Re: [CentOS] Regd: SeLinux Configuration

2008-10-14 Thread Ian Blackwell 
Balaji wrote:
> Dear All,
>   I have executed the following command and i have changed the
> "/etc/selinux/config" file
>   and reboot the PC also
>   setenforce 1
>   i have getting the following message only
>   setenforce: SELinux is disabled
>
Please post your /etc/selinux/config file.

Thanks,

Ian

PS: Please bottom post and trim messages - these are the guidelines for
this list.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Squid proxy High Availability

2008-10-14 Thread lingu 
Hi all,

I am running squid integrated with squidguard.dansguardian,clamav
running on single  standalone centos 5 server.Also running webmin for
managing squid.This Squid is serving for 4000 clients.

  Since it is serving more users i don't want to take risk by running
single server,if there is any single point of failure will cause all
of my users to standstill.

So i am planned to go for one more  Centos5  server with cluster.Can
any one suggest me how to design it either i have to go for common
storage for storing all global files or i need to synchronize both the
server periodically by  running instance on local disk of both the
servers.

Below is  the scenario currently running on the server

squid is under  /etc and squidguard database under /var/lib and
dansguardian config file under /etc/dansguardian and webmin is under
/usr/local

Help me in designing the setup  of high availability squid

Regards,
lingu
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Squid Number of hits

2008-10-14 Thread Mogens Kjaer 
lingu wrote:
> Dear all,
> 
>  I am running squid  on centos 5.Is there is any tool to calculate
> number of ip's hit the server for month wise.
> Even any command to find out the number of hits is also ok.

When I ran a squid cache I used the scripts on:

http://www.squid-cache.org/Scripts/NLANR/

to get statistics.

Mogens

-- 
Mogens Kjaer, Carlsberg A/S, Computer Department
Gamle Carlsberg Vej 10, DK-2500 Valby, Denmark
Phone: +45 33 27 53 25, Mobile: +45 22 12 53 25
Email: [EMAIL PROTECTED] Homepage: http://www.crc.dk
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Kai Schaetzl 
Mufit Eribol wrote on Tue, 14 Oct 2008 12:44:07 +0300:

> Priority for CentOS Extras repo: 1

double-check that! For instance, if this repo is not enabled, the priority 
will not work!

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Rainer Duffner 
Niki Kovacs schrieb:
> Hi,
>
>

[snip... mass installation/customizations...]

> I'd be curious to read your suggestions about this.


Use cobbler.
https://fedorahosted.org/cobbler

You will have some work scripting your customizations (or not, if it's
already scripted) but then, you can install as many systems at once as
you have ports in your switches.

cobbler takes a bit of a learning curve, but once you've figured it out,
it's going to save you a lot of time (which is the whole point).


Rainer



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Regd: SeLinux Configuration

2008-10-14 Thread Barry Brimer 

Dear All,

Find attached the selinux configuration file "/etc/selinux/config"

 # This file controls the state of SELinux on the system.
 # SELINUX= can take one of these three values:
 #   enforcing - SELinux security policy is enforced.
 #   permissive - SELinux prints warnings instead of enforcing.
 #   disabled - SELinux is fully disabled.
 SELINUX=enforcing
 # SELINUXTYPE= type of policy in use. Possible values are:
 #   targeted - Only targeted network daemons are protected.
 #   strict - Full SELinux protection.
 SELINUXTYPE=targeted


Please post /boot/grub/grub.conf as well.  There may be an "selinux" or 
"enforcing" parameter on the kernel line that is producing unexpected 
results.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Ralph Angenendt 
Sean Carolan wrote:
> We have an issue with some customers who refuse to accept ICMP traffic
> to their mail servers.  It seems that they have put Mordac, preventer
> of information services in charge of their firewall policy
> (http://en.wikipedia.org/wiki/List_of_minor_characters_in_Dilbert#Mordac).

BUT ICMP IS BAD!¡

> My mail logs are showing that customers who specifically disallow ICMP
> traffic have many "Connection Reset" entries in our logs:
> 
> Oct 14 08:00:50 mailsrv sendmail[2024]: m9ED0Yf5002021:
> to=<[EMAIL PROTECTED]>, delay=00:00:16, xdelay=00:00:16,
> mailer=esmtp, pri=42476, relay=mail.customer.org. [XX.XX.XX.XX],
> dsn=4.0.0, stat=Deferred: Connection reset by mail.customer.org.
> 
> I have disabled pmtu discovery on our routers as well as on all our
> outbound mail servers.  Is there anything else I can do on our side to
> help the situation?

So you basically broke your internet connection because of stupid
customers? No, there isn't anything you can do on your side - especially
if you don't know how large their MTU is set (which you cannot discover,
as they forbid you to do so). So you can only hope that you get exactly
the same MTU as they have (and that there is nothing inbetween which has
a lower MTU). 

It is their problem. If they don't want to play by the rules, they
should have to sit out the problems they themselves created.

Ralph


pgpSz7jRJdeuz.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Squid proxy High Availability

2008-10-14 Thread nate 
lingu wrote:

> Help me in designing the setup  of high availability squid

I think your better off using a load balancer instead of
a cluster. For one, GFS requires shared storage(typically SAN),
and two load balancing is much simpler than clustering.

LVS is a free linux-based load balancer, so you'd have two
LVS nodes and N+1 squid nodes. I prefer F5 BigIPs as they
are more flexible/much easier to manage though they aren't
that cheap, though if you have 4000 clients it shouldn't
be hard to justify it.

Run round-robin load balancing, and if your load balancer
supports it consider enabling some sort of persistence
such as source IP persistence so that the client IPs get
pinned to the same proxy server(so the cache is consistent)
throughout their session, if that proxy server fails
then the load balancer will fail them over to the
other server seamlessly. Don't worry about keeping the
caches in sync. With BigIP you can configure this in
about 30 seconds, with LVS I'm not sure if it's even
possible.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Squid Number of hits

2008-10-14 Thread lingu 
Dear all,

 I am running squid  on centos 5.Is there is any tool to calculate
number of ip's hit the server for month wise.
Even any command to find out the number of hits is also ok.


Regards,
Lingu
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Kai Schaetzl 
Sorin Srbu wrote on Tue, 14 Oct 2008 15:24:59 +0200:

> Any particular reason why not, if I may ask?

Because other distributions have better support for brand-new consumer 
hardware. Especially, if you consider the lifetime cycle of CentOS which 
spans to 2014. Look at this not from the viewpoint of your mom, but from 
the computershop that wants to sell lots of PCs to very different people 
(which will expect to see *recent* software) and with (over the years) 
quite differing hardware.


Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Jens Larsson 
> > Any particular reason why not, if I may ask?

> Because other distributions have better support for brand-new consumer 
> hardware. Especially, if you consider the lifetime cycle of CentOS which 
> spans to 2014. Look at this not from the viewpoint of your mom, but from 
> the computershop that wants to sell lots of PCs to very different people 
> (which will expect to see *recent* software) and with (over the years) 
> quite differing hardware.
> Kai

But you don't want to supply consumers with an OS that gets unsupported 
before next christmas either, so Fedora is not the answer. Ubuntu LTS?

/jens

-- 
Jens Larsson, NSC, Linköpings universitet, SE-58183 LINKÖPING, SWEDEN
Phone: +46-13-281432, Mobile: +46-709-521432, E-mail: [EMAIL PROTECTED]
GPG/PGP Key: 1024D/C21BB2C7 2001-02-27 Jens Larsson <[EMAIL PROTECTED]>
Key Fingerprint: BAEF 85CF BF1D  7A69 C965 2EE6  C541 D57F C21B  B2C7___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread David Dyer-Bennet 

On Tue, October 14, 2008 09:31, Kai Schaetzl wrote:
> Sean Carolan wrote on Tue, 14 Oct 2008 08:13:34 -0500:
>
>> My mail logs are showing that customers who specifically disallow ICMP
>> traffic have many "Connection Reset" entries in our logs:
>
> Could somebody explain why ICMP might play a role in mail delivery?

ICMP is involved in IP routing, including MTU discovery, announcing failed
connections, and so forth.  Email is delivered over IP.  QED.

-- 
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Paul Bijnens 

On 2008-10-14 16:31, Kai Schaetzl wrote:

Sean Carolan wrote on Tue, 14 Oct 2008 08:13:34 -0500:


My mail logs are showing that customers who specifically disallow ICMP
traffic have many "Connection Reset" entries in our logs:


Could somebody explain why ICMP might play a role in mail delivery?


Any host may reply to a IP-datagram (tcp included) with e.g. ICMP type 3,
code 4 "datagram too large" and indicating the maximum size in the ICMP reply.

