Re: [CentOS] Alarming (?) smartd reports
On Wed, Sep 10, 2008 at 9:41 PM, MHR <[EMAIL PROTECTED]> wrote: > I decided, after the last discussion of smartd and S.M.A.R.T. disks, > to take a look in my /var/log/messages, and I'm seeing fair bit of > this: > > Sep 10 20:11:23 mhrichter smartd[3361]: Device: /dev/sda, 4294967295 > Offline uncorrectable sectors > Sep 10 20:41:23 mhrichter smartd[3361]: Device: /dev/hdb, 21 Currently > unreadable (pending) sectors (snip) > Google is not particularly informative on this subject - anyone know > more than general suggestions about dd, badblocks, etc.? This is my > boot and primary system disk (has been for some time), but the error > message is essentially meaningless (to me, right now). You should start thinking of replacing the disk. There is a discussion in the forum: http://www.centos.org/modules/newbb/viewtopic.php?topic_id=15880&forum=39 I am one of the people there who were getting the same error and replaced the disk. Akemi / toracat ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thursday 11 September 2008 08:02:23 Akemi Yagi wrote: > You should start thinking of replacing the disk. There is a > discussion in the forum: > > http://www.centos.org/modules/newbb/viewtopic.php?topic_id=15880&forum=39 > > I am one of the people there who were getting the same error and > replaced the disk. I had similar messages on this laptop. Acer accepted liability and replaced the disk. Anne signature.asc Description: This is a digitally signed message part. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Job Scheduling suggestions
> On Wed, 10 Sep 2008 19:54:44 -0700 > "JRP" == John R Pierce wrote: JRP> Mag Gam wrote: >> At my university we have 50 computers in the lab. We would like >> to use a scheduler to schedule our fluid models, and I was >> wondering what is a good suggestion? >> JRP> you might look at using one of the scientific clustering JRP> packages, like Oscar, which implements and manages an MPI JRP> cluster. this of course assumes your fluid model software is JRP> written to use MPI If you're going for cluster software you might consider http://www.rocksclusters.org/ It's even based on CentOS. Here at our place we have a dedicated cluster with Rocks. In addition I took the SGE-rpm from the distribution and installed it on our regular (CentOS) workstations so that jobs can be scheduled on these machines too ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Logwatch / spamassassin
Hi all, Well it took a while for me to figure it out, but apparently my logwatch no longer can be mailed locally on my computer as I believe spamassassin is eating it. I can send it out to an email address outside my server though. So spamassassin is only checking incoming I guess. My question ishow do I...or should I Make all local mail go straight to the boxes and skip spamasassin entirely.. Or.. Whitelist logwatch. Apparently, I am guessing, all those nifty log reports are so full of blacklisted urls and ips...well, you get the picure. Best ways to make this work so I can get it delivered to root again? Thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch / spamassassin
Bob Hoffman wrote: > Best ways to make this work so I can get it delivered to root again? Please, don't give out too much information when asking questions, all of us here really like to go on a wild goose chase now and then. IOW: Show logs. Ralph pgpAKlJaNIrbC.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] RE: Logwatch / spamassassin
So.. To answer my own question... so I edited the file /etc/mail/spamassassin/local.cf whitelist_from [EMAIL PROTECTED] Where localhost.localdomain is your hostname.servername And it worked. However, I am concerned about spoofing. I would think that mail agent and spamassassin would have an 'okay, it's a local user' thing going on. They do not. On the internet there are 1000s of posts like mine, asking questions about this and getting no answers. I hope this helps. Centos 5.2... -Original Message- From: Bob Hoffman [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2008 4:54 AM To: 'centos@centos.org' Subject: Logwatch / spamassassin Hi all, Well it took a while for me to figure it out, but apparently my logwatch no longer can be mailed locally on my computer as I believe spamassassin is eating it. I can send it out to an email address outside my server though. So spamassassin is only checking incoming I guess. My question ishow do I...or should I Make all local mail go straight to the boxes and skip spamasassin entirely.. Or.. Whitelist logwatch. Apparently, I am guessing, all those nifty log reports are so full of blacklisted urls and ips...well, you get the picure. Best ways to make this work so I can get it delivered to root again? Thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Logwatch / spamassassin
Bob Hoffman wrote: Hi all, Well it took a while for me to figure it out, but apparently my logwatch no longer can be mailed locally on my computer as I believe spamassassin is eating it. I can send it out to an email address outside my server though. So spamassassin is only checking incoming I guess. My question ishow do I...or should I Make all local mail go straight to the boxes and skip spamasassin entirely.. Try adding a whitelist entry to /etc/mail/spamassassin/local.cf. To whitelist all mail from your domain: whitelist_from [EMAIL PROTECTED] Or.. Whitelist logwatch. or try: whitelist_from [EMAIL PROTECTED] for a single address. This will add -100 to the score for spamassassin. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Wed, 2008-09-10 at 21:41 -0700, MHR wrote: > I decided, after the last discussion of smartd and S.M.A.R.T. disks, > to take a look in my /var/log/messages, and I'm seeing fair bit of > this: > > Sep 10 20:11:23 mhrichter smartd[3361]: Device: /dev/sda, 4294967295 > Offline uncorrectable sectors > Sep 10 20:41:23 mhrichter smartd[3361]: Device: /dev/hdb, 21 Currently > unreadable (pending) sectors > > Google is not particularly informative on this subject - anyone know > more than general suggestions about dd, badblocks, etc.? This is my > boot and primary system disk (has been for some time), but the error > message is essentially meaningless (to me, right now). A google using manufacturer smart site::centos.org should lead to a couple good threads on this list. I'd cite the recent related, but I'm short of time ATM. As long as you only see one, or very few, errors and very limited growth in the number, no worry IMO. However, to confirm this, use smartctl to get a full check and logging done. Then use it to review the logs. I've got one that has had 2 errors for more than 6 months now. Used the manufacturer tools, it got repaired, only one occurrence since. > > Thanks. > > mhr > -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RE: Logwatch / spamassassin
Bob Hoffman wrote: So.. To answer my own question... so I edited the file /etc/mail/spamassassin/local.cf whitelist_from [EMAIL PROTECTED] Where localhost.localdomain is your hostname.servername And it worked. Sorry, didn't see you'd answered your own question in my previous reply :) However, I am concerned about spoofing. I would think that mail agent and spamassassin would have an 'okay, it's a local user' thing going on. They do not. On the internet there are 1000s of posts like mine, asking questions about this and getting no answers. I hope this helps. The best method (IMHO) is probably not to accept mail from a non-FQDN in your MTA. There's no good reason I can think of to accept external mail from localhost.localdomain. Other methods using spamassassin might be to have those mails sent to an account that shouldn't be filtered anyway (such as postmaster) or to write a some header/body checks unique to your logwatch mails to make sure they pass rather than just filtering on the From: sender address. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Job Scheduling suggestions
Thankyou everyone. How does SGE compare? Is it easy to implement? What about its features compared to others? How is the code quality, stability, and documentation? TIA On Thu, Sep 11, 2008 at 4:15 AM, Bernhard Gschaider <[EMAIL PROTECTED]> wrote: > >> On Wed, 10 Sep 2008 19:54:44 -0700 >> "JRP" == John R Pierce wrote: > >JRP> Mag Gam wrote: >>> At my university we have 50 computers in the lab. We would like >>> to use a scheduler to schedule our fluid models, and I was >>> wondering what is a good suggestion? >>> > >JRP> you might look at using one of the scientific clustering >JRP> packages, like Oscar, which implements and manages an MPI >JRP> cluster. this of course assumes your fluid model software is >JRP> written to use MPI > > If you're going for cluster software you might consider > > http://www.rocksclusters.org/ > > It's even based on CentOS. > > Here at our place we have a dedicated cluster with Rocks. In addition > I took the SGE-rpm from the distribution and installed it on our > regular (CentOS) workstations so that jobs can be scheduled on these > machines too > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] /etc/rc5.d
I have a shell script, /usr/bin/joevpn, which does a quick VPN
connect. Basically (HOST and DOFIL are defined above and are correct.
I just did not list them here)
case "$1" in
start)
date > $DOFIL
while [ -f $DOFIL ]
do
echo y | /usr/local/bin/vpnclient connect $HOST
sleep 10
done
;;
# Reconnects in case of disconnect (in while loop)
This works. And in /etc/init.d I have a runjoevpn (which linked to
/etc/rc5.d/S99runjoevpn). It works like the others. Below, $1 is checked
(not shown here for brevity) and if it is "start" then start below is
called:
start() {
date >> /root/joe.log
/usr/bin/joevpn start &
RES=$?
return $RES
}
This all works and everything. I am just curious as to why when I do
a ps I get this:
/bin/bash /etc/rc5.d/S99runjoevpn
Shouldn't that init script terminate since I have an "&" when I do the
start() function above? No other rc5 stuff (i.e. tomcat for instance)
shows up in the ps, though tomcat is running, it started up and returned.
Is this OK or am I missing something?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] /etc/rc5.d
[EMAIL PROTECTED] wrote / napísal(a):
I have a shell script, /usr/bin/joevpn, which does a quick VPN
connect. Basically (HOST and DOFIL are defined above and are correct.
I just did not list them here)
case "$1" in
start)
date > $DOFIL
while [ -f $DOFIL ]
do
echo y | /usr/local/bin/vpnclient connect $HOST
sleep 10
done
;;
# Reconnects in case of disconnect (in while loop)
This works. And in /etc/init.d I have a runjoevpn (which linked to
/etc/rc5.d/S99runjoevpn). It works like the others. Below, $1 is checked
(not shown here for brevity) and if it is "start" then start below is
called:
start() {
date >> /root/joe.log
/usr/bin/joevpn start &
RES=$?
return $RES
}
This all works and everything. I am just curious as to why when I do
a ps I get this:
/bin/bash /etc/rc5.d/S99runjoevpn
Shouldn't that init script terminate since I have an "&" when I do the
start() function above? No other rc5 stuff (i.e. tomcat for instance)
shows up in the ps, though tomcat is running, it started up and returned.
Is this OK or am I missing something?
