I recently setup my Puppetmaster server to run through Passenger via Apache
instead of on the default webrick web server. SELinux made that not work
and I've found some documentation on making rules to allow it however mine
won't load. This is the policy I found via this website,
http://sandcat.n
On Feb 18, 2012 10:41 PM, "Al" wrote:
>
>
> On Feb 18, 2012, at 9:34 PM, Les Bell wrote:
>
> >
> > Al wrote:
> >
> >>>
> > Any suggestions on what to run on a centos box to verify that the
> > server isn't compromised or being sniffed? Thanks!
> > <<
> >
> > For "isn't compromised", you need a h
On Thu, Dec 29, 2011 at 1:05 PM, Johnny Hughes wrote:
> On 12/29/2011 10:26 AM, Trey Dockendorf wrote:
> > On Dec 29, 2011 9:50 AM, "Karanbir Singh" wrote:
> >>
> >> On 12/29/2011 02:21 PM, Johnny Hughes wrote:
> >>>
> >>> Would
On Dec 29, 2011 9:50 AM, "Karanbir Singh" wrote:
>
> On 12/29/2011 02:21 PM, Johnny Hughes wrote:
> >
> > Would this spec file (and source tar ball) built the proper package?
> >
> > If not, where would I get it.
> >
> > I would be happy to build the proper source for centos extras for CentOS
> >
On Dec 29, 2011 2:25 AM, "Johan Kooijman" wrote:
>
> Hi all,
>
> We're running RHEV as our main virtualization platform. Most of our
> guests are CentOS though. Do you guys know if there's a guest tools
> package for CentOS available like there is for Windows for example?
> Can't really find an an
I wrote an article some time ago for CentOS 6 and have been using this
setup in production since.
http://itscblog.tamu.edu/joining-samba-to-a-windows-2008-r2-domain/
My servers that interact with AD allow both AD based file sharing and also
SSH access. The most updated configs I use can be found
On Sun, Nov 20, 2011 at 7:29 PM, John J. Boyer wrote:
> On Sun, Nov 20, 2011 at 02:54:34PM -0800, John R Pierce wrote:
>
> > imho, the easiest way to do this would be to install VirtualBox.
>
> So I tried to install the latest version of VirtualBox from
> virtualbox.org It turned out that it dele
On Mon, Nov 7, 2011 at 8:38 PM, Marko Vojinovic wrote:
> On Monday 07 November 2011 22:23:09 Reindl Harald wrote:
> > Am 07.11.2011 22:50, schrieb Marko Vojinovic:
> > > Typically, you have no way of knowing the physical structure of the
> > > "cloud machine" where your virtual machine is being h
On Mon, Nov 7, 2011 at 2:29 PM, wrote:
> Trey Dockendorf wrote:
> > On Mon, Nov 7, 2011 at 10:42 AM, John Beranek wrote:
> >> On 02/11/2011 10:31, Patrick Lists wrote:
> >> > On 11/02/2011 11:02 AM, Tony Mountifield wrote:
> >> >> What is a "so
On Mon, Nov 7, 2011 at 3:02 PM, Daniel J Walsh wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 11/07/2011 03:23 PM, Trey Dockendorf wrote:
> >
> >
> > On Wed, Nov 2, 2011 at 8:54 AM, Daniel J Walsh > <mailto:dwa...@redhat.com>> w
On Wed, Nov 2, 2011 at 8:54 AM, Daniel J Walsh wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 11/01/2011 09:12 PM, Trey Dockendorf wrote:
> >
> > Do you have the
> >
> >
> > allow_httpd_mod_auth_pam
> >
> > boolean turned
On Mon, Nov 7, 2011 at 10:42 AM, John Beranek wrote:
> On 02/11/2011 10:31, Patrick Lists wrote:
> > On 11/02/2011 11:02 AM, Tony Mountifield wrote:
> >> What is a "socket" in their pricing model? The word can mean so many
> >> different things...
> >
> > Afaik it refers to a physical cpu socket.
On Sun, Nov 6, 2011 at 12:57 PM, Daniel Bird wrote:
> On 06/11/2011 00:49, Ljubomir Ljubojevic wrote:
> > Look into google 'apps' (which is really corporatized google
> > > documents). you edit your documents via your web browser, everything
> > > is hosted in googles cloud so its accessible ev
On Wed, Nov 2, 2011 at 5:36 PM, Dennis Jacobfeuerborn wrote:
> On 11/02/2011 06:34 AM, Ned Slider wrote:
> > On 01/11/11 22:26, Dennis Jacobfeuerborn wrote:
> >> On 11/01/2011 09:36 PM, Ned Slider wrote:
> >>> On 01/11/11 18:27, Bob Hoffman wrote:
> David Miller wrote
>
>
>
Do you have the
>
>
> allow_httpd_mod_auth_pam
>
> boolean turned on?
>
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk6wVZgACgkQrlYvE4MpobOg8gCgzbPmuUBJJ20iBhAQnCoTvZVU
> NfUAoLz5TplWxxf
>
> Do you have the
>
>
> allow_httpd_mod_auth_pam
>
> boolean turned on?
>
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.4.11 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
>
> iEYEARECAAYFAk6wVZgACgkQrlYvE4MpobOg8gCgzbPmuUBJJ20iBhAQnCoTvZVU
> NfUAoLz5TplWxxf
I'm setting up a dedicated database server, and since this will be a
central service to my various web servers I wanted it to be as secure as
possible...so I am leaving SELinux enabled. However I'm having trouble
getting Apache to use mod_auth_pam. I also now can't get setroubleshootd
working to
One difference I ran into with samba authentication is in cent 5
/etc/pam.d/system-auth-ac is the file to change but in cent 6 its
/etc/pam.d/password-auth-ac. I found that changes I made only to
system-auth-ac in 5 had to be made to both system-auth-ac and
password-auth-ac in 6. This was to have
On Wed, Oct 19, 2011 at 10:21 AM, Trey Dockendorf wrote:
> I'm trying to install a gem named Fabulator on CentOS 6 CR x86_64. It's
> failing on libxslt-ruby. This is the error I get when trying the gem
> manually...
>
> --
> # gem install
I'm trying to install a gem named Fabulator on CentOS 6 CR x86_64. It's
failing on libxslt-ruby. This is the error I get when trying the gem
manually...
--
# gem install libxslt-ruby --no-rdoc --no-ri
Building native extensions. This could take a while...
ERROR: Erro
On Tue, Oct 18, 2011 at 7:30 AM, Daniel J Walsh wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 10/17/2011 03:40 PM, Trey Dockendorf wrote:
> >
> > On Oct 17, 2011 2:06 PM, "Daniel J Walsh" > <mailto:dwa...@redhat.com>> wrote:
&g
On Oct 17, 2011 2:06 PM, "Daniel J Walsh" wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 10/17/2011 02:09 PM, Trey Dockendorf wrote:
> > On Oct 17, 2011 10:30 AM, "Daniel J Walsh" > <mailto:dwa...@redhat.com>> wrote:
&
On Oct 17, 2011 10:30 AM, "Daniel J Walsh" wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On 10/17/2011 11:19 AM, Trey Dockendorf wrote:
> > Forwarding back to list. -- Forwarded message --
> > From: "Trey Dockendorf&quo
Forwarding back to list.
-- Forwarded message --
From: "Trey Dockendorf"
Date: Oct 17, 2011 10:06 AM
Subject: Re: [CentOS] SELinux triggered during Libvirt snapshots
To: "Daniel J Walsh"
On Mon, Oct 17, 2011 at 7:47 AM, Daniel J Walsh wrote:
> -B
I recently began getting periodic emails from SEalert that SELinux is
preventing /usr/libexec/qemu-kvm "getattr" access from the directory I store
all my virtual machines for KVM.
