Re: [CentOS] Missing CentOS 4.7 update?

[Johnny Hughes]

Johnny Hughes wrote:
> Vandaman wrote:
>> Unless I'm mistaken, does it look like Centos 4.7
>> is missing an update released on December 3rd 2008? 
>>
>> Upstream details :- http://rhn.redhat.com/errata/RHBA-2008-0989.html
>>
>> An updated tmpwatch package that fixes various bugs is now available.
>>
>> The tmpwatch utility recursively searches through specified directories and
>> removes files which have not been accessed in a specified period of time.
>> tmpwatch is typically enabled and configured to clean up directories used
>> for temporarily holding files, such as, for example, the /tmp directory.
>>
>> This updated tmpwatch package includes fixes for the following bugs:
>>
>> * tmpwatch unnecessarily reported a "No such file or directory" error
>> whenever a file was deleted before tmpwatch accessed it. In this updated
>> package, tmpwatch correctly no longer reports such errors, thus resolving
>> the issue.
>>
>> 
>>
>> Regards,
>> Vandaman.
> 
> That is part of the fasttrack repo and not part of the main RHN (or
> CenetOS repo).
> 
> I will build it soon, but it we don't build fasttrack for every CentOS
> version (ie, not for C5 for example).

OK, all of the fastrack RPMS (for CentOS 4 only) are now on the CentOS
master mirror and should be synced to all the CentOS mirrors shortly.

These RPMS are built from the upstream fastrack channel and are
specifically not part of the default upstream channels and MUST be
subscribed to separately, the same is true for CentOS as well.  Here is
a list of the upstream fastrack updates for EL 4:

http://rhn.redhat.com/errata/rhel4-as-fastrack-errata.html

(Note:  rdesktop is now superseded by the version in the main repo)

You can not install these via yum unless you add the FastTrack
repository to your configuration.  See this link for details (Look for
the "CentOS-Fasttrack" section:

http://wiki.centos.org/AdditionalResources/Repositories

Thanks,
Johnny Hughes



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Missing CentOS 4.7 update?

[Ned Slider]

Johnny Hughes wrote:



   See this link for details (Look for
> the "CentOS-Fasttrack" section:
> 
> http://wiki.centos.org/AdditionalResources/Repositories
> 
> Thanks,
> Johnny Hughes
> 

The links in the "CentOS-Fasttrack" section on the Wiki are broken. Does 
anyone know the correct links so I (or someone) can fix them?

Specifically:
http://mirror.centos.org/centos/4/fasttrack/Readme.txt
http://mirror.centos.org/centos/4/fasttrack/CentOS-fasttrack.repo

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP, Basic GIS

[Michael Simpson]

On 12/23/08, Karanbir Singh  wrote:
> Michael A. Peters wrote:
> > Basically - the data will be plotted as a grid of regular hexagons. When
> > locality information (museum record or photo voucher record in our own
> > database) exists, the hexagon the record sits in gets drawn a pretty
> > color (depending on type and age of records).
>
> mashup's with google maps are easy to do, and there are plenty of
> examples and resources out there that let you work with them in most
> mainstream languages - I am sure php code exists too.
>
> Is that a route you considered ?
>
> - KB

We use the google maps api for all our GIS work.
It integrates really well with php.
We use it to plot pharmacies in Glasgow and the various services that
they provide along with the number of spaces that they have for
substitute prescibing for patients with drug misuse problems so it is
very dynamic.

As long as the website is publically available then the licencing
terms seem reasonable.

mike
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] network interface

[adrian kok]

it is up now

why it shows "RTNETLINK answers: File exists"

# ifup eth0:2 up
RTNETLINK answers: File exists
RTNETLINK answers: File exists

Thank you


--- Robert Moskowitz  wrote:

> adrian kok wrote:
> > Hi all
> >
> > How can I bring up eth0:2 only
> >
> > "ifconfig eth0:2 up" is not working
> >   
> 
> have you tried ifup eth0:2 ?
> 
> > I have to use service network restart
> >
> > But it restarts all network interfaces that I
> don't
> > want
> >
> > Thank you
> >
> >
> > Send instant messages to your online friends
> http://uk.messenger.yahoo.com 
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> >   
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 


Send instant messages to your online friends http://uk.messenger.yahoo.com 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP, Basic GIS

[Michael A. Peters]

Michael A. Peters wrote:

> 
> I think I may have found what I need - I found some articles on parsing 
> e00 files into arrays that I can then use to draw them with gd. Now the 
> only issue is the e00 files I have have *too* much information - they 
> are statewide - so I need to figure out which datasets in the files are 
> the ones I want ,,,
> 
> I may just write a shell script that parses the e00 file and turns the 
> data sets into php include files. There may be some scripts out there 
> that already do a similar thing I can steal, as e00 seems fairly common 
> and has been around awhile.

I think ogr2ogr does what I want - it looks like it has a driver for 
putting the contents of various formats into database (including MySQL 
which is already being used for the wildlife database) and then I can 
probably get the coordinates I need to draw the county border and 
lakes/rivers from there.

-=-

With respect to other GIS apps - after building Fedora 9 versions of 
qt3,qt4,sip,PyQT4 - and grass from a spec file (slightly modified) 
grabbed from a Fedora SVN server, I was able to get qgis to build from a 
slightly modified spec file that targets Fedora.

Haven't played with grass or qgis yet, though, but hopefully they aren't 
too hard to figure out and I can start learning more about GIS.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Missing CentOS 4.7 update?

[Vandaman]

Ned Slider wrote:

> The links in the "CentOS-Fasttrack" section on
> the Wiki are broken. Does 
> anyone know the correct links so I (or someone) can fix
> them?
> 
> Specifically:
> http://mirror.centos.org/centos/4/fasttrack/Readme.txt
> http://mirror.centos.org/centos/4/fasttrack/CentOS-fasttrack.repo
> 

Wait for the devs to confirm but I hacked together a line and added it to
CentOS-Base.repo (instead of a separate fastrack.repo) file which is missing 
from the mirror.

[fasttrack]
name=CentOS-4 - fasttrack
mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=fasttrack
#baseurl=http://mirror.centos.org/centos/$releasever/fasttrack/$basearch/
gpgcheck=1
enabled=1
gpgkey=http://mirror.centos.org/centos/RPM-GPG-KEY-centos4
priority=1


Regards,
Vandaman.


  

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)

[mbneto]

Lame question, but how do I fetch those c5-testing rpms?  I could not find
the link at the centos.org.


> please consider using the php from c5-testing, so it can make it into
> the main repo's and thereby be a lot easier for everyone.
>
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bash Script for Beginners! oh dear :'(

[William L. Maltby]

On Wed, 2008-12-24 at 01:34 +0100, Matej Cepl wrote:
> On 2008-12-23, 12:15 GMT, James Bensley wrote:
> > find . -exec grep -q "$1" '{}' \; -print >> ./found_files
> 
> I think you can have only one action (either -exec or -print), 
> but not sure about it. Anyway, my first instinct when things are 

Ought to work. That's the purpose of the '\;' IIRC. Here's a similar
test.