Disallowing these ICMP packets can result in a TCP handshake that
succeeds, but hangs when the next packets with real data are blocked.

http://en.wikipedia.org/wiki/PMTUD



--
Paul Bijnens, xplanation Technology ServicesTel  +32 16 397.511
Technologielaan 21 bus 2, B-3001 Leuven, BELGIUMFax  +32 16 397.512
http://www.xplanation.com/  email:  [EMAIL PROTECTED]
***
* I think I've got the hang of it now:  exit, ^D, ^C, ^\, ^Z, ^Q, ^^, *
* F6, quit, ZZ, :q, :q!, M-Z, ^X^C, logoff, logout, close, bye, /bye, *
* stop, end, F3, ~., ^]c, +++ ATH, disconnect, halt,  abort,  hangup, *
* PF4, F20, ^X^X, :D::D, KJOB, F14-f-e, F8-e,  kill -1 $$,  shutdown, *
* init 0, kill -9 1, Alt-F4, Ctrl-Alt-Del, AltGr-NumLock, Stop-A, ... *
* ...  "Are you sure?"  ...   YES   ...   Phew ...   I'm out  *
***
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Samba Hosts Allow/Deny

2008-10-14 Thread Joseph L. Casale 
I am running CentOS 5.2 w/ Samba 3.0.28 and have a basic user level setup and

am trying to use hosts allow and deny but it does not have an effect? I have

specified them in the share level of the config.



I have tried:

  hosts allow = 192.168.0.72/32

  hosts deny = 0.0.0.0/0



Also:

; hosts allow = 192.168.0.72/32

  hosts deny = 0.0.0.0/0 except 192.168.0.72/32



Still, any hosts can gain access? Can anyone shed some light on this?



Thanks,

jlc

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Les Mikesell 

Kai Schaetzl wrote:



My mail logs are showing that customers who specifically disallow ICMP
traffic have many "Connection Reset" entries in our logs:


Could somebody explain why ICMP might play a role in mail delivery?


It is required for any TCP conversation, unless as a matter of luck you 
happen to have the same MTU capability across the whole path - or the 
end points restrict their MTUs arbitrarily to a size that everything can 
handle.


--
  Les Mikesell
   [EMAIL PROTECTED]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Mufit Eribol 

Kai Schaetzl wrote:

Priority for CentOS Extras repo: 1

double-check that! For instance, if this repo is not enabled, the priority 
will not work!


Kai

Checked that, already enabled. Here is an excerpt from CentOS-Base.repo:

...
#additional packages that may be useful
[extras]
name=CentOS-$releasever - Extras
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras
gpgcheck=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-CentOS-5
protect=0
priority=1
...


"yum update" prints the following info on the screen:
...
Excluding Packages in global exclude list
Finished
355 packages excluded due to repository priority protections
Setting up Update Process
...

So, it seems priorities plugin is there and working. I am stumped!

All the best,
Mufit




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Samba Hosts Allow/Deny

2008-10-14 Thread Joseph L. Casale 
>man page suggests that you use this type of reference...
>
>hosts allow = 192.168.0.72/255.255.255.255
>
>Craig

Whoops, my bad!
Thanks for the correction.
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Filipe Brandenburger 
Hi,

On Tue, Oct 14, 2008 at 05:44, Mufit Eribol <[EMAIL PROTECTED]> wrote:
> Installed package: GeoIP.i386 1.4.4-1.el5.centos
> Repo: CentOS Extras
> Priority for CentOS Extras repo: 1
>
> "yum update" wants to replace the above package with the following:
>
> Package: geoip.i386 1.4.5-1.el5.rf
> Repo: rpmforge
> Priority for rpmforge: 15

The package names are different, so probably "geoip" (from RPMforge)
obsoletes "GeoIP" from CentOS.

In that case, for priorities to work and exclude the one that
obsoletes the other, you have to set this option in the [main] section
of /etc/yum/pluginconf.d/priorities.conf:

check_obsoletes=1

Look for the thread about perl-DBD-mysql vs. perl-DBD-MySQL, it's
probably the same issue.

HTH,
Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Sorin Srbu 
Kai Schaetzl <> scribbled on Tuesday, October 14, 2008 4:31 PM:

>> Any particular reason why not, if I may ask?
> 
> Because other distributions have better support for brand-new consumer
> hardware. Especially, if you consider the lifetime cycle of CentOS which
> spans to 2014. Look at this not from the viewpoint of your mom, but from
> the computershop that wants to sell lots of PCs to very different people
> (which will expect to see *recent* software) and with (over the years)
> quite differing hardware.

I see. Good point. However, brand-new hardware support would mean something
like the bleeding edge Fedora (any other distro?). The disadvantage IMHO with
eg Fedora is it's short life-cycle though. What is it, a year or so now?

FWIW, I've installed CentOS on pretty new stuff, like dual core-mobos with
SATA etc, Broadcom integrated and Intel Desktop Pro/1000 NICs and so on. Works
fine, so I still don't quite see why it'd not be suitable with settling on eg
CentOS, especially if it's set up properly from the beginning by the shop. Did
you maybe have some special hardware in mind?

Maybe I'm blinded by CentOS running fine on whatever I throw at it so far...

/S


smime.p7s
Description: S/MIME cryptographic signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: yum priorities question

2008-10-14 Thread Scott Silva 
on 10-14-2008 3:14 AM Mufit Eribol spake the following:
> Ralph Angenendt wrote:
>> Strange, because it works here:
>>
>> [EMAIL PROTECTED] Documentation]# yum -v update | grep -i geoip
>>  --> geoip-devel-1.4.0-1.el5.rf.x86_64 from rpmforge excluded (priority)
>>  --> geoip-1.4.0-1.el5.rf.x86_64 from rpmforge excluded (priority)
>>  --> geoip-1.4.4-1.el5.rf.x86_64 from rpmforge excluded (priority)
>>  --> geoip-1.4.5-1.el5.rf.x86_64 from rpmforge excluded (priority)
>>  --> geoip-devel-1.4.4-1.el5.rf.x86_64 from rpmforge excluded (priority)
>>  --> geoip-devel-1.4.5-1.el5.rf.x86_64 from rpmforge excluded (priority)
>>  --> GeoIP-devel-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing
>> excluded (priority)
>>  --> GeoIP-devel-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing
>> excluded (priority)
>>  --> GeoIP-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded
>> (priority)
>>  --> GeoIP-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded
>> (priority)
>> [EMAIL PROTECTED] Documentation]# 
> Here is what I get,
> 
> [EMAIL PROTECTED] ~]# yum -v update | grep -i geoip
> ---> Package geoip.i386 0:1.4.5-1.el5.rf set to be updated
> Checking deps for geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.1.2)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libz.so.1', None, (None, None, None)) as a requirement of
> geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libGeoIPUpdate.so.0', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.0)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.3)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.4)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.1)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('config(geoip)', 'EQ', ('0', '1.4.5', '1.el5.rf')) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('rtld(GNU_HASH)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.3.4)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('/sbin/ldconfig', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6', None, (None, None, None)) as a requirement of
> geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libc.so.6(GLIBC_2.1.3)', None, (None, None, None)) as a
> requirement of geoip.i386 0-1.4.5-1.el5.rf - u
> looking for ('libGeoIP.so.1', None, (None, None, None)) as a requirement
> of geoip.i386 0-1.4.5-1.el5.rf - u
> ---> Package geoip-devel.i386 0:1.4.5-1.el5.rf set to be updated
> Checking deps for geoip-devel.i386 0-1.4.5-1.el5.rf - u
> looking for ('libGeoIPUpdate.so.0', None, (None, None, None)) as a
> requirement of geoip-devel.i386 0-1.4.5-1.el5.rf - u
> looking for ('geoip', 'EQ', ('0', '1.4.5', '1.el5.rf')) as a requirement
> of geoip-devel.i386 0-1.4.5-1.el5.rf - u
> looking for ('libGeoIP.so.1', None, (None, None, None)) as a requirement
> of geoip-devel.i386 0-1.4.5-1.el5.rf - u
> Checking deps for GeoIP.i386 0-1.4.4-1.el5.centos - None
> Checking deps for GeoIP-devel.i386 0-1.4.4-1.el5.centos - None
> geoip   i386   1.4.5-1.el5.rf   rpmforge  750 k
> replacing  GeoIP.i386 1.4.4-1.el5.centos
> geoip-devel i386   1.4.5-1.el5.rf   rpmforge  7.1 k
> replacing  GeoIP-devel.i386 1.4.4-1.el5.centos
> 
> 
> [EMAIL PROTECTED] ~]# rpm -qa |grep geoip
> [EMAIL PROTECTED] ~]#
> 
> [EMAIL PROTECTED] ~]# rpm -qa|grep GeoIP
> GeoIP-data-20080301-1.el5.centos
> GeoIP-devel-1.4.4-1.el5.centos
> GeoIP-1.4.4-1.el5.centos
> [EMAIL PROTECTED] ~]#
> 
> I have no clue about what is going on?
> 
> Regards,
> Mufit
Just to be thorough, run this;
rpm -qa | grep priorities



-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: yum priorities question

2008-10-14 Thread Mufit Eribol 

Scott Silva wrote:

Just to be thorough, run this;
rpm -qa | grep priorities

[EMAIL PROTECTED] ~]# rpm -qa | grep priorities
yum-priorities-1.1.10-9.el5.centos
[EMAIL PROTECTED] ~]#
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Squid Number of hits

2008-10-14 Thread John Horne 
On Tue, 2008-10-14 at 16:54 +0530, lingu wrote:
> Dear all,
> 
>  I am running squid  on centos 5.Is there is any tool to calculate
> number of ip's hit the server for month wise.
> Even any command to find out the number of hits is also ok.
> 
Calamaris can give you a summary:

   http://cord.de/tools/squid/calamaris/




John.