Because you start it each 10 seconds and because of while construction
the start script NEVER end
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] RE: Logwatch / spamassassin
Bob Hoffman wrote: > So.. > > To answer my own question... > > so I edited the file /etc/mail/spamassassin/local.cf > > whitelist_from [EMAIL PROTECTED] > > Where localhost.localdomain is your hostname.servername > > And it worked. > > However, I am concerned about spoofing. I would think that mail agent > and spamassassin would have an 'okay, it's a local user' thing going > on. Generally, using 'whitelist_from' is a bad idea due to spoofing. The address you are using will probably not cause too many problems, but you should still fix it if possible. Use 'whitelist_from_rcvd' instead. This will whitelist the address only if the mail comes from a specified domain. Try this (untested): whitelist_from_rcvd [EMAIL PROTECTED] localhost.localdomain Note that this will require your DNS server to resolve localhost.localdomain (forward and reverse). Another option is to configure your mail server to bypass SA entirely for local mail. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] /etc/rc5.d
[EMAIL PROTECTED] wrote:
>
> start() {
> date >> /root/joe.log
> /usr/bin/joevpn start &
> RES=$?
> return $RES
> }
>
> This all works and everything. I am just curious as to why when I do
> a ps I get this:
> /bin/bash /etc/rc5.d/S99runjoevpn
>
> Shouldn't that init script terminate since I have an "&" when I do the
> start() function above? No other rc5 stuff (i.e. tomcat for instance)
> shows up in the ps, though tomcat is running, it started up and
> returned. Is this OK or am I missing something?
The "&" doesn't terminate anything. It simply moves the process to the
background and leaves it attached to the parent process. The parent
process cannot exit until all of its child processes exit. What you are
looking for is this:
start() {
date >> /root/joe.log
nohup /usr/bin/joevpn start &
RES=$?
return $RES
}
The "nohup" command will detach the joevpn process from the parent and
allow the parent process to exit.
--
Bowie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat with squid username/password
Hi, for the sake of the the CentOS email servers, would you please turn off attaching the additional copy of your email in HTML format? You are sending your email out in both plain text and HTML format, which more than doubles the size of your email, thereby doubling the amount of bandwidth the CentOS email server has to use to send it to the many many people on the list. This increases the cost of sending out your email by almost 100% but doesn't provide any more actual content. to see how to turn off HTML in many email clients look at this web page: http://expita.com/nomime.html#programs This is desired by the CentOS mailing list rules. per: 1. Please turn off HTML in your e-mail client for these mailing lists. We have several subscribers who read the list with text only readers and they can't easily read HTML formatted e-mails. There is a place (somewhere) for the flowery stationary and themes that some mail clients offer ... but this is not it. Again, please only post text e-mails to these mailing lists. Quoted from: http://www.centos.org/modules/tinycontent/index.php?id=16 (near the bottom) Thanks, Jeff Kinz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat with squid username/password
Harry Sukumar wrote: > Is there a reason the username/password are not being sent? Our squid > proxy uses both NTLM and basic authentication. The reason is your application code is not using the proxy, or the application code is calling http libraries that are not using the proxy. Really nothing to do with tomcat, the arguments you passed to the JVM are JAVA options not Tomcat options. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] RE: Logwatch / spamassassin
Ned, Thanks for the letters. Yes, I added the whitelist, but think that is not right either. No matter what I add in there, it will allow someone to use it and come in. The postmaster not getting tagged is just as scary actually. The weird part is the mail will go to another server via smtp and not be tagged as SPAM. How strange is that. I can only assume I should be changing something in the logwatch file to make it not be from 'logwatch' but to instead be 'root' or some other local user. Since logwatch has no local user in my mail setups...maybe that is the problem. So it might be that matter that makes it get killed by procmail or by spamassassin. Strange. But a very obvious problem across the net. I will work on this more tonight and see if I can get it to run better without whitelisting. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] RE: Logwatch / spamassassin
Take a logwatch email with lots of "bad ips etc" and run it through spamassassin as the same user that spamassassin runs under on that machine and it will give you some info you need to make better decisions You will actually see how it is getting eval'd and scored... The best answer(s), and what you use to solve the issue may not be the same thing. Once you do that, you could actually create a rule called ADMIN_LOGWATCH_LOCAL and have it score appropriately. Whitelisting is a kludge. Possibly your trust path could be messed up too. Many people would say don't allow the MTA to hand to SA, yet if all email must be handed to SA by policy you get the idea... - rh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Java install
While using Fedora, I always used java straight from Sun. What is recommended for CentOS?? Getting jetty, java and other java apps working correctly has been a real chore. If I used nothing but RPMs for CEntOS, would I have a real working java install? I need some help on this one badly. Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
Ric Moore wrote: > While using Fedora, I always used java straight from Sun. What is > recommended for CentOS?? Getting jetty, java and other java apps working > correctly has been a real chore. If I used nothing but RPMs for CEntOS, > would I have a real working java install? I need some help on this one > badly. Ric Get it from Sun for now. I think Java 7 is the one that's supposed to be fully GPL, Java 6 still has some incompatible bits that Sun is re-writing(last I read). You can get java alternatives like gcj with CentOS, though their usefulness is somewhat limited. nate (and to answer your other email you sent me off-list while I'm here, no not the same nate, I've never worked at Red Hat) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Sep 11, 2008, at 12:01 PM, Ric Moore wrote: While using Fedora, I always used java straight from Sun. What is recommended for CentOS?? Getting jetty, java and other java apps working correctly has been a real chore. If I used nothing but RPMs for CEntOS, would I have a real working java install? I need some help on this one badly. Ric http://jpackage.org/ makes your life easier. -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNS Logging with Selinux enabled
--- On Wed, 10/9/08, Ralph Angenendt <[EMAIL PROTECTED]> wrote: > From: Ralph Angenendt <[EMAIL PROTECTED]> > Subject: Re: [CentOS] DNS Logging with Selinux enabled > To: centos@centos.org > Date: Wednesday, 10 September, 2008, 9:27 AM > Josh Donovan wrote: > > I rebuilt my server and setup bind to log queries in a > chroot. > > [EMAIL PROTECTED] log]# ls -alZ > /var/named/chroot/var/log/activity.log > > -rw-r--r-- namednamed > root:object_r:named_conf_t > /var/named/chroot/var/log/activity.log > > That should be root:object_r:named_log_t, IIRC. > > Ralph > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos [EMAIL PROTECTED] named]# ls -alZ drwxrwx--- namednamedroot:object_r:named_log_t. drwxrwx--- root root system_u:object_r:named_log_t.. -rw--- namednamedsystem_u:object_r:named_log_tactivity.log -rw--- namednamedsystem_u:object_r:named_log_tquery.log How do I get root:object_r:named_log_t as its now system_u:object_r:named_log_t on the logs? Thanks, Josh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 09:16 -0700, nate wrote: > Ric Moore wrote: > > While using Fedora, I always used java straight from Sun. What is > > recommended for CentOS?? Getting jetty, java and other java apps working > > correctly has been a real chore. If I used nothing but RPMs for CEntOS, > > would I have a real working java install? I need some help on this one > > badly. Ric > > Get it from Sun for now. I think Java 7 is the one that's supposed to > be fully GPL, Java 6 still has some incompatible bits that Sun is > re-writing(last I read). > > You can get java alternatives like gcj with CentOS, though their > usefulness is somewhat limited. Whew. Getting jetty and java all classpath straight and working together has been a pain. Everything I've read and googled says I done the proper steps, so it's something I'm not getting right on my end, and to ask the list to figure it out would be too huge a chore to ask of anyone. I'll figure it out. The usual fix is just to start over, with the docs at hand. Persistence counts in Linux! Do you recommend I uninstall all rpm's for java/jetty at the same time?? I know some things are going to squeak about it. Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
Ric Moore wrote: > Whew. Getting jetty and java all classpath straight and working together > has been a pain. Everything I've read and googled says I done the proper > steps, so it's something I'm not getting right on my end, and to ask the > list to figure it out would be too huge a chore to ask of anyone. I'll > figure it out. The usual fix is just to start over, with the docs at > hand. Persistence counts in Linux! Do you recommend I uninstall > all rpm's for java/jetty at the same time?? I know some things are going > to squeak about it. Depends on your requirements, but for my systems, I make sure all of the distribution specific rpms around java are removed(I use cfengine, so package state is checked hourly and they are removed automatically), install the jdk/jre that you want to use from Sun, and then what I do is update the PATH to include /usr/java//bin and set the JAVA_HOME in /etc/bashrc # BEGIN Java Home Config CFEngine dc1-hpsim001 Rev 3 export JRE_HOME="/usr/java/jdk1.5.0_11/jre" export JAVA_HOME="/usr/java/jdk1.5.0_11" export PATH="$JAVA_HOME/bin:$PATH" # END Java Home Config CFEngine dc1-hpsim001 Rev 3 That too is controlled by cfengine in the event of upgrades etc. The Sun Java RPM package is also installed for me by cfengine as well, so I don't have to do much to enable java on a system, in most cases it automatically installs itself if the host name falls into certain naming schemes defined by regular expressions. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Tomcat with squid username/password
My apologies for that last post. It was not intended to go to the list. I must have fat fingered the reply to choice. Sorry!. Jeff Kinz ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] DNS Logging with Selinux enabled