$ \
> find .mozilla -name 'plugin*' -exec ls -ld {} \; -print
-rw--- 1 wild-bill hardtolove 1817 Feb 29
2008 .mozilla/pluginreg.dat-
.mozilla/pluginreg.dat-
drwxr-xr-x 2 wild-bill wild-bill 4096 Apr  2  2008 .mozilla/plugins
.mozilla/plugins
-rw--- 1 wild-bill hardtolove 7662 Jun 14
2008 .mozilla/firefox/pluginreg.dat-
.mozilla/firefox/pluginreg.dat-
-rw--- 1 wild-bill wild-bill 5225 Nov 27
07:18 .mozilla/firefox/iqa6tz9r.default/pluginreg.dat-
.mozilla/firefox/iqa6tz9r.default/pluginreg.dat-
-rw--- 1 wild-bill wild-bill 5817 Dec  7
08:45 .mozilla/firefox/iqa6tz9r.default/pluginreg.dat-2
.mozilla/firefox/iqa6tz9r.default/pluginreg.dat-2
-rw--- 1 wild-bill wild-bill 5817 Dec  7
08:45 .mozilla/firefox/iqa6tz9r.default/pluginreg.dat
.mozilla/firefox/iqa6tz9r.default/pluginreg.dat
> getting to be more complicated is to use while cycle, like this:
> 

-- 
Bill

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing RHEL5.3

[Alain PORTAL]

Le mercredi 24 décembre 2008, Matej Cepl a écrit :
> On 2008-12-23, 18:05 GMT, Vandaman wrote:
> > If you are having problems with 5.2 then address these problems
> > immediately without waiting for 5.3. How do you address them? File bugs
> > or ask questions relating to your existing problem but 5.3 beta is unable
> > to solve them automagically for you.
>
> I am a bug triager for RH Desktop team and I told Alan that it is
> most likely his problems will be solved automagically (well,
> through hard work of Dave Airlie) in 5.3. Unfortunately, Beta is
> not available. He has to wait until CentOS 5.3 happens.

I succeeded to download RHEL server 5.3 beta.
If graphical installation succeeded, unfortunately, I was unable to restart 
the laptop.
More info in the updated bug:
https://bugzilla.redhat.com/show_bug.cgi?id=477708#c5

Merry Christmas !

Regards,
Alain
-- 
Les pages de manuel Linux en français
http://manpagesfr.free.fr/


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP 5.2.x rpm for Centos 5? (any news)

[Akemi Yagi]

On Wed, Dec 24, 2008 at 4:28 AM, mbneto  wrote:
> Lame question, but how do I fetch those c5-testing rpms?  I could not find
> the link at the centos.org.

Please read:

http://wiki.centos.org/AdditionalResources/Repositories

Akemi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Security advice, please

[jkinz]

Top posting to ask a question regarding the article below:

Hi Warren, Nice explanation.  I would like to ask what you
recommend people do if they want to be able to ssh in from 
anywhere on the internet. Say they are going to be traveling and
they know they will have to login from machines they have no
control over, like an internet cafe or a Hotel's business
services suite? 

On Tue, Dec 23, 2008 at 08:38:17AM -0700, Warren Young wrote:
> I agree, though the default CentOS sshd configuration requires some 
> tightening down to trust it on Internet-facing servers, IMHO:
> 
> 1. In /etc/ssh/sshd_config, set "PasswordAuthentication no".  No matter 
> how good your password, it isn't as good as using keys.  Remember, 
> forwarding ssh opens it to pounding 24x7 from any of the millions on 
> zombie boxes on the Internet.
> 
> 2. On the machine(s) that you want to allow logins from, run "ssh-keygen 
> -t rsa" to generate a key pair, if you haven't already.  Then copy the 
> contents of ~/.ssh/id-rsa.pub into ~/.ssh/authorized_keys on your home 
> server.  These keys are used to authenticate the remote system, in lieu 
> of a password or physical token.  You could put these keys on a USB 
> stick instead, if you didn't want to keep them permanently on the remote 
> hosts.
> 
> 3. Disable SSHv1 protocol support in /etc/ssh/sshd_config: "Protocol 2", 
> not "Protocol 2,1".  SSHv1 has known weaknesses.  Boggles my mind that 
> it's still enabled by default
> 
> 4. Same file, set "PermitRootLogin no" if it isn't already.
> 
> (Aside: I also like to set up sudo with one account allowed to do 
> anything, then lock the root account, so the only way to get root access 
> is to log in as a regular user then sudo up, reducing the risk of 
> passwordless keys.)
> 
> Having done all this, you're ready to allow remote access:
> 
> 5. In your router, forward a high-numbered port to 22 on the server.  If 
> it's not smart enough to use different port numbers on either side, you 
> can change the sshd configuration so it listens on a different port 
> instead.  I like to use 22022 for this.
> 
> This is *not* security through obscurity.  It's simply a way to reduce 
> the amount of log spam you have to dig through when monitoring your 
> system's behavior.  Everything that appears in your logs should be 
> *interesting*.  Constant port knocking from worms and script kiddies is 
> not interesting.
> 
> In case you've not done ssh tunelling, Anne, the command that does what 
> you want, having done all the above is:
> 
>   $ ssh -p22022 -L10143:my.server.com:143 a...@my.server.com
> 
> This sets up port 10143 on the local system to be redirected through the 
> ssh session to the IMAP port on your home server.  You don't want to 
> redirect 143 to 143 because that would require you to run ssh as root. 
> It also prevents you from using this on a system that itself has an IMAP 
> server.
> 
> With the tunnel up, you can set up your mail client to connect to port 
> 10143 on localhost, and you'll be looking at your remote mail server.
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

-- 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Gnome Desktop Session Save?

[James B. Byrne]

I seem to recall that at one time with CentOS I had the ability to save my
gnome desktop and open applications, like terminal, when exiting.  The
effect was such that when I logged on to a new session those applications
would open automatically for me.  Is my memory faulty?  If not, then has
this facility been removed?   If neither my memory failed nor the facility
removed then how does one do this now in CentOS-5?

Regards,

-- 
***  E-Mail is NOT a SECURE channel  ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Security advice, please

[Anne Wilson]

On Wednesday 24 December 2008 14:30:26 jk...@kinz.org wrote:
> Top posting to ask a question regarding the article below:
>
> Hi Warren, Nice explanation.  I would like to ask what you
> recommend people do if they want to be able to ssh in from
> anywhere on the internet. Say they are going to be traveling and
> they know they will have to login from machines they have no
> control over, like an internet cafe or a Hotel's business
> services suite?
>
That's precisely what I'm wanting to set up on my netbook, and I think that 
this explanation addresses that.

Anne


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Another security question

[Anne Wilson]

I would like to be able to check my bank account while we are on holiday.  I 
know the bank's site is encrypted from the start - the login page is https and 
Verisign-trust encrypted - but is there any risk in using public wireless 
networks for jobs like this?  It sounds secure enough, but maybe I'm 
paranoid

Anne


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Gnome Desktop Session Save?