-- 
---
John Horne, University of Plymouth, UK  Tel: +44 (0)1752 587287
E-mail: [EMAIL PROTECTED]   Fax: +44 (0)1752 587001
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Kai Schaetzl 
Ralph Angenendt wrote on Tue, 14 Oct 2008 17:24:08 +0200:

> If you don't know the smallest MTU on the path to the mail server, you
> might not be able to send packets over that path, especially if DF is
> set.

But if it's not set? Shouldn't most devices have it not set?

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Sean Carolan 
We have an issue with some customers who refuse to accept ICMP traffic
to their mail servers.  It seems that they have put Mordac, preventer
of information services in charge of their firewall policy
(http://en.wikipedia.org/wiki/List_of_minor_characters_in_Dilbert#Mordac).

My mail logs are showing that customers who specifically disallow ICMP
traffic have many "Connection Reset" entries in our logs:

Oct 14 08:00:50 mailsrv sendmail[2024]: m9ED0Yf5002021:
to=<[EMAIL PROTECTED]>, delay=00:00:16, xdelay=00:00:16,
mailer=esmtp, pri=42476, relay=mail.customer.org. [XX.XX.XX.XX],
dsn=4.0.0, stat=Deferred: Connection reset by mail.customer.org.

I have disabled pmtu discovery on our routers as well as on all our
outbound mail servers.  Is there anything else I can do on our side to
help the situation?
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Kai Schaetzl 
Sorin Srbu wrote on Tue, 14 Oct 2008 18:26:51 +0200:

> Did
> you maybe have some special hardware in mind?

No. I just wanted to point out that for such a task another distribution 
*might* be better suited, that's all.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Mass installs of desktop systems on identical machines

2008-10-14 Thread Scott Silva 
on 10-14-2008 9:26 AM Sorin Srbu spake the following:
> Kai Schaetzl <> scribbled on Tuesday, October 14, 2008 4:31 PM:
> 
>>> Any particular reason why not, if I may ask?
>> Because other distributions have better support for brand-new consumer
>> hardware. Especially, if you consider the lifetime cycle of CentOS which
>> spans to 2014. Look at this not from the viewpoint of your mom, but from
>> the computershop that wants to sell lots of PCs to very different people
>> (which will expect to see *recent* software) and with (over the years)
>> quite differing hardware.
> 
> I see. Good point. However, brand-new hardware support would mean something
> like the bleeding edge Fedora (any other distro?). The disadvantage IMHO with
> eg Fedora is it's short life-cycle though. What is it, a year or so now?
> 
> FWIW, I've installed CentOS on pretty new stuff, like dual core-mobos with
> SATA etc, Broadcom integrated and Intel Desktop Pro/1000 NICs and so on. Works
> fine, so I still don't quite see why it'd not be suitable with settling on eg
> CentOS, especially if it's set up properly from the beginning by the shop. Did
> you maybe have some special hardware in mind?
> 
> Maybe I'm blinded by CentOS running fine on whatever I throw at it so far...
> 
> /S
You just need to read this list to see people having hardware troubles, mostly
with SATA and/or network, but those are pretty important to a PC.

-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Sorin Srbu 
Niki Kovacs <> scribbled on Tuesday, October 14, 2008 1:44 PM:

>How
> would it *technically* be possible to replicate these installs as easily
> as possible? 

G4u (Ghost for unix) is your solution. It's free.

Have a ftp-and dhcp server available on your network. Install one machine with
your preferred linux distro and tweak it as you want it. Boot from the g4u-cd
and ghost it to your ftp-server.

Boot from the g4u-cd on your next machine and dump the image from your
ftp-server to the new machine. Kudzu will take care of everything else. You
can do this with several machines at once. The nice thing with kudzu is that
your image will work even with a computer that does not have the same
hardware. Awesome is just scraping the surface.

I use this approach at our department. Works excellent.

HTH.

/S


smime.p7s
Description: S/MIME cryptographic signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Les Mikesell 

Kai Schaetzl wrote:

Ralph Angenendt wrote on Tue, 14 Oct 2008 17:24:08 +0200:


If you don't know the smallest MTU on the path to the mail server, you
might not be able to send packets over that path, especially if DF is
set.


But if it's not set? Shouldn't most devices have it not set?


Routers should fragment as needed and the receiving stack will 
reassemble.  Windows tends to set DF on a lot of packets unnecessarily.


--
  Les Mikesell
   [EMAIL PROTECTED]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread nate 
Kai Schaetzl wrote:
> Sean Carolan wrote on Tue, 14 Oct 2008 08:13:34 -0500:
>
>> My mail logs are showing that customers who specifically disallow ICMP
>> traffic have many "Connection Reset" entries in our logs:
>
> Could somebody explain why ICMP might play a role in mail delivery?

It doesn't really. If the OP had PMTU discovery turned on it
would affect most all communications not just email. I can't
ever remember having it on for external networks, there's
never been a need in my case.

It's just likely that the only communications between the OP's
systems and the other side was email.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread David Dyer-Bennet 

On Tue, October 14, 2008 12:31, Kai Schaetzl wrote:
> Ralph Angenendt wrote on Tue, 14 Oct 2008 17:24:08 +0200:
>
>> If you don't know the smallest MTU on the path to the mail server, you
>> might not be able to send packets over that path, especially if DF is
>> set.
>
> But if it's not set? Shouldn't most devices have it not set?

Yes, most devices should fragment if necessary (DF not set).

Most devices should also pass/accept ICMP messages relating to their
connections.  Deliberately configuring them not to is asking for trouble;
those messages are part of the protocol for a reason.

(Fragmentation introduces more work and effectively many more lost packets
in most setups, so the flow will be jumpy and less efficient even if it
mostly works.)

-- 
David Dyer-Bennet, [EMAIL PROTECTED]; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Mufit Eribol 

Filipe Brandenburger wrote:

Hi,

The package names are different, so probably "geoip" (from RPMforge)
obsoletes "GeoIP" from CentOS.

In that case, for priorities to work and exclude the one that
obsoletes the other, you have to set this option in the [main] section
of /etc/yum/pluginconf.d/priorities.conf:

check_obsoletes=1

Look for the thread about perl-DBD-mysql vs. perl-DBD-MySQL, it's
probably the same issue.

HTH,
Filipe
  

Yes Filipe, that's it!

Obviously, I overlooked this option in priorities.conf.

The below text is from 
http://wiki.centos.org/PackageManagement/Yum/Priorities:


"Some packages specify obsoletes in their metadata. This property of a 
package specifies which old packages with a different name the package 
replaces. This can intefere with the priority protection of packages, if 
a package from a low-priority repository contains an obsoletion for 
package from a high-priority repository. For instance, if the gconfmm2 
package was installed from a high-priority repository, and another 
package (say gconfmm20) claims to replace the obsolete gconfmm2 package, 
Yum will replace the gconfmm2 package with the gconfmm20 package. This 
plugin can prevent such upgrades, by adding the following line to the 
main section of /etc/yum/pluginconf.d/priorities.conf: check_obsoletes=1 "


This option works nice.

Thank you for the hint.

Mufit
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Ralph Angenendt 
Mufit Eribol wrote:
> Installed package: GeoIP.i386 1.4.4-1.el5.centos
> Repo: CentOS Extras
> Priority for CentOS Extras repo: 1
>
> "yum update" wants to replace the above package with the following:
>
> Package: geoip.i386 1.4.5-1.el5.rf
> Repo: rpmforge
> Priority for rpmforge: 15
>
> Why does yum try to replace the package from a repo with higher  
> priority? Isn't "yum priorities" supposed to keep it?

Strange, because it works here:

[EMAIL PROTECTED] Documentation]# yum -v update | grep -i geoip
 --> geoip-devel-1.4.0-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-1.4.0-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-1.4.4-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-1.4.5-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-devel-1.4.4-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-devel-1.4.5-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> GeoIP-devel-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded 
(priority)
 --> GeoIP-devel-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded 
(priority)
 --> GeoIP-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded (priority)
 --> GeoIP-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded (priority)
[EMAIL PROTECTED] Documentation]# 

Cheers,

Ralph


pgpSzYaB9MnIq.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Filipe Brandenburger 
Hi,

On Tue, Oct 14, 2008 at 13:47, Mufit Eribol <[EMAIL PROTECTED]> wrote:
>> check_obsoletes=1
> Yes Filipe, that's it!
> This option works nice.
>
> Thank you for the hint.

No problem! :-)

By the way, in a previous thread ("rpmforge, perl-dbd-mysql, yum,
priorities, centos, and you") it was suggested that this option should
be made default in CentOS... developers, any words on that? Is the
"priorities" plug-in CentOS specific or is it upstream provided? In
the latter case, could we open a bug upstream for that?

