving processes like pulseaudio,
evolution-*, ... at logout while allowing nohup & co to work as
intended, as the upstream dbus maintainer suggested when he opened
this can of worms. Whatever their other good and bad qualities, the
systemd developers have a special talent for pissing people off.


>> Ubuntu/Canonical created its own system for installing
>> self-contained apps a-la Android and iOS. AIUI, these apps are
>> confined on Ubuntu using AppArmor.
>>
>> According to Mark Shuttleworth, non-Ubuntu developers asked whether
>> patches would be accepted to port snaps to other distros. So some
>> work's been done and it's resulted in the press release and all this
>> brouhaha.
>
> I'm extremely leery of any system that tries to "bundle all the system
> tools" to run packages. It might be usable for containers, but it
> presents real library and package management problems for deployed
> such working environments. The approach is very familiar: it used to
> be done with chroot a lot, it's more recently been done with docker
> and Vagrant, and I don't see any compelling need for more such tools.

There are people on this list who regularly ask about software that's
more recent than what's in SL's repos. Snaps/Flatpaks would simplify
their lives.

AFAIK, Android and iOS apps "bundle all the system tools." Given how
many of these phones are used in the world, isn't it enough of a proof
of concept for you?

Re: [SCIENTIFIC-LINUX-USERS] GPT?

[Tom H]

On Wed, Jun 15, 2016 at 8:39 AM, Jose Marques <jm...@st-andrews.ac.uk> wrote:
>> On 15 Jun 2016, at 13:33, Tom H <tomh0...@gmail.com> wrote:
>>
>> For a journaled filesystem, if you have access to a Mac, you can
>> disable the journal before using the disk on SL 7.
>
> Just to make things interesting Apple plans to move to a new
> filesystem, APFS.

Thanks. Apple's been talking about a new fs since releasing OS X, if
not before that.

It's about time that they stopped grafting features onto hfs and wrote
something from scratch. I hope that they've chosen an open license for
apfs.

(They intended to switch to zfs and even had developer previews in
2008/2009 and a "new feature" page but they killed the whole thing
shortly before Sun was bought. I've always assumed that it was because
they were worried about Oracle but there may have been a purely
technical rationale...)

Re: GPT?

[Tom H]

On Tue, Jun 14, 2016 at 2:16 PM, ToddAndMargo  wrote:


> I should have said GPT partition with HFS+ format.

Thanks for the confirmation. I meant to ask earlier, but forgot,
whether you were assuming that the disk was gpt because it came from a
Apple because, when you format a disk on OS X, you have three possible
schemes, gpt, msdos, and apple partitipn map, as well as different
hfsplus and fat options.


> I don't have an Apple either. Apple does not allow you to
> use a virtual machine of OSx, unless the base system is
> Apple hardware (not going to happen).

There must be a Mac somewhere otherwise you wouldn't be using a Mac disk.


> I am seeing a lot more Apple computers out there since
> the advent of Frankenstein and Sons (Windows 8 and Nein,
> oops, 10). I personally find OSx to be excruciatingly weird,
> but I need to eat, so I will work on anything folks are willing
> to pay for. (I make a lot of money off M$'s endless quality,
> security, and reliability issues.)

All the people whom I know who've switched to OS X have done so after
using an iPhone and/or an iPad.

Re: GPT?

[Tom H]

On Sat, Jun 11, 2016 at 3:29 PM, Lamar Owen  wrote:
> On 06/11/2016 03:12 PM, Joseph Areeda wrote:
>>
>> I can give this a try for you I'm a little confused. Pretty sure the
>> partition tables are fine but I don't think you can use the Apple file
>> system, Mac OS X extended.
>>
>> The FAT or EX FAT file system are compatible, I use them often.
>
> The nutshell version of the solution I separately e-mailed to Todd directly
> (I keep forgetting that the SL lists are 'reply-all' lists..) is to
> enable ELrepo and 'yum install kmod-hfsplus' if you want read-only journaled
> HFS+ or read/write HFS+ (no journal). If your HFS+ filesystem has a journal,
> you need the Paragon HFS/NTFS bundle to get read/write, but it has some
> issues with large transfers on EL7 (works flawlessly on EL6).

For a journaled filesystem, if you have access to a Mac, you can
disable the journal before using the disk on SL 7.

how to upgrade with yum from SL 7.2 DVD

[Tom H]

The upgrade procedure that I posted was from 7 to later 7 not 6 to 7.

Re: how to upgrade with yum from SL 7.2 DVD

[Tom H]

On Fri, May 20, 2016 at 8:50 PM, Yasha Karant  wrote:
>
> Would someone please remind me how to do the following.
>
> The current SL 7.2 DVD does not have an upgrade in place choice (only from a
> SL 7.x system; EL does not support upgrade between different major
> releases). I recall that someone explained that one can treat the DVD as an
> upgrade repository, point yum or some other utility (possibly a GUI) to the
> (mounted?) DVD, and then an ungrade in place without considering the process
> a new install (e.g., requesting time zone, etc.) will automagically happen.

This should do it (untested):

Mount DVD.

# cat > /etc/yum.repos.d/dvd.repo <

Re: Filesystem package messes with /usr/local

[Tom H]

On Thu, Oct 29, 2015 at 7:17 PM, Steve Gaarder  wrote:
>
> I always thought that /usr/local was defined to be an area left alone by the
> operating system. For many years, we have made it a symlink to a read-only
> directory in AFS space. This has worked fine - until now. When I tried to
> update the "filesystem" package, it failed because it tried to do chmods on
> (at least) /usr/local/bin and /usr/local/etc. Why is it doing this? Is
> /usr/local no longer truly local?

It's normal that "filesystem" ensures that "/usr/local/" has a default
mode applicable to a standard use-case.

(Untested) Perhaps you could leverage the "/etc/tmpfiles.d/" system to
ensure that you keep it read-only:

http://www.freedesktop.org/software/systemd/man/tmpfiles.d.html

Re: VMware

[Tom H]

On Thu, Oct 29, 2015 at 12:11 PM, Vladimir Mosgalin
<mosga...@vm10124.spb.edu> wrote:
> On 2015.10.29 at 03:24:37 -0400, Tom H wrote next:
>>
>> You cannot bridge a wireless NIC:
>>
>> http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#It_doesn.27t_work_with_my_Wireless_card.21
>>
>> It's been disabled in the kernel's bridging code since 2.6.34 (AFAIR).
>
> Umm this is on SL7.1 which uses kernel 3.10
>
> $ brctl show
> bridge name bridge id STP enabled interfaces
> bridge0 8000.002590c73bd6 no eth0
> wlan0
> $ cat /etc/sl-release
> Scientific Linux release 7.1 (Nitrogen)
>
> I created bridge0 with NM and changed local ethernet to be its slave,
> after that hostapd bridged it with wlan0 with the following config
> interface=wlan0
> bridge=bridge0
>
> The wireless NIC was the random one that I got in package with some
> other motherboard, I didn't mess with firmware or anything like that
>
> $ lspci | grep Wireless
> 01:00.0 Network controller: Qualcomm Atheros AR9462 Wireless Network Adapter 
> (rev 01)
>
> Somehow I doubt that I managed to fall into 1% of users who has special
> card with special firmware. The documents you linked must not be telling
> the whole story. Or just outdated, as it was written in the 2009.

I'd say that you fall into the special 0%! LOL

More seriously, hostapd is a third (ebtables, proxy-arp) way to solve
the problem.

>From linux-4.2.5/net/bridge/br_if.c

/* No bridging devices that dislike that (e.g. wireless) */
if (dev->priv_flags & IFF_DONT_BRIDGE)
return -EOPNOTSUPP;

Re: VMware

[Tom H]

On Mon, Oct 26, 2015 at 2:45 PM, Yasha Karant  wrote:


> Although the KVM solution discussed here may work, the description of this
> in operation appears to be a true
> hypervisor even when only used to run, say, MS Windows as an application
> environment virtual machine under SL. That is, this solution is not the
> same "in spirit" as is VirtualBox. On a hard 802.3 wired connection,
> VirtualBox does provide Internet access to the outside world from the guest;
> this seems to be a failure on a 802.11 ISP wifi connection. JHas anyone
> used VMware-Player-12.0.0-2985596.x86_64.bundle on a SL7 host with a MS Win
> guest?

I don't see why you think that VirtualBox and VMware aren't
hypervisors like KVM.