[James B. Byrne]

On Wed, December 24, 2008 09:37, James B. Byrne wrote:
> I seem to recall that at one time with CentOS I had the ability to save my
> gnome desktop and open applications, like terminal, when exiting.

Now one has to do it from a terminal session apparently.

$ gnome-session-save


I seem to recall that this was once offered as an option when logging out
from the system menu.


-- 
***  E-Mail is NOT a SECURE channel  ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Tim Nelson]

Typically SSL secured sites will at least keep your login credentials safe. 
However, someone can still see where you're going by sniffing your traffic.

If you're very concerned, setup an OpenVPN tunnel that routes all of your 
traffic through it. Then, the only thing they'll see from the start is an SSL 
connection to somewhere, and that's it.

Tim Nelson
Systems/Network Support
Rockbochs Inc.
(218)727-4332 x105

- "Anne Wilson"  wrote:

> I would like to be able to check my bank account while we are on
> holiday.  I 
> know the bank's site is encrypted from the start - the login page is
> https and 
> Verisign-trust encrypted - but is there any risk in using public
> wireless 
> networks for jobs like this?  It sounds secure enough, but maybe I'm 
> paranoid
> 
> Anne
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Please share some RHCE/RHCT learning material

[Xiaobo Zhu]

Hi all,
will anyone please share me some material on RHCE/RHCT, I am fighting for
the Quality Engineer in RedHat, and that may help a lot in the coming
written exam.
Many thanks and Merry Christmas!
Cheers, Xiaobo
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Joyeux Noel

[Brent L. Bates]

 And a Very Merry Christmas to you too.
That includes everyone else too.  :-)

  Brent L. Bates (UNIX Sys. Admin.)
  M.S. 912  Phone:(757) 865-1400, x204
  NASA Langley Research CenterFAX:(757) 865-8177
  Hampton, Virginia  23681-0001
  Email: b.l.ba...@larc.nasa.govhttp://www.vigyan.com/~blbates/

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Anne Wilson]

On Wednesday 24 December 2008 14:54:00 Tim Nelson wrote:
> Typically SSL secured sites will at least keep your login credentials safe.
> However, someone can still see where you're going by sniffing your traffic.
>
That's not too much of a concern, if they can't read the actual packets.

> If you're very concerned, setup an OpenVPN tunnel that routes all of your
> traffic through it. Then, the only thing they'll see from the start is an
> SSL connection to somewhere, and that's it.
>
That's probably the next step, then, but it sounds as though I needn't worry 
too much.  Thanks for answering

Anne


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Robert Moskowitz]

Anne Wilson wrote:
> I would like to be able to check my bank account while we are on holiday.  I 
> know the bank's site is encrypted from the start - the login page is https 
> and 
> Verisign-trust encrypted - but is there any risk in using public wireless 
> networks for jobs like this?  It sounds secure enough, but maybe I'm 
> paranoid

This is part of my real-life job

It is relatively easy to attempt a ARP poison attack on a wireless 
network.  Even an encrypted one (of course the attacker has to be a 
legal user of said encrypted network).

Once the attacker has poisoned yours and the routers' ARP cache, he can 
then use a tool like DSNIFF to insert himself into your HTTP flows.  
Thing is he cannot fake web site certs, he has to use his own.

Be VERY restrictive on what you will accept as certs on a public 
wireless network.  Actually look at their content, making sure who 
signed them.  It is actually wise to store your bank's certs on your 
system, then only accept stored certs, even to excluding (or at least 
first reviewing) certs signed by trusted authorities like Verisign.

If you validate the cert, the man in the middle SSL attack fails.


BTW, at IETF conferences we have had people running bogus SSH servers 
through DSNIFF and other tools, and you had to watch the SSH 
fingerprints as well.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP, Basic GIS

[JohnS]

On Wed, 2008-12-24 at 03:28 -0800, Michael A. Peters wrote:
> Michael A. Peters wrote:
> 
> > 
> > I think I may have found what I need - I found some articles on parsing 
> > e00 files into arrays that I can then use to draw them with gd. Now the 
> > only issue is the e00 files I have have *too* much information - they 
> > are statewide - so I need to figure out which datasets in the files are 
> > the ones I want ,,,
> > 
> > I may just write a shell script that parses the e00 file and turns the 
> > data sets into php include files. There may be some scripts out there 
> > that already do a similar thing I can steal, as e00 seems fairly common 
> > and has been around awhile.
> 
> I think ogr2ogr does what I want - it looks like it has a driver for 
> putting the contents of various formats into database (including MySQL 
> which is already being used for the wildlife database) and then I can 
> probably get the coordinates I need to draw the county border and 
> lakes/rivers from there.

Hmm, using MySQL...You are aware that it supports High Level Graphing as of 
version 5.1? IMO I think your are overloading yourself in 
PHP Code. Why not let the DB do this for you since you already have some of the 
data in it? You could use SPROCS and 
Triggers to do this all. As in Plotting all your corordinates you need.

JohnStanley


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Les Mikesell]

Anne Wilson wrote:
> 
>> Typically SSL secured sites will at least keep your login credentials safe.
>> However, someone can still see where you're going by sniffing your traffic.
>>
> That's not too much of a concern, if they can't read the actual packets.
> 
>> If you're very concerned, setup an OpenVPN tunnel that routes all of your
>> traffic through it. Then, the only thing they'll see from the start is an
>> SSL connection to somewhere, and that's it.
>>
> That's probably the next step, then, but it sounds as though I needn't worry 
> too much.  Thanks for answering

Your main worry on an open network is that someone would hack into your 
system via ssh password-guessing or some remote vulnerability.  Wireless 
  doesn't change this much except that there can be people you don't 
expect connected with no additional firewall protection.

If someone gains root access to your system they can log unencrypted 
keystrokes before the web browser encrypts them.

-- 
   Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Anne Wilson]

On Wednesday 24 December 2008 16:30:58 Robert Moskowitz wrote:
> Anne Wilson wrote:
> > I would like to be able to check my bank account while we are on holiday.
> >  I know the bank's site is encrypted from the start - the login page is
> > https and Verisign-trust encrypted - but is there any risk in using
> > public wireless networks for jobs like this?  It sounds secure enough,
> > but maybe I'm paranoid
>
> This is part of my real-life job
>
> It is relatively easy to attempt a ARP poison attack on a wireless
> network.  Even an encrypted one (of course the attacker has to be a
> legal user of said encrypted network).
>
> Once the attacker has poisoned yours and the routers' ARP cache, he can
> then use a tool like DSNIFF to insert himself into your HTTP flows.
> Thing is he cannot fake web site certs, he has to use his own.
>
> Be VERY restrictive on what you will accept as certs on a public
> wireless network.  Actually look at their content, making sure who
> signed them.  It is actually wise to store your bank's certs on your
> system, then only accept stored certs, even to excluding (or at least
> first reviewing) certs signed by trusted authorities like Verisign.
>
> If you validate the cert, the man in the middle SSL attack fails.
>
>
> BTW, at IETF conferences we have had people running bogus SSH servers
> through DSNIFF and other tools, and you had to watch the SSH
> fingerprints as well.
>
>
Hi, Robert.  Thanks for answering.