Filipe
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Sendmail and pmtu discovery

2008-10-14 Thread Ralph Angenendt 
Scott Silva wrote:
> on 10-14-2008 6:24 AM Ralph Angenendt spake the following:
>
> > So you basically broke your internet connection because of stupid
> > customers? No, there isn't anything you can do on your side -
> > especially if you don't know how large their MTU is set (which you
> > cannot discover, as they forbid you to do so). So you can only hope
> > that you get exactly the same MTU as they have (and that there is
> > nothing inbetween which has a lower MTU).
> >
> > It is their problem. If they don't want to play by the rules, they
> > should have to sit out the problems they themselves created.
>
> Sometimes you can't be so hard headed when you are dealing with
> customers. You usually are trying to get them to give money to YOU,
> not your competitor.
>
> If I told my customers that "It is your problem", I would no longer
> have customers to worry about!

But your competitor wouldn't be able to send them mails either >:)

As said, they deliberately broke their internet connection, so there isn't
much you can do except setting your MTU to an extremely low value and hope 
that there's nothing in between which has an even lower MTU.

So your best choice would be to do some consulting and give them some advice
on what they did wrong and how they can selectively block ICMP types (for 
example redirect and such).

Cheers,

Ralph

pgprQSeZxMvj2.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Ralph Angenendt 
Kai Schaetzl wrote:
> Ralph Angenendt wrote on Tue, 14 Oct 2008 17:24:08 +0200:
> 
> > If you don't know the smallest MTU on the path to the mail server, you
> > might not be able to send packets over that path, especially if DF is
> > set.
> 
> But if it's not set? Shouldn't most devices have it not set?

Fragmentation is bad. That's why you do PMTUD - to see which is the lowest
MTU in the path. You then set your packet sizes accordingly and set the DF
bit. If the lowest MTU in the path changes to an even lower one you get an
error and can continue with smaller packet sizes.

If you disallow PMTUD - well, you're asking for trouble >:)

 has a rather good discussion about that.

Ralph

pgpwzGQOhGZ4d.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: tg3 ethernet card drops connection under heavy load

2008-10-14 Thread Sean Carolan 
>> There was nothing out of the ordinary in /var/log/messages.  The
>> logging just stops after the network card drops offline.  dmesg also
>> shows nothing out of the ordinary when the driver is loaded.  The
>> network card works fine until it is under heavy load.
> Since you are running CentOS 3 I am assuming this server has been in
> production for some time. Did these symptoms just start?
> Did you do any updates before this started happening?
> Did you install this equipment, or did you assume admin duties from someone
> else? Maybe it had the HP net driver installed, and a kernel update broke 
> that.

It appears to be a faulty NIC card.  We moved the connection over to
the other card and have not had any problems since.  Sometimes it's
just plain "broken"!  :)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Kai Schaetzl 
Niki Kovacs wrote on Tue, 14 Oct 2008 13:44:19 +0200:

> How 
> would it *technically* be possible to replicate these installs as easily 
> as possible?

Kickstart. I wouldn't be so sure that CentOS would be the best choice for a 
brand-new consumer desktop, though. You might want to use Fedora which is 
also kickstartable.

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Sendmail and pmtu discovery

2008-10-14 Thread Les Mikesell 

Ralph Angenendt wrote:


As said, they deliberately broke their internet connection, so there isn't
much you can do except setting your MTU to an extremely low value and hope 
that there's nothing in between which has an even lower MTU.


It doesn't have to be extremely low, it just has to be low enough.  The 
usual reason for needing to be less than the 1500 bytes permitted by 
ethernet would be using some sort of tunnel protocol for PPOE or a VPN. 
 1460 might keep everybody happy.


--
  Les Mikesell
   [EMAIL PROTECTED]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Les Mikesell 

Niki Kovacs wrote:
How 
would it *technically* be possible to replicate these installs as easily 
as possible? The hardware is always the same, so I wonder: I have a 
vague idea about disk images (to be more precise: I know disk images 
well as far as burning CDs on the commandline is concerned, or when it 
comes to installing an OS in VirtualBox using the .iso)... but is there 
a way to somehow transform an existing install into a disk image, and 
then simply copy these over to all the other machines? (I've never done 
this)


Clonezilla is probably the fastest/easiest way.  There are 2 versions. 
Clonezilla-live boots from a CD or USB drive and lets you save or 
restore a disk or partition image using local or network storage via 
nfs, sshfs, or samba.  For windows and most linux filesystems it knows 
enough to only save the used portions of the disk.  You can also make a 
bootable DVD containing an image to load.  For large numbers of machines 
there is the companion drbl to network-boot into clonezilla. 
http://clonezilla.org/


--
  Les Mikesell
   [EMAIL PROTECTED]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Squid proxy High Availability

2008-10-14 Thread Barry Brimer 

So i am planned to go for one more  Centos5  server with cluster.Can
any one suggest me how to design it either i have to go for common
storage for storing all global files or i need to synchronize both the
server periodically by  running instance on local disk of both the
servers.


You could also make them peer caches of one another and you could also use 
Linux Virtual Server .. part of the Cluster Suite to load balance .. 
although you would need to make sure that you have persistence enabled.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Sendmail and pmtu discovery

2008-10-14 Thread Sean Carolan 
Thanks for the information.  If I understand this correctly, the
client would have to convince the owner of each and every router hop
along the way to disable PMTU discovery if he insists on dropping all
ICMP packets?

And Scott hit the nail on the head with this comment:

> Sometimes you can't be so hard headed when you are dealing with customers. You
> usually are trying to get them to give money to YOU, not your competitor.

> If I told my customers that "It is your problem", I would no longer have
> customers to worry about!

If you've ever dealt with with one of these paranoid Mordac-type
security managers you know exactly what I'm talking about.  In our
case the path of least resistance was to disable pmtu discovery, and
tell the customer that we've done all we possibly can to alleviate the
issue on our end.  Hopefully they come to their senses and allow ICMP
packets like every major ISP and mail provider on the Internet.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Sendmail and pmtu discovery

2008-10-14 Thread Ralph Angenendt 
Les Mikesell wrote:
> Ralph Angenendt wrote:
>>
>> As said, they deliberately broke their internet connection, so there isn't
>> much you can do except setting your MTU to an extremely low value and 
>> hope that there's nothing in between which has an even lower MTU.
>
> It doesn't have to be extremely low, it just has to be low enough.  The  
> usual reason for needing to be less than the 1500 bytes permitted by  
> ethernet would be using some sort of tunnel protocol for PPOE or a VPN.  
> 1460 might keep everybody happy.

Might being the operative word here, yes.

Ralph

pgprG3ULaNFXt.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Kai Schaetzl 
Sean Carolan wrote on Tue, 14 Oct 2008 08:13:34 -0500:

> My mail logs are showing that customers who specifically disallow ICMP
> traffic have many "Connection Reset" entries in our logs:

Could somebody explain why ICMP might play a role in mail delivery?

Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Weird problem in PHP 5.1.6/possible bug

2008-10-14 Thread Patrick 

Kai Schaetzl wrote:

As you might have seen I actually found a workaround. Your findings on 
CentOS 4 suggest that it is a specific problem on the CentOS/RHEL 5 
platform. The PHP 5 coming with CentOS 5 is set to a locale of C and 
doesn't match the locale of the system! I guess I file a bug now. Thanks!


Kai


No problem !!

:-)

Patrick


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum priorities question

2008-10-14 Thread Mufit Eribol 

Ralph Angenendt wrote:

Strange, because it works here:

[EMAIL PROTECTED] Documentation]# yum -v update | grep -i geoip
 --> geoip-devel-1.4.0-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-1.4.0-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-1.4.4-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-1.4.5-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-devel-1.4.4-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> geoip-devel-1.4.5-1.el5.rf.x86_64 from rpmforge excluded (priority)
 --> GeoIP-devel-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded 
(priority)
 --> GeoIP-devel-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded 
(priority)
 --> GeoIP-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded (priority)
 --> GeoIP-1.4.4-2.el5.kb.x86_64 from kbs-CentOS-Testing excluded (priority)
[EMAIL PROTECTED] Documentation]# 

Here is what I get,

[EMAIL PROTECTED] ~]# yum -v update | grep -i geoip
---> Package geoip.i386 0:1.4.5-1.el5.rf set to be updated
Checking deps for geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.1.2)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libz.so.1', None, (None, None, None)) as a requirement of 
geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libGeoIPUpdate.so.0', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.0)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.3)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.4)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.1)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('config(geoip)', 'EQ', ('0', '1.4.5', '1.el5.rf')) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('rtld(GNU_HASH)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.3.4)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('/sbin/ldconfig', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6', None, (None, None, None)) as a requirement of 
geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libc.so.6(GLIBC_2.1.3)', None, (None, None, None)) as a 
requirement of geoip.i386 0-1.4.5-1.el5.rf - u
looking for ('libGeoIP.so.1', None, (None, None, None)) as a requirement 
of geoip.i386 0-1.4.5-1.el5.rf - u

---> Package geoip-devel.i386 0:1.4.5-1.el5.rf set to be updated
Checking deps for geoip-devel.i386 0-1.4.5-1.el5.rf - u
looking for ('libGeoIPUpdate.so.0', None, (None, None, None)) as a 
requirement of geoip-devel.i386 0-1.4.5-1.el5.rf - u
looking for ('geoip', 'EQ', ('0', '1.4.5', '1.el5.rf')) as a requirement 
of geoip-devel.i386 0-1.4.5-1.el5.rf - u
looking for ('libGeoIP.so.1', None, (None, None, None)) as a requirement 
of geoip-devel.i386 0-1.4.5-1.el5.rf - u

Checking deps for GeoIP.i386 0-1.4.4-1.el5.centos - None
Checking deps for GeoIP-devel.i386 0-1.4.4-1.el5.centos - None
geoip   i386   1.4.5-1.el5.rf   rpmforge  750 k
replacing  GeoIP.i386 1.4.4-1.el5.centos
geoip-devel i386   1.4.5-1.el5.rf   rpmforge  7.1 k
replacing  GeoIP-devel.i386 1.4.4-1.el5.centos


[EMAIL PROTECTED] ~]# rpm -qa |grep geoip
[EMAIL PROTECTED] ~]#

[EMAIL PROTECTED] ~]# rpm -qa|grep GeoIP
GeoIP-data-20080301-1.el5.centos
GeoIP-devel-1.4.4-1.el5.centos
GeoIP-1.4.4-1.el5.centos
[EMAIL PROTECTED] ~]#

I have no clue about what is going on?