> If so, is the "free" version stripped of sufficient features as not to be
> useful in a "production" environment? I do not need merely to look at
> pretty pictures of a running guest environment; I need to access the
> Internet. to share files (e.g., docx, pptx, etc.) between the Linux host and
> the MS Windows guest, and to access both USB devices and the DVD drive of
> the host on the guest.
>
> My institution cannot afford the US$249 for the VMware Workstation license,
> and I cannot justify the expenditure of research funds. However, VMware
> player is licensed for free for non-commercial private use (mine).
>
> I do note that my query on the failure of VirtualBox to work with 802.11
> host Linux networks and thus supply a connection to the guest OS within
> VirtualBox now has had 46 views on the VirtualBox Linux host "forum" without
> a reply -- evidently, this is a problem with the current VirtualBox for
> which no one has a viable solution -- hence my interest in VMware Player.

You cannot bridge a wireless NIC:

http://www.linuxfoundation.org/collaborate/workgroups/networking/bridge#It_doesn.27t_work_with_my_Wireless_card.21

It's been disabled in the kernel's bridging code since 2.6.34 (AFAIR).

There are web sites that show how to get around this limitation via
either ebtables or proxy-arp. I've never tried either but I assume
that, since VirtualBox and VMware allow it, they must use a similar
workaround under the cover.

I launch VMs with "qemu-system-x86_64 ... -netdev
bridge,br=bridge0,id=net0 ..." on my laptop without adding my wireless
NIC to br0 and I set up forwarding of a VM's packets with:

# echo "1" > /proc/sys/net/ipv4/ip_forward
and
# iptables -t nat -A POSTROUTING -o wifi0 -j MASQUERADE
or
# iptables -t nat -A POSTROUTING -s 10.0.2.0/24 ! -d 10.0.2.0/24 -j MASQUERADE

If you use libvirt, define a "routed" network with virsh, and choose
it when you create a VM, virt-install sets up the forwarding
automatically.

You haven't said whether you want to be able to access VMs from
another box but, FYI, I can ssh to VMs from another laptop by running
"ip ro add 10.0.2.0/24 via 192.168.1.43 dev wifi0" on that laptop,
where 192.168.1.43 is the ip address of the laptop hosting the VMs.

Re: help debugging a kickstart install

[Tom H]

On Mon, Oct 12, 2015 at 10:34 AM, Nico Kadel-Garcia  wrote:
> On Mon, Oct 12, 2015 at 10:14 AM, Ken Teh  wrote:
>>
>> I'm having problems with an 6.7 install. Here are the relevant lines:
>>
>> # partitions
>>
>> # clearpart --drives=disk/by-id/ata-SATA_SSD_96D70756062400160297
>> part /boot --fstype=ext4 --size=1024 --asprimary
>> --ondisk=disk/by-id/ata-SATA_SSD_96D70756062400160297
>> part pv.01 --size=1 --grow --asprimary
>> --ondisk=disk/by-id/ata-SATA_SSD_96D70756062400160297
>>
>> volgroup sysvg pv.01
>> logvol swap --fstype=swap --vgname=svsvg --size=12288 --name=swap
>> logvol / --fstype=ext4 --vgname=sysvg --size=1 --grow --name=root
>
>> Kickstart stops trying to create the swap logical volume. Claims there is
>> no such sysvg volume. I did an alt-F2 and ran parted on the disk. The
>> 'part' command never created the partitions. This is my first time using
>> the 'disk/by-id/...' syntax. Also, first time with an SSD disk. I checked
>> /dev/disk/by-id and the disk is listed with the correct id.
>
> Don't hurt yourself. That "disk-by-id" or using UUID, is not stable.

disk-by-id is based on a disk's model and serial so it's stable for a
given disk.

>From my laptop:

# ll /dev/disk/by-id/
total 0
lrwxrwxrwx 1 root root  9 2015-10-12 13:02
ata-SAMSUNG_MZMTE256HMHP-000L1_S1G4NYAF624379 -> ../../sda
lrwxrwxrwx 1 root root 10 2015-10-12 13:02
ata-SAMSUNG_MZMTE256HMHP-000L1_S1G4NYAF624379-part1 -> ../../sda1
lrwxrwxrwx 1 root root 10 2015-10-12 13:02
ata-SAMSUNG_MZMTE256HMHP-000L1_S1G4NYAF624379-part2 -> ../../sda2
lrwxrwxrwx 1 root root  9 2015-10-12 13:02 wwn-0x5002538844584d30 -> ../../sda
lrwxrwxrwx 1 root root 10 2015-10-12 13:02
wwn-0x5002538844584d30-part1 -> ../../sda1
lrwxrwxrwx 1 root root 10 2015-10-12 13:02
wwn-0x5002538844584d30-part2 -> ../../sda2

# lsblk -l -o NAME,FSTYPE,MODEL,SERIAL,WWN,MOUNTPOINT /dev/sda
NAME FSTYPE MODELSERIAL WWNMOUNTPOINT
sda SAMSUNG MZMTE256 S1G4NYAF624379 0x5002538844584d30
sda1 vfat   0x5002538844584d30
sda2 ext4   0x5002538844584d30 /

Re: SL 7.1 not installing from DVD on unpartitioned disk

[Tom H]

On Thu, Sep 24, 2015 at 9:43 PM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Thu, Sep 24, 2015 at 1:55 PM, Tom H <tomh0...@gmail.com> wrote:
>> On Thu, Sep 24, 2015 at 9:13 AM, Nico Kadel-Garcia <nka...@gmail.com> wrote:


>>> The difficulty is that anaconda has become a python nightmare of
>>> complexity, coupled with an unnecessary GUI of complexity. New
>>> features of sophisticated interaction and "pretty pictures" ti nabage
>
> Lordie, did I actually type that I I meant "to manage".

I assumed that your right hand was shifted to the left by one key. LOL


>>> LVM, various clustering filesystems, and network installation have
>>> been added as desired, but it's easy to lose site of simple steps like
>>> "just present the names of disks.
>>
>> python isn't the problem; the hub and spoke "concept" is. Ubuntu's
>> Ubiquity is the best GUI installer.
>>
>> Ubiquity can't set up mdraid like Anaconda, but it handles btrfs
>> better than Anaconda.
>>
>> Anaconda's partitioning spoke's so horrendous that I only use
>> kickstart or "yum --installroot=... ..." - or unpack a tarball created
>> with one of those methods.
>
> Unfortunately, the "system-config-kickstart" tool is also horrible. It
> rewrites any base kickstart in its own format, quite orthogonal to the
> original and to the "anaconda-ks.cfg" file generated at install time,
> and it can only deal with one '%post" stanza though kickstart supports
> multiple stanzas.

I've never used "system-config-kickstart" but it's always good to run
"ksverdiff -f old-ver -t new-ver" when a new version of SL's published
to find out what's new and what's deprecated in kickstart.

Re: root is unable to open display

[Tom H]

On Sun, Sep 6, 2015 at 10:04 AM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
> On Sun, Sep 6, 2015 at 6:51 AM, Tom H <tomh0...@gmail.com> wrote:
>> On Sat, Sep 5, 2015 at 10:42 AM, Nico Kadel-Garcia <nka...@gmail.com> wrote:
>>> On Sat, Sep 5, 2015 at 4:52 AM, Tom H <tomh0...@gmail.com> wrote:
>>>>
>>>> systemd introduced "machinectl shell localhost" in systemd 225 that
>>>> essentially does the same as "ssh localhost" from an env perspective.
>>>>
>>>> Since it's being rebased to 219 for SL 7.2, perhaps that command'll be
>>>> included in SL 7.4 with a systemd 22x (or it might be backported at
>>>> some point...).
>>>
>>> systemd's tendency to find a particular issue with a known, stable
>>> toolkit and then bolt it onto systemd is scaring the tar out of me.
>>> Attempting to replace su or sudo seems to be yet another example of
>>> this. The subject has been discussed, heatedly, in the Fedora mailing
>>> list.
>>
>> AFAIR there was a systemd-devel@ thread and various bug reports about
>> people having a problem with su/sudo when using them to launch X apps
>> because XDG_RUNTIME_DIR was the su-ing/sudo-ing user's and perms of
>> XDG_RUNTIME_DIR or of its contents were being changed to root because
>> that directory couldn't be changed within a session.
>>
>> So the problem's that su doesn't create a new login session but su was
>> never intended for this. Its man page even says "The su command is
>> used to become another user during a login session".
>
> Right. "su" doesn't. "sudo" can, by setting /etc/sudoers or
> /etc/sudoers.d options.

I don't think that sudo can create a new session where "session"
corresponds to the consolekit/logind meaning, but I'd have to read
"man sudoers" to be sure.

Re: root is unable to open display

[Tom H]

On Thu, Aug 27, 2015 at 12:29 PM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Thu, Aug 27, 2015 at 9:08 AM, Tom H tomh0...@gmail.com wrote:
 On Mon, Aug 24, 2015 at 6:54 PM, ToddAndMargo toddandma...@zoho.com wrote:

 I can run anything as a regular user but not my apps
 as root.  I am sure a reboot will fix this, but
 is there a way to fix this without rebooting?