Josh Donovan wrote: > --- On Wed, 10/9/08, Ralph Angenendt <[EMAIL PROTECTED]> wrote: > > That should be root:object_r:named_log_t, IIRC. > > -rw--- namednamedsystem_u:object_r:named_log_tquery.log > > How do I get root:object_r:named_log_t as its now > system_u:object_r:named_log_t on the logs? That doesn't matter. For the normal targeted policy only the last part of the policy listing is important (named_log_t in this case). Cheers, Ralph PS: Please trim your mails pgpQxmJClaHVG.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Wed, Sep 10, 2008 at 10:14 PM, nate <[EMAIL PROTECTED]> wrote: > > Download the manufacturer's tools and run a diagnostics on it, > it will tell you the truth about what's going on. > > I wouldn't trust any generic OS tools over the manufacturer's tools, > there was a discussion on this topic on this list I think not too > long ago. The biggest gotcha with the vendor tools though is > they are usually limited in the types of disk controllers they > support. > I was going to laugh this off 'cuz how many manufacturers support Linux, but I was pleasantly surprised, twice, when I found that a) Seagate does and b) the seatools for Linux produced no errors on the long test. It also told me lots of interesting information that I don't recall at the moment, not the least of which was that the drive does not support DST (the on-board diagnostics test), which I thought was odd. Based on some of the other responses, I think I'll run smartctl to see what it says, but that still doesn't really answer the question about the number (4294967295 which happens to be ). There are only a little over 5 billion sectors on the disk in total - how could 4.3 billion of them be bad? I'm thinking it's more likely a 32-bit v. 64-bit issue, but I haven't finished looking at that yet. One other thing that I find interesting: the drives that are showing smart errors are /dev/hdb and /dev/sda. In order from oldest to newest, my drives are: /dev/hdb - Maxtor 120GB PATA /dev/hda - Maxtor 160GB PATA /dev/sda - Seagate 300GB SATA /dev/sdb - WD 320GB SATA The older of each of the PATA and SATA drives are the ones showing the errors Thanks. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thu, Sep 11, 2008 at 12:02 AM, Akemi Yagi <[EMAIL PROTECTED]> wrote: > > You should start thinking of replacing the disk. I am, thanks. > There is a discussion in the forum: > > http://www.centos.org/modules/newbb/viewtopic.php?topic_id=15880&forum=39 > > I am one of the people there who were getting the same error and > replaced the disk. > Scary stuff, to some extent. I should probably point out that the Maxtor 120GB PATA drive (the one with errors I believe are real) had a power connector problem for a while that may have damaged it, but I haven't seen anything funny with it since, and that was back when I changed the CPU/MB in March, 2007 and then the power supply about a month later when that burned out altogether. I'm watchinc it now! mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thu, Sep 11, 2008 at 12:26 AM, Anne Wilson <[EMAIL PROTECTED]> wrote: > > I had similar messages on this laptop. Acer accepted liability and replaced > the disk. > I'm pretty sure the Seagate warranty is no longer in force - most of them are a year. Maxtor's are, for sure - I've had to go through that once before, and they were quite cooperative, too, but that was a few years back (before Seagate bought them). mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
MHR wrote: > I was going to laugh this off 'cuz how many manufacturers support > Linux, but I was pleasantly surprised, twice, when I found that a) > Seagate does and b) the seatools for Linux produced no errors on the > long test. I wasn't aware there was a seatools for Linux, I meant to refer to the bootable versions of the tools that run outside of any OS. But perhaps the vendor tools have improved and can reliably detect faults from within an OS, it's been several years since I've had to use them. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
MHR wrote: On Thu, Sep 11, 2008 at 12:26 AM, Anne Wilson <[EMAIL PROTECTED]> wrote: I had similar messages on this laptop. Acer accepted liability and replaced the disk. I'm pretty sure the Seagate warranty is no longer in force - most of them are a year. Maxtor's are, for sure - I've had to go through that once before, and they were quite cooperative, too, but that was a few years back (before Seagate bought them). depending on the drive and how it was sold, Seagate drives can have a 3 or even 5 year warranty. OTOH, major OEM stuff sold embedded in a packaged system is the responsibility of the OEM warranty (HP, Dell, etc etc). 'whitebox' OEM stuff bought as parts at computer stores, you're the OEM, and they have some level of warranty from Seagate, but I forget what it is specifically, its likely to be 1 year. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thu, Sep 11, 2008 at 11:07:25AM -0700, MHR enlightened us: > On Thu, Sep 11, 2008 at 12:26 AM, Anne Wilson > <[EMAIL PROTECTED]> wrote: > > > > I had similar messages on this laptop. Acer accepted liability and replaced > > the disk. > > > I'm pretty sure the Seagate warranty is no longer in force - most of > them are a year. Maxtor's are, for sure - I've had to go through that > once before, and they were quite cooperative, too, but that was a few > years back (before Seagate bought them). > Seagate has a 5 year warranty on its drives. You might check again. Matt -- Matt Hyclak Systems and Operations Office of Information Technology Ohio University (740) 593-1222 pgpvk2HvGrNQb.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
Ric Moore wrote: While using Fedora, I always used java straight from Sun. What is recommended for CentOS?? Getting jetty, java and other java apps working correctly has been a real chore. If I used nothing but RPMs for CEntOS, would I have a real working java install? I need some help on this one badly. Ric For your sanity's sake, I'd recommend just dropping the Sun binary(ies) under /usr/java/java-version-number and use explicit paths and JAVA_HOME and CLASSPATH settings when starting the programs. Otherwise you'll have trouble if you need more than one jvm version. The Sun RPM package doesn't set up the expected symlinks that the alternatives system uses and the Centos repos don't have a copy that works either. There are some other RPM-packaged versions around but they may or may not do the right thing with alternatives and even if they do, that scheme can only work with one jvm version at a time. -- Les Mikesell [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
Matt Hyclak wrote: On Thu, Sep 11, 2008 at 11:07:25AM -0700, MHR enlightened us: On Thu, Sep 11, 2008 at 12:26 AM, Anne Wilson <[EMAIL PROTECTED]> wrote: I had similar messages on this laptop. Acer accepted liability and replaced the disk. I'm pretty sure the Seagate warranty is no longer in force - most of them are a year. Maxtor's are, for sure - I've had to go through that once before, and they were quite cooperative, too, but that was a few years back (before Seagate bought them). Seagate has a 5 year warranty on its drives. You might check again. Just put the serial number in here: http://support.seagate.com/customer/warranty_validation.jsp -- Les Mikesell [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 12:38 -0400, Steve Huff wrote: > On Sep 11, 2008, at 12:01 PM, Ric Moore wrote: > > > While using Fedora, I always used java straight from Sun. What is > > recommended for CentOS?? Getting jetty, java and other java apps > > working > > correctly has been a real chore. If I used nothing but RPMs for > > CEntOS, > > would I have a real working java install? I need some help on this one > > badly. Ric > > > http://jpackage.org/ makes your life easier. Which of the jpackage sites do you use for yum? I'm definitely looking into cfengine, as mentioned by Nate. I prefer "easy" over "bare-knucks" any day. I just rpm -e'd everything on this system with java in it. starting over from scratch. :) Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 13:32 -0500, Les Mikesell wrote: > Ric Moore wrote: > > While using Fedora, I always used java straight from Sun. What is > > recommended for CentOS?? Getting jetty, java and other java apps working > > correctly has been a real chore. If I used nothing but RPMs for CEntOS, > > would I have a real working java install? I need some help on this one > > badly. Ric > > For your sanity's sake, Thank you, my sanity is at stake here! > I'd recommend just dropping the Sun binary(ies) > under /usr/java/java-version-number and use explicit paths and JAVA_HOME > and CLASSPATH settings when starting the programs. Otherwise you'll > have trouble if you need more than one jvm version. The Sun RPM package > doesn't set up the expected symlinks that the alternatives system uses > and the Centos repos don't have a copy that works either. There are > some other RPM-packaged versions around but they may or may not do the > right thing with alternatives and even if they do, that scheme can only > work with one jvm version at a time. I'm used to beating on alternatives now... it's a wonder it can't be easier though. Well, not really, every distro out there has some unique formula for where things are put and that is what kills the spread of Linux for Joe LunchBucket as well as Admins. Hopefully, --one day--, there will be a 'Grand Unified Theory' for Linux. "I have a dream!" Ric p/s Thanks to everyone for their responses. I'm not a complete newbie, but this java thing has a lot of trees in the forest. I just want it to work correctly and not have an update blow it up (or my meddling, either!) -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: Logwatch / spamassassin
Try adding a whitelist entry to /etc/mail/spamassassin/local.cf. To whitelist all mail from your domain: whitelist_from [EMAIL PROTECTED] It is very easy to spoof email addresses. It is better to whitelist from ip addresses when possible. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, Sep 11, 2008 at 11:46 AM, Ric Moore <[EMAIL PROTECTED]> wrote: > > I'm used to beating on alternatives now... it's a wonder it can't be > easier though. Well, not really, every distro out there has some unique > formula for where things are put and that is what kills the spread of > Linux for Joe LunchBucket as well as Admins. Hopefully, --one day--, > there will be a 'Grand Unified Theory' for Linux. "I have a dream!" Ric > You want Linux to have a GUT? I've been trying to get rid of mine for years! ;^) mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