Regards,
Mufit
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] What is the best network monitoring tool?

2008-10-14 Thread Tim Berger 
On Wed, Oct 8, 2008 at 7:01 PM, Alejandro <[EMAIL PROTECTED]> wrote:

> Hi all,
>
> Currently I have a big question.
>
> What is the best OPEN SOURCE solution for monitoring multiple Host and
> Services, for example for using in a WebHosting Provider with 50 hosts or
> more.
>

I've had good luck with "mon".  Written in Perl and supports plug-in monitor
and alert modules.  The modules are easy to write.

It's better than most largely advertised system monitoring/alert packages
because it is simple in design, configuration is flexible, and it supports a
large number of hosts.

http://mon.wiki.kernel.org/index.php/Main_Page


>
> Currently, I'm using NAGIOS for more than 3 years, this is a incredible
> tool, but before upgrade to version 3, I have this existential question.
>
> Please fill free to recommend any soft, but with this option in mind.
>  1- Easy option to personalize any plug-in
>  2- Good Documentation
>  3- Support large platforms
>  4- Run over Linux
>
> Sorry for me English
> Regards
> Alejandro
> www.linuxiso.com.ar
> from Buenos Aires, Argentina
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
>


-- 
-Tim
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 44, Issue 10

2008-10-14 Thread centos-announce-request 
Send CentOS-announce mailing list submissions to
[EMAIL PROTECTED]

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
[EMAIL PROTECTED]

You can reach the person managing the list at
[EMAIL PROTECTED]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CEEA-2008:0941  CentOS 5 i386 tzdata Update (Karanbir Singh)
   2. CEBA-2008:0898  CentOS 5 x86_64 cman Update (Karanbir Singh)
   3. CEEA-2008:0941  CentOS 5 x86_64 tzdata Update (Karanbir Singh)
   4. CEBA-2008:0898  CentOS 5 i386 cman Update (Karanbir Singh)
   5. CEBA-2008:0942  CentOS 5 i386 gfs-kmod Update (Karanbir Singh)
   6. CEBA-2008:0942  CentOS 5 x86_64 gfs-kmod Update (Karanbir Singh)
   7. CESA-2008:0937 Important CentOS 5 i386 cups Update
  (Karanbir Singh)
   8. CESA-2008:0937 Important CentOS 5 x86_64 cups Update
  (Karanbir Singh)
   9. CEBA-2008:0850  CentOS 5 i386 libdhcp Update (Karanbir Singh)
  10. CEBA-2008:0850  CentOS 5 x86_64 libdhcp Update (Karanbir Singh)


--

Message: 1
Date: Mon, 13 Oct 2008 17:07:49 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CEEA-2008:0941  CentOS 5 i386 tzdata Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Enhancement Advisory 2008:0941 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2008-0941.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

i386:
4d07003c43de6180f963b2b328a1e393  tzdata-2008f-3.el5.noarch.rpm

Source:
bcd14bd131497e7d98e6bbee5ea3925c  tzdata-2008f-3.el5.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

Message: 2
Date: Mon, 13 Oct 2008 17:05:28 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CEBA-2008:0898  CentOS 5 x86_64 cman Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2008:0898 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2008-0898.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

x86_64:
03ea6dc53f1f8dafbdd7f1ed4ad89202  cman-2.0.84-2.el5_2.1.x86_64.rpm
cde78e5a359c0dbc63ea1b30e17732cd  cman-devel-2.0.84-2.el5_2.1.i386.rpm
937f6e0bcfb919d25ed7224242c6c3fe  cman-devel-2.0.84-2.el5_2.1.x86_64.rpm

Source:
cfbe50d6963234894a58284a74f9ccd8  cman-2.0.84-2.el5_2.1.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

Message: 3
Date: Mon, 13 Oct 2008 17:07:49 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CEEA-2008:0941  CentOS 5 x86_64 tzdata
Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Enhancement Advisory 2008:0941 

Upstream details at : https://rhn.redhat.com/errata/RHEA-2008-0941.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

x86_64:
8bd20795a670c58085ccfecd61df199c  tzdata-2008f-3.el5.noarch.rpm

Source:
bcd14bd131497e7d98e6bbee5ea3925c  tzdata-2008f-3.el5.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

Message: 4
Date: Mon, 13 Oct 2008 17:05:27 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CEBA-2008:0898  CentOS 5 i386 cman Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2008:0898 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2008-0898.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

i386:
ffcd533b5e83a92e4336d44b7c617d41  cman-2.0.84-2.el5_2.1.i386.rpm
f771de6845cefbe6d84fa9ef415e55cd  cman-devel-2.0.84-2.el5_2.1.i386.rpm

Source:
cfbe50d6963234894a58284a74f9ccd8  cman-2.0.84-2.el5_2.1.src.rpm


-- 
Karanbir Singh
CentOS Project { http://www.centos.org/ }
irc: z00dax, [EMAIL PROTECTED]



--

Message: 5
Date: Mon, 13 Oct 2008 17:28:41 +0100
From: Karanbir Singh <[EMAIL PROTECTED]>
Subject: [CentOS-announce] CEBA-2008:0942  CentOS 5 i386 gfs-kmod
Update
To: [EMAIL PROTECTED]
Message-ID: <[EMAIL PROTECTED]>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2008:0942 

Upstream details at : https://rhn.redhat.com/errata/RHBA-2008-0942.html

The following updated files have been upl

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread mouss 
Sean Carolan a écrit :
> We have an issue with some customers who refuse to accept ICMP traffic
> to their mail servers.  It seems that they have put Mordac, preventer
> of information services in charge of their firewall policy
> (http://en.wikipedia.org/wiki/List_of_minor_characters_in_Dilbert#Mordac).
> 
> My mail logs are showing that customers who specifically disallow ICMP
> traffic have many "Connection Reset" entries in our logs:
> 
> Oct 14 08:00:50 mailsrv sendmail[2024]: m9ED0Yf5002021:
> to=<[EMAIL PROTECTED]>, delay=00:00:16, xdelay=00:00:16,
> mailer=esmtp, pri=42476, relay=mail.customer.org. [XX.XX.XX.XX],
> dsn=4.0.0, stat=Deferred: Connection reset by mail.customer.org.
> 
> I have disabled pmtu discovery on our routers as well as on all our
> outbound mail servers.  Is there anything else I can do on our side to
> help the situation?


Consider setting a small MTU (or MSS, ) for the borked networks
instead of changing your setup globally. something like

ip route add 192.0.2.0/24 via 10.0.0.1 mtu 1000







___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] App Question.

2008-10-14 Thread bruce 
Hi list!!

Got a question, and I can't find a good answer for, so I figured i'd post
here. I'm working on a project that involves a number of smaller apps to be
developed, and run. In order to build this overall application, I'm trying
to find a web based app that I can use to manage the entire process.

I need to be able to create the basic app, and then to test the app, and
then to run the app in a production environment. I need to be able to
schedule when the app is tested/run in the production system, as well as be
able to track the status of the test/production app. My overall system will
have 100's of these smaller child apps.

Has anyone heard of, or have any pointers to any kind of webbased app that I
can use (open source) to manage this entire kind of process. I would prefer
a web based app, that runs on a LAMP platform to manage this overall
process

Thanks


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread Ralph Angenendt 
Kai Schaetzl wrote:
> Sean Carolan wrote on Tue, 14 Oct 2008 08:13:34 -0500:
> 
> > My mail logs are showing that customers who specifically disallow ICMP
> > traffic have many "Connection Reset" entries in our logs:
> 
> Could somebody explain why ICMP might play a role in mail delivery?

If you don't know the smallest MTU on the path to the mail server, you
might not be able to send packets over that path, especially if DF is
set.

Ralph


pgpsLfanbEq6J.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Sorin Srbu 
Kai Schaetzl <> scribbled on Tuesday, October 14, 2008 2:21 PM:

> I wouldn't be so sure that CentOS would be the best choice for a
> brand-new consumer desktop, though.

Any particular reason why not, if I may ask? It works fine for my
computer-ignorant 50+ mom.

/S


smime.p7s
Description: S/MIME cryptographic signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Sendmail and pmtu discovery

2008-10-14 Thread mouss 
Kai Schaetzl a écrit :
> Ralph Angenendt wrote on Tue, 14 Oct 2008 17:24:08 +0200:
> 
>> If you don't know the smallest MTU on the path to the mail server, you
>> might not be able to send packets over that path, especially if DF is
>> set.
> 
> But if it's not set? Shouldn't most devices have it not set?
> 

It's not per device. It's a method to improve performances.
http://www.znep.com/~marcs/mtu/


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] looking for good web based DNS script to check nameservers

2008-10-14 Thread Brent L. Bates 
 FYI.  I tried the Web site Robert Spangler posted:

http://www.checkdns.net/quickcheckdomainf.aspx

We failed some of their tests because THEIR DNS isn't set up properly.

-- 

  Brent L. Bates (UNIX Sys. Admin.)
  M.S. 912  Phone:(757) 865-1400, x204
  NASA Langley Research CenterFAX:(757) 865-8177
  Hampton, Virginia  23681-0001
  Email: [EMAIL PROTECTED]  http://www.vigyan.com/~blbates/

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] /var/amavis

2008-10-14 Thread Jussi Hirvi 
> Jussi Hirvi wrote:
>> Hello all,
>> 
>> My /etc/group is not quite in order (a long story), and now I need to
>> correct privileges right here and there.
>> 
>> I would ask someone who has amavisd-new to show me the corresponding
>> listing as this:
>> 
>> [EMAIL PROTECTED] amavis]# ls -l /var/amavis
>> total 20
>> -rw-r- 1 amavis  5000 Oct 13 15:05 amavisd.lock
>> -rw-r--r-- 1 amavis mail5 Oct 13 11:06 amavisd-milter.pid
>> srwxr-xr-x 1 amavis mail0 Oct 13 11:06 amavisd-milter.sock
>> -rw-r- 1 amavis mail5 Oct 13 14:58 amavisd.pid
>> srwxr-x--- 1 amavis mail0 Oct 13 14:58 amavisd.sock
>> drwxr-x--- 2 amavis  500 4096 Oct 13 14:58 db
>> drwxr-xr-x 4 amavis mail 4096 Oct 13 15:10 tmp
>> drwxr-x--- 2 amavis  500 4096 Mar 13  2008 var
>> 
>> Especially I'm not sure anymore about what that group id 500 should be.
>> 
>> Thanks in advance,
>> Jussi
>> 

Ned Slider ([EMAIL PROTECTED]) kirjoitteli (13.10.2008 16:11):

> $ ls -l /var/amavis/
> total 28
> srwxr-x--- 1 amavis amavis0 Oct 13 11:17 amavisd.sock
> drwxr-x--- 2 amavis amavis 4096 Oct 13 11:17 db
> drwxr-x--- 7 amavis amavis 4096 Oct 13 13:03 tmp
> drwxr-x--- 3 amavis amavis 4096 Oct 13 11:17 var
> 
> Group ID 500 is normally the first regular user account on the system.
> Looks like you've made the amavis user's primary group to be your's (or
> whoever the user group ID 500 is).
> 
> I'm not quite sure why your amavis user appears to be in the mail group
> - perhaps you have amavisd-new set up differently to me. Mine is set up
> according to the guide on the Wiki:
> 
> http://wiki.centos.org/HowTos/Amavisd
> 
> Hope that helps

Yes, thanks. 
The amavis-milter in my setup is redundant, afaik. It's inherited from an
howto I followed earlier:

http://www.scalix.com/wiki/index.php?title=Scalix/Sendmail_%26_Amavisd-New_H
OWTO

My final setup is based on this README file:
/usr/share/doc/amavisd-new-2.5.4/README.sendmail-dual

Regards,
Jussi

--
Jussi Hirvi * Green Spot
Topeliuksenkatu 15 C * 00250 Helsinki * Finland
Tel. & fax +358 9 493 981 * Mobile +358 40 771 2098 (only sms)
[EMAIL PROTECTED] * http://www.greenspot.fi

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Re: Sendmail and pmtu discovery

2008-10-14 Thread Scott Silva 
on 10-14-2008 6:24 AM Ralph Angenendt spake the following:
> Sean Carolan wrote:
>> We have an issue with some customers who refuse to accept ICMP traffic
>> to their mail servers.  It seems that they have put Mordac, preventer
>> of information services in charge of their firewall policy
>> (http://en.wikipedia.org/wiki/List_of_minor_characters_in_Dilbert#Mordac).
> 
> BUT ICMP IS BAD!¡
> 
>> My mail logs are showing that customers who specifically disallow ICMP
>> traffic have many "Connection Reset" entries in our logs:
>>
>> Oct 14 08:00:50 mailsrv sendmail[2024]: m9ED0Yf5002021:
>> to=<[EMAIL PROTECTED]>, delay=00:00:16, xdelay=00:00:16,
>> mailer=esmtp, pri=42476, relay=mail.customer.org. [XX.XX.XX.XX],
>> dsn=4.0.0, stat=Deferred: Connection reset by mail.customer.org.
>>
>> I have disabled pmtu discovery on our routers as well as on all our
>> outbound mail servers.  Is there anything else I can do on our side to
>> help the situation?
> 
> So you basically broke your internet connection because of stupid
> customers? No, there isn't anything you can do on your side - especially
> if you don't know how large their MTU is set (which you cannot discover,
> as they forbid you to do so). So you can only hope that you get exactly
> the same MTU as they have (and that there is nothing inbetween which has
> a lower MTU). 
> 
> It is their problem. If they don't want to play by the rules, they
> should have to sit out the problems they themselves created.
> 
Sometimes you can't be so hard headed when you are dealing with customers. You
usually are trying to get them to give money to YOU, not your competitor.

If I told my customers that "It is your problem", I would no longer have
customers to worry about!

-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Mass installs of desktop systems on identical machines

2008-10-14 Thread Niki Kovacs 

Hi,

I'm running a small Linux consulting business here in a group of small 
villages in the South of France (http://www.microlinux.fr). I'm using 
CentOS for everything, servers as well as desktops. The desktop installs 
are usually highly customized. My approach is to list the client's 
needs, find the corresponding applications and then install these, to 
avoid the bloat and increase usability. So far, this approach worked 
quite well. One complete install and configuration takes about 4 hours, 
depending on various factors such as bandwidth (internet is not very 
fast in our remote places here) and sometimes exotic hardware that is 
tricky to configure.


Yesterday I had a conversation with the boss of a computer store in 
town. One of his standard PC models (desktop) is an ACER (PIV dual core, 
3 GB RAM, 320 GB HD, ATI card) shipped with Windows Vista, and sold for 
a price of 315 euros. He told me he would be very interested to sell 
these machines with Linux installed, as this would allow him to lower 
the price.


Now I wonder:

1) Say I want to install my own customized version of CentOS on it, I 
usually charge a fixed amount of 240 euros for installing and 
configuring a complete desktop, tailored to the customer's needs 
(average: 4 hours of work = 60 euros / h). But I think that this is not 
what's expected here (neither the price nor the amount of work). How 
would it *technically* be possible to replicate these installs as easily 
as possible? The hardware is always the same, so I wonder: I have a 
vague idea about disk images (to be more precise: I know disk images 
well as far as burning CDs on the commandline is concerned, or when it 
comes to installing an OS in VirtualBox using the .iso)... but is there 
a way to somehow transform an existing install into a disk image, and 
then simply copy these over to all the other machines? (I've never done 
this)


2) Otherwise, go for a more mass-oriented distro like Ubuntu, Mint or 
the likes? What speaks for it: they can be installed very easily, insert 
the CD or the DVD, fill in the form (username, password, hostname, there 
you go). On the other hand, I've always been careful about picking my 
applications in a "best of the breed" way, and I would feel like a 
traditional taylor working for C & A.


3) Let's not forget about the users who are going to buy this. Whereas 
folks can always be expected (more or less) to "administrate" their own 
Ubuntu install, this looks less obvious with CentOS. Or let's say: 
forums.centos.org is not exactly a newbie forum, at least compared to 
Ubuntu. I guess your average newbie will not be very pleased with the 
prevailing tone of competent techno-laconism (compared to Ubuntu or the 
likes).


I'd be curious to read your suggestions about this.

Cheers,

Niki
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] OT: is parted reliable?

2008-10-14 Thread Sergio Belkin 
Hi, I've read on LPI Linux Certification (Ed O'Reilly)  in a nutshell
the following thing:

"parted, unfortunately, has been known to corrupt partition tables and
ruin filesystem."

What do you think about it?

Greets!

-- 
--
Open Kairos http://www.openkairos.com
Watch More TV http://sebelk.blogspot.com
Sergio Belkin -
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] Squid Number of hits

2008-10-14 Thread Sorin Srbu 
lingu <> scribbled on Tuesday, October 14, 2008 1:24 PM:

>  I am running squid  on centos 5.Is there is any tool to calculate
> number of ip's hit the server for month wise.
> Even any command to find out the number of hits is also ok.

http://www.google.se/linux?num=50&hl=en&safe=off&q=squid+report+generator&btnG
=Search

HTH.