 This started after I fired up two VM's in KVM

 # leafpad smb.conf 
 [1] 16905
 [root@localhost samba]# No protocol specified
 leafpad: Cannot open display:

 # echo $DISPLAY
 :0.0

 You need to specify XAUTHORITY=

 Doing a sudo or su to run things as the root user can also clear
 your individual user X settings, as can using ssh to access the local
 system as a root user if you do not allow X forwarding.

Whether using su or sudo, you can set DISPLAY and XAUTHORITY to those
of the user from whom you're switching.

I don't use root with GUI apps so this is theoretical knowledge.

You could set up a polkit action/policy (mimicking
/usr/share/polkit-1/actions/com.ubuntu.update-notifier.policy on my
laptop running Ubuntu):

policyconfig
  action id=com.todd.pkexec.leafpad
messageAuthentication is required to run leafpad as root/message
icon_nameleafpad/icon_name
defaults
  allow_anyno/allow_any
  allow_inactiveno/allow_inactive
  allow_activeauth_admin/allow_active
/defaults
annotate 
key=org.freedesktop.policykit.exec.path/usr/bin/leafpad/annotate
annotate key=org.freedesktop.policykit.exec.allow_guitrue/annotate
  /action
/policyconfig

And you'll then be able to run (as a member of wheel) pkexec leafpad .

Re: SL 7.1 upgrade has been a disaster

[Tom H]

On Mon, Aug 24, 2015 at 12:21 PM, ToddAndMargo toddandma...@zoho.com wrote:
 On 08/24/2015 05:31 AM, Tom H wrote:
 On Mon, Aug 24, 2015 at 5:36 AM, ToddAndMargo toddandma...@zoho.com
 wrote:

 I just upgraded from SL 6.6 to 7.1.

 What a disaster.  :'(

 Is there an approved upgrade tool? Or did you use the experimental
 adaptation of Fedora's preupgrade/fedup to RHEL and its clones?

 I did a full wipe and reinstall.  Used
SL-7-Everything-Dual-Layer-DVD-x86_64-2015-04-07-7.1.iso

Congrats. Much better (I hope!).

Re: root is unable to open display

[Tom H]

On Mon, Aug 24, 2015 at 6:54 PM, ToddAndMargo toddandma...@zoho.com wrote:

 I can run anything as a regular user but not my apps
 as root.  I am sure a reboot will fix this, but
 is there a way to fix this without rebooting?

 This started after I fired up two VM's in KVM

 # leafpad smb.conf 
 [1] 16905
 [root@localhost samba]# No protocol specified
 leafpad: Cannot open display:

 # echo $DISPLAY
 :0.0

You need to specify XAUTHORITY=

Re: is beesu suppose to remember your password?

[Tom H]

On Sun, Aug 23, 2015 at 12:37 AM, ToddAndMargo toddandma...@zoho.com wrote:

 I finally took the plunge and upgraded to SL 7.1.

 Since I no longer have access to gksu, I installed beesu:

 # rpm -qa beesu
 beesu-2.7-23.el7.x86_64

 Question: it remembers your password and doesn't prompt
 for it after the first time your enter it.  I can't find anything
 in the man page about this.  Is this suppose to happen?

 Is there a better replacement for gksu?

pkexec?

Re: Sl 7: where did the dhcp.leases file go?

[Tom H]

On Sun, Jun 21, 2015 at 2:22 AM, ToddAndMargo toddandma...@zoho.com wrote:

 Okay, I give up.  What happened to

 /var/lib/dhcp/dhclient-eth0.leases

ps ax | grep dhc | grep -v grep

and the -lf file will show you the lease.

Re: systemctl disable vs mask question

[Tom H]

On Tue, Jun 16, 2015 at 3:02 AM, David Sommerseth
sl+us...@lists.topphemmelig.net wrote:
 On 16 June 2015 07:52:05 CEST, ToddAndMargo toddandma...@zoho.com wrote:

 # systemctl disable firewalld.service

 This avoids the firewalld.service unit to be automatically started during 
 boot. The service may still be started using 'systemctl start ' or if a 
 service uses socket activation it will also start automatically.

If a unit's disabled but not masked, it can also be started as
dependency of another unit.

Re: SL7: Is there a GUI for systemctl?

[Tom H]

On Sun, Jun 14, 2015 at 1:45 AM, ToddAndMargo toddandma...@zoho.com wrote:
 On 06/13/2015 10:21 PM, Tom H wrote:
 On Sat, Jun 13, 2015 at 11:19 PM, ToddAndMargo toddandma...@zoho.com
 wrote:
 ?

 There's systemd-ui but it was dropped from Fedora in F22 and there was
 a discussion on systemd-devel@ about dropping it upstream earlier this
 year.

 Supposedly KDE has a GUI inside of kcm_systemd called systemd.
 Even hear or used such a thing? (I can't even find it.)

It's packaged in Fedora as kcm_systemd.

Re: What determines when things start with systemclt

[Tom H]

On Sat, Jun 13, 2015 at 11:23 PM, ToddAndMargo toddandma...@zoho.com wrote:

 /etc/rc/d/rc5.d with its numbered start points are being
 phased out. In SL7, systemctl, what determines when things
 start?

The dependencies and the order are set in the [Unit] section of a
systemd unit file via Requires=, Wants=, Requisite=, BindsTo=,
PartOf=, Conflicts=, Before=, After=, ...

I can't remember where this is documented but man -k systemd will
give you a (long) list of man pages.

Re: sl7: under systemclt, what is the new /etc/rc.d/init.d?

[Tom H]

On Sat, Jun 13, 2015 at 11:56 PM, ToddAndMargo toddandma...@zoho.com wrote:

 sl7: under systemclt, what is the new /etc/rc.d/init.d?

/etc/systemd/system/
/run/systemd/system/
/lib/systemd/system/

as well as

/run/systemd/generator/
/run/systemd/generator.early/
/run/systemd/generator.late/

Re: Adding files to the sl repo

[Tom H]

On Fri, Jun 5, 2015 at 1:57 PM, ToddAndMargo toddandma...@zoho.com wrote:

 The only exception is that if it is supported by the Fedora
 project. RHEL and clones are variations of Fedora. SL6
 is essentially Fedora Core 13 and SL7 is essentially
 Fedora Core 21.

I doubt that the RHEL developers would like the essentially.

But they'd love to know that they have a time machine given that F21
was released on December 9th and RHEL7 was released on June 10th. :)

Re: Is it time to think about another disto?

[Tom H]

On Sat, May 23, 2015 at 11:45 PM, ToddAndMargo toddandma...@zoho.com wrote:
 On 05/23/2015 03:46 PM, Tom H wrote:

 AFAIR, the kvm bugs that you reported were RFEs.

 Within a release, RH's very conservative when considering RFEs and
 rarely if ever does it do apply them; by default, it only fixes real
 bugs.

 I was being polite.  And not all of them were reported as RFE's.

You might not have reported them as RFEs but they effectively were.

Re: Edit a spec file with rpmbuild ????

[Tom H]

On Sat, May 23, 2015 at 9:16 PM, ToddAndMargo toddandma...@zoho.com wrote:
 On 05/23/2015 03:24 PM, Tom H wrote:
 On Sat, May 23, 2015 at 4:28 PM, ToddAndMargo toddandma...@zoho.com
 wrote:

 I am reading a paper on how to port Wine 32 to Cent OS 7:
 https://www.centos.org/forums/viewtopic.php?f=48t=49542

   linux32 rpmrebuild chrpath-0.13-14.el7.src.rpm

 What???   The proper syntax is:

linux32 rpmbuild --rebuild chrpath-0.13-14.el7.src.rpm

 There is no rpmrebuild  !

 And, this little gem popped up:

   linux32 rpmrebuild -e openal-soft-1.16.0-2.el7.src.rpm

   remove the line BuildRequires: portaudio-devel (it takes
   too much work to compile portaudio-devel 32-bit), save
   and exit (ZZ) install openal-soft and openal-soft-devel
   32-bit:

 What  There is no -e option in rpmbuild.  (He is right
 about the rebuilding portaudio-devel.)

 Does Cent OS have a hacked version of EL7.  What is going on?

 The beginning of the post says Below, as an attachment, you will find
 a small script called rpmrebuild.gz that I use to build the rpm.

 Oh poop.  Thank you.

You're welcome.

Re: Edit a spec file with rpmbuild ????