Ric Moore wrote: I'm used to beating on alternatives now... it's a wonder it can't be easier though. Well, not really, every distro out there has some unique formula for where things are put and that is what kills the spread of Linux for Joe LunchBucket as well as Admins. Hopefully, --one day--, there will be a 'Grand Unified Theory' for Linux. "I have a dream!" Ric The problem is that locations are _supposed_ to be arbitrary and permit the co-existence of multiple versions, and even though every developer almost certainly has his own paths to private versions of things, the first thing they do to simplify setup is to pretend that no one else will need that - or at least not with anything packaged. p/s Thanks to everyone for their responses. I'm not a complete newbie, but this java thing has a lot of trees in the forest. I just want it to work correctly and not have an update blow it up (or my meddling, either!) There's not a real good way to handle things where you can't include versioning in the package/paths and permit multiples unless you just embed the dependent jvm in the RPM package of each app. Don't laugh - the openfire (xmpp server) RPM does exactly that... -- Les Mikesell [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Sep 11, 2008, at 2:40 PM, Ric Moore wrote: http://jpackage.org/ makes your life easier. Which of the jpackage sites do you use for yum? I'm definitely looking into cfengine, as mentioned by Nate. I prefer "easy" over "bare- knucks" any day. I just rpm -e'd everything on this system with java in it. starting over from scratch. :) Ric i'm not quite sure what you're asking here, unfortunately. i configure yum for jpackage by putting http://jpackage.org/jpackage17.repo into /etc/yum.repos.d and setting enabled=1 for the jpackage-rhel and jpackage-generic-nonfree repositories. as for which specific mirror to use... you could use the yum-fastestmirror plugin, or if you want to hardcode it, do some testing and pick the mirror (http://jpackage.org/mirroring.php#mirrors ) that works best for you. there's only one North American mirror, but it is excellent in every way :) follow this procedure (http://jpackage.org/installation.php) to get started (NB: once you have rebuilt your desired nosrc RPM, you don't have to keep rebuilding it on all your machines, just install it) -steve -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 12:13 -0700, MHR wrote: > On Thu, Sep 11, 2008 at 11:46 AM, Ric Moore <[EMAIL PROTECTED]> wrote: > > > > I'm used to beating on alternatives now... it's a wonder it can't be > > easier though. Well, not really, every distro out there has some unique > > formula for where things are put and that is what kills the spread of > > Linux for Joe LunchBucket as well as Admins. Hopefully, --one day--, > > there will be a 'Grand Unified Theory' for Linux. "I have a dream!" Ric > > > > You want Linux to have a GUT? I've been trying to get rid of mine for years! I finally lost mine, diabeties is a sure weight loss cure. But the problem I mentioned about stuff all being in the same place has risen it's ugly head trying to use cfengine. I'll start a new thread. Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] cfengine and crontab
The docs to installing cfengine refers to /var/spool/cron/crontabs/root That doesn't exist. Nor does /etc/crontab. Heck I remember that from the "old days", now there are lots of cron entries, in /etc but no crontab. Not installed by default. So, I'm hunting that one down. Nate, what did you wind up doing?? Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Alarming (?) smartd reports
On Thu, 11 Sep 2008, MHR wrote: On Thu, Sep 11, 2008 at 12:26 AM, Anne Wilson <[EMAIL PROTECTED]> wrote: I had similar messages on this laptop. Acer accepted liability and replaced the disk. I'm pretty sure the Seagate warranty is no longer in force - most of them are a year. you patronize the wrong vendors -- 5 year Seagate warranty and low defects are my expereince. -- Russ herrold ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
MHR wrote: On Thu, Sep 11, 2008 at 12:26 AM, Anne Wilson <[EMAIL PROTECTED]> wrote: I had similar messages on this laptop. Acer accepted liability and replaced the disk. I'm pretty sure the Seagate warranty is no longer in force - most of them are a year. Maxtor's are, for sure - I've had to go through that once before, and they were quite cooperative, too, but that was a few years back (before Seagate bought them). mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos I recently returned a disk that was > 2 years old to teh Seagate agents here in SA. They swapped it out without any hassles - as far as I remember they then said that thwe warranty was 5 years ChrisG ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 15:15 -0400, Steve Huff wrote: > On Sep 11, 2008, at 2:40 PM, Ric Moore wrote: > > >> http://jpackage.org/ makes your life easier. > > > > Which of the jpackage sites do you use for yum? I'm definitely looking > > into cfengine, as mentioned by Nate. > > i'm not quite sure what you're asking here, unfortunately. i > configure yum for jpackage by putting http://jpackage.org/jpackage17.repo > into /etc/yum.repos.d and setting enabled=1 for the jpackage-rhel > and jpackage-generic-nonfree repositories. as for which specific > mirror to use... you could use the yum-fastestmirror plugin, or if you > want to hardcode it, do some testing and pick the mirror > (http://jpackage.org/mirroring.php#mirrors > ) that works best for you. I'm sorry, I was in "Deer in the headlights mode". I should have said repos specifically. I have had these enabled: * epel: mirror.its.uidaho.edu * adobe-linux-i386: linuxdownload.adobe.com * jpackage-fc: planetmirror.com * jpackage-generic-nonfree: planetmirror.com * jpackage-rhel: planetmirror.com * rpmforge: fr2.rpmfind.net * jpackage-generic: planetmirror.com * base: mirror.its.uidaho.edu * updates: centos.mirrors.tds.net * centosplus: mirror.centos.org * addons: mirror.centos.org * jetty6localrepo: * extras: mirror.centos.org With Fedora, we had some problems between differing repos. So, I'd enable one and set another to 0, as I knew my way around. Which are verboten to mix within CentOS? Any on that list that need to be scratched out?? Thanks for your assistance. Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thu, Sep 11, 2008 at 11:15 AM, nate <[EMAIL PROTECTED]> wrote: > > I wasn't aware there was a seatools for Linux, I meant to refer to > the bootable versions of the tools that run outside of any OS. > You have to dig in to find them, but yep, they are there! > But perhaps the vendor tools have improved and can reliably detect > faults from within an OS, it's been several years since I've had to > use them. > I'll probably get the DOS tool, too. It usually /is/ more reliable to test a drive that isn't running, esp. the boot drive Thanks. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Re: cfengine and crontab
on 9-11-2008 12:23 PM Ric Moore spake the following: The docs to installing cfengine refers to /var/spool/cron/crontabs/root That doesn't exist. Nor does /etc/crontab. Heck I remember that from the "old days", now there are lots of cron entries, in /etc but no crontab. Not installed by default. So, I'm hunting that one down. Nate, what did you wind up doing?? Ric You usually edit crontab with "crontab -e", or you can drop scripts in the various cron.[daily|weekly|hourly] directories. -- MailScanner is like deodorant... You hope everybody uses it, and you notice quickly if they don't signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
Hi, On Thu, Sep 11, 2008 at 15:23, Ric Moore <[EMAIL PROTECTED]> wrote: > The docs to installing cfengine refers to /var/spool/cron/crontabs/root > That doesn't exist. In RedHat/CentOS, this file is here: /var/spool/cron/root But you should not write to it directly, instead you should run the "crontab -e" command as root. See "man 1 crontab". This command is also distribution-agnostic, so it will work even on other distributions. > Nor does /etc/crontab. Yes it does. It is a file. Could you check this again on your system? If it really does not exist, do you have the "crontabs" RPM installed? If you don't, maybe something went wrong with your system's installation. > Heck I remember that from the > "old days", now there are lots of cron entries, in /etc but no crontab. > Not installed by default. So, I'm hunting that one down. Nate, what did > you wind up doing?? Ric Check again, because so far I've never seen a system without an /etc/crontab. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
Ric Moore wrote: > The docs to installing cfengine refers to /var/spool/cron/crontabs/root > That doesn't exist. Nor does /etc/crontab. Heck I remember that from the > "old days", now there are lots of cron entries, in /etc but no crontab. > Not installed by default. So, I'm hunting that one down. Nate, what did > you wind up doing?? Ric The file that the document is probably referring to is root's crontab which by default is in /var/spool/cron/root I believe, if the file isn't there then the root account has no crontab. But what I assume the docs are talking about is scheduling cfengine through crontab, something I've never done. I use the cfengine daemons themselves to do the scheduling(by default once an hour), just make sure cfexecd, cfenvd and cfservd are running on all systems and it should be fine. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
On Thu, 2008-09-11 at 12:55 -0700, nate wrote: > Ric Moore wrote: > > The docs to installing cfengine refers to /var/spool/cron/crontabs/root > > That doesn't exist. Nor does /etc/crontab. Heck I remember that from the > > "old days", now there are lots of cron entries, in /etc but no crontab. > > Not installed by default. So, I'm hunting that one down. Nate, what did > > you wind up doing?? Ric > > The file that the document is probably referring to is root's crontab > which by default is in /var/spool/cron/root I believe, if the file > isn't there then the root account has no crontab. > > But what I assume the docs are talking about is scheduling cfengine > through crontab, something I've never done. I use the cfengine > daemons themselves to do the scheduling(by default once an hour), > just make sure cfexecd, cfenvd and cfservd are running on all systems > and it should be fine. Thanks Nate. I'm googling for simple setups, found one that was SuSe oriented, another that is written for CentOS. The latter one being better. I'm still getting the "Deer in the headlights" syndrome, I'm not getting this: $ cd ~/src $ mkdir admin $ chdir admin $ mkdir info build cfengine $ $ svn import -m "Initial import" . /trunk I tried svn import -m "Initial import" . and that last bit stumps me about http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] My turn at building a custom kernel for IPsec BEET mode
Well I am working on building a kernel that will have the IPsec BEET mode patch available from infrahip.hiit.fi. I have some decent help, but really no one there is a seasoned Centos kernel builder (though they work with different FC kernels), and now they are mostly done for the day. I have been following the wiki on building a custom kernel, got my patch in ~/rpmbuild/SOURCES and away with the rpmbuild. That failed on line 69: Unknown tag: % define buildid .hipl0809111 But the comments say to set the define to something like ".local" or ".bz123456" So why the failure? Too long our are the quotes required? If this works, I would like to see this patch 'mainstreamed' as it is in the 2.6.27 kernel ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] My turn at building a custom kernel for IPsec BEET mode
Hi, On Thu, Sep 11, 2008 at 16:27, Robert Moskowitz <[EMAIL PROTECTED]> wrote: > Unknown tag: % define buildid .hipl0809111 Maybe because there is a space after the "%" and before "define"? Try removing that space and see if that works. If you are still not doing it, I suggest you follow the steps on this document: http://wiki.centos.org/HowTos/Custom_Kernel HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] My turn at building a custom kernel for IPsec BEET mode
On Thu, Sep 11, 2008 at 1:27 PM, Robert Moskowitz <[EMAIL PROTECTED]> wrote: > Well I am working on building a kernel that will have the IPsec BEET mode > patch available from infrahip.hiit.fi. > > I have some decent help, but really no one there is a seasoned Centos kernel > builder (though they work with different FC kernels), and now they are > mostly done for the day. > > I have been following the wiki on building a custom kernel, got my patch in > ~/rpmbuild/SOURCES and away with the rpmbuild. That failed on line 69: > > Unknown tag: % define buildid .hipl0809111 Make sure there is NO space between % and define. Akemi > But the comments say to set the define to something like ".local" or > ".bz123456" > > So why the failure? Too long our are the quotes required? > > If this works, I would like to see this patch 'mainstreamed' as it is in the > 2.6.27 kernel ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
Ric Moore wrote: >> The file that the document is probably referring to is root's crontab This looks informative: http://www.cfengine.org/AutonomicCfengine.pdf And of course the full reference guide http://www.cfengine.org/docs/cfengine-Reference.html It'll take time to learn, though before you go much further think about whether it's the right tool for you, it's good if you have at least a dozen or more systems that share a fairly common configuration. Not knowing what your environment is like I can't advise for/against a tool like cfengine. My environment here is about 300 systems, and my cfengine config is about 8000 lines(I'll admit it's a fairly advanced config in my opinion at least, been using cfe for about 3 years now). Replacing the mess that was built by the people before I started this job. What a mess! nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Sep 11, 2008, at 3:37 PM, Ric Moore wrote: I'm sorry, I was in "Deer in the headlights mode". I should have said repos specifically. I have had these enabled: * epel: mirror.its.uidaho.edu * adobe-linux-i386: linuxdownload.adobe.com * jpackage-fc: planetmirror.com * jpackage-generic-nonfree: planetmirror.com * jpackage-rhel: planetmirror.com * rpmforge: fr2.rpmfind.net * jpackage-generic: planetmirror.com * base: mirror.its.uidaho.edu * updates: centos.mirrors.tds.net * centosplus: mirror.centos.org * addons: mirror.centos.org * jetty6localrepo: * extras: mirror.centos.org that's a lot of repos :) for starters: given that this is a CentOS box, disable jpackage-fc. you do not want that. in addition, you should read this wiki page: http://wiki.centos.org/AdditionalResources/Repositories and the linked instructions about using the priorities plugin. with that many third-party repositories, you run the risk of getting into dependency conflicts. -steve p.s. wrt your other question about installing cfengine: [EMAIL PROTECTED] ~]$ yum -q --disablerepo=* --enablerepo=rpmforge list cfengine Available Packages cfengine.i3862.2.3-1.el5.rf rpmforge that's probably your best start. -- If this were played upon a stage now, I could condemn it as an improbable fiction. - Fabian, Twelfth Night, III,v ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Re: Logwatch / spamassassin
I have been thinking on this for a while now. Since logwatch can send a mail to another server and that server DOES not mark it as spam, that presents a logic issue. Now, the other server does not have as new a spam assassin as the new, so it is hard to check it that way. So I 'replied' to the logwatch file and sent it to a known user, back to the new server. It never arrived. >From that I know a 100% spam assassin is taking it, not based on local usernames, or any sendmail settings. I had originally thought that because 'logwatch' was not a sender that would be an issue. I like the 'from ip' whitelist, but is not that spoofable too? I imagine making it both 'logwatch and from this IP' might be better. In logwatch there is a setting to say who the mail is from, right now it says 'logwatch' but I could always add some long goobledy gook as 'from' like "alkjfpolp3534j4f9logwatchsd9f9se9sdf9s99fwe" And then whitelist that, make it like 40 characters or whatever. I can understand why spamassassin cannot tell it is from a local user or have the ability to just auto whitelist stuff from a local userbut I can forsee problems with interwebsite mails and even things like mailing lists on the server without properly thinking this through. Never thought this would be an issue, but at least I know how to make it work...sorta. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Scott Silva > Sent: Thursday, September 11, 2008 3:04 PM > To: centos@centos.org > Subject: [CentOS] Re: Logwatch / spamassassin > > > > > > Try adding a whitelist entry to /etc/mail/spamassassin/local.cf. To > > whitelist all mail from your domain: > > > > whitelist_from [EMAIL PROTECTED] > > > It is very easy to spoof email addresses. It is better to > whitelist from ip addresses when possible. > > > > > -- > MailScanner is like deodorant... > You hope everybody uses it, and > you notice quickly if they don't > > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thu, 2008-09-11 at 11:03 -0700, MHR wrote: > On Wed, Sep 10, 2008 at 10:14 PM, nate <[EMAIL PROTECTED]> wrote: > > > > Download the manufacturer's tools and run a diagnostics on it, > > it will tell you the truth about what's going on. > > > > I wouldn't trust any generic OS tools over the manufacturer's tools, > > > I was going to laugh this off 'cuz how many manufacturers support > Linux, but I was pleasantly surprised, twice, when I found that a) > Seagate does and b) the seatools for Linux produced no errors on the > long test. IIRC, the seatools just run the smart tools that come on CentOS/Linux. Not the same as those on the DOS tools version. It's been several months, but barring memory failures (mine, not the computer's ;-) I ended up downloading the DOS ones so that I could do the repair and run the "real magilla". > > It also told me lots of interesting information that I don't recall at > the moment, not the least of which was that the drive does not support > DST (the on-board diagnostics test), which I thought was odd. Try the DOS version. I bet the lack of that support is in the standard *IX smart tools, not the drive. > > One other thing that I find interesting: the drives that are showing > smart errors are /dev/hdb and /dev/sda. In order from oldest to > newest, my drives are: > > /dev/hdb - Maxtor 120GB PATA > /dev/hda - Maxtor 160GB PATA > /dev/sda - Seagate 300GB SATA > /dev/sdb - WD 320GB SATA > > The older of each of the PATA and SATA drives are the ones showing the > errors If all drives left the factory in great shape, it is natural that the older ones would show an error first. Often just a "weak" spot or two that passed mfg tests and finally failed as they aged. That's why I don't worry about them (I don't have data center servers to the world here at home) as long as the repair utilities run successfully and then no more show up for a long time. If they start coming in frequent bursts, then it's time to act. BTW, most warranty replacements are "reconditioned" drives that have nothing more than diagnostics run and bad sectors reassigned. As long as total capacity still meets advertised and the mechanics/electrics and media (high %) are still good, they'll ship them. > > Thanks. > > mhr > HTH -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] My turn at building a custom kernel for IPsec BEET mode
Filipe Brandenburger wrote: Hi, On Thu, Sep 11, 2008 at 16:27, Robert Moskowitz <[EMAIL PROTECTED]> wrote: Unknown tag: % define buildid .hipl0809111 Maybe because there is a space after the "%" and before "define"? Try removing that space and see if that works. oops. I wonder how that space snuck in there If you are still not doing it, I suggest you follow the steps on this document: http://wiki.centos.org/HowTos/Custom_Kernel That is where I got the instructions to uncomment out this line and supply the tag thanks! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 12:13 -0700, MHR wrote: > On Thu, Sep 11, 2008 at 11:46 AM, Ric Moore <[EMAIL PROTECTED]> wrote: > > > > I'm used to beating on alternatives now... it's a wonder it can't be > > easier though. Well, not really, every distro out there has some unique > > formula for where things are put and that is what kills the spread of > > Linux for Joe LunchBucket as well as Admins. Hopefully, --one day--, > > there will be a 'Grand Unified Theory' for Linux. "I have a dream!" Ric > > > > You want Linux to have a GUT? I've been trying to get rid of mine for years! Exercise and lay off the GRUB (Grand Unified Bootloader)! >:)) > > ;^) > > mhr > I know that's no help, -- Bill ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
On Thu, 2008-09-11 at 13:36 -0700, nate wrote: > Ric Moore wrote: > > >> The file that the document is probably referring to is root's crontab > > This looks informative: > > http://www.cfengine.org/AutonomicCfengine.pdf > > And of course the full reference guide > > http://www.cfengine.org/docs/cfengine-Reference.html > > It'll take time to learn, though before you go much further > think about whether it's the right tool for you, it's good if > you have at least a dozen or more systems that share a fairly > common configuration. Not knowing what your environment is like > I can't advise for/against a tool like cfengine. > > My environment here is about 300 systems, and my cfengine config > is about 8000 lines(I'll admit it's a fairly advanced config > in my opinion at least, been using cfe for about 3 years now). > Replacing the mess that was built by the people before I started > this job. What a mess! Part of our prisons project will be to set up centers with several servers and about 20 client machines each, in various locations. I'm on a steep learning curve here. I'm using Project Wonderland (Java) and picking up pieces here and there (jdk, jetty, or possibly Tomcat, etc.) when the edges don't match, needs a solution like cfengine. But, it bombed out with the "Danger! Will Robinson" test from the get-go. That install example was written for Suse. So much for that one. Starting over again. Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 17:14 -0400, William L. Maltby wrote: > On Thu, 2008-09-11 at 12:13 -0700, MHR wrote: > > On Thu, Sep 11, 2008 at 11:46 AM, Ric Moore <[EMAIL PROTECTED]> wrote: > > > > > > I'm used to beating on alternatives now... it's a wonder it can't be > > > easier though. Well, not really, every distro out there has some unique > > > formula for where things are put and that is what kills the spread of > > > Linux for Joe LunchBucket as well as Admins. Hopefully, --one day--, > > > there will be a 'Grand Unified Theory' for Linux. "I have a dream!" Ric > > > > > > > You want Linux to have a GUT? I've been trying to get rid of mine for > > years! > > Exercise and lay off the GRUB (Grand Unified Bootloader)! >:)) Cron flakes are pure starch. :) Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Thin client
On Wed, Sep 10, 2008 at 8:44 AM, Les Mikesell <[EMAIL PROTECTED]> wrote: > Kevin Thorpe wrote: > >> lingu wrote: >> >>> Dear all, >>> >>> >>> I am very much new to Linux Thin Client Concept. But know i am very >>> much interested to create Centos 5 based thin client of 512MB on >>> flash rom. >>> >>> Can any one guide me to how to start and if you provide any suitable >>> links that will be very much great full. >>> >>> >> >> Instead of 'rolling your own' based on a heavy desktop/server distribution >> like Centos, look into >> something like Thinstation. The work has already been done for you. If you >> want to do it as an >> exercise then by all means continue. Look into the thin client options and >> the rescue disk options >> already available. >> > > You might also look at the k12ltsp distribution which has fedora and Centos > spins with LTSP and some other extra packages included to network-boot thin > clients. Even if you don't network boot, it is handy to have everything > else set up on the server for remote thin client use. > > http://k12ltsp.org/mediawiki/index.php/Main_Page The EL5 version would be > the current Centos based copy. Some work is in progress to turn this into > installable packages for the next fedora release, but for now it is hard to > beat installing this distro for something that works out of the box. > > -- > Les Mikesell > [EMAIL PROTECTED] > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Another option is the xrdp project. Using rdestkop on your thin client to connect to a CentOS server with multiple simultaneous XWindows. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 16:37 -0400, Steve Huff wrote: > On Sep 11, 2008, at 3:37 PM, Ric Moore wrote: > > > I'm sorry, I was in "Deer in the headlights mode". I should have said > > repos specifically. I have had these enabled: > > * epel: mirror.its.uidaho.edu > > * adobe-linux-i386: linuxdownload.adobe.com > > * jpackage-fc: planetmirror.com > > * jpackage-generic-nonfree: planetmirror.com > > * jpackage-rhel: planetmirror.com > > * rpmforge: fr2.rpmfind.net > > * jpackage-generic: planetmirror.com > > * base: mirror.its.uidaho.edu > > * updates: centos.mirrors.tds.net > > * centosplus: mirror.centos.org > > * addons: mirror.centos.org > > * jetty6localrepo: > > * extras: mirror.centos.org > > > that's a lot of repos :) > > for starters: given that this is a CentOS box, disable jpackage-fc. > you do not want that. > > in addition, you should read this wiki page: > > http://wiki.centos.org/AdditionalResources/Repositories > > and the linked instructions about using the priorities plugin. with > that many third-party repositories, you run the risk of getting into > dependency conflicts. > > -steve That was my concern, too. Thank you. I hoped I wasn't heading for possible trouble but found these repos that claimed to be either CentOS or RH friendly. I figured I better put them to you all for a look-see. Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
Ric Moore wrote: Thanks Nate. I'm googling for simple setups, found one that was SuSe oriented, another that is written for CentOS. The latter one being better. I'm still getting the "Deer in the headlights" syndrome, I'm not getting this: If that is the level of deployment you are at, I would recommend very sincerely too, that you atleast look at puppet and bcfg2 as alternatives to cfengine. cfengine is, imho, well past its use by date. And the development inertia on that project leaves much to be desired. Some might argue that 'it does what it says on the tin', but then - it doesnt really say a lot on the tin, does it ? -- Karanbir Singh : http://www.karan.org/ : [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Alarming (?) smartd reports
On Thu, Sep 11, 2008 at 2:05 PM, William L. Maltby <[EMAIL PROTECTED]> wrote: > > > IIRC, the seatools just run the smart tools that come on CentOS/Linux. > Not the same as those on the DOS tools version. It's been several > months, but barring memory failures (mine, not the computer's ;-) I > ended up downloading the DOS ones so that I could do the repair and run > the "real magilla". > I'm not so sure about that, but I'd have to check. It was the Seatools program, not smartctl (at least not directly). And it's "megilla," ya goysiher kopf! > Try the DOS version. I bet the lack of that support is in the standard > *IX smart tools, not the drive. > I don't think so - it only commented on these from the Seagate, not the WD, and it explicitly states that the DST is not supported on the drive (although that is /just/ ambiguous enough...). > If all drives left the factory in great shape, it is natural that the > older ones would show an error first. Often just a "weak" spot or two > that passed mfg tests and finally failed as they aged. That's why I > don't worry about them (I don't have data center servers to the world > here at home) as long as the repair utilities run successfully and then > no more show up for a long time. If they start coming in frequent > bursts, then it's time to act. > Well, yeah, of course, but why would my Max 160 be error free and the Seagate have 4 billion when the latter is (a year or so) newer? (Rhetorical question!) > BTW, most warranty replacements are "reconditioned" drives that have > nothing more than diagnostics run and bad sectors reassigned. As long as > total capacity still meets advertised and the mechanics/electrics and > media (high %) are still good, they'll ship them. > I've noticed that - really annoying, but then, what're ya gonna do when there's no will to enact laws requiring manufacturers to provide quality products to begin with, and then replace them appropriately under warranty? Ciao. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] My turn at building a custom kernel for IPsec BEET mode
On Thu, Sep 11, 2008 at 2:06 PM, Robert Moskowitz <[EMAIL PROTECTED]> wrote: > > oops. I wonder how that space snuck in there > It comes in the spec file that way. If you use colors and vim, it shows, too. ;-} mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, Sep 11, 2008 at 2:14 PM, William L. Maltby <[EMAIL PROTECTED]> wrote: > > Exercise and lay off the GRUB (Grand Unified Bootloader)! >:)) > > > > I know that's no help, Not at all - I like the GRUB (pun intended...). I'm on the see-food diet, too, so NHT. mhr ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
On Fri, 2008-09-12 at 00:25 +0100, Karanbir Singh wrote: > Ric Moore wrote: > > Thanks Nate. I'm googling for simple setups, found one that was SuSe > > oriented, another that is written for CentOS. The latter one being > > better. I'm still getting the "Deer in the headlights" syndrome, I'm not > > getting this: > > If that is the level of deployment you are at, I would recommend very > sincerely too, that you atleast look at puppet and bcfg2 as alternatives > to cfengine. > > cfengine is, imho, well past its use by date. And the development > inertia on that project leaves much to be desired. Some might argue that > 'it does what it says on the tin', but then - it doesnt really say a lot > on the tin, does it ? Which of the two do you prefer and/or recommend to a relative newbie at this? I'm looking for the least headache route that can do some of the basics that CFengine is supposed to do. I'd even take one with a gui. Namaskar, Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] My turn at building a custom kernel for IPsec BEET mode
MHR wrote: On Thu, Sep 11, 2008 at 2:06 PM, Robert Moskowitz <[EMAIL PROTECTED]> wrote: oops. I wonder how that space snuck in there It comes in the spec file that way. If you use colors and vim, it shows, too. I use gedit and it has colors, and I did not catch this. Perhaps gedit does not have as much colors as vim... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Java install
On Thu, 2008-09-11 at 16:37 -0700, MHR wrote: > On Thu, Sep 11, 2008 at 2:14 PM, William L. Maltby > <[EMAIL PROTECTED]> wrote: > > > > Exercise and lay off the GRUB (Grand Unified Bootloader)! >:)) > > > > > > > > I know that's no help, > > Not at all - I like the GRUB (pun intended...). I'm on the see-food > diet, too, so NHT. That would be the c++food diet. :) Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SNMP and OID/MIB/MRTG
Hi all. I am having an issue and quite frankly would rather not spend the entire next two days learning the entire snmp program. I am hoping someone out there has used MRTG and SNMP to make it work. I have both installed. Single server, polling itself. Question 1- does snmpd have to run as a daemon, or only run once so I can get OID and MIBs from it? Question 2- does anyone know the command in snmp to get the required OID and MIBs that MRTG needs to use? Or at least the name of it? There are a lot of poorly written man pages, but so far all of them require an MIB or OID to use the commands I have read. Question 3- since not going outside of the server, is there any security setting in some snmp config file that makes it only look on my local server and not allow others to use it or hack it? Question 4- all over the internet there are examples in MRTG using all sorts of made up names like '[EMAIL PROTECTED]' and things like that for the cfg file. And alsoin the snmp forum posts, but no one really talks about where this name comes from other than it is assigned to your network device or something. Any help appreciated. I will post the final solution to how to configure snmp and mrtg to work on centos5.2 when I finally figure it out so no one else has to take all week to do so!!! Whoo hoo!!! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
Ric Moore wrote: Which of the two do you prefer and/or recommend to a relative newbie at this? I'm looking for the least headache route that can do some of the basics that CFengine is supposed to do. I'd even take one with a gui. Namaskar, Ric puppet has a much lower learning curve than bcfg2, also it makes you NOT look at xml. -- Karanbir Singh : http://www.karan.org/ : [EMAIL PROTECTED] ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SNMP and OID/MIB/MRTG
Bob Hoffman wrote: While it is somewhat outdated, MRTG itself is outdated as well, I wrote a howto for MRTG about 5-6 years ago - http://howto.aphroland.org//HOWTO/MRTG/ (I haven't maintained it in years, and have no real plans to update the site again in the future) > Question 1- does snmpd have to run as a daemon, or only run once so I can > get OID and MIBs from it? If your wanting to collect data using SNMP then anything your collecting data from must be running a SNMP daemon. MRTG is fully capable of executing scripts to gather data as well. > Question 2- does anyone know the command in snmp to get the required OID and > MIBs that MRTG needs to use? Or at least the name of it? There are a lot of > poorly written man pages, but so far all of them require an MIB or OID to > use the commands I have read. Defines "needs to use", mrtg comes with a tool called 'cfgmaker' which will scan any SNMP target and automatically generate a configuration for all of the network interfaces it can find on the target. You can then use mrtg against that config file to gather stats. > Question 3- since not going outside of the server, is there any security > setting in some snmp config file that makes it only look on my local server > and not allow others to use it or hack it? You can add a iptables firewall rule to reject packets destined to your SNMP server (161/udp) unless they come over the loopback interface. > Question 4- all over the internet there are examples in MRTG using all sorts > of made up names like '[EMAIL PROTECTED]' and things like that for the > cfg file. And alsoin the snmp forum posts, but no one really talks about > where this name comes from other than it is assigned to your network device > or something. In the example above crazyguy33 is the SNMP community string assigned to the system(configured in snmpd.conf). By default the read-only string is public. You can set it to anything you want. > Any help appreciated. I will post the final solution to how to configure > snmp and mrtg to work on centos5.2 when I finally figure it out so no one > else has to take all week to do so!!! You may want to look into using cacti or some other tool instead, MRTG has some pretty severe limitations. Cacti uses RRDTool as it's back end, RRDTool is more or less the successor to MRTG and was initially released I think about 10 years ago, to give an idea how old MRTG is. I still use MRTG on my home network, though mostly because it's legacy shit that I setup 7 years ago and haven't moved to cacti yet, it slowly breaking down as time goes on since I'm not maintaining it anymore. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] cfengine and crontab
On Fri, 2008-09-12 at 03:00 +0100, Karanbir Singh wrote: > Ric Moore wrote: > > Which of the two do you prefer and/or recommend to a relative newbie at > > this? > > I'm looking for the least headache route that can do some of the basics > > that CFengine is supposed to do. I'd even take one with a gui. > hugely> Namaskar, Ric > > puppet has a much lower learning curve than bcfg2, also it makes you NOT > look at xml. I just got it dnloaded. Thanks! Ric -- My father, Victor Moore (Vic) used to say: "There are two Great Sins in the world... ..the Sin of Ignorance, and the Sin of Stupidity. Only the former may be overcome." R.I.P. Dad. Linux user# 44256 Sign up at: http://counter.li.org/ https://nuoar.dev.java.net/ Verizon Cell # 336-254-1339 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SNMP and OID/MIB/MRTG