/S


smime.p7s
Description: S/MIME cryptographic signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba Hosts Allow/Deny

2008-10-14 Thread Craig White 
On Tue, 2008-10-14 at 09:08 -0600, Joseph L. Casale wrote:
> I am running CentOS 5.2 w/ Samba 3.0.28 and have a basic user level
> setup and
> 
> am trying to use hosts allow and deny but it does not have an effect?
> I have
> 
> specified them in the share level of the config.
> 
>  
> 
> I have tried:
> 
>   hosts allow = 192.168.0.72/32
> 
>   hosts deny = 0.0.0.0/0
> 
>  
> 
> Also:
> 
> ; hosts allow = 192.168.0.72/32
> 
>   hosts deny = 0.0.0.0/0 except 192.168.0.72/32
> 
>  
> 
> Still, any hosts can gain access? Can anyone shed some light on this?

man page suggests that you use this type of reference...

hosts allow = 192.168.0.72/255.255.255.255

Craig

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT: is parted reliable?

2008-10-14 Thread Karanbir Singh 

Sergio Belkin wrote:

Hi, I've read on LPI Linux Certification (Ed O'Reilly)  in a nutshell
the following thing:

"parted, unfortunately, has been known to corrupt partition tables and
ruin filesystem."



Sounds like a question for the parted list, not here. Plenty of stuff in 
CentOS uses parted, and there is nothing you can do about it.


And Just to remind everyone that no, this is still not a general 
conversation about stuff list.


--
Karanbir Singh : http://www.karan.org/  : [EMAIL PROTECTED]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] App Question.

2008-10-14 Thread Karanbir Singh 

bruce wrote:

Got a question, and I can't find a good answer for, so I figured i'd post
here. I'm working on a project that involves a number of smaller apps to be
developed, and run. In order to build this overall application, I'm trying
to find a web based app that I can use to manage the entire process.


a) dont crosspost, its considered a waste of space
b) your email is OffTopic here.

--
Karanbir Singh : http://www.karan.org/  : [EMAIL PROTECTED]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] yum priorities question

2008-10-14 Thread Mufit Eribol 

Hello,

I have a question about working principles of yum.

Here are the details:

Installed package: GeoIP.i386 1.4.4-1.el5.centos
Repo: CentOS Extras
Priority for CentOS Extras repo: 1

"yum update" wants to replace the above package with the following:

Package: geoip.i386 1.4.5-1.el5.rf
Repo: rpmforge
Priority for rpmforge: 15

And yes, the following is already in the priorities.conf
[main]
enabled=1

Why does yum try to replace the package from a repo with higher 
priority? Isn't "yum priorities" supposed to keep it?


Regards,
Mufit
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] App Question.

2008-10-14 Thread bruce 
Karanbir

in this case, i disagree. we're looking for a tool, that may very well exist
with the very admins/engineers who use centos/rhel/etc... the whole purpose
of the email lists is to share information that's directly related to the
"topic" as well as to information that's 2-3 degrees tangental to the
"topic" as well...

but we can choose to disagree

peace


-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of Karanbir Singh
Sent: Tuesday, October 14, 2008 3:15 PM
To: CentOS mailing list
Subject: Re: [CentOS] App Question.


bruce wrote:
> Got a question, and I can't find a good answer for, so I figured i'd post
> here. I'm working on a project that involves a number of smaller apps to
be
> developed, and run. In order to build this overall application, I'm trying
> to find a web based app that I can use to manage the entire process.

a) dont crosspost, its considered a waste of space
b) your email is OffTopic here.

--
Karanbir Singh : http://www.karan.org/  : [EMAIL PROTECTED]
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Yum and case-sensitivity

2008-10-14 Thread Lanny Marcus 
On Mon, Oct 13, 2008 at 8:43 AM, Jeff <[EMAIL PROTECTED]> wrote:
> On one of our servers (CentOS 4 32 bit), we have the dag repo enabled.
> Yesterday morning during a yum update, yum replaced the CentOS package
> "perl-DBD-MySQL" with one from dag, "perl-DBD-mysql".

If you are not using the Priorities plug in, check it out:

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Sendmail and pmtu discovery

2008-10-14 Thread Chris Boyd 


On Oct 14, 2008, at 1:59 PM, Sean Carolan wrote:


If you've ever dealt with with one of these paranoid Mordac-type
security managers you know exactly what I'm talking about.  In our
case the path of least resistance was to disable pmtu discovery, and
tell the customer that we've done all we possibly can to alleviate the
issue on our end.  Hopefully they come to their senses and allow ICMP
packets like every major ISP and mail provider on the Internet.


Yes, but then you have broken your equipment, and possibly lost the  
ability to communicate with many more customers.


Yes, I've dealt with these people.  If they turn off all ICMP, they  
often drop fragments as well, making the problem even worse. You can  
sometimes get them to listen by asking them if their Internet access  
seems a little "weird" in that some sites work sometimes or downloads  
are slow or they can't get some email :-)


They'll usually say yes and then you might be able to get them to  
listen, and hopefully send them a bill.


--Chris
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Centos 5x ipv6 sendmail smtps

2008-10-14 Thread Tony Wicks 
Hi all, I'm working my way through v6ing our network. I have a mail
server with the default dovecot/sendmail configuration working happily
for pop3, pop3s, imap, imaps, smtp, and smtps on v4. I have managed to
get all but smtps working on v6.  Following is the relevant sendmail.mc
-

 

DAEMON_OPTIONS(`Name=MTA-v4, Family=inet, Name=MTA-v6, Family=inet6')

DAEMON_OPTIONS(`Port=smtps, Name=TLSMTA, M=s')dnl

 

I've googled to no avail as yet, anyone know what the relevant config
would be ?

 

thanks

 

 

[EMAIL PROTECTED] mail]# telnet 2:removed::191 smtp 

Trying 2:removed::191...

Connected to 2:removed::191 (2:removed::191).

Escape character is '^]'.

220 new-removed.net ESMTP Sendmail 8.13.8/8.13.8; Wed, 15 Oct 2008
14:45:52 +1300

quit

221 2.0.0 new-mail.safenz.net closing connection

Connection closed by foreign host.

 

 [EMAIL PROTECTED] mail]# telnet 2:removed::191 smtps

Trying 2:removed::191...

telnet: connect to address 2:removed::191: Connection refused

telnet: Unable to connect to remote host: Connection refused

 

[EMAIL PROTECTED] mail]# telnet 127.0.0.1 smtps

Trying 127.0.0.1...

Connected to new-removed.net (127.0.0.1).

Escape character is '^]'.

quit

 

Connection closed by foreign host.

[EMAIL PROTECTED] mail]#

 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT: is parted reliable?

2008-10-14 Thread David Mackintosh 
On Tue, Oct 14, 2008 at 11:13:18PM +0100, Karanbir Singh wrote:
 
> And Just to remind everyone that no, this is still not a general 
> conversation about stuff list.

How off-topic is it to ask precisely what is on-topic for this list
if questions and discussions of the included components belong on the
support mechanisms for those individual parts, and the rest (ie anaconda
and friends) probably belongs in the upstream vendor's forums?

What does that leave?  The color of the logo?

(I like the blue.)

-- 
 /\oo/\
/ /()\ \ David Mackintosh | 
 [EMAIL PROTECTED]  | http://www.xdroop.com


pgpCpqHcm20c6.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Extract text from Microsoft PowerPoint files

2008-10-14 Thread Yanagisawa, Koji 

Hello CentOS people,

I'm wondering if there are command tools like antiword and docx2txt for 
Microsoft PowerPoint files (.ppt and .pptx).  The idea is to extract 
text from PowerPoint files.  Sorry this isn't exactly about CentOS, but 
I'd really like it if Yum has something.  I tried xlhtml, but it hasn't 
been updated in a while and isn't exactly wanting to work on CentOS 5.


Thank you,

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Extract text from Microsoft PowerPoint files

2008-10-14 Thread fred smith 
On Tue, Oct 14, 2008 at 10:13:55PM -0400, Yanagisawa, Koji wrote:
> Hello CentOS people,
> 
> I'm wondering if there are command tools like antiword and docx2txt for 
> Microsoft PowerPoint files (.ppt and .pptx).  The idea is to extract 
> text from PowerPoint files.  Sorry this isn't exactly about CentOS, but 
> I'd really like it if Yum has something.  I tried xlhtml, but it hasn't 
> been updated in a while and isn't exactly wanting to work on CentOS 5.

Note QUITE what you're asking for, but OOo (OpenOffice.Org) reads
and presents powerpoint files quite nicely...


-- 
 Fred Smith -- [EMAIL PROTECTED] -
The Lord detests the way of the wicked 
  but he loves those who pursue righteousness.
- Proverbs 15:9 (niv) -


pgpLaZooFTj89.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] USB external HDD error messages

2008-10-14 Thread Guest 
On Mon, Sep 29, 2008 at 9:38 AM, nate <[EMAIL PROTECTED]> wrote:
> Guest wrote:
>
>> Sorry to double up on your answer like this, but is there any chance that
>> the i/o errors are due to a bad usb cable, or usb card in the main
>> computer?  I didn't mention before that the external hdd that the seagate is
>> replacing also reported a lot of i/o errors and kept disconnecting itself,
>> which is why I replaced it
>
> Perhaps the drive is spinning down without informing the OS. I recall
> an issue last year(?) about some USB drives not behaving properly
> and spinning down without informing the OS, then the OS tries to
> access them it gets an I/O error.
>
> All of my 2.5" western digital external USB drives seem to behave
> correctly when going into power save mode, have never had an I/O
> error as a result of them spinning down.
>
> nate

Revivifying an old thread only long enough to say, somewhat
unhelpfully, that all of my USB problems seem to have gone away as a
result of my upgrading my kernel to 2.6.27.

Unfortunately I am not knowledgeable enough to guess why this is so,
but I'm adding a conclusion to my thread as a possible clue for the
archive-diver.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] formatting large volume

2008-10-14 Thread Craig White 
I just got a new server with a Dell MD-1000 SAS unit and 6-750 gigabyte
drives which are now initializing in RAID 10 which will give me just
about 2 terabytes.

I vaguely recall reading that fdisk wasn't suitable for partitioning and
wonder if I shouldn't be using partd instead. I am also wondering if I
should use lvm or just mkfs to create the filesystem. Anyone have
suggestions before I blunder in?

Thanks

Craig

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

RE: [CentOS] formatting large volume

2008-10-14 Thread Joseph L. Casale 
>I vaguely recall reading that fdisk wasn't suitable for partitioning and
>wonder if I shouldn't be using partd instead. I am also wondering if I
>should use lvm or just mkfs to create the filesystem. Anyone have
>suggestions before I blunder in?

fdisk can't do GPT which is what you need for partitions larger than
2tb, so you use parted w/ gpt.

If it were mine, I'd partition it as one big chunk and mark it LVM, then carve
it out so you have the flexibility. After all, you already made it one array so
making partitions out of it only limits you down the road.

YMMV,
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] creating a user from an RPM package

2008-10-14 Thread Spiro Harvey 
What wizardry do you guys use in the SPEC file when creating/deleting a
user from an RPM package?

I was going to create a macro like:

%define user(login,uid,gid,name,homedir,shell) \
echo "$1:x:$2:$3:$4:$5:$6"  >>/etc/passwd; \
echo "$1:!!:12005:0:9:7:::" >>/etc/shadow; \
echo "$1:x:$3:" >>/etc/group; \
mkdir -p $5; \
chown $2:$3 $5

and then appropriate sedness and rm's when removing it, but I figure
there has to be a cleaner way, or a builtin as this surely is a
common feature. The RPM guide doesn't seem to mention it, or if it
does, I missed it.

Alternatively, if you could point me to a package or a spec file that
does this, I'd be much obliged.

Thanks

-- 
Spiro Harvey  Knossos Networks Ltd
021-295-1923www.knossos.net.nz

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] creating a user from an RPM package

2008-10-14 Thread nate 
Spiro Harvey wrote:

> Alternatively, if you could point me to a package or a spec file that
> does this, I'd be much obliged.

>From the postifx srpm..

%define postfix_uid89
%define postfix_user   postfix
%define postfix_gid89
%define postfix_group  postfix
%define postdrop_group postdrop
%define maildrop_group %{postdrop_group}
%define maildrop_gid   %{POSTDROP_GID}
[..]
%pre
# Add user and groups if necessary
%{_sbindir}/groupadd -g %{maildrop_gid} -r %{maildrop_group} 2>/dev/null
%{_sbindir}/groupadd -g %{postfix_gid} -r %{postfix_group} 2>/dev/null
%{_sbindir}/groupadd -g 12 -r mail 2>/dev/null
%{_sbindir}/useradd -d %{postfix_queue_dir} -s /sbin/nologin -g
%{postfix_group} -G mail -M -r -u %{postfix_uid} %{postfix_user} 2>/dev/null
exit 0

--

I don't see anything that removes the user as part of
rpm removal, though you could just use userdel/groupdel.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] creating a user from an RPM package

2008-10-14 Thread Ian Forde 
On Wed, 2008-10-15 at 16:22 +1300, Spiro Harvey wrote:
> What wizardry do you guys use in the SPEC file when creating/deleting a
> user from an RPM package?
> 
> I was going to create a macro like:
> 
> %define user(login,uid,gid,name,homedir,shell) \
> echo "$1:x:$2:$3:$4:$5:$6"  >>/etc/passwd; \
> echo "$1:!!:12005:0:9:7:::" >>/etc/shadow; \
> echo "$1:x:$3:" >>/etc/group; \
> mkdir -p $5; \
> chown $2:$3 $5
> 
> and then appropriate sedness and rm's when removing it, but I figure
> there has to be a cleaner way, or a builtin as this surely is a
> common feature. The RPM guide doesn't seem to mention it, or if it
> does, I missed it.
> 
> Alternatively, if you could point me to a package or a spec file that
> does this, I'd be much obliged.

You know, you could always use the useradd command...

-I

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Sendmail rbl - Need to bypass rbl for one local address

2008-10-14 Thread Linux Guru 
Hi,
Hope any one can help me. I am running centos 5.2 with sendmail and rbl 
feature.  I need to recieve all emails come to my sales account regardless of 
rbl . 

I looked on web and gave up. All I found was if I added To:sales@ ok in my 
sendmail.mc , sales account will bypass rbl and get all the emails but its not 
working. Any help ?



  ___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] creating a user from an RPM package

2008-10-14 Thread Spiro Harvey 
"nate" <[EMAIL PROTECTED]> wrote:
> >From the postifx srpm..

thanks. and to you Ian; looks like useradd is the standard way. :)

clamav uses it too.


-- 
Spiro Harvey  Knossos Networks Ltd
021-295-1923www.knossos.net.nz

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Extract text from Microsoft PowerPoint files

2008-10-14 Thread nate 
Yanagisawa, Koji wrote:
> Hello CentOS people,
>
> I'm wondering if there are command tools like antiword and docx2txt for
> Microsoft PowerPoint files (.ppt and .pptx).  The idea is to extract
> text from PowerPoint files.  Sorry this isn't exactly about CentOS, but
> I'd really like it if Yum has something.  I tried xlhtml, but it hasn't
> been updated in a while and isn't exactly wanting to work on CentOS 5.

man strings

I used to use it to read word docs a while back, works for simple
docs.

nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT: is parted reliable?

2008-10-14 Thread John Newbigin 

Until CentOS 4.7, parted would create DOS partitions > 2Tb.

DOS partitions can not be > 2Tb. This could "...corrupt partition tables 
and ruin filesystem".


The latest version from CentOS 4.7 fixes this (and other) bugs.

John.

Sergio Belkin wrote:

Hi, I've read on LPI Linux Certification (Ed O'Reilly)  in a nutshell
the following thing:

"parted, unfortunately, has been known to corrupt partition tables and
ruin filesystem."

What do you think about it?

Greets!




--
John Newbigin
ITS Senior Analyst / Programmer
Faculty of Information and Communication Technologies
Swinburne University of Technology
Melbourne, Australia
http://www.ict.swin.edu.au/staff/jnewbigin
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Re: Mass installs of desktop systems on identical machines

2008-10-14 Thread Niki Kovacs 
Thanks very much everybody for your numerous comments. I guess I got 
much more than I expected.


Cheers,

Niki
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Regd: SeLinux Configuration

2008-10-14 Thread Balaji 

Dear All,
 Find attached the grub boot loader configuration file 
"/boot/grub/grub.conf"


Regards
-S.Balaji

Barry Brimer wrote:
Please post /boot/grub/grub.conf as well.  There may be an "selinux" or 
"enforcing" parameter on the kernel line that is producing unexpected 
results.



# grub.conf generated by anaconda
#
# Note that you do not have to rerun grub after making changes to this file
# NOTICE:  You have a /boot partition.  This means that
#  all kernel and initrd paths are relative to /boot/, eg.
#  root (hd0,0)
#  kernel /vmlinuz-version ro root=/dev/vgroot/LogVol02
#  initrd /initrd-version.img
#boot=/dev/hda
default=2
timeout=5
password --md5 $1$KzqM8$cLC0UIaUN8QwVAlwDMGWl0
splashimage=(hd0,0)/grub/splash.xpm.gz
hiddenmenu
title Red Hat Enterprise Linux ES (2.6.9-34.ELhugemem)
root (hd0,0)
kernel /vmlinuz-2.6.9-34.ELhugemem ro root=/dev/vgroot/LogVol02 rhgb 
quiet
initrd /initrd-2.6.9-34.ELhugemem.img
title Red Hat Enterprise Linux ES (2.6.9-34.ELsmp)
root (hd0,0)
kernel /vmlinuz-2.6.9-34.ELsmp ro root=/dev/vgroot/LogVol02 rhgb quiet
initrd /initrd-2.6.9-34.ELsmp.img
title Red Hat Enterprise Linux ES (2.6.9-34.EL)
root (hd0,0)
kernel /vmlinuz-2.6.9-34.EL ro root=/dev/vgroot/LogVol02 rhgb quiet
initrd /initrd-2.6.9-34.EL.img
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos