date:20071116

Re: [CentOS] Localize CUPS?

2007-11-16 Thread Shibu C Varughese

On 11/16/07, Niki Kovacs <[EMAIL PROTECTED]> wrote:
>
> Hi,
>
> I've been setting up a networked printer in a 100% Linux LAN, and
> there's only one small problem left: how do I localize the CUPS
> interface (e. g. the pages I see when opening http://localhost:631 in a
> browser)?
>
> My system is localized in french. LANG is fr_FR.UTF-8 in
> /etc/sysconfig/i18n. And I checked Firefox: it's supposed to open web
> content in French.
>
> Curiously, I had done similar installs before with Slackware 12, and
> there, the CUPS interface displayed in french "out of the box", e. g.
> without specifying it in cupsd.conf. Now IIRC, I had explicitly set a
> whole bunch of environment variables on my Slackware install
> (LC_MESSAGES and the likes) to french. 1) Could it be that? 2) Which
> variable would that be, and where do I set these in CentOS? Slackware's
> localization variables are all meant to be set in
> /etc/profile.d/lang.sh. Where is the orthodox place to do that in CentOS?
>
> cheers,
>
> Niki Kovacs
> ___
> hi ..Niki,


don't know the exact place for the language change, but Try setting the
language from login screen  or using
system-config-language   if available.

-- 
[EMAIL PROTECTED]
True greatness is measured by how much freedom you give to others, not by
how much you can coerce others to do what you want. --Larry Wall
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which pop3 server

2007-11-16 Thread Miark

On Fri, 16 Nov 2007 10:29:24 +0530, Shibu wrote:

> > > What's the best package for a plain-jane pop3 server?
> 
> yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi
> cyrus-sasl-md5 cyrus-sasl-plain postfix dovecot

I dunno that this all qualifies as "plain jane". But thanks for
the suggestion.

Miark
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] LSI 1068e (Super Micro OEM) - kernel update problem

2007-11-16 Thread Michael Mertel

> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> Behalf Of Michael Mertel
> Sent: Friday, November 16, 2007 5:28 PM
> To: CentOS mailing list
> Subject: AW: [CentOS] LSI 1068e (Super Micro OEM) - kernel update
> problem
> 
> > -Ursprüngliche Nachricht-
> > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im
> > Auftrag von Michael Mertel
> > Gesendet: Freitag, 16. November 2007 17:17
> > An: centos@centos.org
> > Betreff: [CentOS] LSI 1068e (Super Micro OEM) - kernel update problem
> >
> > Hello,
> >
> > I'am using a LSI 1068e OEM version from Super Micro (see lspci). I
> was
> > able to install a plain CentOS5 with the binary drivers I got from
> > Super
> > Micro.
> >
> > 06:00.0 SCSI storage controller: LSI Logic / Symbios Logic Unknown
> > device 0059 (rev 04)
> > Subsystem: Super Micro Computer Inc Unknown device a180
> > Flags: bus master, fast devsel, latency 0, IRQ 10
> > I/O ports at e000 [size=256]
> > Memory at febfc000 (64-bit, non-prefetchable) [size=16K]
> > Memory at febe (64-bit, non-prefetchable) [size=64K]
> > Expansion ROM at fe80 [disabled] [size=2M]
> > Capabilities: [50] Power Management version 2
> > Capabilities: [68] Express Endpoint IRQ 0
> > Capabilities: [98] Message Signalled Interrupts: 64bit+
> > Queue=0/0 Enable-
> > Capabilities: [b0] MSI-X: Enable- Mask- TabSize=1
> >
> >
> > But if I try to load the XEN kernel or a newer kernel all I got is a
> > kernel panic, because the new kernel does not know about the
> megasr.ko
> > module that I installed from disk.
> >
> > So I did the following (without final success):
> >
> > - cp /lib/modules/2.6.18-8.el5/updates/*
> > /lib/modules/2.6.18-8.1.15.el5/updates
> > - depmod -a 2.6.18-8.1.15.el5
> > - created a new initrd-cpio file and copied megasr.ko into the lib
> > directory
> >
> >
> > The systems starts loading the kernel and its ramdisk, and then
> hangs:
> > Kernel panic - not syncing: VFS: Unable to mount root fs on
> > unknown-block (0,0)
> >
> > I'am a bit lost, what else I can do to get this working?
> >
> > Best Regards
> >
> > --Michael
> 
> 
> Hi,
> 
> i'am such a moron, now it works (with these steps):
> 
> cp /lib/modules/2.6.18-8.el5/updates/*
> /lib/modules/2.6.18-8.1.15.el5/updates
> 
> depmod -a 2.6.18-8.1.15.el5
> 
> rm /boot/initrd-2.6.18-8.1.15.el5.img
> 
> mkinitrd /boot/initrd-2.6.18-8.1.15.el5.img 2.6.18-8.1.15.el5
> 
> 
> Nice weekend to all.
> 
> --Michael
> 


Hello,

it's me again, the standard kernel works right now, but the XEN kernel 
complains about "invalid module format" for megasr.ko while insmod'ing the 
file. 

Do I need a different binary for the XEN kernel? 

Best Regards

--Michael


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which pop3 server

2007-11-16 Thread Miark

On Thu, 15 Nov 2007 20:46:55 -0800, John wrote:

> Miark wrote:
> > What's the best package for a plain-jane pop3 server?
> 
> IMHO, dovecot.
> 
> YMMV.

If I only need pop3, isn't dovecot overkill?

Miark
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Which pop3 server

2007-11-16 Thread Ross S. W. Walker

Miark wrote:
> 
> On Fri, 16 Nov 2007 10:29:24 +0530, Shibu wrote:
> 
> > > > What's the best package for a plain-jane pop3 server?
> > 
> > yum install cyrus-sasl cyrus-sasl-devel cyrus-sasl-gssapi
> > cyrus-sasl-md5 cyrus-sasl-plain postfix dovecot
> 
> I dunno that this all qualifies as "plain jane". But thanks for
> the suggestion.

I have used qpopper in my day and it was a good plain jane pop
server.

-Ross

__
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread Marc Wiatrowski


On Fri, 2007-11-16 at 09:42 -0500, Alfred von Campe wrote:
> I'm trying to create a setuid Perl script (yes, I am aware about the  
> security implications), but am getting this error:
> 
>% cat testsetuid.pl
>#!/usr/bin/perl -UT
>print "My real user id is $< but my effective user id is $>\n";
>exit(0);
>% ./testsetuid.pl
>Can't do setuid (cannot exec sperl)
> 
> I am using the stock Perl that came with CentOS 4.5.  The problem I  
> am trying to solve is to run a software build as a particular user.   
> We want any user to be able to submit a build job that runs on the  
> build machine as the designated build user.  If there is a better way  
> to do this, I'm open to suggestions.
> 
> Alfred

Being aware of the security implications, do you have
perl-suidperl-X.rpm installed?



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] weird cron problem

2007-11-16 Thread Robert




Andreas Kuntzagk wrote:
PATHS - everytime i have cron issues its a PATH problem. The cron env is 
not the same as the user when logged in



Thanks, that's probably the cause. rsnapshot resides in /usr/local/bin
I changed the PATH in /etc/crontab now. Silly that I didn't see it.
So jobs in /etc/crontab are executed with the PATH in there, but jobs in
roots crontab are executed with the PATH set in .bashrc?

Andreas
  
You can prove to yourself quite easily that $PATH gets manipulated.  
Simply make a crontab entry like this in root's crontab:


* * * * * echo $PATH >> /root/cronpath

and compare the entries in the resulting file with the command line 
output of

# echo $PATH

(Don't forget to remove that crontab entry when finished playing.)


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] weird cron problem

2007-11-16 Thread Tom Brown





I'm having some problems with a script in /etc/cron.daily. It's quite
simple:
--
#!/bin/sh
touch /mnt/Backup/foo

rsnapshot daily
-

So the touch gets executed, but the rsnapshot not. If I run manually

  
run-parts /etc/cron.daily/ 



everything's fine. Also when I run rsnapshot from roots crontab. So I
have no idea what's the issue here.

Any ideas / recommendations what to check?
  



PATHS - everytime i have cron issues its a PATH problem. The cron env is 
not the same as the user when logged in


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] sdc1 without the sdc

2007-11-16 Thread Scott Moseman

On Nov 13, 2007 10:49 AM, Scott Moseman <[EMAIL PROTECTED]> wrote:
>
> > Normally udev dynamically makes the different /dev entries. So either
> > udev is screwing up or the iSCSI driver itself is doing something wrong
> > What version of CentOS is this and what iSCSI initiator are you using ?
>
> CentOS 4.4 and iSCSI 4.0.3.0-5
>

For the record, /etc/udev/rules.d/20-local.rules had an entry that was
causing /dev/sdc to not get created.  Issue resolved.