My bank first requires an account number - which I don't store on the netbook 
- then it displays a picture chosen by them and a phrase chosen by me.  
Finally I give my login pin.  I think they're being reasonably cautious and I 
don't think it would be easy for an intruder to send me false web pages during 
login.  However, unlike some sites that I've visited, the certificates are not 
in clear view.  Can you give me some guidance on how to view and validate 
their certificates?  I like the idea of having a saved copy to validate 
against.

Anne


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Anne Wilson]

On Wednesday 24 December 2008 17:06:48 Les Mikesell wrote:
> Anne Wilson wrote:
> >> Typically SSL secured sites will at least keep your login credentials
> >> safe. However, someone can still see where you're going by sniffing your
> >> traffic.
> >
> > That's not too much of a concern, if they can't read the actual packets.
> >
> >> If you're very concerned, setup an OpenVPN tunnel that routes all of
> >> your traffic through it. Then, the only thing they'll see from the start
> >> is an SSL connection to somewhere, and that's it.
> >
> > That's probably the next step, then, but it sounds as though I needn't
> > worry too much.  Thanks for answering
>
> Your main worry on an open network is that someone would hack into your
> system via ssh password-guessing or some remote vulnerability.  Wireless
>   doesn't change this much except that there can be people you don't
> expect connected with no additional firewall protection.
>
I'm not worried that the passphrase will be guessed, and I'm completely aware 
of social engineering techniques.  Vulnerabilities are something else - but 
keeping my system up to date is a reasonable precaution.  I know that some 
poor soul gets caught on day1 of a vulnerability being known - I've forgotten 
the name for this - but that's just something that I have to accept.  Do all I 
can, then stop worrying.

> If someone gains root access to your system they can log unencrypted
> keystrokes before the web browser encrypts them.

But they have to get in first.  I'm reasonably confident that they won't - 
accepting that no-one can ever be 100% certain.

In the past I have bought time on hotel systems rather than use a laptop on a 
public network for this job, but if you consider that an hotel employee could 
be a security hole, you are really no better off.

Anne


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Security advice, please

[Bill Campbell]

On Wed, Dec 24, 2008, jk...@kinz.org wrote:
>Top posting to ask a question regarding the article below:
>
>Hi Warren, Nice explanation.  I would like to ask what you
>recommend people do if they want to be able to ssh in from 
>anywhere on the internet. Say they are going to be traveling and
>they know they will have to login from machines they have no
>control over, like an internet cafe or a Hotel's business
>services suite? 

I always have my laptop with me, and have systems here configured to (a)
accept only authorized_keys, (b) allow access from any IP, and (c) use
fail2ban to limit the number of log entries from failed attempts to access
the systems.  All logins to our customer sites are then initiated from
inside our network once I have established the initial connection from the
remote location so those connections can be much more restrictive if
necessary.

One possibility would be to have a machine configured to allow password
access from the world which one could log into, then execute ssh-agent, and
ssh-add (with a strong pass phrase) on that machine to get access to other
systems on your network.

If there is some reason that an ssh cannot be established, usually it's
possible to connect with OpenVPN, which works nicely behind NAT firewalls
and does not require kernel hacking on CentOS as things like PPTP do.

You make the job much more difficult when asking that you be able to get in
from any old machine you might find in public space.  Other than the fact
that the owners of these machines generally don't allow people to install
software on them, I would be very reluctant to do anything on them that
involved secure logins as who knows what key capture or other spyware is
running on them.

One may be able to access you systems using webmin or its usermin module
over an SSL connection, and webmin has a terminal interface allowing one to
get a connection to systems.  If I remember correctly, this does require
Java(tm) on the connecting machine, and that webmin be configured to permit
use of the terminal module.

I much prefer restrict webmin and usermin access though as I have seen far
too many systems cracked through it because it only has username, password
authentication, and too many times, user's passwords are easily cracked.
Once somebody is logged into usermin, for instance, they may have access to
tools such as the chfn (change finger information) command which at one
time on SuSE systems allowed them to change their uid to ``0'' and gain
root access to the system.

In summary, I would be extremely reluctant to allow access from public
machines where there is no assurance how much malware is running on top of
the Microsoft virus, Windows.  It's very easy to revoke authorized_keys or
OpenVPN access for a lost or stolen laptop.  Allowing password access by
any means opens up a large can of worms.

...
Bill
-- 
INTERNET:   b...@celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:  (206) 236-1676  Mercer Island, WA 98040-0820
Fax:(206) 232-9186

If the government can take a man's money without his consent, there is no
limit to the additional tyranny it may practise upon him; for, with his
money, it can hire soldiers to stand over him, keep him in subjection,
plunder him at discretion, and kill him if he resists.
Lysander Spooner, 1852
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP, Basic GIS

[Michael A. Peters]

JohnS wrote:
> On Wed, 2008-12-24 at 03:28 -0800, Michael A. Peters wrote:
>> Michael A. Peters wrote:
>>
>>> I think I may have found what I need - I found some articles on parsing 
>>> e00 files into arrays that I can then use to draw them with gd. Now the 
>>> only issue is the e00 files I have have *too* much information - they 
>>> are statewide - so I need to figure out which datasets in the files are 
>>> the ones I want ,,,
>>>
>>> I may just write a shell script that parses the e00 file and turns the 
>>> data sets into php include files. There may be some scripts out there 
>>> that already do a similar thing I can steal, as e00 seems fairly common 
>>> and has been around awhile.
>> I think ogr2ogr does what I want - it looks like it has a driver for 
>> putting the contents of various formats into database (including MySQL 
>> which is already being used for the wildlife database) and then I can 
>> probably get the coordinates I need to draw the county border and 
>> lakes/rivers from there.
> 
> Hmm, using MySQL...You are aware that it supports High Level Graphing as of 
> version 5.1? IMO I think your are overloading yourself in 
> PHP Code. Why not let the DB do this for you since you already have some of 
> the data in it? You could use SPROCS and 
> Triggers to do this all. As in Plotting all your corordinates you need.

Quite possibly - but what I got works and works well now -

http://homepage.mac.com/mpeters/misc/500flags4.png

I didn't use the ogr2ogr export into MySQL - I found it (lack of my 
experience with gis no doubt) less than useful.

What I did was the following:

ogr2ogr -f "MapInfo File" FNRGC_CASIL.mif -t_srs EPSG:4326 FNRGC_CASIL.shp

The .mif file was cake to then parse with a shell script that made a 
.sql file for uploading the lon and lat

My image.php then gets those data points, converts them into x,y for use 
with php, and draws the polygon.

The downside, and where a real GIS solution would be better, is that 
distortion will be extreme near north/south poles - which is probably 
why (even though my distortion is minor give ~ 42 latitude) to be proper 
I should look for a solution that uses a real gis engine and can pick an 
appropriate projection. But this will work for now until I learn more 
about GIS. A real solution would probably make it easier for users to 
look at range map comparisons of different species etc. - either 
dynamically on the web, or by downloading our data files for their own 
GIS software. It looks like some real cool stuff could be done (IE 
comparing frog range locality data with DF&G trout stocking data, 
rainfall data, cow grazing data, whatever)

I definitely need to buy some books, and now that I have qgis installed 
and working, play with it some more.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] tripwire on centos 5

[Stephen John Smoogen]

On Tue, Dec 23, 2008 at 2:58 PM, Mariusz  wrote:
> Does anybody use tripwire on centos 5? Has anybody checked that:
> http://www.linickx.com/archives/281/tripwire-2411-rpm-for-centos-redhat-rhel-4
>  on
> centos5?

I am a little off from using tripwire these days... when I last looked
at it, it didn't seem to be getting much support upstream (last
release over a year ago)... and the bugs have been open/unassigned for
that a year. The system that comes with RHEL-5 is called aide and is
getting active support from the Red Hat developers on getting it tied
into a centralized plugin structure using prelude and snort. Just
using the normal aide seemed to fit the bill that is needed.

However if tripwire is required for audit/checklist reasons:

http://download.fedora.redhat.com/pub/epel/testing/5/i386/

has a copy...

-- 
Stephen J Smoogen. -- BSD/GNU/Linux
How far that little candle throws his beams! So shines a good deed
in a naughty world. = Shakespeare. "The Merchant of Venice"
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Missing CentOS 4.7 update?

[Akemi Yagi]

On Wed, Dec 24, 2008 at 1:45 AM, Ned Slider  wrote:
> Johnny Hughes wrote:
>
> 
>
>   See this link for details (Look for
>> the "CentOS-Fasttrack" section:
>>
>> http://wiki.centos.org/AdditionalResources/Repositories
>>
>> Thanks,
>> Johnny Hughes
>
> The links in the "CentOS-Fasttrack" section on the Wiki are broken. Does
> anyone know the correct links so I (or someone) can fix them?
>
> Specifically:
> http://mirror.centos.org/centos/4/fasttrack/Readme.txt
> http://mirror.centos.org/centos/4/fasttrack/CentOS-fasttrack.repo

Turns out that those files are in /4.6/ and need to be copied over to
/4.7/ .  As a *temporary* fix, I hardcoded the links on the wiki by
changing the "4" with "4.6".

Akemi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Security advice, please

[Anne Wilson]

On Wednesday 24 December 2008 17:43:19 Bill Campbell wrote:
> In summary, I would be extremely reluctant to allow access from public
> machines where there is no assurance how much malware is running on top of
> the Microsoft virus, Windows.  

When I said that I had used hotel computers I meant for using a web interface 
only.  The problem with that is that they usually have only IE, which I don't 
trust.

> It's very easy to revoke authorized_keys or
> OpenVPN access for a lost or stolen laptop.  Allowing password access by
> any means opens up a large can of worms.

The only password access that is happening is when kmail reads from my imap 
server.  I toyed with the idea of using ssh access to all my files, but 
watching the logs for a very short time convinced me that that's something 
that is not worth while.  (No-one got in, but in that short time there were 
plenty of attempts.)  I know it can be done securely, but it's not 
straightforward, and in truth there aren't so many documents that I'm likely 
to want to access while I'm away.  I have sufficient local storage, too, that 
I can use termporarily and transfer when I get home.

I have no need to open up all sorts of services.  I just need to feel that I 
have taken all reasonable precautions.

Anne


signature.asc
Description: This is a digitally signed message part.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Please share some RHCE/RHCT learning material

[Barry Brimer]

> Hi all,
> will anyone please share me some material on RHCE/RHCT, I am fighting for
> the Quality Engineer in RedHat, and that may help a lot in the coming
> written exam.

The RHCT/RHCE exams are not written, they are performance-based.  The best 
guide to study from is the one provided by Red Hat located at 


Barry
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Security advice, please

[jkinz]

On Wed, Dec 24, 2008 at 09:43:19AM -0800, Bill Campbell wrote:
> On Wed, Dec 24, 2008, jk...@kinz.org wrote:
> >Top posting to ask a question regarding the article below:
> > Summary:  Enable ssh to allow login from any random point on
> > the internet
> 
> I always have my laptop with me,

An excellent strategy Bill.  I use it myself, but I explicitly excluded
it in my question. Why? because there are lots of scenarios in the world
where people won't be able to use their laptop or netbook and will have
to fall back on using someone else's equipment.

Two examples :  
You are visiting the Otis Public Library in Norwich CT.  They have Linux
based public workstations (w/Internet access). 
(http://www.otislibrarynorwich.org/index.htm)

Or you are a consultant visiting a corporate client who doesn't allow
"outside equipment" to be used on their network, so they maintain
specific machines for "guests" to use. (Hint, "DOD" )

(I have run into both of these. :-) )

example three - A TSA attendant "accidentally" drops your
laptop.. in front of a forklift... (Merry Christmas!)

All your ideas are good ones to which I would add using port knocking
(not perfect at all but adds an additional small barrier) 

The best technique I have used is to put up an https web page
that requires the person desiring entry to be presented with a
challenge<->response dialog that is generated from a specific one-time
use pad of CR key pairs. That way, each session requires a unique
response to enable it.  This is awkward but help keep the unwanted
visitors out. This would be a variation on your SSL webmin
suggestion.

Unfortunately, the worst case scenario ( a compromised machine
that does key logging) which you pointed out, will always be a 
potential problem.. 

So when on the road, perhaps we should restrict doing
online banking to just the cell phone.. :-)  hmm... 