[Tom H]

On Sat, May 23, 2015 at 4:28 PM, ToddAndMargo toddandma...@zoho.com wrote:

 I am reading a paper on how to port Wine 32 to Cent OS 7:
 https://www.centos.org/forums/viewtopic.php?f=48t=49542

  linux32 rpmrebuild chrpath-0.13-14.el7.src.rpm

 What???   The proper syntax is:

   linux32 rpmbuild --rebuild chrpath-0.13-14.el7.src.rpm

 There is no rpmrebuild  !

 And, this little gem popped up:

  linux32 rpmrebuild -e openal-soft-1.16.0-2.el7.src.rpm

  remove the line BuildRequires: portaudio-devel (it takes
  too much work to compile portaudio-devel 32-bit), save
  and exit (ZZ) install openal-soft and openal-soft-devel
  32-bit:

 What  There is no -e option in rpmbuild.  (He is right
 about the rebuilding portaudio-devel.)

 Does Cent OS have a hacked version of EL7.  What is going on?

The beginning of the post says Below, as an attachment, you will find
a small script called rpmrebuild.gz that I use to build the rpm.

Re: Is it time to think about another disto?

[Tom H]

On Sat, May 23, 2015 at 12:16 AM, ToddAndMargo toddandma...@zoho.com wrote:
 On 05/20/2015 03:36 PM, David Sommerseth wrote:

 That means that once a new major release of RHEL is out, it aims to be
 rock solid and stable for a long time

 Sometimes. Other times it freezes bugs and instabilities in
 place, like the kvm bugs I reported. It is a double edges sword.

AFAIR, the kvm bugs that you reported were RFEs.

Within a release, RH's very conservative when considering RFEs and
rarely if ever does it do apply them; by default, it only fixes real
bugs.

Re: Is it time to think about another disto?

[Tom H]

On Sat, May 23, 2015 at 6:14 PM, David Sommerseth
sl+us...@lists.topphemmelig.net wrote:

 So when you complain about an unfixed issue in qemu in a specific RHEL/SL 
 release
 and point at the upstream bugtracker, upstream have all rights to say that 
 the EL
 release is outdated and is fixed in a newer upstream release. But that fix 
 won't
 hit RHEL until there is a RHEL bugzilla on this issue. That is what triggers a
 process where Red Hat will evaluate if and how to fix that issue in RHEL.

Upstream would also not be aware of all the patches that RH has
backported without bumping up the package version.

Re: SL7x and the 'epel' repo

[Tom H]

On Fri, Mar 27, 2015 at 11:45 AM, Steve Gaarder
gaar...@math.cornell.edu wrote:

 In that case, I'm thinking that it could be useful to maintain an EPEL
 mirror that does not get updated between TUV's release and the SL release. I
 could do that for my own use or it could be a community effort. Thoughts?

I was going to suggest the same two emails earlier but I didn't
because I couldn't think of an appropriate cut-off date to stop
rsyncing (When TUV publishes the point release? Would that be too
late? If yes to the latter, then when?). I assume that you restart
rsyncing once SL publishes the point release.

Re: SL7x and the 'epel' repo

[Tom H]

On Thu, Mar 26, 2015 at 7:28 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Thu, Mar 26, 2015 at 5:59 AM, Tom H tomh0...@gmail.com wrote:
 On Tue, Mar 24, 2015 at 4:13 PM, Orion Poplawski or...@cora.nwra.com wrote:

 The ultimate cause of this issue was an upgrade of glib2 by RedHat in RHEL
 7.1. And because the glib2 library does not use symbol versioning, rpm 
 cannot
 automatically add the proper requires/provides to avoid installing
 incompatible libraries. So, this has nothing to do with EPEL, per se, but
 just normal issues that can occur with any update to RHEL.

 Rex Dieter (who's a Fedora and EPEL developer; it's too bad that the
 RH bugzilla instance doesn't add a dev icon to developers' names
 like the Gentoo one) explains in comments 5 and 7 why they don't do
 this. They don't need to because sticking to a specific point release
 is an SL quirk that's not supported by RHEL. So a RHEL user wouldn't
 hit this qtwebkit/glib problem and EPEL's developers don't waste their
 time ensuring that's it works.

 What? No, SL and CentOS *inherit* this behavior from Red Hat's minor
 point releases. Our favorite upstream vendor has moved away from the
 old practice, long before RHEL, of the point releases being supported
 individually long term, but they certainly publish new installation
 media with the new point releases. The big difference is that SL and
 CentOS continue to publish the point releases in different web
 accessible directories, so you can still see the point releases and
 updates segregated by time, and releases they were compatible with.
 RHEL publishes all the updates since the first point release in a
 giant pool, more like the SL 6x and 7x repositories: it can provide
 some really useful information about the point releases to compare
 thei contents among them.

I agree with your last point. RHEL and CentOS use the equivalent of
SL's 6x/7x by default and don't give the option of using 6.y/7.z.

Point releases are just a snapshot of the packages at a certain point
in time, like Debian 6.x/7.x and Ubuntu 12.04.x/14.04.x.

RHEL offers its customers an EUS program for them to remain at a point
release and get security updates but it doesn't publish the EUS
sources in the same way that it doesn't publish the ELS sources.

Re: SL7x and the 'epel' repo

[Tom H]

On Tue, Mar 24, 2015 at 4:13 PM, Orion Poplawski or...@cora.nwra.com wrote:
 On 03/19/2015 03:34 AM, John Pilkington wrote:

 I had been under the impression that it was likely to be safe to use 'epel'
 packages, so, wishing to provide feedback, I installed a new version of
 qtwebkit from epel-testing. No hint of problems during installation, but
 programs using it failed. I now have them apparently working after installing
 glib2 from SL7rolling in place of the earlier build in SL7x, but I'm less 
 than
 happy about such cherry-picking.

 I'm told that epel packages support the current upstream release, 7.1, so it
 seems to me that systems based on the recommended SL7x and using epel will be
 at risk.

 https://bugzilla.redhat.com/show_bug.cgi?id=1202735

 The ultimate cause of this issue was an upgrade of glib2 by RedHat in RHEL
 7.1. And because the glib2 library does not use symbol versioning, rpm cannot
 automatically add the proper requires/provides to avoid installing
 incompatible libraries. So, this has nothing to do with EPEL, per se, but
 just normal issues that can occur with any update to RHEL.

Rex Dieter (who's a Fedora and EPEL developer; it's too bad that the
RH bugzilla instance doesn't add a dev icon to developers' names
like the Gentoo one) explains in comments 5 and 7 why they don't do
this. They don't need to because sticking to a specific point release
is an SL quirk that's not supported by RHEL. So a RHEL user wouldn't
hit this qtwebkit/glib problem and EPEL's developers don't waste their
time ensuring that's it works.

Re: Docker

[Tom H]

On Sun, Feb 15, 2015 at 9:59 AM, prmari...@gmail.com wrote:
 On Tue, Feb 15, 2015, Tom H tomh0...@gmail.com wrote:

 Of course errors can happen. I'd expect RH to fix them quickly because
 it's in its interest for RHEL rebuilders to publish a distro as
 similar to RHEL as possible.

 How so? Red Hat wants people to buy the support exact duplicate distros give 
 people an excuse not to buy the support. So how is that in Red Hats best 
 interest?

More potential future RHEL users and admins and fewer users and admins
of other distros. Especially sysadmins...

Re: Docker

[Tom H]

On Tue, Feb 3, 2015 at 10:06 PM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Tue, Feb 3, 2015 at 12:17 PM, Tom H tomh0...@gmail.com wrote:


 1) RH doesn't license RHEL; it provides subscriptions to RHEL. The
 individual have licenses...

 I think you meant individual components have licenses, It's cool.

Indeed, thanks.


 2) What might be the rationale for RH to release SRPMs (as SRPMs
 previously and as a git tree now) that are different from the SRPMs
 from which it builds RHEL?!

 The most likely real reason would be accidental error. `Some SuSE 9
 SRPM's for example, sometimes included different components form the
 source tree in the SRPM depending on build options. Fedora and RHEL
 have been very good about including *all* compnents, even if only used
 for particular OS version or builds. I applaud them for consistency.

Of course errors can happen. I'd expect RH to fix them quickly because
it's in its interest for RHEL rebuilders to publish a distro as
similar to RHEL as possible.


 The other *potential* source of such a discrepancy would be a
 manipulative weasel hiding hacks or concealing features incompatible
 with patent or copyright law. I'm not saying this is *likely*, our
 favorite upstream vendor has been really good about this, and I've met
 enough of their employees in the Boston area to have some confidence
 in them to not pull this sort of stunt. and if they got caught it
 would be disastrous for public confidence and for their business

Again, this isn't in RH's interest and an RH employee would destroy
his/her career.