Thanks,
Scott
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: perl 5.8.5-36.el4_5.2

2007-11-16 Thread Scott Silva


on 11/16/2007 7:46 AM Theo Band spake the following:

Johnny Hughes wrote:

Tom wrote:

Hi all,

Since upgrading to perl 5.8.5-36.el4_5.2 I have had no end of problems,
starting with needing compress::zlib which I got from rpmforge, then I
had to reinstall scalar::util to get mailscanner working but now I can't
install or upgrade any perl modules.
Has anyone else had problems or can someone tell me what I've done wrong
please?

regards
tom

OK ... I want to make something PERFECTLY CLEAR ...

Using CPAN installed modules is NOT supported while using a Package
Management system like RPM.

You should NOT use CPAN to install perl modules, nor should you use pear
to install pear modules.

That is because when you reinstall php-pear or perl, you will loose
these items that are updated/installed in any way other than via RPMS.

If you are using CentOS. then you need to get all your perl modules and
pear modules via RPM.  If you need something, it should probably exist
either at RPMForge, at KBS-Centos-Extras, at EPEL or in the worst case
condition, take one of the other modules that does exist and use it to
create the module.

Also, look in Fedora 6.7.8 and see if you can get an SRPM to make your
modules.

If you don't ... when perl or php-pear are upgraded, your install will
absolutely, positively, beyond any and all shadow of doubt be BROKEN.

(BTW, this is not to Tom .. but to the whole list ... DON'T INSTALL CRAP
FROM CPAN )

Thanks,
Johnny Hughes

Ok, loud and clear.

What's the best way to revert back if a mess has been created. I tried
to install bugzilla on a Centos4.5 server but did not succeed. I now run
bugzilla on a Fedora installation instead. The bugzilla installation
suggested to install all kind of needed perl modules using CPAN.

So what's the best procedure to revert back the perl installation and
maintain it with yum?
I checked with rpm -V perl-5.8.5-36.el4_5.2.i386 and see a lot of
modified files. An uninstall is going to remove 266 packages, so
re-install is not a good option I guess. Yum upgrade/install will not
work, since the package is already installed of course.

Thanks for your help, and I shall never use CPAN again, never I promise.

Cheers,
Theo

You could try rpm -Uvh --replacefiles and see if it fixes it

--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread James Olin Oden

On 11/16/07, Marc Wiatrowski <[EMAIL PROTECTED]> wrote:
>
> On Fri, 2007-11-16 at 09:42 -0500, Alfred von Campe wrote:
> > I'm trying to create a setuid Perl script (yes, I am aware about the
> > security implications), but am getting this error:
> >
> >% cat testsetuid.pl
> >#!/usr/bin/perl -UT
> >print "My real user id is $< but my effective user id is $>\n";
> >exit(0);
> >% ./testsetuid.pl
> >Can't do setuid (cannot exec sperl)
> >
> > I am using the stock Perl that came with CentOS 4.5.  The problem I
> > am trying to solve is to run a software build as a particular user.
> > We want any user to be able to submit a build job that runs on the
> > build machine as the designated build user.  If there is a better way
> > to do this, I'm open to suggestions.
> >
> > Alfred
>
> Being aware of the security implications, do you have
> perl-suidperl-X.rpm installed?

Yeah, its actually the interpreter that is setuid, as the script
doesn't actually execute per say, but its really "config" file for the
interpreter, at least from the OS perspective...james
perl-suidper-*.rpm contains the setuid interpreter...james
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] weird cron problem

2007-11-16 Thread Andreas Kuntzagk


> PATHS - everytime i have cron issues its a PATH problem. The cron env is 
> not the same as the user when logged in

Thanks, that's probably the cause. rsnapshot resides in /usr/local/bin
I changed the PATH in /etc/crontab now. Silly that I didn't see it.
So jobs in /etc/crontab are executed with the PATH in there, but jobs in
roots crontab are executed with the PATH set in .bashrc?

Andreas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] weird cron problem

2007-11-16 Thread Andreas Kuntzagk

Hi,

I'm having some problems with a script in /etc/cron.daily. It's quite
simple:
--
#!/bin/sh
touch /mnt/Backup/foo

rsnapshot daily
-

So the touch gets executed, but the rsnapshot not. If I run manually

> run-parts /etc/cron.daily/ 

everything's fine. Also when I run rsnapshot from roots crontab. So I
have no idea what's the issue here.

Any ideas / recommendations what to check?

Andreas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Firfox plugins but no sound

2007-11-16 Thread James Pearson


Robert Spangler wrote:

Then test with the 32 bit aplay:

alsaunmute 0
/tmp/usr/bin/aplay /usr/share/system-config-soundcard/sound-sample.wav


No joy. it give the following output:

ALSA lib pcm_hw.c:549:(snd_pcm_hw_start) SNDRV_PCM_IOCTL_START failed: Broken 
pipe


and just sit there until I hit CTL-C
 

Same as mine ... however, I had lots of issues with 32 bit apps and
sound on 64 bit CentOS4 (not necessarily this sound card) - in the end I
'upgraded' to the ALSA 1.0.15 kernel drivers, libs and utils - which
works much better


Might have to walk down this same path  Thnx for all your help and time.


The 32 bit kernel support for playback on 64 bit machines for older 2.6 
kernels (including the RHEL4/CentOS4 kernel) didn't work properly until 
ALSA 1.0.15. RHEL4/CentOS4 is based on ALSA 1.0.6


As I said above, I've already been down this route - see:



The 1.0.15 alsa-driver from 
 builds 
against the current CentOS4 x86_64 kernels, or you could use the RPMS 
from 


I have my own alsa-lib and alsa-utils 1.0.15 RPMS - but you could 
probably use the ATrpms versions as well.


James Pearson
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] LSI 1068e (Super Micro OEM) - kernel update problem

2007-11-16 Thread Alain Spineux

On Nov 16, 2007 5:51 PM, Michael Mertel <[EMAIL PROTECTED]> wrote:
>
> > -Original Message-
> > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
> > Behalf Of Michael Mertel
> > Sent: Friday, November 16, 2007 5:28 PM
> > To: CentOS mailing list
> > Subject: AW: [CentOS] LSI 1068e (Super Micro OEM) - kernel update
> > problem
> >
> > > -Ursprüngliche Nachricht-
> > > Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im
> > > Auftrag von Michael Mertel
> > > Gesendet: Freitag, 16. November 2007 17:17
> > > An: centos@centos.org
> > > Betreff: [CentOS] LSI 1068e (Super Micro OEM) - kernel update problem
> > >
> > > Hello,
> > >
> > > I'am using a LSI 1068e OEM version from Super Micro (see lspci). I
> > was
> > > able to install a plain CentOS5 with the binary drivers I got from
> > > Super
> > > Micro.
> > >
> > > 06:00.0 SCSI storage controller: LSI Logic / Symbios Logic Unknown
> > > device 0059 (rev 04)
> > > Subsystem: Super Micro Computer Inc Unknown device a180
> > > Flags: bus master, fast devsel, latency 0, IRQ 10
> > > I/O ports at e000 [size=256]
> > > Memory at febfc000 (64-bit, non-prefetchable) [size=16K]
> > > Memory at febe (64-bit, non-prefetchable) [size=64K]
> > > Expansion ROM at fe80 [disabled] [size=2M]
> > > Capabilities: [50] Power Management version 2
> > > Capabilities: [68] Express Endpoint IRQ 0
> > > Capabilities: [98] Message Signalled Interrupts: 64bit+
> > > Queue=0/0 Enable-
> > > Capabilities: [b0] MSI-X: Enable- Mask- TabSize=1
> > >
> > >
> > > But if I try to load the XEN kernel or a newer kernel all I got is a
> > > kernel panic, because the new kernel does not know about the
> > megasr.ko
> > > module that I installed from disk.
> > >
> > > So I did the following (without final success):
> > >
> > > - cp /lib/modules/2.6.18-8.el5/updates/*
> > > /lib/modules/2.6.18-8.1.15.el5/updates
> > > - depmod -a 2.6.18-8.1.15.el5
> > > - created a new initrd-cpio file and copied megasr.ko into the lib
> > > directory
> > >
> > >
> > > The systems starts loading the kernel and its ramdisk, and then
> > hangs:
> > > Kernel panic - not syncing: VFS: Unable to mount root fs on
> > > unknown-block (0,0)
> > >
> > > I'am a bit lost, what else I can do to get this working?
> > >
> > > Best Regards
> > >
> > > --Michael
> >
> >
> > Hi,
> >
> > i'am such a moron, now it works (with these steps):
> >
> > cp /lib/modules/2.6.18-8.el5/updates/*
> > /lib/modules/2.6.18-8.1.15.el5/updates
> >
> > depmod -a 2.6.18-8.1.15.el5
> >
> > rm /boot/initrd-2.6.18-8.1.15.el5.img
> >
> > mkinitrd /boot/initrd-2.6.18-8.1.15.el5.img 2.6.18-8.1.15.el5
> >
> >
> > Nice weekend to all.
> >
> > --Michael
> >
>
>
> Hello,
>
> it's me again, the standard kernel works right now, but the XEN kernel 
> complains about "invalid module format" for megasr.ko while insmod'ing the 
> file.
>
> Do I need a different binary for the XEN kernel?
>

Yes this is why the name of every directory, initrd, and kernel files
contains the version and the build of the kernel.