> accept only authorized_keys, (b) allow access from any IP, and (c) use
> fail2ban to limit the number of log entries from failed attempts to access
> the systems.  All logins to our customer sites are then initiated from
> inside our network once I have established the initial connection from the
> remote location so those connections can be much more restrictive if
> necessary.
> 
> One possibility would be to have a machine configured to allow password
> access from the world which one could log into, then execute ssh-agent, and
> ssh-add (with a strong pass phrase) on that machine to get access to other
> systems on your network.
> 
> If there is some reason that an ssh cannot be established, usually it's
> possible to connect with OpenVPN, which works nicely behind NAT firewalls
> and does not require kernel hacking on CentOS as things like PPTP do.
> 
> You make the job much more difficult when asking that you be able to get in
> from any old machine you might find in public space.  Other than the fact
> that the owners of these machines generally don't allow people to install
> software on them, I would be very reluctant to do anything on them that
> involved secure logins as who knows what key capture or other spyware is
> running on them.
> 
> One may be able to access you systems using webmin or its usermin module
> over an SSL connection, and webmin has a terminal interface allowing one to
> get a connection to systems.  If I remember correctly, this does require
> Java(tm) on the connecting machine, and that webmin be configured to permit
> use of the terminal module.
> 
> I much prefer restrict webmin and usermin access though as I have seen far
> too many systems cracked through it because it only has username, password
> authentication, and too many times, user's passwords are easily cracked.
> Once somebody is logged into usermin, for instance, they may have access to
> tools such as the chfn (change finger information) command which at one
> time on SuSE systems allowed them to change their uid to ``0'' and gain
> root access to the system.
> 
> In summary, I would be extremely reluctant to allow access from public
> machines where there is no assurance how much malware is running on top of
> the Microsoft virus, Windows.  It's very easy to revoke authorized_keys or
> OpenVPN access for a lost or stolen laptop.  Allowing password access by
> any means opens up a large can of worms.
> 
> ...
> Bill
> -- 
> INTERNET:   b...@celestial.com  Bill Campbell; Celestial Software LLC
> URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
> Voice:  (206) 236-1676  Mercer Island, WA 98040-0820
> Fax:(206) 232-9186
> 
> If the government can take a man's money without his consent, there is no
> limit to the additional tyranny it may practise upon him; for, with his
> money, it can hire soldiers to stand over him, keep him in subjection,
> plunder him at discretion, and kill him if he resists.
>   Lysander Spooner, 1852
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.c

[CentOS] BackupPC newbie: a couple more questions

[Timothy Murphy]

1. I'm running - or trying to run - BackupPC under Centos-5.2,
and have been looking at various BackupPC HOWTOs and tutorials.

I see that the "Falko" tutorial at 
recommends (on page 3) that one should enter one's username, 
"falko" in this case, as the user in /etc/BackupPC/hosts .

Other tutorials suggest one should use the user "backuppc",
who was indeed created by "yum install BackupPC".

2. This tutorial also suggests at one point that when exchanging SSH keys
one should login to the BackupPC server as backuppc .
"Yum install BackupPC" did indeed create a user backuppc on the server,
but the entry in /etc/passwd reads
backuppc:x:101:104::/var/lib/BackupPC:/sbin/nologin
so I cannot login as (or su to) backuppc .

Should I alter this password entry?

-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] yum update via NX connection?

[Les Mikesell]

Somewhere in the process of doing a yum update from a terminal window 
open in an NX/freenx desktop session, the whole session blew up - 
perhaps when ssh restarted or when freenx was updated.  The yum update 
did not complete beyond that point and the session was gone when I 
reconnected.   Is that supposed to happen?  (Centos 5.x)

-- 
   Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Alternative to audacity

[MHR]

What's a good, gui-based sound editor as an alternative to audacity
(since that is not working right now due to conflicts in the gtk
libraries in rpmforge)?  Or is there another place whence one may
retrieve audacity?  I tried sourceforge, but the links there resolve
to a broken download link or they are for 64-bit rpms.

Thanks.

mhr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update via NX connection?

[Akemi Yagi]

On Wed, Dec 24, 2008 at 11:42 AM, Les Mikesell  wrote:
> Somewhere in the process of doing a yum update from a terminal window
> open in an NX/freenx desktop session, the whole session blew up -
> perhaps when ssh restarted or when freenx was updated.  The yum update
> did not complete beyond that point and the session was gone when I
> reconnected.   Is that supposed to happen?  (Centos 5.x)

Yes, it does happen.  For more details, please see (warning, very long thread):

http://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=17166&forum=37

If you now have a broken rpm database because of the interrupted yum
session, the thread has a remedy for that.

Akemi / toracat
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[Akemi Yagi]

On Wed, Dec 24, 2008 at 11:46 AM, MHR  wrote:
> What's a good, gui-based sound editor as an alternative to audacity
> (since that is not working right now due to conflicts in the gtk
> libraries in rpmforge)?  Or is there another place whence one may
> retrieve audacity?  I tried sourceforge, but the links there resolve
> to a broken download link or they are for 64-bit rpms.

Perhaps, this forum thread has some useful info:

http://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=16273&forum=38

Akemi / toracat
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[Barry Brimer]

On Wed, 24 Dec 2008, MHR wrote:

> What's a good, gui-based sound editor as an alternative to audacity
> (since that is not working right now due to conflicts in the gtk
> libraries in rpmforge)?  Or is there another place whence one may
> retrieve audacity?  I tried sourceforge, but the links there resolve
> to a broken download link or they are for 64-bit rpms.

This may be overkill for what you're looking for ..

http://ardour.org/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Security advice, please

[Bill Campbell]

On Wed, Dec 24, 2008, jk...@kinz.org wrote:
>On Wed, Dec 24, 2008 at 09:43:19AM -0800, Bill Campbell wrote:
>> On Wed, Dec 24, 2008, jk...@kinz.org wrote:
>> >Top posting to ask a question regarding the article below:
>> > Summary:  Enable ssh to allow login from any random point on
>> > the internet
>> 
>> I always have my laptop with me,
>
>An excellent strategy Bill.  I use it myself, but I explicitly excluded
>it in my question. Why? because there are lots of scenarios in the world
>where people won't be able to use their laptop or netbook and will have
>to fall back on using someone else's equipment.
>
>Two examples :  
>You are visiting the Otis Public Library in Norwich CT.  They have Linux
>based public workstations (w/Internet access). 
>(http://www.otislibrarynorwich.org/index.htm)
>
>Or you are a consultant visiting a corporate client who doesn't allow
>"outside equipment" to be used on their network, so they maintain
>specific machines for "guests" to use. (Hint, "DOD" )

I don't do business with government agencies, it just encourages
them to continue their legal plunder (and often it takes forever
to get paid -- unless one offers an early payment discount that
they are required by law to use).

>(I have run into both of these. :-) )
>
>example three - A TSA attendant "accidentally" drops your
>laptop.. in front of a forklift... (Merry Christmas!)

That might well get me to cancel my trip.

>All your ideas are good ones to which I would add using port knocking
>(not perfect at all but adds an additional small barrier) 

I am aware of port knocking, but doing that certainly requires
stuff on the client computer that wouldn't be available at the
average Internet cafe or kiosk device.

>The best technique I have used is to put up an https web page
>that requires the person desiring entry to be presented with a
>challenge<->response dialog that is generated from a specific one-time
>use pad of CR key pairs. That way, each session requires a unique
>response to enable it.  This is awkward but help keep the unwanted
>visitors out. This would be a variation on your SSL webmin
>suggestion.

I saw something recently on one of the many mailing lists about a
USB device that generates one-time-passwords at very reasonable
cost.  These can be plugged into anything with a USB port that
would recognize a USB keyboard.

>Unfortunately, the worst case scenario ( a compromised machine
>that does key logging) which you pointed out, will always be a 
>potential problem.. 
>
>So when on the road, perhaps we should restrict doing
>online banking to just the cell phone.. :-)  hmm... 