Re: Docker

[Tom H]

On Mon, Feb 2, 2015 at 6:25 PM, Yasha Karant ykar...@csusb.edu wrote:
 On 02/02/2015 11:35 AM, Connie Sieh wrote:
 On Fri, 30 Jan 2015, Yasha Karant wrote:

 Presumably, any application that will run under CentOS, in particular,
 CentOS 7 that is the RHEL source release for other ports, such as SL 7,
 should be able to run under SL. My understanding is that SL 7 is not
 built from the actual RHEL 7 source that is used to build RHEL 7 that is
 licensed for fee, but from the RHEL packaged CentOS source (CentOS now
 effectively being a unit of Red Hat, a for-profit corporation) that is
 used to build CentOS 7 (that, as with SL 7, is licensed for free as a
 binary installable executable system that requires no building from
 source per se).

 SL is built from the source that Red Hat has provided. It is built from
 the same source that all rebuilds can build from. There is no such thing as
 RHEL packaged CentOS source .

 Please correct me if I am in error. RHEL, binary licensed for fee, is built
 from a source that RH does not seem to release. Rather, RH releases,
 through the RH subsidiary CentOS and a GIT mechanism, a source for all
 rebuilds, supposedly including CentOS. Thus, SL and CentOS are built from
 the same source, but the actual RHEL source may or not may in fact (claims
 to the contrary notwithstanding) be the same, as no one outside of RH or a
 RH licensee actually sees the source for RHEL. If RHEL also is built
 through a GIT mechanism, I am assuming that the Internet path to the RHEL
 GIT is not the same as that to the public rebuildable CentOS GIT. In the
 event that Fermilab or CERN has licensed the actual RHEL 7 source as a RHEL
 licensee, would personnel at either non-RH entity be allowed to comment if
 in fact there were non-trivial differences between the actual RHEL 7 source
 and the rebuildable CentOS 7 source? Trivial differences would be the
 presence of RH logos and splash screens, each of which is replaced by
 whatever the rebuilder is using (SL for the SL rebuild) -- but all of the
 internal intellectual property references in the source code still
 (presumably) mentions RH in both the actual RHEL 7 source and the CentOS 7
 rebuildable source.

1) RH doesn't license RHEL; it provides subscriptions to RHEL. The
individual have licenses...

2) What might be the rationale for RH to release SRPMs (as SRPMs
previously and as a git tree now) that are different from the SRPMs
from which it builds RHEL?!

3) The RPMs that are distributed by SL and CentOS are sometimes
different from the RPMs that are distributed by RH because, for
example, RH might use brpackage-x.y-1.el7 to satisfy
package-i.j-k.el7's BuildRequires but might only release
brpackage-x.y-2.el7. So SL and CentOS have to use the latter to build
package-i.j-k.el7's.

Re: SL7 fvwm

[Tom H]

On Mon, Jan 5, 2015 at 11:44 AM, Stephen Berg (Contractor)
stephen.berg@nrlssc.navy.mil wrote:

 I have a user that would like to have an fvwm environment.  He doesn't want
 gnome/kde/xfce/etc etc.  Just a simple fvwm login.  If I can find a way to
 have GDM launch his fvwm environment it would be great.  I grabbed the
 latest source and got it compiled but I can't find a way to make that
 environment an option from the gdm login screen.  Anyone gotten a setup like
 this working?

/usr/share/xsessions/

Re: Update killed samba -

[Tom H]

On Thu, Jan 1, 2015 at 4:01 PM, Bob Goodwin bobgood...@wildblue.net wrote:

 I ran a system update on an SL-7 server and that seems to have messed up
 samba. I can ssh into the system but can't mount it as a samba share.

 [root@box10 bobg]# mount //192.168.1.48/myshare   /mnt/box48/
 Password for bobg@//192.168.1.48/myshare:  
 Unable to find suitable address.

 This has worked without a problem until now. Any thoughts on what might be
 my problem appreciated.

Which packages were updated?

Did you change your samba config?

Did you change your iptables config?

Did you reboot after the updates?

Do the client or server logs give you more info?

Does smbclient -L ... list the share(s)?

Re: kickstart to install to whole disk

[Tom H]

On Thu, Oct 23, 2014 at 11:05 PM, Steven Haigh net...@crc.id.au wrote:
 On 24/10/2014 1:59 PM, Orion Poplawski wrote:

 What do you have against partitioning the disk?  Loosing the 512-bytes
 for the partition table?

 On some setups it can cause major write degradations in the virtual machine.

 If you can imaging the disk being set up in 4Kb clusters - which LVM
 then adheres to - but on the DomU disk with a partition, the alignment
 for partition data is now 0 + 512 bytes instead of 0.

 This means a write of 4Kb would write two sectors to the physical disk
 (first being 512 bytes + 4Kb, the second being the 512 bytes that give
 us an offset).

Modern fdisk starts partitions at 2048 and not 512.

Re: sl7 systemd sysvinit

[Tom H]

On Mon, Aug 25, 2014 at 7:57 PM, Steven Haigh net...@crc.id.au wrote:
 On 26/08/2014 9:36 AM, Vladimir Mosgalin wrote:


 - simple and predictable service files

 Like my case of networking randomly failing to start. No debugging or
 errors logged, and no way of predicting a failure.

For debugging:
systemctl status network.service
systemctl status NetworkManager.service

For failures:
I haven't any networking problems and the guys testing RHEL7 at my
$dayjob haven't reported any such problems.


 - ability to wrap a random application into service with just a few lines of 
 config

 Yes and no. When you really start using systemd, you learn quickly how
 to create service files - because you end up writing a lot of them
 because basic options are missing. If your app doesn't utilise a config
 file, then you can bet you'll be copying across the default systemd
 service file and modifying it to suit your needs. There is no other way.

You can/should use a snippet such as
/etc/systemd/system/daemon.service.d/*.conf
which consist of, for example,
EnvironmentFile=-/etc/sysconfig/daemon


 - no more extra-complicated init scripts using various hacks and magic
 for non-C applications (if you ever tried to wrap some random python or
 java application into service, you'll know what I'm talking about right
 away)

 By complicated you mean working? I start several python daemons on boot
 with initscripts - and it is very simple - almost trivial. Compare to
 the guesswork of trying to find out why a service failed to start.

systemctl status daemon.service ?!


 Plans are afoot to have systemd replace ntpd and the idea to replace the
 kernel consoles with userspace systemd foo. Lets also ignore the binary
 log formats which kills long time monitoring tools (logwatch etc) and
 systemd really is a solution hunting for a problem.

journald forwards its logs to rsyslog by default so logwatch and co
shouldn't have any problems.

Re: having trouble downloading with wget

[Tom H]

On Thu, Aug 21, 2014 at 1:57 PM, ToddAndMargo toddandma...@zoho.com wrote:

 Any idea why I can download

 http://www.uvnc.eu/download/1201/UltraVNC_1_2_0_X64_Setup.exe

 with Firefox, but not wget?

http://www.uvnc.eu/download/1201/UltraVNC_1_2_01_X64_Setup.exe

Re: udev persistent net rules erratic inconsistencies

[Tom H]

On Tue, Jul 29, 2014 at 5:57 AM, SCHAER Frederic frederic.sch...@cea.fr wrote:
 De : De la part de Tom H
 Envoyé : lundi 28 juillet 2014 23:35
 On Mon, Jul 28, 2014 at 5:35 AM, SCHAER Frederic frederic.sch...@cea.fr 
 wrote:

 From time to time, we get reboot issues with some machines, and each time it
 looks like there are duplicated persistent rules for the Ethernet devices :

 cat /etc/udev/rules.d/70-persistent-net.rules

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2a, ATTR{type}==1, KERNEL==eth*,
 NAME=em1

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2b, ATTR{type}==1, KERNEL==eth*,
 NAME=em2

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2a, ATTR{type}==1, KERNEL==eth*,
 NAME=eth0

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2b, ATTR{type}==1, KERNEL==eth*,
 NAME=eth1

 The second set of rules seem to overwrite the first one, and then we get
 issues with our network config.

 This does not happen on all nodes, just apparently to some random ones,
 sometimes.

 I’m wondering if some of you might have faced and solved that erratic thing
 already ?

 We want to keep the emX scheme for nodes which support it…

 The emX names come from biosdevname (part of a base install):

 https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/appe-
 Consistent_Network_Device_Naming.html

 You should be able to delete the last two rules, the ethX rules, for
 your interfaces to use the emX names, unless you're using
 biosdevname=0 on the kernel cmdline.

 Thanks for your reply.

 That's actually what I do to recover a happy system, but I'd like to prevent 
 this from hapenning.
 I don't want to force ethX when nodes support emX, but when I use emX, I 
 don't want neither the system to suddenly tell me emX became ethX, which is 
 what happens.