Hi, On Thu, Sep 11, 2008 at 21:46, Bob Hoffman <[EMAIL PROTECTED]> wrote: > Question 1- does snmpd have to run as a daemon, or only run once so I can > get OID and MIBs from it? Yes, it has to be running as a daemon. > Question 2- does anyone know the command in snmp to get the required OID and > MIBs that MRTG needs to use? Or at least the name of it? There are a lot of > poorly written man pages, but so far all of them require an MIB or OID to > use the commands I have read. Well, the OIDs that you will use on MRTG's config will depend on what you want MRTG to trace. Is it the network traffic? Is it the disk usage? Is it the CPU usage? Free memory? You can get MRTG to trace any of that by using the specific OIDs. You can use the "snmpwalk" program to see all the information that the daemon will have to offer in order to choose what you want to plot. > Question 3- since not going outside of the server, is there any security > setting in some snmp config file that makes it only look on my local server > and not allow others to use it or hack it? Yes, you can restrict snmpd to answer only to the localhost. I suggest you start with a /etc/snmp/snmpd.conf that contains this line only: rocommunity MySecretString 127.0.0.1 Replace "MySecretString" with a secret string not known to others, this string is what is called "community" in snmp-speak. This way, snmpd will answer only to queries made from the localhost, and only to someone who knows the right "community" secret string (like a password). > Question 4- all over the internet there are examples in MRTG using all sorts > of made up names like '[EMAIL PROTECTED]' and things like that for the > cfg file. And alsoin the snmp forum posts, but no one really talks about > where this name comes from other than it is assigned to your network device > or something. This is probably the community and the host. As I suggested restricting to localhost only, you will probably want to use something like "[EMAIL PROTECTED]", obviously replacing "MySecretString" with the one you chose. The CentOS Wiki also has resources on MRTG, I suggest you look there as well: http://wiki.centos.org/TipsAndTricks/MRTG HTH! Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SNMP and OID/MIB/MRTG
nate wrote: Bob Hoffman wrote: While it is somewhat outdated, MRTG itself is outdated as well, indeed, RRDTOOL is the new MRTG. and Cacti, which is a web wrapper for it. http://oss.oetiker.ch/rrdtool/ http://www.cacti.net/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] SNMP and OID/MIB/MRTG
Thanks for the input..now that I have really been reading...I find that MRTG, or any of those programs is easy... It is snmp that requires the college degree. I just ordered 2 books on it. There is no way to poll the hardware without extensive knowledge of snmp. The man pages are horrendous and some are outdated. Obviously you need to know how to build and manage MIBs so you can then call to them with MRTG or the other programs. So... Needless to say, MRTG is now off as is snmp. I think this will be one of those 'maybe next year when I can learn all about acessing hardware like an engineer' and all. I will just do some light reading with the books and maybe in the future I will figure out how to make mibs so I can grab them. That is the issue, not mrtg, it is snmp. One of those fun linux user things...I want to use this program..okay, easy...but you need a college degree in 'this program' to access the first one.. Ugh... I'll just stick with webalizer and top for keeping tabs on the network. Then in the future, if I persue the degree in snmp and learn all about MIBs, I will check out the program. Wish I had the last two days back...what a complete waste. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of nate > Sent: Thursday, September 11, 2008 10:17 PM > To: centos@centos.org > Subject: Re: [CentOS] SNMP and OID/MIB/MRTG > > Bob Hoffman wrote: > > While it is somewhat outdated, MRTG itself is outdated as > well, I wrote a howto for MRTG about 5-6 years ago - > > http://howto.aphroland.org//HOWTO/MRTG/ > > (I haven't maintained it in years, and have no real plans to > update the site again in the future) > > > Question 1- does snmpd have to run as a daemon, or only run > once so I > > can get OID and MIBs from it? > > If your wanting to collect data using SNMP then anything your > collecting data from must be running a SNMP daemon. MRTG is > fully capable of executing scripts to gather data as well. > > > Question 2- does anyone know the command in snmp to get the > required > > OID and MIBs that MRTG needs to use? Or at least the name > of it? There > > are a lot of poorly written man pages, but so far all of > them require > > an MIB or OID to use the commands I have read. > > Defines "needs to use", mrtg comes with a tool called 'cfgmaker' > which will scan any SNMP target and automatically generate a > configuration for all of the network interfaces it can find > on the target. You can then use mrtg against that config file > to gather stats. > > > Question 3- since not going outside of the server, is there any > > security setting in some snmp config file that makes it > only look on > > my local server and not allow others to use it or hack it? > > You can add a iptables firewall rule to reject packets > destined to your SNMP server (161/udp) unless they come over > the loopback interface. > > > Question 4- all over the internet there are examples in > MRTG using all > > sorts of made up names like '[EMAIL PROTECTED]' and things like > > that for the cfg file. And alsoin the snmp forum posts, but no one > > really talks about where this name comes from other than it is > > assigned to your network device or something. > > In the example above crazyguy33 is the SNMP community string > assigned to the system(configured in snmpd.conf). By default > the read-only string is public. You can set it to anything you want. > > > Any help appreciated. I will post the final solution to how to > > configure snmp and mrtg to work on centos5.2 when I finally > figure it > > out so no one else has to take all week to do so!!! > > You may want to look into using cacti or some other tool > instead, MRTG has some pretty severe limitations. Cacti uses > RRDTool as it's back end, RRDTool is more or less the > successor to MRTG and was initially released I think about 10 > years ago, to give an idea how old MRTG is. > > I still use MRTG on my home network, though mostly because > it's legacy shit that I setup 7 years ago and haven't moved > to cacti yet, it slowly breaking down as time goes on since > I'm not maintaining it anymore. > > nate > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] SNMP and OID/MIB/MRTG
>From what I read in the man pages about snmpwalkand the snmp.conf file, I had better take a very long course in configuration of snmp before I fiddle with it. At least now I know why there is not 'walk through' online showing you how to do this...all of them nimbly 'skip' over the whole process of getting the MIB and just insert this 'mysterious' info into the tutorial... Gotta love it. I do promise you all, that I will learn snmp as I think it could be an important tool for a wsystem admin. Once I get it down, at least the basics, I will post a very detailed how to on it and hopefully others can use it without spending months on leanring hardware engineering. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Filipe Brandenburger > Sent: Thursday, September 11, 2008 10:23 PM > To: CentOS mailing list > Subject: Re: [CentOS] SNMP and OID/MIB/MRTG > > Hi, > > On Thu, Sep 11, 2008 at 21:46, Bob Hoffman <[EMAIL PROTECTED]> wrote: > > Question 1- does snmpd have to run as a daemon, or only run > once so I > > can get OID and MIBs from it? > > Yes, it has to be running as a daemon. > > > Question 2- does anyone know the command in snmp to get the > required > > OID and MIBs that MRTG needs to use? Or at least the name > of it? There > > are a lot of poorly written man pages, but so far all of > them require > > an MIB or OID to use the commands I have read. > > Well, the OIDs that you will use on MRTG's config will depend > on what you want MRTG to trace. Is it the network traffic? Is > it the disk usage? Is it the CPU usage? Free memory? You can > get MRTG to trace any of that by using the specific OIDs. You > can use the "snmpwalk" program to see all the information > that the daemon will have to offer in order to choose what > you want to plot. > > > Question 3- since not going outside of the server, is there any > > security setting in some snmp config file that makes it > only look on > > my local server and not allow others to use it or hack it? > > Yes, you can restrict snmpd to answer only to the localhost. > I suggest you start with a /etc/snmp/snmpd.conf that contains > this line only: > > rocommunity MySecretString 127.0.0.1 > > Replace "MySecretString" with a secret string not known to > others, this string is what is called "community" in > snmp-speak. This way, snmpd will answer only to queries made > from the localhost, and only to someone who knows the right > "community" secret string (like a password). > > > Question 4- all over the internet there are examples in > MRTG using all > > sorts of made up names like '[EMAIL PROTECTED]' and things like > > that for the cfg file. And alsoin the snmp forum posts, but no one > > really talks about where this name comes from other than it is > > assigned to your network device or something. > > This is probably the community and the host. As I suggested > restricting to localhost only, you will probably want to use > something like "[EMAIL PROTECTED]", obviously > replacing "MySecretString" > with the one you chose. > > The CentOS Wiki also has resources on MRTG, I suggest you > look there as well: > http://wiki.centos.org/TipsAndTricks/MRTG > > HTH! > Filipe > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SNMP and OID/MIB/MRTG
Hi, On Thu, Sep 11, 2008 at 22:55, Bob Hoffman <[EMAIL PROTECTED]> wrote: > Needless to say, MRTG is now off as is snmp. I think this will be one of > those 'maybe next year when I can learn all about acessing hardware like an > engineer' and all. You can actually use MRTG without SNMP, specially if you are plotting graphs for the local machine only, by using the backticks feature of MRTG. You can actually write shell commands or scripts that gather the numbers, using commands such as netstat, ifconfig, df, vmstat, iostat, etc., and use them inside `...` inside your MRTG config file. I used to do it to get information from data collected through BigBrother monitoring system, the same can also be done with Nagios. But if you are looking into implementing a graphing solution, you should probably look into a more modern tool, since MRTG is quite outdated and it has several shortcomings (only integer values, only two datasets per graph, etc.) I would recommend you look into Cacti or Munim, since those are simpler and more featurefull than MRTG. Oh, and both have their own data collecting agents, so you don't have to mess with SNMP to make it work. This is not always good, me, for instance, I prefer to collect all my data using SNMP, as I can use the same protocol to gather data from Unix machines, Windows machines, network switches, VPN concentrators, Environment Monitoring Systems, UPSs, and so on. But for what you want, I believe Cacti or Munim (and certainly other similar systems) would be quite appropriate. HTH, Filipe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] SNMP and OID/MIB/MRTG
You know...it would be nice to write a program that would use snmp to just scan through the local computer, grab OIDs...and then ask you which ones you wanted to make MIBs with. Then you could just grab those with the graphing programs. I think that would be an awesome tool to build for linux. > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Filipe Brandenburger > Sent: Thursday, September 11, 2008 10:23 PM > To: CentOS mailing list > Subject: Re: [CentOS] SNMP and OID/MIB/MRTG > > Hi, > > On Thu, Sep 11, 2008 at 21:46, Bob Hoffman <[EMAIL PROTECTED]> wrote: > > Question 1- does snmpd have to run as a daemon, or only run > once so I > > can get OID and MIBs from it? > > Yes, it has to be running as a daemon. > > > Question 2- does anyone know the command in snmp to get the > required > > OID and MIBs that MRTG needs to use? Or at least the name > of it? There > > are a lot of poorly written man pages, but so far all of > them require > > an MIB or OID to use the commands I have read. > > Well, the OIDs that you will use on MRTG's config will depend > on what you want MRTG to trace. Is it the network traffic? Is > it the disk usage? Is it the CPU usage? Free memory? You can > get MRTG to trace any of that by using the specific OIDs. You > can use the "snmpwalk" program to see all the information > that the daemon will have to offer in order to choose what > you want to plot. > > > Question 3- since not going outside of the server, is there any > > security setting in some snmp config file that makes it > only look on > > my local server and not allow others to use it or hack it? > > Yes, you can restrict snmpd to answer only to the localhost. > I suggest you start with a /etc/snmp/snmpd.conf that contains > this line only: > > rocommunity MySecretString 127.0.0.1 > > Replace "MySecretString" with a secret string not known to > others, this string is what is called "community" in > snmp-speak. This way, snmpd will answer only to queries made > from the localhost, and only to someone who knows the right > "community" secret string (like a password). > > > Question 4- all over the internet there are examples in > MRTG using all > > sorts of made up names like '[EMAIL PROTECTED]' and things like > > that for the cfg file. And alsoin the snmp forum posts, but no one > > really talks about where this name comes from other than it is > > assigned to your network device or something. > > This is probably the community and the host. As I suggested > restricting to localhost only, you will probably want to use > something like "[EMAIL PROTECTED]", obviously > replacing "MySecretString" > with the one you chose. > > The CentOS Wiki also has resources on MRTG, I suggest you > look there as well: > http://wiki.centos.org/TipsAndTricks/MRTG > > HTH! > Filipe > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] SNMP and OID/MIB/MRTG
Bob Hoffman wrote: > You know...it would be nice to write a program that would use snmp to just > scan through the local computer, grab OIDs...and then ask you which ones you > wanted to make MIBs with. > > Then you could just grab those with the graphing programs. > I think that would be an awesome tool to build for linux. > It's not exactly free and it's not web based, but this is a pretty good tool, I plan to buy it pretty soon(been using the free version off and on for a while now. though it's limited). http://www.ireasoning.com/mibbrowser.shtml I've been digging quite a bit deeper into SNMP the past couple months at my new company monitoring hundreds of stats from our network equipment, and having the mibbrowser is really really helpful. No way I could of done most of it without it. My cacti system collects more than 10 million data points a day, on one dual proc quad core box. More than 95% of the stuff I put into cacti comes from scripts I wrote(I write the scripts to gather many data points simultaneously to reduce the amount of RRD data files stored improving performance by more than 10x.) If someone knows of a better MIB browser I'd certainly be open to checking it out, having looked around quite a bit the past couple years I haven't found anything better myself that runs on Linux. I certainly do agree that SNMP is a black art, not sure why it is so complicated, perhaps it just helps to sell those $100k enterprise monitoring packages because there's little hope for the average admin to figure out how to do it on their own. At my current job(started in March), before I came on they were telling me how the previous admin setup CPU monitoring in cacti, and yet the CPU graphs never seemed to go above 25%. They weren't aware that the CPU usage reported by the snmp daemon used in linux returns useless, completely inaccurate data(this is documented pretty clearly in the daemon documentation but doesn't seem to be common knowledge). I've refined my data collection scripts over the past 5 years or so, they work great now. CPU usage for my cacti systems is sourced from 'sar'. I really hate how sar has gone down hill as far as ability to parse it. RHEL 3 was great, RHEL 4 was ok, and RHEL 5 is almost useless, don't know what I'll do when RHEL 6 comes out. nate ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] SNMP and OID/MIB/MRTG
I just wish that someone posted 'hey, don't waste time with mrtg until you deal with snmp..and good luck with that' School of hard knocks...I coulda went to the beach the last week... I will check out that program ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] A very interesting cinfiguration page for centos
Thought I would share this..not sure exactly what it is...but I wish I could pull out my configurations with a program like this... http://www.openeyet.nl/scc/examples/scc.centos50.html Really cool. Relly intense view of the whole server. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] A very interesting cinfiguration page for centos
> > Thought I would share this..not sure exactly what it is...but I wish I > could > pull out my configurations with a program like this... > > > > http://www.openeyet.nl/scc/examples/scc.centos50.html > Really cool. > > Relly intense view of the whole server. Bob, Go to http://www.openeyet.nl/scc/ and get the software to do it :-) - rh ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Ethernet Channel Bonding Clarification is Needed
Dear All, I have configured Cluster Suite with 2 servers Server 1 : 192.168.13.110 IP Address and hostname is primary Server 2 : 192.168.13.179 IP Address and hostname is secondary Floating : 192.168.13.83 IP Address (Assumed by currently active server) I have configured Ethernet Channel Bonding in Each Cluster Nodes and Channel Bonding Configuration Details are 1) Created bonding devices in "/etc/modprobe.conf" filealias bond0 bonding options bonding miimon=100 mode=1 2) Edit the "/etc/sysconfig/network-scripts/ifcfg-eth0 and ifcfg-eth1" configuration DEVICE=eth0 USERCTL= no ONBOOT=yes MASTER=bond0 SLAVE=yes BOOTPROTO=none DEVICE=eth1 USERCTL= no ONBOOT=yes MASTER=bond0 SLAVE=yes BOOTPROTO=none 3) Created a network script for the bonding device is "/etc/sysconfig/network-scripts/ifcfg-bond0" DEVICE=bond0 USERCTL=no ONBOOT=yes NETMASK=255.255.255.0 GATEWAY=192.168.13.1 IPADDR=192.168.13.110 4) Reboot the system for the changes to take effect. After i am rebooted both the server then cluster node becomes simplex and Services are started on both the nodes The cluster output in primary node Member Status: Quorate Member Name Status --- - primary Online, Local, rgmanager secondary Offline Service Name Owner (Last) State Service primarystarted The cluster output in secondary node Member Status: Quorate Member Name Status --- - primary Offline secondary Online, Local, rgmanager Service Name Owner (Last) State -- Service secondary started Before Ethernet Channel Bonding cluster services are active in one node and other nodes acts as passive node. But after Ethernet Channel Bonding cluster services are active on both the nodes I don't know what is the problem and is their any configuration is required in cluster configuration file and cman is working only with eth0 interface Can some one throw light on this peculiar problem Regards -S.Balaji ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Regd: Ethernet Channel Bonding Clarification is Needed
Dear All, Please ignore my previous mail I have using CentOS 4.4 Linux and Kernel Version is 2.6.9-42.EL I have configured Cluster Suite with 2 servers Server 1 : 192.168.13.110 IP Address and hostname is primary Server 2 : 192.168.13.179 IP Address and hostname is secondary Floating : 192.168.13.83 IP Address (Assumed by currently active server) I have configured Ethernet Channel Bonding in Each Cluster Nodes and Channel Bonding Configuration Details are 1) Created bonding devices in "/etc/modprobe.conf" filealias bond0 bonding options bonding miimon=100 mode=1 2) Edit the "/etc/sysconfig/network-scripts/ifcfg-eth0 and ifcfg-eth1" configuration DEVICE=eth0 USERCTL= no ONBOOT=yes MASTER=bond0 SLAVE=yes BOOTPROTO=none DEVICE=eth1 USERCTL= no ONBOOT=yes MASTER=bond0 SLAVE=yes BOOTPROTO=none 3) Created a network script for the bonding device is "/etc/sysconfig/network-scripts/ifcfg-bond0" DEVICE=bond0 USERCTL=no ONBOOT=yes NETMASK=255.255.255.0 GATEWAY=192.168.13.1 IPADDR=192.168.13.110 4) Reboot the system for the changes to take effect. After i am rebooted both the server then cluster node becomes simplex and Services are started on both the nodes The cluster output in primary node Member Status: Quorate Member Name Status --- - primary Online, Local, rgmanager secondary Offline Service Name Owner (Last) State Service primarystarted The cluster output in secondary node Member Status: Quorate Member Name Status --- - primary Offline secondary Online, Local, rgmanager Service Name Owner (Last) State -- Service secondary started Before Ethernet Channel Bonding cluster services are active in one node and other nodes acts as passive node. But after Ethernet Channel Bonding cluster services are active on both the nodes I don't know what is the problem and is their any configuration is required in cluster configuration file and cman is working only with eth0 interface Can some one throw light on this peculiar problem Regards -S.Balaji ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Webalizer cron syntax
Here is the original cron.daily for webalizer. #if [ -s /var/log/httpd/access_log ]; then exec /usr/bin/webalizer -Q; Fi I want to add two more for the virtual domains. I tried adding these if [ -s /var/log/httpd/mysite1_access_log ]; then exec /usr/bin/webalizer -Qc /etc/webalizer/mysite1.conf; fi if [ -s /var/log/httpd/mysite2_access_log ]; then exec /usr/bin/webalizer -Qc /etc/webalizer/mysite2.conf; Fi If I do not add the fi after each, the file gets an error when I run /etc/cron.daily/00webalizer I added the -c and the conf file, but I feel that I am missing the correct syntax. Or am I supposed to make a new file for each. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Webalizer cron syntax
What worked for the cron...but not doing the original one is this... for i in /etc/webalizer/*.conf; do webalizer -Qc $i; done I guess a second one needs to be made for the main one...or maybe another line. But this worked. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