Every module must be compiled with at least the kernel header of the
target kernel to be sure the kernel
and the module will use the same "interface".

It is possible to bypass this security ( --force ) but their is no
convenient way to do this in the initrd boot loader.
And (--force) can make the kernel crash if the kernel and the module
are too different.

Regards

> Best Regards
>
>
> --Michael
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
Alain Spineux
aspineux gmail com
May the sources be with you
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

AW: [CentOS] LSI 1068e (Super Micro OEM) - kernel update problem

2007-11-16 Thread Michael Mertel

> -Ursprüngliche Nachricht-
> Von: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Im
> Auftrag von Michael Mertel
> Gesendet: Freitag, 16. November 2007 17:17
> An: centos@centos.org
> Betreff: [CentOS] LSI 1068e (Super Micro OEM) - kernel update problem
> 
> Hello,
> 
> I'am using a LSI 1068e OEM version from Super Micro (see lspci). I was
> able to install a plain CentOS5 with the binary drivers I got from
> Super
> Micro.
> 
> 06:00.0 SCSI storage controller: LSI Logic / Symbios Logic Unknown
> device 0059 (rev 04)
> Subsystem: Super Micro Computer Inc Unknown device a180
> Flags: bus master, fast devsel, latency 0, IRQ 10
> I/O ports at e000 [size=256]
> Memory at febfc000 (64-bit, non-prefetchable) [size=16K]
> Memory at febe (64-bit, non-prefetchable) [size=64K]
> Expansion ROM at fe80 [disabled] [size=2M]
> Capabilities: [50] Power Management version 2
> Capabilities: [68] Express Endpoint IRQ 0
> Capabilities: [98] Message Signalled Interrupts: 64bit+
> Queue=0/0 Enable-
> Capabilities: [b0] MSI-X: Enable- Mask- TabSize=1
> 
> 
> But if I try to load the XEN kernel or a newer kernel all I got is a
> kernel panic, because the new kernel does not know about the megasr.ko
> module that I installed from disk.
> 
> So I did the following (without final success):
> 
> - cp /lib/modules/2.6.18-8.el5/updates/*
> /lib/modules/2.6.18-8.1.15.el5/updates
> - depmod -a 2.6.18-8.1.15.el5
> - created a new initrd-cpio file and copied megasr.ko into the lib
> directory
> 
> 
> The systems starts loading the kernel and its ramdisk, and then hangs:
> Kernel panic - not syncing: VFS: Unable to mount root fs on
> unknown-block (0,0)
> 
> I'am a bit lost, what else I can do to get this working?
> 
> Best Regards
> 
> --Michael
 

Hi,

i'am such a moron, now it works (with these steps):

cp /lib/modules/2.6.18-8.el5/updates/*
/lib/modules/2.6.18-8.1.15.el5/updates

depmod -a 2.6.18-8.1.15.el5

rm /boot/initrd-2.6.18-8.1.15.el5.img

mkinitrd /boot/initrd-2.6.18-8.1.15.el5.img 2.6.18-8.1.15.el5


Nice weekend to all.

--Michael

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread James Olin Oden

> Good suggestions.  Also keep in mind that you don't always suid to
> root.  You can also suid to another user (which seems to be the case
> here).
Sure.  Just like login does.

Actually, want I would really like to see is the ability to mark
certain sections of code to be ran as another user, but to do this
marking at build time rather than using a elevation and de-elevation
algorithm.  This avoids the problem of someone being able to in
non-elevated mode call elevate, as the code was immutabley marked at
build time to run at whatever privilige level it was set too.

This is not UNIX's current model, and it might just be a half-brained
idea, but it seems to me it would get past the major weaknesses of
setuid programs.

Cheers...james
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread James Olin Oden

On 11/16/07, Alfred von Campe <[EMAIL PROTECTED]> wrote:
> On Nov 16, 2007, at 9:55, Marc Wiatrowski wrote:
>
> > Being aware of the security implications, do you have
> > perl-suidperl-X.rpm installed?
>
> I meant I was aware of the implications of running setuid scripts.  I
> was not aware that CentOS' upstream provider had packaged suidperl
> separately.  Installing this package solved my problem.  However, I
> am pursuing an sudo solution at the moment that may work even better
> for me.
>
setuid scripts are not by their nature bad as some would propose.  As
a matter of fact without using a system with mandetory access controls
like SELinux, they can be effective tools to enhance overal security
provided you follow some simple
guidelines quite rigorously:

   - As soon as you start de-elevate your privileges.
   - Only elevate your privileges for as long as you need to (as an example
 one may need root to open certain files, but once its opened you do
 not need root to read and write the file).
   - Try to keep the setuid program as simple as possible.  If there
is a point where
 it can throw away its privileges forever then do so.
   - Be very rigorous in determining that a user in the current
context they are in
 should be using the setuid script.

I think the key word in alll that is "rigor" and though not used, "aware".

Cheers...james

> Thanks,
> Alfred
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Which pop3 server

2007-11-16 Thread Robert - elists

I always thought cucipop was considered the best in it's day wasn't it?

 - rh


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba Upgrade on Centos 3

2007-11-16 Thread Ralph Angenendt

Ben Mohilef wrote:
>   PANIC: push_ascii - dest_len == -1
> in the server log and 
>   smb_trans2_request: result=-5, setting invalid
> in the client.

Can you file a bug at bugs.centos.org? Or even better at
bugzilla.redhat.com and provide us with the bug number there?

Thanks,

Ralph


pgpti63gKHyab.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread Alfred von Campe

I'm trying to create a setuid Perl script (yes, I am aware about the  
security implications), but am getting this error:


  % cat testsetuid.pl
  #!/usr/bin/perl -UT
  print "My real user id is $< but my effective user id is $>\n";
  exit(0);
  % ./testsetuid.pl
  Can't do setuid (cannot exec sperl)

I am using the stock Perl that came with CentOS 4.5.  The problem I  
am trying to solve is to run a software build as a particular user.   
We want any user to be able to submit a build job that runs on the  
build machine as the designated build user.  If there is a better way  
to do this, I'm open to suggestions.


Alfred

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread Scott Silva


on 11/16/2007 7:56 AM Alfred von Campe spake the following:

On Nov 16, 2007, at 9:55, Marc Wiatrowski wrote:


Being aware of the security implications, do you have
perl-suidperl-X.rpm installed?


I meant I was aware of the implications of running setuid scripts.  I 
was not aware that CentOS' upstream provider had packaged suidperl 
separately.  Installing this package solved my problem.  However, I am 
pursuing an sudo solution at the moment that may work even better for me.


Thanks,
Alfred
The security concerns are why it was packaged separately. A sysadmin needs to 
explicitly install it, so he/she should know it is there and watch for problems.