All VMs are stored under /vmstore , which is it's own mount point, and
every file and folder under /vmstore currentl
On Thu, Oct 13, 2011 at 2:52 PM, Ljubomir Ljubojevic wrote:
> Vreme: 10/13/2011 04:23 PM, Bob Hoffman piše:
> > the way intended for a brand new install just to install a guest via
> > command line.
> > I am thinking new video card.
> >
> > First time sorely disappointed with supermicro...very dis
ble to build my own packages rather than rely on an
> external repo.(that was I can always build what ever version I need to).
>
> Its not the building of the RPM it the use of mock thats failing.
>
> What is the best way of sending you the source RPM.
>
> Regards
>
>
On Oct 8, 2011 7:23 PM, "Ljubomir Ljubojevic" wrote:
>
> Vreme: 10/09/2011 12:16 AM, Trey Dockendorf piše:
> > On Sat, Oct 8, 2011 at 4:31 PM, William Warren<
> > hescomins...@emmanuelcomputerconsulting.com> wrote:
>
> >> why bother with bios
On Sat, Oct 8, 2011 at 4:31 PM, William Warren <
hescomins...@emmanuelcomputerconsulting.com> wrote:
> On 10/8/2011 3:14 PM, Trey Dockendorf wrote:
> > On Sat, Oct 8, 2011 at 2:04 PM, Steve Brooks >wrote:
> >
> >> On Sat, 8 Oct 2011, Trey Dockendorf wrote:
>
On Sat, Oct 8, 2011 at 2:04 PM, Steve Brooks wrote:
> On Sat, 8 Oct 2011, Trey Dockendorf wrote:
>
> > I just upgraded my home KVM server to CentOS 6.0 CR to make use of the
> > latest libvirt and now my RAID array with my VM storage is missing. It
> > seems that the u
I just upgraded my home KVM server to CentOS 6.0 CR to make use of the
latest libvirt and now my RAID array with my VM storage is missing. It
seems that the upgrade to mdadm-3.2.2 is the culprit.
This is the output from mdadm when scanning that array,
# mdadm --detail --scan
ARRAY /dev/md0 metad
On Oct 7, 2011 3:34 AM, "Morgan Cox" wrote:
>
> Hi
>
> Thank you for your extremely quick (and faster than support from any
> company..) reply.
>
> Sorry, can you give more detail ?
>
> >From the look of the error the 'mock centos5' is missing these files :-
>
> /usr/share/aclocal/ltoptions.m4
> /
e_user_1 and rw-r--r--.
>
> You don't really need to go beyond this to "secure" each site.
>
> I hope this helps.
>
> On 30 September 2011 19:15, Trey Dockendorf wrote:
>
> > On Sep 30, 2011 11:43 AM, "John R Pierce" wrote:
> > >
>
On Sep 30, 2011 11:43 AM, "John R Pierce" wrote:
>
> On 09/30/11 9:26 AM, Trey Dockendorf wrote:
> > However they also
> > want to have the CMS write to the .htaccess files to dynamically control
> > which users can access the dowloads portion of the sites. Tha
On Sep 30, 2011 10:58 AM, "Drew" wrote:
>
> > I think Trey needs to push back - *IF* I understand him correctly, it
> > sounds like duplicate websites, but running as different users. That,
to
> > me, literally makes no sense..., unless a) the source of the request
> > doesn't understand what
On Thu, Sep 29, 2011 at 9:35 PM, Lucian wrote:
> On Fri, Sep 30, 2011 at 2:22 AM, Trey Dockendorf
> wrote:
> > I had a recent request to improve security on my web servers by having
> each
> > website use a different user to run the hosting service. So
> > exam
I had a recent request to improve security on my web servers by having each
website use a different user to run the hosting service. So
example1.comhas it's own Apache instance running as apache1 and then
example2.com has its own instance of Apache as apache2. Is this even
possible or realistic?
On Sep 21, 2011 7:51 PM, "Bob Hoffman" wrote:
>
> Finally got a new server the other day.
> You know I had to try out centos 6 with this one.
>
> dual quad cores, 24 gb ram (12 for each cpu) 6 working drives bays.
>
> My first big surprise was the partition system with anaconda. It is a
> lot diff
I think a local mirror is really your best option. Or possibly two repos.
One for testing, which you sync when you want to test updates and point all
test systems at it. Then a production repo for production systems that
pulls from the frozen test repo. One addition to your idea would be to use
On Wed, Sep 14, 2011 at 3:10 PM, Karanbir Singh wrote:
> On 09/14/2011 01:59 PM, Trey Dockendorf wrote:
> > Based on the bug report for the snapshot-create issue, it seems it's in
> > libvirt 0.9.0 and that it's something that may be solved completely in
> > Fed
On Tue, Sep 13, 2011 at 7:32 PM, Karanbir Singh wrote:
> On 09/14/2011 01:30 AM, Trey Dockendorf wrote:
> > What is the preferred method for submitting patches from upstream
> > projects ? I have two patches for libvirt-0.8.1.el6_0.6. One adds ESX
> > 4.1 support to
What is the preferred method for submitting patches from upstream projects ?
I have two patches for libvirt-0.8.1.el6_0.6. One adds ESX 4.1 support to
things like virt-v2v (
http://www.redhat.com/archives/libvir-list/2010-July/msg00480.html) and the
second fixes the broken "virsh snapshot-create"
On Tue, Sep 13, 2011 at 11:57 AM, Rajagopal Swaminathan <
raju.rajs...@gmail.com> wrote:
> On Tue, Sep 13, 2011 at 10:31 AM, Trey Dockendorf
> wrote:
> >
> > That considered I saw no benefit in my
> > case to use LVM when some other tools could combine the abil
On Mon, Sep 12, 2011 at 6:52 PM, Thomas Dukes wrote:
>
>
> > -Original Message-
> > From: centos-boun...@centos.org
> > [mailto:centos-boun...@centos.org] On Behalf Of ken
> > Sent: Monday, September 12, 2011 12:36 AM
> > To: CentOS mailing list
> > Subject: Re: [CentOS] Vitualization and
I'm trying to install libvirt to /opt/libvirt, in order to test a patch I've
worked into the current release, but it seems RPM is ignoring the --prefix
command.
The RPM I built has "Prefix: /opt/libvirt" in the spec, and correctly shows
as relocatable by RPM...
# rpm -qpi libvirt-0.8.1-27.el6.6.x
On Sep 5, 2011 2:47 AM, "James Nguyen" wrote:
>
> I'm managing two data centers and some instances on rackspace cloud
servers. Currently running Cobbler+Puppet+Mcollective. So far it's been
great for a team of one, myself.
>
> At the moment I'm looking into either using Aeolus or Openstack to br
On Mon, Aug 22, 2011 at 3:15 PM, James Hogarth wrote:
> On 22 August 2011 20:48, Dennis Jacobfeuerborn
> wrote:
> > On 08/22/2011 07:01 PM, Trey Dockendorf wrote:
> >> I have a shared web server that users can SSH / SFTP into to access
> their
> >> web content.
I have a shared web server that users can SSH / SFTP into to access their
web content. Each users home directory is in a change root, and I use
"mount -o bind" to put their respective webpage's document root into their
home directory. Recently I was made aware that the contents of the mount's
sou
On Tue, Aug 9, 2011 at 12:56 PM, Les Mikesell wrote:
> On 8/9/2011 12:32 PM, Trey Dockendorf wrote:
> >
> >
> > Now I have a new requirement passed to me, which is a bit more
> complicated.
> >
> > How would I allow individual users the ability only to access
On Tue, Aug 9, 2011 at 11:54 AM, Craig White wrote:
>
> On Aug 9, 2011, at 9:02 AM, Les Mikesell wrote:
>
> > On 8/9/2011 10:44 AM, Craig White wrote:
> >>
> >>> There's probably a way to add apache to that group with a configuration
> >>> on the local machine so it doesn't have to query your ADS
I'm setting up a shared web server running Apache. Each web root will
belong to a department, which has a corresponding Active Directory group to
give access. So far I've got samba working and such, but am having some
trouble wrapping my head around the necessary permissions to make all this
work
On Wed, Jul 27, 2011 at 7:39 AM, Craig White wrote:
> On Tue, 2011-07-26 at 15:59 -0500, Trey Dockendorf wrote:
> > Well I verified that putting the following line in /etc/sudoers works
> >
> >
> > zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
> >
&g
If your using CentOS 5.x you may have a problem with perl...here's some
notes I have on the subject
# virt-v2v -f virt-v2v.conf -ic esx://server.com/?no_verify=1 -op vm_local
VMname
Can't locate object method "show_progress" via package
"Sys::VirtV2V::Transfer::ESX::UA" at
/usr/lib/perl5/vendor_p
5, 2011 at 7:12 PM, John R Pierce wrote:
> On 07/25/11 4:41 PM, Trey Dockendorf wrote:
> > I am unable to get the #includedir function to work with sudo. This
> > works just fine on all my CentOS 5.6 servers, but on 6 it is being
> > ignored. I have this line in the file
made absolutely no changes , just did ":q")))
# visudo -f /etc/sudoers.d/zabbix-puppet
>>> /etc/sudoers.d/zabbix-puppet: syntax error near line 0 <<<
# visudo -c -f /etc/sudoers.d/zabbix-puppet
/etc/sudoers.d/zabbix-puppet: parsed OK
:-/
- Trey
On Mon, Jul 25, 2011 at 6
I am unable to get the #includedir function to work with sudo. This works
just fine on all my CentOS 5.6 servers, but on 6 it is being ignored. I
have this line in the file /etc/sudoers.d/zabbix-puppet
zabbix ALL=NOPASSWD: /var/lib/zabbix/bin/start_puppet
However sudo still requires a password.
On Thu, Jul 14, 2011 at 8:32 AM, Kanwar Ranbir Sandhu <
m3fr...@thesandhufamily.ca> wrote:
> Hi Everyone,
>
> I downloaded the CentOS 6 x86_64 DVD ISOs and burned the first image to
> a rewritable DVD. When I tried to boot my new home server off it, it
> didn't, and then this was printed to the s
hat is in both my system and chroot /etc/passwd
treydock:x:506:507:Trey Dockendorf:/home/treydock:/bin/bash
Thanks
- Trey
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
This must have been an issue with my specific external dvd drive. Used
netinstall disk successfully...yay centos 6!
Now where is the best place to post bugs regarding KVM in centos 6?
On Jul 13, 2011 9:59 AM, "Trey Dockendorf" wrote:
> This was 64 bit install and the media checks
This was 64 bit install and the media checks were good. I also successfully
used the same install media on another system. Ill try the suggestions and
see if the drive is having problems.
On Jul 13, 2011 1:27 AM, "Ljubomir Ljubojevic" wrote:
> Trey Dockendorf wrote:
>> Trie
Tried my first CentOS 6 install on a system currently running 5.6. My
attempt was not an upgrade, but a full re-format. I have verified the
checksums of the ISO and did the pre-install disk verify and everything
checked out. However after the screen for setting up the bootloader I get
the follow
Great news about CentOS 6.0 being available, and I figured I'd ask the most
obvious question, what can I expect when upgrading from CentOS 5.6 to 6.0?
I have not had to go from one major version of CentOS to another so this is
new territory for me. Is the processes just like an install except the
62 matches
Mail list logo