 What I'm wondering is  why do I suddenly have both the emX and ethX devices 
 in udev, despite the fact the node has lived for days with emX only, rebooted 
 correctly without changing anything...?

 Firmware bug ? (I know emX scheme depends on firmwares and DMI information...)

The only time that I've seen write_net_rules write a new rule in
70-persistent-net.rules is when there's a error in the existing rule,
usually an incorrect mac address.

But this isn't the case here so either you've hit a bug or biosdevname
was disabled on your system either by using biosdevname=0 on the
kernel cmdline or by uninstalling biosdevname.

To ensure that this doesn't happen:

mv /etc/udev/rules.d/70-persistent-net.rules
/etc/udev/rules.d/90-netX-persistent-net.rules
ln -s /dev/null /etc/udev/rules.d/70-persistent-net.rules

Re: udev persistent net rules erratic inconsistencies

[Tom H]

On Mon, Jul 28, 2014 at 5:35 AM, SCHAER Frederic frederic.sch...@cea.fr wrote:

 From time to time, we get reboot issues with some machines, and each time it
 looks like there are duplicated persistent rules for the Ethernet devices :

 cat /etc/udev/rules.d/70-persistent-net.rules

 # This file was automatically generated by the /lib/udev/write_net_rules
 # program, run by the persistent-net-generator.rules rules file.
 # You can modify it, as long as you keep each rule on a single
 # line, and change only the value of the NAME= key.

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2a, ATTR{type}==1, KERNEL==eth*,
 NAME=em1

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2b, ATTR{type}==1, KERNEL==eth*,
 NAME=em2

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2a, ATTR{type}==1, KERNEL==eth*,
 NAME=eth0

 # PCI device 0x8086:0x1521 (igb) (custom name provided by external tool)
 SUBSYSTEM==net, ACTION==add, DRIVERS==?*,
 ATTR{address}==84:8f:69:fb:c1:2b, ATTR{type}==1, KERNEL==eth*,
 NAME=eth1

 The second set of rules seem to overwrite the first one, and then we get
 issues with our network config.

 This does not happen on all nodes, just apparently to some random ones,
 sometimes.

 I’m wondering if some of you might have faced and solved that erratic thing
 already ?

 We want to keep the emX scheme for nodes which support it…

The emX names come from biosdevname (part of a base install):

https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/appe-Consistent_Network_Device_Naming.html

You should be able to delete the last two rules, the ethX rules, for
your interfaces to use the emX names, unless you're using
biosdevname=0 on the kernel cmdline.

Re: rpm problem

[Tom H]

On Fri, Jul 25, 2014 at 6:39 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Thu, Jul 24, 2014 at 3:00 PM, ToddAndMargo toddandma...@zoho.com wrote:
 On 07/23/2014 09:05 AM, Mark Stodola wrote:
 On 07/23/2014 10:43 AM, ToddAndMargo wrote:


 I am having trouble installing the PDF Studio RPM.

 https://www.dropbox.com/s/slgrnolcsktaezz/PDFStudio_v9_0_2_linux.rpm

 # cat /etc/redhat-release
 Scientific Linux release 6.5 (Carbon)

 # uname -r
 2.6.32-431.20.3.el6.x86_64

 # rpm -ivh PDFStudio_v9_0_2_linux.rpm
 Preparing... ### [100%]
  1:PDFStudio ### [100%]
 error: unpacking of archive failed on file .pdfstudio9/:
 cpio: Archive file not in header

 Any way to fix this?

 By using s cluebat on the package author. It's not a good package.
 It's misnamed, it drops everything in a relative directory, and there
 is no license. This is not a safe thing to install anywhere.

$ find .pdfstudio9 -iname *license*
.pdfstudio9/lib/barcode4j_license.txt
.pdfstudio9/lib/swt/eclipse common public license.txt
.pdfstudio9/lib/dj/gnu lesser general public license.txt
.pdfstudio9/lib/bc_license.txt
.pdfstudio9/lib/miglayout_license.txt
.pdfstudio9/lib/js-14_license.txt
.pdfstudio9/jre/LICENSE
.pdfstudio9/jre/THIRDPARTYLICENSEREADME.txt

I wonder which one, if any, the rpm author thinks applies.


 I would first check the integrity of the file.
 I downloaded it here (not installed it, as I don't have SL6.5).
 It unpacked fine though using rpm2cpio filename.rpm | cpio -idmv
 I have the following checksum on it:

 MD5: f39d0ef9c4fd74cbfcbffa37f0ee18f2  PDFStudio_v9_0_2_linux.rpm
 SHA1: 2e69d1b564cfebcac5cba9244bd04f64cedc959f  PDFStudio_v9_0_2_linux.rpm

 It has an odd directory structure, it seems to put everything in
 /pdfstudio9.

 No, it puts it all in 'pdfstudio9'. Like I said, the author of the RPM
 needs a cluebat applied.

It's unpacked into .pdfstudio not pdfstudio when I run rpm2cpio
PDFStudio_v9_0_2_linux.rpm | cpio -idm.

Is this meant to be installed by a user in a home directory, like a
browser extension?


 I'd suggest mkdir /opt, then run 'rpm2cpio there to get the
 directory contents. But I'd sooner stick my hand in a blender than
 trust this thing, gods alone know what they put in the RPM
 pre-scripts. and post-scripts.

You can install it with rpm -noscripts --notriggers ... to avoid any
bad or malicious scripts.

I'm not too sure about the blender thing but I wouldn't install this rpm as is.

Re: rpm problem

[Tom H]

On Fri, Jul 25, 2014 at 7:39 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Fri, Jul 25, 2014 at 7:27 AM, Tom H tomh0...@gmail.com wrote:
 On Fri, Jul 25, 2014 at 6:39 AM, Nico Kadel-Garcia nka...@gmail.com wrote:
 On Thu, Jul 24, 2014 at 3:00 PM, ToddAndMargo toddandma...@zoho.com wrote:
 On 07/23/2014 09:05 AM, Mark Stodola wrote:
 On 07/23/2014 10:43 AM, ToddAndMargo wrote:

 I would first check the integrity of the file.
 I downloaded it here (not installed it, as I don't have SL6.5).
 It unpacked fine though using rpm2cpio filename.rpm | cpio -idmv
 I have the following checksum on it:

 It has an odd directory structure, it seems to put everything in
 /pdfstudio9.

 No, it puts it all in 'pdfstudio9'. Like I said, the author of the RPM
 needs a cluebat applied.

 It's unpacked into .pdfstudio not pdfstudio when I run rpm2cpio
 PDFStudio_v9_0_2_linux.rpm | cpio -idm.

 rpm -qlp reports as going in pdfstudio, not even /pdfstudio. I
 suspect that rpm and rpmbuild are unhappy about the use of unqualified
 filenames.

True (about rpm -qlp ...). I don't understand why rpm2cpio unpackes
into .pdfstufio. Maybe it's trying ./pdfstudio and fails because
there's relative path in the build. The postinstall script is:


$ rpm -qp --scripts PDFStudio_v9_0_2_linux.rpm
postinstall scriptlet:
if [ $RPM_INSTALL_PREFIX0 =  ]
then
RPM_INSTALL_PREFIX0=pdfstudio9
fi
I4J_INSTALL_LOCATION=$RPM_INSTALL_PREFIX0
cd $I4J_INSTALL_LOCATION
ln -sf $I4J_INSTALL_LOCATION/pdfstudio9 /usr/local/bin/
/bin/echo -e #!/usr/bin/env xdg-open
[Desktop Entry]
Type=Application
Name=PDF Studio 9
Exec=/bin/sh \$I4J_INSTALL_LOCATION/pdfstudio9\
Icon=$I4J_INSTALL_LOCATION/.install4j/pdfstudio9.png
  $I4J_INSTALL_LOCATION/pdfstudio9.desktop
chmod +x $I4J_INSTALL_LOCATION/pdfstudio9.desktop
ln -sf $I4J_INSTALL_LOCATION/updater /usr/local/bin/
ln -sf $I4J_INSTALL_LOCATION/pdfstudiosu /usr/local/bin/

if [ -f $I4J_INSTALL_LOCATION/jre/lib/rt.jar.pack ]; then
  old_pwd200=`pwd`
  cd $I4J_INSTALL_LOCATION/jre
  echo Preparing JRE ...
  jar_files=lib/rt.jar lib/jfxrt.jar lib/charsets.jar lib/plugin.jar
lib/deploy.jar lib/ext/localedata.jar lib/jsse.jar
  for jar_file in $jar_files
  do
if [ -f ${jar_file}.pack ]; then
  bin/unpack200 -r ${jar_file}.pack $jar_file

  if [ $? -ne 0 ]; then
echo Error unpacking jar files. Aborting.
exit 1
  fi
fi
  done
  bin/java -Xshare:dump /dev/null 21
  cd $old_pwd200
fi

preuninstall scriptlet:
if [ $RPM_INSTALL_PREFIX0 =  ]
then
RPM_INSTALL_PREFIX0=pdfstudio9
fi
I4J_INSTALL_LOCATION=$RPM_INSTALL_PREFIX0
cd $I4J_INSTALL_LOCATION
if [ $1 = 0 ] ; then

rm /usr/local/bin/pdfstudio9 2/dev/null
rm $I4J_INSTALL_LOCATION/pdfstudio9.desktop
rm /usr/local/bin/updater 2/dev/null
rm /usr/local/bin/pdfstudiosu 2/dev/null
rm -Rf $I4J_INSTALL_LOCATION/jre/lib
fi


There's no SrPM because it doesn't seem to be OSS.