My bank is set up to make one jump through several hoops when
logging in from an IP that it has not seen a login to the
account, and may even distinguish browsers as I think I have had
to do something special when using Safari on my desktop instead
of my normal Firefox.  My bank is a small regional bank where the
people at the branch know me, and even recognize my voice on the
phone so it's pretty easy for me to do things by phone.  I *HATE*
dealing with megabanks where customer service is an oxymoron.

...
Bill
-- 
INTERNET:   b...@celestial.com  Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/  PO Box 820; 6641 E. Mercer Way
Voice:  (206) 236-1676  Mercer Island, WA 98040-0820
Fax:(206) 232-9186

It is better to die on your feet than to live on your knees!
-- Emiliano Zapata.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[MHR]

On Wed, Dec 24, 2008 at 11:52 AM, Akemi Yagi  wrote:
>
> Perhaps, this forum thread has some useful info:
>
> http://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=16273&forum=38
>

Well, I installed the compat-wxGTK library from ccrma, then installed
audacity (and wxGTK) from rpmforge, but I got errors trying to run
audacity:

[mrich...@swordfish ~]$ audacity
Fatal Error: Mismatch between the program and library build versions detected.
The library used 2.6 (no debug,Unicode,compiler with C++ ABI 1002,wx
containers,compatible with 2.2,compatible with 2.4),
and your program used 2.6 (no debug,Unicode,compiler with C++ ABI
1002,wx containers,compatible with 2.4).
Aborted

Here's what's installed:

[mrich...@swordfish ~]$ yg audacity
audacity.i3861.3.0b-1.el5.rfinstalled
[mrich...@swordfish ~]$ yg wxgtk
compat-wxGTK26.i3862.6.4-2.el5.ccrma  installed
wxGTK.i386   2.8.9-1.el5.rf installed

If I try to erase the wxGTK (2.8), it wants to take audacity with it,
so does the compat wxgtk, and if I try to erase audacity, it wants to
take out the wxgtk library.

???

mhr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS, PHP, Basic GIS

[Michael A. Peters]

Just for those who wish to know, I wrote up my RPM based installation 
process for grass and qgis here:

http://forum.qgis.org/viewtopic.php?f=3&t=4423

(second post in the thread)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[Akemi Yagi]

On Wed, Dec 24, 2008 at 12:53 PM, MHR  wrote:
> On Wed, Dec 24, 2008 at 11:52 AM, Akemi Yagi  wrote:
>
> Here's what's installed:
>
> [mrich...@swordfish ~]$ yg audacity
> audacity.i3861.3.0b-1.el5.rfinstalled
> [mrich...@swordfish ~]$ yg wxgtk
> compat-wxGTK26.i3862.6.4-2.el5.ccrma  installed
> wxGTK.i386   2.8.9-1.el5.rf installed
>
> If I try to erase the wxGTK (2.8), it wants to take audacity with it,
> so does the compat wxgtk, and if I try to erase audacity, it wants to
> take out the wxgtk library.

Looks like the person who successfully installed audacity has:

compat-wxGTK26-2.6.4-2.el5.ccrma
audacity-nonfree-1.3.2-0.4.beta.lvn6

Not sure if this is good or bad, but it seems to be working for him.

Akemi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[MHR]

On Wed, Dec 24, 2008 at 1:24 PM, Akemi Yagi  wrote:
> On Wed, Dec 24, 2008 at 12:53 PM, MHR  wrote:
>> On Wed, Dec 24, 2008 at 11:52 AM, Akemi Yagi  wrote:
>>
>> Here's what's installed:
>>
>> [mrich...@swordfish ~]$ yg audacity
>> audacity.i3861.3.0b-1.el5.rfinstalled
>> [mrich...@swordfish ~]$ yg wxgtk
>> compat-wxGTK26.i3862.6.4-2.el5.ccrma  installed
>> wxGTK.i386   2.8.9-1.el5.rf installed
>>
>> If I try to erase the wxGTK (2.8), it wants to take audacity with it,
>> so does the compat wxgtk, and if I try to erase audacity, it wants to
>> take out the wxgtk library.
>
> Looks like the person who successfully installed audacity has:
>
> compat-wxGTK26-2.6.4-2.el5.ccrma
> audacity-nonfree-1.3.2-0.4.beta.lvn6
>
> Not sure if this is good or bad, but it seems to be working for him.
>

I _knew_ I liked you, Akemi!  There were a couple of other libs
needed, but at least I have audacity installed and it runs.  Don't
know how well it works yet, but this is a huge start.

THANKS!

mhr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[MHR]

On Wed, Dec 24, 2008 at 1:37 PM, MHR  wrote:
> On Wed, Dec 24, 2008 at 1:24 PM, Akemi Yagi  wrote:
>> On Wed, Dec 24, 2008 at 12:53 PM, MHR  wrote:
>>> On Wed, Dec 24, 2008 at 11:52 AM, Akemi Yagi  wrote:
>>>
>>> Here's what's installed:
>>>
>>> [mrich...@swordfish ~]$ yg audacity
>>> audacity.i3861.3.0b-1.el5.rfinstalled
>>> [mrich...@swordfish ~]$ yg wxgtk
>>> compat-wxGTK26.i3862.6.4-2.el5.ccrma  installed
>>> wxGTK.i386   2.8.9-1.el5.rf installed
>>>
>>> If I try to erase the wxGTK (2.8), it wants to take audacity with it,
>>> so does the compat wxgtk, and if I try to erase audacity, it wants to
>>> take out the wxgtk library.
>>
>> Looks like the person who successfully installed audacity has:
>>
>> compat-wxGTK26-2.6.4-2.el5.ccrma
>> audacity-nonfree-1.3.2-0.4.beta.lvn6
>>
>> Not sure if this is good or bad, but it seems to be working for him.
>>
>
> I _knew_ I liked you, Akemi!  There were a couple of other libs
> needed, but at least I have audacity installed and it runs.  Don't
> know how well it works yet, but this is a huge start.
>
> THANKS!
>

And, yes, it works!

Thanks again.

mhr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Alternative to audacity

[Akemi Yagi]

On Wed, Dec 24, 2008 at 2:04 PM, MHR  wrote:
> On Wed, Dec 24, 2008 at 1:37 PM, MHR  wrote:

>>> Looks like the person who successfully installed audacity has:
>>>
>>> compat-wxGTK26-2.6.4-2.el5.ccrma
>>> audacity-nonfree-1.3.2-0.4.beta.lvn6
>>>
>>> Not sure if this is good or bad, but it seems to be working for him.
>>
>> I _knew_ I liked you, Akemi!  There were a couple of other libs
>> needed, but at least I have audacity installed and it runs.  Don't
>> know how well it works yet, but this is a huge start.
>>
>> THANKS!
>
> And, yes, it works!
>
> Thanks again.

Glad to learn, Mark, that you've got audacity working.  Now, if you
like me ( :-D ), perhaps you could do me a big favor?  Would you mind
posting your note with a bit of details (like couple of other libs) to
that CentOS forum thread?  This will in turn help other users who get
to the thread through search engines.