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 33, Issue 11

2007-11-16 Thread centos-announce-request

p-utils-5.0.9-2.30E.23.i386.rpm

source:
updates/SRPMS/net-snmp-5.0.9-2.30E.23.src.rpm

You may update your CentOS-3 i386 installations by running the command:

yum update net-snmp\*

Tru
-- 
Tru Huynh (CentOS-3 i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20071115/17f22de8/attachment-0001.bin

--

Message: 20
Date: Thu, 15 Nov 2007 20:34:14 +0100
From: Tru Huynh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2007:1045 Moderate CentOS 3 x86_64
net-snmp- security update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"

CentOS Errata and Security Advisory CESA-2007:1045

net-snmp security update for CentOS 3 x86_64:
https://rhn.redhat.com/errata/RHSA-2007-1045.html

The following updated file has been uploaded and is currently syncing to
the mirrors:

x86_64:
updates/x86_64/RPMS/net-snmp-5.0.9-2.30E.23.x86_64.rpm
updates/x86_64/RPMS/net-snmp-devel-5.0.9-2.30E.23.x86_64.rpm
updates/x86_64/RPMS/net-snmp-libs-5.0.9-2.30E.23.i386.rpm
updates/x86_64/RPMS/net-snmp-libs-5.0.9-2.30E.23.x86_64.rpm
updates/x86_64/RPMS/net-snmp-perl-5.0.9-2.30E.23.x86_64.rpm
updates/x86_64/RPMS/net-snmp-utils-5.0.9-2.30E.23.x86_64.rpm

source:
updates/SRPMS/net-snmp-5.0.9-2.30E.23.src.rpm

You may update your CentOS-3 x86_64 installations by running the command:

yum update net-snmp\*

Tru
-- 
Tru Huynh (CentOS-3 i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20071115/8b712ec0/attachment-0001.bin

--

Message: 21
Date: Fri, 16 Nov 2007 10:26:10 +1100
From: John Newbigin <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2007:1013-01: Critical CentOS 2 i386
samba   security update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii; format=flowed

The following errata for CentOS-2 have been built and uploaded to the
centos mirror:

RHSA-2007:1013-01 Critical: samba security update

Files available:
samba-2.2.12-1.21as.8.1.i386.rpm
samba-client-2.2.12-1.21as.8.1.i386.rpm
samba-common-2.2.12-1.21as.8.1.i386.rpm
samba-swat-2.2.12-1.21as.8.1.i386.rpm

More details are available from the RedHat web site at
https://rhn.redhat.com/errata/rh21as-errata.html

The easy way to make sure you are up to date with all the latest patches
is to run:
# yum update

-- 
John Newbigin
Computer Systems Officer
Faculty of Information and Communication Technologies
Swinburne University of Technology
Melbourne, Australia
http://www.ict.swin.edu.au/staff/jnewbigin










--

Message: 22
Date: Fri, 16 Nov 2007 06:39:39 +0200
From: Pasi Pirhonen <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2007:1016 Critical CentOS 4 s390(x)
samba - security update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"

CentOS Errata and Security Advisory 2007:1016

https://rhn.redhat.com/errata/RHSA-2007-1016.html

The following updated files have been uploaded and are currently
syncing to the mirrors:

s390:
updates/s390/RPMS/samba-3.0.25b-1.c4.2.s390.rpm
updates/s390/RPMS/samba-client-3.0.25b-1.c4.2.s390.rpm
updates/s390/RPMS/samba-common-3.0.25b-1.c4.2.s390.rpm
updates/s390/RPMS/samba-swat-3.0.25b-1.c4.2.s390.rpm

s390x:
updates/s390x/RPMS/samba-3.0.25b-1.c4.2.s390x.rpm
updates/s390x/RPMS/samba-client-3.0.25b-1.c4.2.s390x.rpm
updates/s390x/RPMS/samba-common-3.0.25b-1.c4.2.s390x.rpm
updates/s390x/RPMS/samba-swat-3.0.25b-1.c4.2.s390x.rpm


-- 
Pasi Pirhonen - [EMAIL PROTECTED] - http://pasi.pirhonen.eu/
Top-postings silently ignored
-- next part --
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : 
http://lists.centos.org/pipermail/centos-announce/attachments/20071116/4a28f75c/attachment-0001.bin

--

Message: 23
Date: Fri, 16 Nov 2007 07:48:19 +0200
From: Pasi Pirhonen <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CESA-2007:1045 Moderate CentOS 3 ia64
net-snmp -  security update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset="us-ascii"

CentOS Errata and Security Advisory 2007:1045

https://rhn.redhat.com/errata/RHSA-2007-1045.html

The following updated files have been up

Re: [CentOS] Mailing list archive

2007-11-16 Thread Akemi Yagi

On Nov 16, 2007 12:25 PM, Craig White <[EMAIL PROTECTED]> wrote:
> On Fri, 2007-11-16 at 12:21 -0800, [EMAIL PROTECTED] wrote:
> > Hi,
> >
> > Is there a searchable mailing archive?
> >
> > http://lists.centos.org/pipermail/centos/
> >
> > I don't see a way of searching it.
> 
> can always resort to google and adding
>  +site:http://lists.centos.org/pipermail/centos/

Similarly, CentOS forums can be searched.  See the bottom of this wiki page:

http://wiki.centos.org/GettingHelp

Akemi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mailing list archive

2007-11-16 Thread Frank Cox

On Fri, 16 Nov 2007 12:21:27 -0800
[EMAIL PROTECTED] wrote:

> Is there a searchable mailing archive?

You could always use google:

search terms here site:lists.centos.org

Example:

sendmail configuration site:lists.centos.org

-- 
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Mailing list archive

2007-11-16 Thread centos

Hi,

Is there a searchable mailing archive?

http://lists.centos.org/pipermail/centos/

I don't see a way of searching it.

-- 
Thanks
http://www.911networks.com
When the network has to work
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Mailing list archive

2007-11-16 Thread Scott Silva

on 11/16/2007 12:21 PM [EMAIL PROTECTED] spake 
the following:

Hi,

Is there a searchable mailing archive?

http://lists.centos.org/pipermail/centos/

I don't see a way of searching it.


http://news.gmane.org/gmane.mail.virus.mailscanner


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread Alfred von Campe


On Nov 16, 2007, at 9:55, Marc Wiatrowski wrote:


Being aware of the security implications, do you have
perl-suidperl-X.rpm installed?


I meant I was aware of the implications of running setuid scripts.  I  
was not aware that CentOS' upstream provider had packaged suidperl  
separately.  Installing this package solved my problem.  However, I  
am pursuing an sudo solution at the moment that may work even better  
for me.


Thanks,
Alfred

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which pop3 server

2007-11-16 Thread John R Pierce


Miark wrote:

On Thu, 15 Nov 2007 20:46:55 -0800, John wrote:

  

Miark wrote:


What's the best package for a plain-jane pop3 server?
  

IMHO, dovecot.

YMMV.



If I only need pop3, isn't dovecot overkill?
  


its what centos ships with, along with Cyrus.Dovecot is lightyears 
simpler than Cyrus.Yes, Dovecot supports imap, but you don't have to 
enable that.



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Mailing list archive

2007-11-16 Thread Mark Hull-Richter

On Nov 16, 2007 12:32 PM, Scott Silva <[EMAIL PROTECTED]> wrote:

> on 11/16/2007 12:21 PM [EMAIL PROTECTED] spake
> the following:
> > Hi,
> >
> > Is there a searchable mailing archive?
> >
> > http://lists.centos.org/pipermail/centos/
> >
> > I don't see a way of searching it.
> >
> http://news.gmane.org/gmane.mail.virus.mailscanner
>
I must be thick today, or something - how does this answer the
question?  The link above points to a discussion of PostFix and
MailScanner.

I have the same question myself - never been able to use the archive
effectively without a date.

Thanks.

mhr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing java on CentOS 5

2007-11-16 Thread Les Mikesell


Craig White wrote:

On Wed, 2007-11-14 at 17:19 -0500, R P Herrold wrote:



I hope now that java is GPL that it is packaged/bundled to eliminate
this nonsense
The versions are using and adjunct components people want are 
not GPLd


downer - thanks


On the other hand, redistribution is permitted...

I've had pretty good luck using the opennms packaged version.  Pick the 
yum config rpm from here: http://yum.opennms.org/ (I recommend the 
'unstable' repo if you are actually going to install opennms).  If you 
don't want opennms, you can just 'yum install jdk'.  If you do want 
OpenNMS, start back here: http://www.opennms.org/index.php/Main_Page and 
follow through the Development 1.3.8, Quick Start, RPM link and follow 
the instructions which are now amazingly easy on Centos5.



The real question about java here is why is there no love between 
japackage.org and RHEL5/Centos5  - or any Fedora version >6?


--
 Les Mikesell
   [EMAIL PROTECTED]


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] change BIOS time setting in Xen?

2007-11-16 Thread Christian Nygaard

How to you change the BIOS time settings in a Xen HVM fully virtualized
guest virtual machine? Right now the BIOS time setting seems to be 3007 as
year instead of 2007 which leads to funny problems after the os boots.

Cheers,
Chris
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing java on CentOS 5

2007-11-16 Thread Ralph Angenendt

Les Mikesell wrote:
> On the other hand, redistribution is permitted...

Yeah, but there's still that indemnification clause in the Distribution
License. The FAQ says that this really doesn't matter, the License says
otherwise. And I tend to "believe" Licenses, because that's what you
have ...

Cheers,

Ralph


pgpP1LdRjPlmj.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Which pop3 server

2007-11-16 Thread Ralph Angenendt

Robert - elists wrote:
> I always thought cucipop was considered the best in it's day wasn't it?

Yeah, those were the days ...

And: cucipop isn't in any of the "known" repositories ...

Cheers,

Ralph


pgpj4ZQIZSf1U.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] LSI 1068e (Super Micro OEM) - kernel update problem

2007-11-16 Thread Michael Mertel

Hello,

I'am using a LSI 1068e OEM version from Super Micro (see lspci). I was
able to install a plain CentOS5 with the binary drivers I got from Super
Micro.

06:00.0 SCSI storage controller: LSI Logic / Symbios Logic Unknown
device 0059 (rev 04)
Subsystem: Super Micro Computer Inc Unknown device a180
Flags: bus master, fast devsel, latency 0, IRQ 10
I/O ports at e000 [size=256]
Memory at febfc000 (64-bit, non-prefetchable) [size=16K]
Memory at febe (64-bit, non-prefetchable) [size=64K]
Expansion ROM at fe80 [disabled] [size=2M]
Capabilities: [50] Power Management version 2
Capabilities: [68] Express Endpoint IRQ 0
Capabilities: [98] Message Signalled Interrupts: 64bit+
Queue=0/0 Enable-
Capabilities: [b0] MSI-X: Enable- Mask- TabSize=1


But if I try to load the XEN kernel or a newer kernel all I got is a
kernel panic, because the new kernel does not know about the megasr.ko
module that I installed from disk.

So I did the following (without final success):

- cp /lib/modules/2.6.18-8.el5/updates/*
/lib/modules/2.6.18-8.1.15.el5/updates
- depmod -a 2.6.18-8.1.15.el5
- created a new initrd-cpio file and copied megasr.ko into the lib
directory


The systems starts loading the kernel and its ramdisk, and then hangs:
Kernel panic - not syncing: VFS: Unable to mount root fs on
unknown-block (0,0)

I'am a bit lost, what else I can do to get this working?

Best Regards

--Michael

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Samba Upgrade on Centos 3

2007-11-16 Thread Ben Mohilef

After today's samba update, Centos 3 boxes can not use samba to 
communicate with each other, although Windows and the Centos 3 boxes 
see each other correctly as do RHEL5 and the Centos3 boxes. The du 
command works well, but ls, cp, cat ,etc produces the error:
PANIC: push_ascii - dest_len == -1
in the server log and 
smb_trans2_request: result=-5, setting invalid
in the client.

A similar (but more serious) set of problems was reported in Ubuntu early 
this morning after their update.

Is any one else experiencing this problem with samba and Centos 3 after 
the update?

regards,

benm

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Mailing list archive

2007-11-16 Thread Scott Silva


on 11/16/2007 1:01 PM Scott Silva spake the following:

on 11/16/2007 12:32 PM Scott Silva spake the following:
on 11/16/2007 12:21 PM [EMAIL PROTECTED] 
spake the following:

Hi,

Is there a searchable mailing archive?

http://lists.centos.org/pipermail/centos/

I don't see a way of searching it.


http://news.gmane.org/gmane.mail.virus.mailscanner



Sorry, I was in a lot of groups at the same time.
http://news.gmane.org/gmane.linux.centos.general


You can also search from the http://lists.centos.org/pipermail/centos/ page in 
a way, but you have to look. At the top of the page is a link to

"more information about this list".
Follow that link and there is a Google search box at the top.


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: change BIOS time setting in Xen?

2007-11-16 Thread Scott Silva


on 11/16/2007 1:07 AM Christian Nygaard spake the following:
How to you change the BIOS time settings in a Xen HVM fully virtualized 
guest virtual machine? Right now the BIOS time setting seems to be 3007 
as year instead of 2007 which leads to funny problems after the os boots.
 
Cheers,

Chris
 
 





___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Is the time and date correct in Dom0?


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] How to make fdisk recognize increased iSCSI LUN?

2007-11-16 Thread Mindaugas


  Hello,

  How to explain to fdisk that /dev/sda size changed? I increased LUN on 
storage, reloaded iscsi, did echo 1 > /sys//rescan. And I see in 
"dmesg" that kernel found new size of the LUN. But when I type "fdisk /dev/sda" 
it still shows old size. On /dev/sda1 sits LVM PV and I'd like to resize it 
instead of adding one more PV to volume group.

  CentOS 4.4 64bits.

  Thanks,

  Mindaugas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Mailing list archive

2007-11-16 Thread Scott Silva


on 11/16/2007 12:32 PM Scott Silva spake the following:
on 11/16/2007 12:21 PM [EMAIL PROTECTED] 
spake the following:

Hi,

Is there a searchable mailing archive?

http://lists.centos.org/pipermail/centos/

I don't see a way of searching it.


http://news.gmane.org/gmane.mail.virus.mailscanner



Sorry, I was in a lot of groups at the same time.
http://news.gmane.org/gmane.linux.centos.general


--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing Java on CentOS 5

2007-11-16 Thread Craig White

On Fri, 2007-11-16 at 15:19 -0500, R P Herrold wrote:
> On Fri, 16 Nov 2007, Les Mikesell wrote:
> 
> > Ralph Angenendt wrote:
> >> Les Mikesell wrote:
> >>> On the other hand, redistribution is permitted...
> 
> >> Yeah, but there's still that indemnification clause in the Distribution
> >> License. The FAQ says that this really doesn't matter, the License says
> >> otherwise. And I tend to "believe" Licenses, because that's what you
> >> have ...
> 
> > There aren't a lot of lawsuits over software because all 
> > responsibilities are always disclaimed away anyway -
> 
> One is sufficient to impair CentOS; Les, make a contribution 
> of $10k$ and we'll get a formal opinion.  If that is 
> unappealing, tender along a update patch for the bottom of the 
> CentOS wiki page Java installation instructions (the top 
> still works just fine). Absent deeds, words are empty.

yeah but thank goodness, we can have plenty of them (words)

> > Anyway - as long as the opennms guys have it, it doesn't matter.
> 
> Thre is plenty of trolling and people offering casual legal 
> opinions at 24x7 in debian-legal for many years, and 
> presently in fedora-adv for the last couple days.

fedora-adv ? translation ?

Craig

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing java on CentOS 5

2007-11-16 Thread Les Mikesell


Ralph Angenendt wrote:

Les Mikesell wrote:

On the other hand, redistribution is permitted...


Yeah, but there's still that indemnification clause in the Distribution
License. The FAQ says that this really doesn't matter, the License says
otherwise. And I tend to "believe" Licenses, because that's what you
have ...


There aren't a lot of lawsuits over software because all 
responsibilities are always disclaimed away anyway - and if there were, 
java would be about the least likely target.  I'm not sure how it is any 
different than software you might have created yourself that could be 
the target of a lawsuit or any other package where you might be included 
as a distributor.


Anyway - as long as the opennms guys have it, it doesn't matter.


--
  Les Mikesell
   [EMAIL PROTECTED]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba Upgrade on Centos 3

2007-11-16 Thread Tru Huynh

On Fri, Nov 16, 2007 at 09:00:57AM -0800, Ben Mohilef wrote:
> After today's samba update, Centos 3 boxes can not use samba to 
> communicate with each other, although Windows and the Centos 3 boxes 
> see each other correctly as do RHEL5 and the Centos3 boxes. The du 
> command works well, but ls, cp, cat ,etc produces the error:
>   PANIC: push_ascii - dest_len == -1
> in the server log and 
>   smb_trans2_request: result=-5, setting invalid
> in the client.
> 
You mean samba-3.0.9-1.3E.13.2 -> samba-3.0.9-1.3E.14.1 ?

The changelog only reads:
* Wed Oct 17 2007 Simo Sorce <[EMAIL PROTECTED]> 3.0.9-1.3E.14
- Security fix for CVE-2007-4572 and CVE-2007-5398
  resolves: #350731
  resolves: #359101


Are all your CentOS-3 machines running the same samba version?
(smb restarted ?)

> A similar (but more serious) set of problems was reported in Ubuntu early 
> this morning after their update.
> 
> Is any one else experiencing this problem with samba and Centos 3 after 
> the update?
You are the first reporting it, I don't really use samba ;)

According to the diff from the 2 above versions, the possible culprit is
samba-3.0.9-CVE-2007-4572.patch

Cheers, and keep up posted!

Tru
-- 
Tru Huynh (CentOS-3 i386/x86_64 Package Maintenance)
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B


pgpbCnueJAozE.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mailing list archive

2007-11-16 Thread Craig White

On Fri, 2007-11-16 at 12:21 -0800, [EMAIL PROTECTED] wrote:
> Hi,
> 
> Is there a searchable mailing archive?
> 
> http://lists.centos.org/pipermail/centos/
> 
> I don't see a way of searching it.

can always resort to google and adding
 +site:http://lists.centos.org/pipermail/centos/

Craig

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing Java on CentOS 5

2007-11-16 Thread Les Mikesell


R P Herrold wrote:



Anyway - as long as the opennms guys have it, it doesn't matter.


Thre is plenty of trolling and people offering casual legal opinions at 
24x7 in debian-legal for many years, and presently in fedora-adv for the 
last couple days.


That still leaves the question unanswered about jpackage.org.  Is there 
a reason no one there is packaging for RHEL5/CentOS5 or recent fedoras?


Their nosrc package for Sun Java took a bit of work to construct on 
earlier RH-style systems, but now there is not even that.


--
  Les Mikesell
   [EMAIL PROTECTED]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem running a setuid Perl script on CentOS 4.5

2007-11-16 Thread Brian Mathis

On Nov 16, 2007 11:16 AM, James Olin Oden <[EMAIL PROTECTED]> wrote:
> On 11/16/07, Alfred von Campe <[EMAIL PROTECTED]> wrote:
> > On Nov 16, 2007, at 9:55, Marc Wiatrowski wrote:
> >
> > > Being aware of the security implications, do you have
> > > perl-suidperl-X.rpm installed?
> >
> > I meant I was aware of the implications of running setuid scripts.  I
> > was not aware that CentOS' upstream provider had packaged suidperl
> > separately.  Installing this package solved my problem.  However, I
> > am pursuing an sudo solution at the moment that may work even better
> > for me.
> >
> setuid scripts are not by their nature bad as some would propose.  As
> a matter of fact without using a system with mandetory access controls
> like SELinux, they can be effective tools to enhance overal security
> provided you follow some simple
> guidelines quite rigorously:
>
>- As soon as you start de-elevate your privileges.
>- Only elevate your privileges for as long as you need to (as an example
>  one may need root to open certain files, but once its opened you do
>  not need root to read and write the file).
>- Try to keep the setuid program as simple as possible.  If there
> is a point where
>  it can throw away its privileges forever then do so.
>- Be very rigorous in determining that a user in the current
> context they are in
>  should be using the setuid script.
>
> I think the key word in alll that is "rigor" and though not used, "aware".
>
> Cheers...james
>

Good suggestions.  Also keep in mind that you don't always suid to
root.  You can also suid to another user (which seems to be the case
here).
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Installing Java on CentOS 5

2007-11-16 Thread R P Herrold


On Fri, 16 Nov 2007, Les Mikesell wrote:


Ralph Angenendt wrote:

Les Mikesell wrote:

On the other hand, redistribution is permitted...



Yeah, but there's still that indemnification clause in the Distribution
License. The FAQ says that this really doesn't matter, the License says
otherwise. And I tend to "believe" Licenses, because that's what you
have ...


There aren't a lot of lawsuits over software because all 
responsibilities are always disclaimed away anyway -


One is sufficient to impair CentOS; Les, make a contribution 
of $10k$ and we'll get a formal opinion.  If that is 
unappealing, tender along a update patch for the bottom of the 
CentOS wiki page Java installation instructions (the top 
still works just fine). Absent deeds, words are empty.



Anyway - as long as the opennms guys have it, it doesn't matter.


Thre is plenty of trolling and people offering casual legal 
opinions at 24x7 in debian-legal for many years, and 
presently in fedora-adv for the last couple days.


-- Russ Herrold
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] perl 5.8.5-36.el4_5.2

2007-11-16 Thread Theo Band

Johnny Hughes wrote:
> Tom wrote:
>> Hi all,
>>
>> Since upgrading to perl 5.8.5-36.el4_5.2 I have had no end of problems,
>> starting with needing compress::zlib which I got from rpmforge, then I
>> had to reinstall scalar::util to get mailscanner working but now I can't
>> install or upgrade any perl modules.
>> Has anyone else had problems or can someone tell me what I've done wrong
>> please?
>>
>> regards
>> tom
>
> OK ... I want to make something PERFECTLY CLEAR ...
>
> Using CPAN installed modules is NOT supported while using a Package
> Management system like RPM.
>
> You should NOT use CPAN to install perl modules, nor should you use pear
> to install pear modules.
>
> That is because when you reinstall php-pear or perl, you will loose
> these items that are updated/installed in any way other than via RPMS.
>
> If you are using CentOS. then you need to get all your perl modules and
> pear modules via RPM.  If you need something, it should probably exist
> either at RPMForge, at KBS-Centos-Extras, at EPEL or in the worst case
> condition, take one of the other modules that does exist and use it to
> create the module.
>
> Also, look in Fedora 6.7.8 and see if you can get an SRPM to make your
> modules.
>
> If you don't ... when perl or php-pear are upgraded, your install will
> absolutely, positively, beyond any and all shadow of doubt be BROKEN.
>
> (BTW, this is not to Tom .. but to the whole list ... DON'T INSTALL CRAP
> FROM CPAN )
>
> Thanks,
> Johnny Hughes
Ok, loud and clear.

What's the best way to revert back if a mess has been created. I tried
to install bugzilla on a Centos4.5 server but did not succeed. I now run
bugzilla on a Fedora installation instead. The bugzilla installation
suggested to install all kind of needed perl modules using CPAN.

So what's the best procedure to revert back the perl installation and
maintain it with yum?
I checked with rpm -V perl-5.8.5-36.el4_5.2.i386 and see a lot of
modified files. An uninstall is going to remove 266 packages, so
re-install is not a good option I guess. Yum upgrade/install will not
work, since the package is already installed of course.

Thanks for your help, and I shall never use CPAN again, never I promise.

Cheers,
Theo

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] How to make fdisk recognize increased iSCSI LUN?

2007-11-16 Thread Ross S. W. Walker

Mindaugas wrote:
> 
> 
>   Hello,
> 
>   How to explain to fdisk that /dev/sda size changed? I 
> increased LUN on storage, reloaded iscsi, did echo 1 > 
> /sys//rescan. And I see in "dmesg" that kernel 
> found new size of the LUN. But when I type "fdisk /dev/sda" 
> it still shows old size. On /dev/sda1 sits LVM PV and I'd 
> like to resize it instead of adding one more PV to volume group.
> 

I think it may be the MBR that still has the old size in it.

Try opening it in fdisk, save it, then re-open it.

-Ross

__
This e-mail, and any attachments thereto, is intended only for use by
the addressee(s) named herein and may contain legally privileged
and/or confidential information. If you are not the intended recipient
of this e-mail, you are hereby notified that any dissemination,
distribution or copying of this e-mail, and any attachments thereto,
is strictly prohibited. If you have received this e-mail in error,
please immediately notify the sender and permanently delete the
original and any copy or printout thereof.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Mailing list archive

2007-11-16 Thread centos

On Fri, 16 Nov 2007 12:47:38 -0800
"Mark Hull-Richter" <[EMAIL PROTECTED]> wrote:

> I have the same question myself - never been able to use the
> archive effectively without a date.

I think I have found it:

http://lists.centos.org/pipermail/centos/

It's the wrong page, it's the archive. The search is on:

http://lists.centos.org/mailman/listinfo/centos

at the top left!

-- 
Thanks
http://www.911networks.com
When the network has to work
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Samba Upgrade on Centos 3

2007-11-16 Thread Ben Mohilef


> After today's samba update, Centos 3 boxes can not use samba to 
> communicate with each other, although Windows and the Centos 3 boxes
> see each other correctly as do RHEL5 and the Centos3 boxes. The du 

Upon further investigation, samba can only no longer use wildcards of any type 
or do 
things like 'ls' . Doing
ls /mnt/SHARE/  
works fine whereas
ls /mnt/SHARE/* 
gives an invalid result.

I wonder if there is still is a compilation option (there was a few years ago) 
to 
enable/disable wildcards which is either turned off or has been disabled?

If one knows the complete file name on a Centos 3 share then one has no 
problem. 
Windows boxes (and Linux boxes other than Centos 3) work fine and that is the 
way most 
admins use samba so this is hardly a crisis. ( Unlike the Ubuntu people who 
report that 
nmbd is segfaulting on their boxes and apparently have a different problem). 

regards,

benm


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to make fdisk recognize increased iSCSI LUN?

2007-11-16 Thread Alain Spineux

On Nov 16, 2007 10:06 PM, Mindaugas <[EMAIL PROTECTED]> wrote:
>
>   Hello,
>
>   How to explain to fdisk that /dev/sda size changed?

Try to send him an email [EMAIL PROTECTED] :-)
Please be polite :-)

or maybe try

# partprobe /dev/sda

>I increased LUN on storage, reloaded iscsi, did echo 1 >
/sys//rescan. And I see in "dmesg" that kernel found new
size of the LUN. But when I type "fdisk /dev/sda" it still shows old
size. On /dev/sda1 sits LVM PV and I'd like to resize it instead of
adding one more PV to volume group.

I imagine sda1 is thee only partition on sda !

I know all LVM commands by hart and was not knowing pvresize !
What a crazy thing! A day it will be possible to move an entire
partition inside a disk, and doing this online !
Then LVM will become useless :-)
I thing a day a man will walk on the moon :-)



Regards

Alain


>
>   CentOS 4.4 64bits.
>
>   Thanks,
>
>   Mindaugas
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
Alain Spineux
aspineux gmail com
May the sources be with you
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Basic Network question pinging different subnets

2007-11-16 Thread Bob Metelsky


Hi Im a little perplexed by this situation

I have centos 4.5 installed on 2 pcs - each with 2 network cards

machine 1

eth0  Link encap:Ethernet  HWaddr 00:14:2A:6B:C8:CC
 inet addr:10.54.7.2  Bcast:10.54.7.255  Mask:255.255.255.0

eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A2:90

 inet addr:10.54.0.2  Bcast:10.54.0.255  Mask:255.255.255.0

machine 2

eth0  Link encap:Ethernet  HWaddr 00:14:2A:69:4C:47
 inet addr:10.54.7.3  Bcast:10.54.7.255  Mask:255.255.255.0

eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A5:0A
 inet addr:10.54.0.3  Bcast:10.54.0.255  Mask:255.255.255.0


machine 1 & 2 can ping each other  on either subnets

machine 3 (windows)...

C:\>ipconfig

   Connection-specific DNS Suffix  . :
   IP Address. . . . . . . . . . . . : 10.54.7.16
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.54.7.1

cant ping anything on the 10.54.0 subnet, nor does that subnet show up 
ip using a port scanner...


C:\>ping 10.54.0.2

Pinging 10.54.0.2 with 32 bytes of data:
Request timed out.
Request timed out.

C:\>ping 10.54.7.2

Pinging 10.54.7.2 with 32 bytes of data:
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64


Any ideas why this is happening? I dont have a firewall on the 10.54 
address,


Thanks
Bob



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Basic Network question pinging different subnets

2007-11-16 Thread Scott Silva


on 11/16/2007 4:25 PM Bob Metelsky spake the following:

Hi Im a little perplexed by this situation

I have centos 4.5 installed on 2 pcs - each with 2 network cards

machine 1

eth0  Link encap:Ethernet  HWaddr 00:14:2A:6B:C8:CC
 inet addr:10.54.7.2  Bcast:10.54.7.255  Mask:255.255.255.0
eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A2:90
 inet addr:10.54.0.2  Bcast:10.54.0.255  Mask:255.255.255.0

machine 2

eth0  Link encap:Ethernet  HWaddr 00:14:2A:69:4C:47
 inet addr:10.54.7.3  Bcast:10.54.7.255  Mask:255.255.255.0

eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A5:0A
 inet addr:10.54.0.3  Bcast:10.54.0.255  Mask:255.255.255.0


machine 1 & 2 can ping each other  on either subnets

machine 3 (windows)...

C:\>ipconfig

   Connection-specific DNS Suffix  . :
   IP Address. . . . . . . . . . . . : 10.54.7.16
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.54.7.1

cant ping anything on the 10.54.0 subnet, nor does that subnet show up 
ip using a port scanner...


C:\>ping 10.54.0.2

Pinging 10.54.0.2 with 32 bytes of data:
Request timed out.
Request timed out.

C:\>ping 10.54.7.2

Pinging 10.54.7.2 with 32 bytes of data:
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64


Any ideas why this is happening? I dont have a firewall on the 10.54 
address,


Machine 3 is locked to its subnet by the subnet mask. Your above mask of 
255.255.255.0 only lets the windows machine talk to 10.54.7.1 through 
10.54.7.254. Without adding a route to that other address, or a virtual IP 
address in that address space, the windows machine can't see or communicate on 
the other subnet.



--
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Basic Network question pinging different subnets

2007-11-16 Thread Alain Spineux

On Nov 17, 2007 1:25 AM, Bob Metelsky <[EMAIL PROTECTED]> wrote:
> Hi Im a little perplexed by this situation
>
> I have centos 4.5 installed on 2 pcs - each with 2 network cards
>
> machine 1
>
> eth0  Link encap:Ethernet  HWaddr 00:14:2A:6B:C8:CC
>   inet addr:10.54.7.2  Bcast:10.54.7.255  Mask:255.255.255.0
>
> eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A2:90
>   inet addr:10.54.0.2  Bcast:10.54.0.255  Mask:255.255.255.0
>
> machine 2
>
> eth0  Link encap:Ethernet  HWaddr 00:14:2A:69:4C:47
>   inet addr:10.54.7.3  Bcast:10.54.7.255  Mask:255.255.255.0
>
> eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A5:0A
>   inet addr:10.54.0.3  Bcast:10.54.0.255  Mask:255.255.255.0
>
>
> machine 1 & 2 can ping each other  on either subnets
>
> machine 3 (windows)...
>
> C:\>ipconfig
>
> Connection-specific DNS Suffix  . :
> IP Address. . . . . . . . . . . . : 10.54.7.16
> Subnet Mask . . . . . . . . . . . : 255.255.255.0
> Default Gateway . . . . . . . . . : 10.54.7.1
>
> cant ping anything on the 10.54.0 subnet, nor does that subnet show up
> ip using a port scanner...
>
> C:\>ping 10.54.0.2
>
> Pinging 10.54.0.2 with 32 bytes of data:
> Request timed out.
> Request timed out.
>
> C:\>ping 10.54.7.2
>
> Pinging 10.54.7.2 with 32 bytes of data:
> Reply from 10.54.7.2: bytes=32 time<1ms TTL=64
> Reply from 10.54.7.2: bytes=32 time<1ms TTL=64
>
>
> Any ideas why this is happening? I dont have a firewall on the 10.54
> address,

Yes ! You have to learn how works IP networks :-)
IP is wild and wide :-)

you can try this on your windows :

c:\> route add 10.54.0.2 MASK 255.255.255.255 10.54.7.2

OR

do the same on your router at 10.54.7.1

OR (depend on how your linux box is configured)

c:\> route add 10.54.0.0 MASK 255.255.255.0 10.54.7.16

But this should give you access on both 10.54.0.2 and 10.54.0.3

OR if routing is enable on 10.54.7.2

c:\> route add 10.54.0.0 MASK 255.255.255.0 10.54.7.2

should also give you access to both 10.54.0.2 and 10.54.0.3


You just have to understand the first one other are just to spread out
my IP knowledges.
Ops, the last one is sometime useful to configure a device on another
IP range, without reconfiguring your IP.
Like when unpacking a new router with IP 192.168.123.1

Regards.


>
> Thanks
> Bob
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
Alain Spineux
aspineux gmail com
May the sources be with you
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Basic Network question pinging different subnets

2007-11-16 Thread John R Pierce


Bob Metelsky wrote:

Hi Im a little perplexed by this situation

I have centos 4.5 installed on 2 pcs - each with 2 network cards

machine 1

eth0  Link encap:Ethernet  HWaddr 00:14:2A:6B:C8:CC
 inet addr:10.54.7.2  Bcast:10.54.7.255  Mask:255.255.255.0
eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A2:90
 inet addr:10.54.0.2  Bcast:10.54.0.255  Mask:255.255.255.0

machine 2

eth0  Link encap:Ethernet  HWaddr 00:14:2A:69:4C:47
 inet addr:10.54.7.3  Bcast:10.54.7.255  Mask:255.255.255.0

eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A5:0A
 inet addr:10.54.0.3  Bcast:10.54.0.255  Mask:255.255.255.0


machine 1 & 2 can ping each other  on either subnets



so you have two seperate networks?the eth0's are connected to one 
hub or switch, and the eth1's to another hub or switch?




machine 3 (windows)...

C:\>ipconfig

   Connection-specific DNS Suffix  . :
   IP Address. . . . . . . . . . . . : 10.54.7.16
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Default Gateway . . . . . . . . . : 10.54.7.1

cant ping anything on the 10.54.0 subnet, nor does that subnet show up 
ip using a port scanner...


C:\>ping 10.54.0.2

Pinging 10.54.0.2 with 32 bytes of data:
Request timed out.
Request timed out.

C:\>ping 10.54.7.2

Pinging 10.54.7.2 with 32 bytes of data:
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64


Any ideas why this is happening? I dont have a firewall on the 10.54 
address,


presumably, the windows machine is connected to the 'eth0' network that 
the centos machines are connected to?


how exactly do you expect the packets to get from there to the other 
network?  the windows machine has been instructed to forward all unknown 
packets to 10.54.7.1, which presumably is some other sort of router...   
chances are, said 10.54.7.1 has no clue where 10.54.0.xxx is.


solution 1) configure a linux computer to do 'ip forwarding', and give 
the windows machine a route like...


   C>  route add 10.54.0.0 mask 255.255.255.0 gw 10.54.7.2

or, solution 2) configure the router at 10.54.7.1 to have a route to 
this other network.



if both networks are on the same hub/switch, then I can only ask... WHY?






___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Basic Network question pinging different subnets

2007-11-16 Thread Bob Metelsky


Im a dba not a network guy... :)
Well ok I know there are technical "reasons" why this doesn't seem 
to "work"


But -  why can I ping any other ip address   ie Google
64.233.167.99

Ok I guess thats "resolvable" and not private. My thinking is ping 
should try and  "find" the address


Maybe I need a type of local dns...(??)  How does one avoid  manually 
adding "routes"


my port scanner - I give a range 10.54.0.0 - 10.54.7.55, Im thinking it 
should try all addresses in between and it only gets the ones on 10.54.7.0


The comment below sounds like what I need... thanks!

"

c:\> route add 10.54.0.0 MASK 255.255.255.0 10.54.7.16

But this should give you access on both 10.54.0.2 and 10.54.0.3

"

C:\>route add 10.54.0.0 MASK 255.255.255.0 10.54.7.16

C:\>ping 10.54.0.2

Pinging 10.54.0.2 with 32 bytes of data:

Reply from 10.54.0.2: bytes=32 time<1ms TTL=64
Reply from 10.54.0.2: bytes=32 time<1ms TTL=64

My purpose is to have a private network between database servers (oracle 
rac) where only specific traffic is allowed, and it works that way, I 
was just surprised that I want able to ping the 0 subnet.

So I need to add the route...

Thanks for everyones feedback. Hopefully I can contribute 
somethingin the future

;-)

Bob




Alain Spineux wrote:

On Nov 17, 2007 1:25 AM, Bob Metelsky <[EMAIL PROTECTED]> wrote:
  

Hi Im a little perplexed by this situation

I have centos 4.5 installed on 2 pcs - each with 2 network cards

machine 1

eth0  Link encap:Ethernet  HWaddr 00:14:2A:6B:C8:CC
  inet addr:10.54.7.2  Bcast:10.54.7.255  Mask:255.255.255.0

eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A2:90
  inet addr:10.54.0.2  Bcast:10.54.0.255  Mask:255.255.255.0

machine 2

eth0  Link encap:Ethernet  HWaddr 00:14:2A:69:4C:47
  inet addr:10.54.7.3  Bcast:10.54.7.255  Mask:255.255.255.0

eth1  Link encap:Ethernet  HWaddr 00:11:50:9B:A5:0A
  inet addr:10.54.0.3  Bcast:10.54.0.255  Mask:255.255.255.0


machine 1 & 2 can ping each other  on either subnets

machine 3 (windows)...

C:\>ipconfig

Connection-specific DNS Suffix  . :
IP Address. . . . . . . . . . . . : 10.54.7.16
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.54.7.1

cant ping anything on the 10.54.0 subnet, nor does that subnet show up
ip using a port scanner...

C:\>ping 10.54.0.2

Pinging 10.54.0.2 with 32 bytes of data:
Request timed out.
Request timed out.

C:\>ping 10.54.7.2

Pinging 10.54.7.2 with 32 bytes of data:
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64
Reply from 10.54.7.2: bytes=32 time<1ms TTL=64


Any ideas why this is happening? I dont have a firewall on the 10.54
address,



Yes ! You have to learn how works IP networks :-)
IP is wild and wide :-)

you can try this on your windows :

c:\> route add 10.54.0.2 MASK 255.255.255.255 10.54.7.2

OR

do the same on your router at 10.54.7.1

OR (depend on how your linux box is configured)

c:\> route add 10.54.0.0 MASK 255.255.255.0 10.54.7.16

But this should give you access on both 10.54.0.2 and 10.54.0.3

OR if routing is enable on 10.54.7.2

c:\> route add 10.54.0.0 MASK 255.255.255.0 10.54.7.2

should also give you access to both 10.54.0.2 and 10.54.0.3


You just have to understand the first one other are just to spread out
my IP knowledges.
Ops, the last one is sometime useful to configure a device on another
IP range, without reconfiguring your IP.
Like when unpacking a new router with IP 192.168.123.1

Regards.


  

Thanks
Bob



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos






  
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Basic Network question pinging different subnets

2007-11-16 Thread Bob Metelsky



Any ideas why this is happening? I dont have a firewall on the 10.54 
address,


presumably, the windows machine is connected to the 'eth0' network 
that the centos machines are connected to?


how exactly do you expect the packets to get from there to the other 
network?  the windows machine has been instructed to forward all 
unknown packets to 10.54.7.1, which presumably is some other sort of 
router...   chances are, said 10.54.7.1 has no clue where 10.54.0.xxx is.




Ya-  I see - your right the router is 10.54.7.1  The rest of the network 
switches are  hubs off of that (all still 10.54.7.)


this private network is truly private  (independent to the 2 computers 
connected) in other words they are off the network, their traffic oesn't 
go through a switch.


I didn't give this enough thought 

the fact is I dont need to connect to the 0 address directly from the 
windows machine. The 0 address is only for private network between the 
database servers...


I was just curious that I couldn't ping them, I thought ping (and the 
port scanner) should magically find them (like dns) ...


solution 1) configure a linux computer to do 'ip forwarding', and give 
the windows machine a route like...


   C>  route add 10.54.0.0 mask 255.255.255.0 gw 10.54.7.2

or, solution 2) configure the router at 10.54.7.1 to have a route to 
this other network.



if both networks are on the same hub/switch, then I can only ask... WHY?


Thanks for the insight,

Bob
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] How to make fdisk recognize increased iSCSI LUN?

2007-11-16 Thread Mindaugas


  Hi,

> >   How to explain to fdisk that /dev/sda size changed? I 
> > increased LUN on storage, reloaded iscsi, did echo 1 > 
> > /sys//rescan. And I see in "dmesg" that kernel 
> > found new size of the LUN. But when I type "fdisk /dev/sda" 
> > it still shows old size. On /dev/sda1 sits LVM PV and I'd 
> > like to resize it instead of adding one more PV to volume group.
> > 
> 
> I think it may be the MBR that still has the old size in it.
> 
> Try opening it in fdisk, save it, then re-open it.

  Probably. But opening and saving does not help. "partprobe /dev/sda" does not 
help too.

  Mindaugas

dmesg:
SCSI device sda: 1048576000 512-byte hdwr sectors (536871 MB)
SCSI device sda: drive cache: write through

#  fdisk /dev/sda

The number of cylinders for this disk is set to 26108.
There is nothing wrong with that, but this is larger than 1024,
and could in certain setups cause problems with:
1) software that runs at boot time (e.g., old versions of LILO)
2) booting and partitioning software from other OSs
   (e.g., DOS FDISK, OS/2 FDISK)

Command (m for help): p

Disk /dev/sda: 214.7 GB, 214748364800 bytes
255 heads, 63 sectors/track, 26108 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot  Start End  Blocks   Id  System
/dev/sda1   1   26108   209712478+  8e  Linux LVM

Command (m for help): w
The partition table has been altered!

Calling ioctl() to re-read partition table.

WARNING: Re-reading the partition table failed with error 16: Device or 
resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.

# partprobe /dev/sda

# fdisk -l /dev/sda

Disk /dev/sda: 214.7 GB, 214748364800 bytes
255 heads, 63 sectors/track, 26108 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes

   Device Boot  Start End  Blocks   Id  System
/dev/sda1   1   26108   209712478+  8e  Linux LVM
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

59 matches

Mail list logo