If you install from the upstream site, you have two options a 63M
shell script with embedded executable(s) and a 63M deb file.

Re: How to keep multiple glibc release instances in use

[Tom H]

On Thu, Jul 10, 2014 at 8:39 AM, Lamar Owen lo...@pari.edu wrote:
 On 07/09/2014 08:48 PM, Nico Kadel-Garcia wrote:

 The other dirty trick would be to use something like 'mock' to build a
 chroot cage, and put your tools inside the chroot cage. ...

 I have to wonder if the 'Software Collections' framework could work for
 glibc.  Otherwise your solution should work ok, even though it is more than
 a bit of a kluge.

Or use lxc on EL6 or lxc or systemd-nspawn on EL7.

Re: Scientific Linux 7 ALPHA rc.local doesn't work

[Tom H]

On Tue, Jul 8, 2014 at 10:07 AM, Semi s...@bgu.ac.il wrote:

 Scientific Linux 7 ALPHA rc.local doesn't work. Any solution?
 I tried the following:
 chmod 755 /etc/rc.d/rc.local
 ln -s /lib/systemd/system/rc-local.service
 /etc/systemd/system/multi-user.target.wants/rc-local.service
 systemctl enable rc-local.service

I haven't used EL7 yet so I'm relaying my Fedora 20 experience.

You don't need the ln -s ... or the systemctl ... (in fact the
latter does the same as the former when you have an Install section)
because there's a generator in /usr/lib/systemd/system-generators/.

You need /etc/rc.d/rc.local and it has to be executable. But you
also need a shebang line.

Re: Clarity on current status of Scientific Linux build

[Tom H]

On Fri, Jun 27, 2014 at 4:49 PM, Yasha Karant ykar...@csusb.edu wrote:

 1. Is CERN linux the same as SL?

http://linux.web.cern.ch/linux/scientific.shtml

Re: xterm and clipboard

[Tom H]

On Fri, Jun 20, 2014 at 8:30 PM, ToddAndMargo toddandma...@zoho.com wrote:

 Anyone know if there is a way to get copy shiftCtrlC,
 past shiftCtrlV, and cut shiftCtrlX keystrokes
 into an xterm?

Define copy-selection(CLIPBOARD) and insert-selection(CLIPBOARD)
in XTerm*VT100.translations in .Xresources.

Re: RHEL 7 just hit the market place, I'm looking forward to when we can start testing SL 7

[Tom H]

On Thu, Jun 12, 2014 at 6:28 PM, Yasha Karant ykar...@csusb.edu wrote:
 I have the following, possibly silly, question to post.  As I understand it,
 access to the git repositories meets TUV linux/GPL requirements for release
 of the source.  Nonetheless, the realities are that it is easier to build
 from the actual SRPMs that TUV uses.  These are not to be released by TUV.
 Presumably, CentOS, as what amounts to an owned subsidiary of Red Hat, uses
 SRPMs and the like to build CentOS internally -- or has a very extensive
 tool set for the git repositories.  My guess is that both TUV and CentOS
 construct SRPMs from the git repositories to build the respective
 distributions.  Hence, there most likely are (must be) tools/utilities that
 create from the git repositories a compatible coherent set of SRPMs.  Can
 the SL groups either get those tools from CentOS or can these tools be
 recreated?  For a system as complex as EL, any modern version of a build
 environment uses automation -- tools.

 Yasha Karant

 On 06/11/2014 05:15 PM, Nico Kadel-Garcia wrote:

 On Wed, Jun 11, 2014 at 1:10 PM, Yasha Karant ykar...@csusb.edu wrote:

 I  have been following this thread as we will be transitioning to EL7 as
 it becomes available from SL.  From the Red Hat CentOS web site:



 This is amazingly helpful. In the past I’ve spent an enormous amount of
 time trying to figure out the appropriate compile options to get newer
 versions of software working, and wishing that CentOS had something like
 Arch’s ABS – now you do.


 Access to the git resources of the Red Hat published packages is irrelevant
 to the build environment. That material is all available in the SRPM's.
 It's the mock and relevant toolchains, used to build the hierarchy of
 critical depdneencies to be able to run mock and build the other components,
 that is still unpublished.



 End CentoOS infomercial.

 What is the reality of the above -- yes, I have read this SL thread in so
 far as it has appeared in my inbox to date.  Is this truly amazingly
 helpful or is this to be a major impediment?  Will it only cause some
 users to change their workflows a bit, or is this a much, much larger than
 a bit change?  The answer to this question must come from the actual SL
 porting team(s), presumably at Fermilab and CERN, and as farmed out to those
 directly working with the Fermilab/CERN porting/support groups.

 Yasha Karant


 There are trade offs. A git history of the changes needed to compile foe
 CentOS is potentially useful, A lack of canonical this tag from is from
 RHEL, the other stuff is all from CentOS is likely to create confusion
 about which bits were published or added by whom. If Scientific Linux is
 going to built from RHEL and add its unique features, rather than rely on
 CentOS as an immediate upstream, this is going to need attention.  It's
 going to be especially awkward if they elect not to publish GPG signed tags
 to go with the particular software updates.

 I'm staring at
 ftp://ftp.redhat.com/redhat/linux/enterprise/7Server/en/os/README, which
 says that the FTP repository for RHEL SRPM mirrors will no longer be
 available. This is going to make manipulating roughly 3000 distinct git
 repositories instead of one bulky SRPM directory rather critical. And git
 has no way to report the list of all the git repositories on this server,
 they're all considered unique. Instead that eye-stabbing interface at
 http://git.centos.org/ will have to be parsed to extract the list of actual
 repositories, many components of which may be renamed or discarded in future
 RHEL 7 releases.

 This is going to be a lot of work.



 On 06/10/2014 05:11 PM, Nico Kadel-Garcia wrote:

 I'm staring at
 http://www.redhat.com/about/news/press-archive/2014/6/red-hat-unveils-rhel-7,
 Looks like we can start testing trying to build it. Is there anything
 I can do to help?

From http://lists.centos.org/pipermail/centos-devel/2014-June/010573.html

We do not have any of the SRPMs either, just the git repo.  We have to
check out the tree and assemble the SRPMs from git to build them.  What
you see on git.centos.org is all we have too.

And http://wiki.centos.org/Sources

has an example of how CentOS builds rpms.

But keeping track of the updates to every package is going to be
interesting unless there a git tool for this or CentOS publishes an
rss feed.

Re: RHEL 7 just hit the market place, I'm looking forward to when we can start testing SL 7

[Tom H]

On Wed, Jun 11, 2014 at 3:41 AM, Steven Haigh net...@crc.id.au wrote:
 On 11/06/14 17:24, Matthias Schroeder wrote:
 On 06/11/2014 04:12 AM, Steven Haigh wrote:
 On 11/06/14 12:07, Paul Robert Marino wrote:

 Yes a lot of us noticed.
 Recompiling an entire distro from scratch is not an easy proposition.
 Furthermore they need to strip out all of the Red Hat branding. Expect
 it to take a while at least a month or two if not more.

 I think it'll take longer than normal this time around... The build
 process is changing completely from previous versions.

 True, adapting the process to the new supply chain and source format
 will take a while.

 It seems the code
 is getting published on git.centos.org - but it seems nobody really
 knows who is putting it there.

 This leaves the moral quandary of 'do we all trust an anonymous source
 with no official ties to Red Hat?'

 http://ftp.redhat.com/redhat/linux/enterprise/7Server/en/os/README says

 Current sources for Red Hat Enterprise Linux 7 have been moved to the
 following location:

 https://git.centos.org/project/rpms;

 Does this reduce your moral quandary a little?

 Not at all. There is no source for this data at all. Just spec files and
 patches that have 'appeared'.

 The SRPMs provided by RedHat in the past are all signed by RedHat and
 are VERY difficult if not impossible to tamper with.

 There is no method to authenticate that the files being dumped into
 git.centos.org by an unknown source (hint: It isn't the CentOS guys
 putting them there) are unmodified or even supplied by RedHat.

 This is the problem.

AFAIC this pure FUD.

In what way is the CentOS git less secure than other upstream git repos?

Do you have an example of files being dumped into the CentOS git by
non-CentOS uploaders? I've look at a few packages and I see
kbsi...@karan.org (he's one of the main CentOS guys) and
b...@centos.org.

Re: How do I create a link from vfat to ext4?

[Tom H]

On Fri, Apr 4, 2014 at 7:10 AM, David Sommerseth
sl+us...@lists.topphemmelig.net wrote:

 Bind mounts are special. It basically mounts an already mounted
 directory yet another place. Say you have this scheme:

 /dev/sda4 - /mnt/mydata
 /dev/sdb2 - /mnt/friendsdata

 If you add a 'friends' directory in /mnt/mydata ... giving you
 /mnt/mydata/friends, and the do bind mount:

 mount -o bind /mnt/friendsdata /mnt/mydata/friends

 This results in that you have access to the same data in both
 /mnt/friendsdata and /mnt/mydata/friends ... But all data is read and
 written from/to /dev/sdb2. It's just that you have loaned an already
 mounted directory into your /mnt/mydata directory.

 These bind mounts are kind of a I want what you have-mount.

 Bind mounts are particularly handy when you work with chroots and wants
 to grant access to certain files outside the chroot, where symlink is
 impossible. With bind mounts, you can also the same with files; not
 just directories.

For the sake of completeness - and also in anticipation of SL7's
symlinking of /etc/mtab to /proc/self/mounts:

http://karelzak.blogspot.ch/2011/04/bind-mounts-mtab-and-read-only.html

Re: Need help with rpm rebuild error

[Tom H]

On Mon, Mar 24, 2014 at 9:48 PM, ToddAndMargo toddandma...@zoho.com wrote:

 SL 6.5, 64 bit

 The following does not rebuild (fc15 or fc20):

 # rpmbuild --rebuild clipit-1.4.2-5.fc20.src.rpm

 /root/rpmbuild/BUILDROOT/clipit-1.4.2-5.fc20.x86_64/etc/xdg/autostart/clipit-startup.desktop:
 error: value GNOME;XFCE;LXDE;Unity;MATE; for key OnlyShowIn in group
 Desktop Entry contains an unregistered value MATE; values extending the
 format should start with X-
 Error on file
 /root/rpmbuild/BUILDROOT/clipit-1.4.2-5.fc20.x86_64/etc/xdg/autostart/clipit-startup.desktop:
 Failed to validate the created desktop file

 Any way around this MATE error?

Can't you patch MATE out of clipit-startup.desktop? (Or most
probably, clipit-startup.desktop.in.)

Re: Need help with rpm rebuild error

[Tom H]

On Tue, Mar 25, 2014 at 2:02 PM, ToddAndMargo toddandma...@zoho.com wrote:

 I looked inside the SRPM a clipit-startup.desktop for a
 reason, but didn't not get anywhere. Couldn't find
 anything resembling GNOME;XFCE;LXDE;Unity;MATE; in
 the Desktop Entry section, which was the only section.

 In the mean time, I installed Parcellite from rpmforge
 and it is working well.

I've just looked at the F20 srpm.

The spec file applies a patch to add MATE; to the OnlyShowIn= line
in clipit-startup.desktop.in.

Not applying that patch will prevent the 'unregistered value MATE'
from occurring.

Re: Need help with rpm rebuild error

[Tom H]

On Tue, Mar 25, 2014 at 4:50 PM, ToddAndMargo toddandma...@zoho.com wrote:
 On 03/25/2014 12:55 PM, Tom H wrote:

 On Tue, Mar 25, 2014 at 2:02 PM, ToddAndMargo toddandma...@zoho.com
 wrote:


 I looked inside the SRPM a clipit-startup.desktop for a
 reason, but didn't not get anywhere. Couldn't find
 anything resembling GNOME;XFCE;LXDE;Unity;MATE; in
 the Desktop Entry section, which was the only section.

 In the mean time, I installed Parcellite from rpmforge
 and it is working well.


 I've just looked at the F20 srpm.

 The spec file applies a patch to add MATE; to the OnlyShowIn= line
 in clipit-startup.desktop.in.

 Not applying that patch will prevent the 'unregistered value MATE'
 from occurring.

 That is what I though, but I must not have done it right.
 I removed the patch lines from spec file.  Then rebiuld
 gave me even more errors in clipit-startup.desktop.in
 Oh well ...

 Thank you for the help,

You're welcome.

It builds OK with these changes (I removed appdata.xml because it's
only useful on F20):

[th@localhost ~]$ diff clipit.spec ./rpmbuild/SPECS/clipit.spec
10,13d9
 # clipit doesn't autostart in MATE
 # Fixed upstream but not yet merged
 Source1: %{name}.appdata.xml
 Patch0:%{name}-%{version}-mate.patch
21a18

35c32
 %patch0 -p1 -b .orig
---

54d50
 install -m 644 %{SOURCE1}
%{buildroot}%{_datarootdir}/appdata/%{name}.appdata.xml
63a60

69a67

82d79
 %{_datarootdir}/appdata/%{name}.appdata.xml

[th@localhost ~]$ diff clipit-startup.desktop.in
./rpmbuild/BUILD/clipit-1.4.2/data/clipit-startup.desktop.in
8c8
 OnlyShowIn=GNOME;XFCE;LXDE;Unity;
---
 OnlyShowIn=GNOME;XFCE;

Re: systemd on EL7

[Tom H]

On Mon, Feb 10, 2014 at 4:23 AM, Eero Volotinen eero.voloti...@iki.fi wrote:
 2014-02-10 9:08 GMT+02:00 Andrew Z form...@gmail.com:

 i finally caved in and started reading on systemd. It apperas it (
 systemd) will be enabled by default on EL7.
 Does it mean i'll have to manually move all init scripts i wrote over the
 years ? I think the short answer is no, but just want to clarify.

 You also need to use firewalld and network manager also on servers...

They're installed by default so you could say that RH expects you to
use them; but you don't have to use them. You can disable them and
enable the iptables and network services.

Re: how to enable autologin @ tty1

[Tom H]

On Wed, Feb 5, 2014 at 8:39 AM, =?windows-1252?Q?Bill_Askew?=
r.w.as...@boeing.com wrote:

 I created a file tty1.conf
 Containing

 stop on runlevel [S016]

 respawn
 exec /sbin/mingetty --autologin your user name /dev/tty1

 I I modified start-ttys.conf like this;

 start on stopped rc RUNLEVEL=[2345]

 env ACTIVE_CONSOLES=/dev/tty[1-6]
 env X_TTY=/dev/tty2
 task
 script
 . /etc/sysconfig/init
 for tty in $(echo $ACTIVE_CONSOLES) ; do
 [ $RUNLEVEL = 5 -a $tty = $X_TTY ] amp; continue
 initctl start tty TTY=$tty
 done
 initctl start tty1
 end script




# cat /etc/sysconfig/init
...
ACTIVE_CONSOLES=/dev/tty[2-6]
...


# cat /etc/init/start-ttys.override
start on stopped rc RUNLEVEL=[2345]
env X_TTY=/dev/tty7
task
script
. /etc/sysconfig/init
for tty in $(echo $ACTIVE_CONSOLES) ; do
[ $RUNLEVEL = 5 -a $tty = $X_TTY ]  continue
initctl start tty TTY=$tty
done
exec /sbin/mingetty --autologin root /dev/tty1
end script

Re: how to enable autologin @ tty1

[Tom H]

On Tue, Feb 4, 2014 at 3:02 AM, Edison, Arul (GE Healthcare)
aruljeyananth.jamesedi...@ge.com wrote:

 I would like to know what is the standard way of enabling
 auto login in Scientific linux OS in console mode.

 I tried adding entry in /etc/inittab file as I used to do in another linux
 distribution. It doesn’t work in Scientific Linux

Take a look at /etc/init/{start-ttys,tty}.conf

Re: No DHCP on boot with a fresh install

[Tom H]

On Sat, Nov 30, 2013 at 7:03 AM, ~Stack~ i.am.st...@gmail.com wrote:

 I have run into a problem with 6.4 that I can reproduce in my
 environment that has had me stumped for a few hours. I found nothing
 that appeared to directly relate to my problem when searching the
 list/net. Maybe I have been staring at it too long or maybe its because
 it is well past midnight, but I am confused and maybe someone else can
 help. :-D

 The problem: Servers don't get a DHCP IP after booting up.

Do you have --onboot=yes on the network line of the kickstart file?