Akemi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Gnome Desktop Session Save?

[John Thomas]

James B. Byrne wrote:
> I seem to recall that at one time with CentOS I had the ability to save my
> gnome desktop and open applications, like terminal, when exiting.  The
> effect was such that when I logged on to a new session those applications
> would open automatically for me.  


 From GUI menu
System, Preferences, More Preferences, Sessions

-- 
Sincerely,
John Thomas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Installing RHEL5.3

[Lanny Marcus]

On Wed, Dec 24, 2008 at 9:00 AM, Alain PORTAL  wrote:
<
>> I succeeded to download RHEL server 5.3 beta.
> >If graphical installation succeeded, unfortunately, I >>was unable to 
> >restart  > the laptop.
> >ore info in the updated bug:
> >https://bugzilla.redhat.com/>show_bug.cgi?id=477708#c5

This is an Enterprise distro and it does not support the latest and
greatest hardware, especially on Laptops. It is possible that this
will not run properly on your laptop. If not, you may want to consider
a bleeding edge distro, like Fedora or Ubuntu, which will probably
support a lot more hardware.Try running a "Live CD", with whatever
distro you contemplate using, to see if it will run on your HW, before
installing.

Here's a page in the CentOS Wiki for reference:

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Another security question

[Lanny Marcus]

On Wed, Dec 24, 2008 at 9:46 AM, Anne Wilson  wrote:
> I would like to be able to check my bank account while we are on holiday.  I
> know the bank's site is encrypted from the start - the login page is https and
> Verisign-trust encrypted - but is there any risk in using public wireless
> networks for jobs like this?  It sounds secure enough, but maybe I'm
> paranoid

I would not consider using a Public terminal, without booting from my
own Live CD. If you are bringing your Laptop, use as much encryption
as is possible. There is risk and others have and will comment on
that.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Missing CentOS 4.7 update?

[Johnny Hughes]

Akemi Yagi wrote:
> On Wed, Dec 24, 2008 at 1:45 AM, Ned Slider  wrote:
>> Johnny Hughes wrote:
>>
>> 
>>
>>   See this link for details (Look for
>>> the "CentOS-Fasttrack" section:
>>>
>>> http://wiki.centos.org/AdditionalResources/Repositories
>>>
>>> Thanks,
>>> Johnny Hughes
>> The links in the "CentOS-Fasttrack" section on the Wiki are broken. Does
>> anyone know the correct links so I (or someone) can fix them?
>>
>> Specifically:
>> http://mirror.centos.org/centos/4/fasttrack/Readme.txt
>> http://mirror.centos.org/centos/4/fasttrack/CentOS-fasttrack.repo
> 
> Turns out that those files are in /4.6/ and need to be copied over to
> /4.7/ .  As a *temporary* fix, I hardcoded the links on the wiki by
> changing the "4" with "4.6".

This is now fixed on the master server, thanks Akemi.

The files should be on mirror.centos.org shortly.

Thanks,
Johnny Hughes



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum update via NX connection?

[Akemi Yagi]

On Wed, Dec 24, 2008 at 11:48 AM, Akemi Yagi  wrote:
> On Wed, Dec 24, 2008 at 11:42 AM, Les Mikesell  wrote:
>> Somewhere in the process of doing a yum update from a terminal window
>> open in an NX/freenx desktop session, the whole session blew up -
>> perhaps when ssh restarted or when freenx was updated.  The yum update
>> did not complete beyond that point and the session was gone when I
>> reconnected.   Is that supposed to happen?  (Centos 5.x)
>
> Yes, it does happen.  For more details, please see (warning, very long 
> thread):
>
> http://www.centos.org/modules/newbb/viewtopic.php?viewmode=flat&topic_id=17166&forum=37
>
> If you now have a broken rpm database because of the interrupted yum
> session, the thread has a remedy for that.

OK, that long thread caused a headache for someone (can't tell you
who), so I'm going to give you a shortcut.

Run the command:

rpm -qa --qf "%{NAME} %{ARCH}\n" | sort | uniq -c | awk '$1 != 1 {
print $2 }' | sort

If the output shows anything other than gpg-pubkey or kernel*, then
your rpm database is most likely broken.  Go to #45 of that thread.
The OP nicely summarized the procedure to fix it.

Akemi / toracat
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] need help to play video

[adrian kok]

Hi 

I click the DVD amd there is an error 

The playback of this movie requires a MPEG-2 System
Stream demuxer plugin which is not installed.

Which rpm I can install to play the video?

Thank you

Send instant messages to your online friends http://uk.messenger.yahoo.com 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] need help to play video

[Mark Pryor]

--- On Wed, 12/24/08, adrian kok  wrote:

> From: adrian kok 
> Subject: [CentOS] need help to play video
> To: centos@centos.org
> Date: Wednesday, December 24, 2008, 7:27 PM
> Hi 
> 
> I click the DVD amd there is an error 
> 
> The playback of this movie requires a MPEG-2 System
> Stream demuxer plugin which is not installed.
> 
> Which rpm I can install to play the video?

Check the fedora forums - the procedure is similar. Then download and extract 
the following group of codecs: 
  all-20061022.tar.bz2

copy all to 
/usr/local/lib/codec

The fedora folks know from where to grab this file - I forgot already.

-- 
Mark





  
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Linux backup help

[Amos Shapira]

Thanks! (and sorry for the late response).

On 12/19/08, Patrice Guay  wrote:
> Amos Shapira wrote :
>> 2008/11/16 Ian Forde :
>>> Actually, that's the problem that Red Hat Satellite Server can solve.
>>> You can approve packages for deployment.  Thus, when provisioning new
>>> servers, they get updates from the approved list.  And servers are
>>> grouped by class.  For the free version, one should investigate Project
>>> SpaceWalk.  http://www.redhat.com/spacewalk/
>>
>> Thanks for the pointer. I've looked at it a few weeks ago back when
>> there was some news about it and it looked promising but I didn't have
>> time to learn it in depth. Will keep it in my stack of things to look
>> at.
>>
> I just wrote a HowTo on this topic. Spacewalk can help you manage
> software versions across different environments using software channels.
> The document is available here:
> http://wiki.centos.org/HowTos/PackageManagement/Spacewalk
>
> Regards,
> --
> Patrice Guay
> patrice.g...@nanotechnologies.qc.ca
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] need help to play video

[Mark Pryor]

--- On Wed, 12/24/08, adrian kok  wrote:

> From: adrian kok 
> Subject: [CentOS] need help to play video
> To: centos@centos.org
> Date: Wednesday, December 24, 2008, 7:27 PM
> Hi 
> 
> I click the DVD amd there is an error 
> 
> The playback of this movie requires a MPEG-2 System
> Stream demuxer plugin which is not installed.
> 
> Which rpm I can install to play the video?
> 

Adrian,

nevermind my last post, here is a more current link I found a minute ago,
http://hacktux.com/fedora/codecs

-- 
Mark


  
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos