Re: [CentOS] Ping and traceroute...

[John Doe]

> However do you have the luxury of having your members coming from a block of 
> IPs

World wide website... so it is either everything or nothing...



> Blocking ping has always been a pet peeve of mine. Aside from violating 
> RFC-1122 
> (3.2.2.6 Echo Request/Reply: RFC-792 Every host MUST implement an ICMP Echo 
> server function that receives Echo Requests and sends corresponding Echo 
> Replies.) 
> 
> It provides *no* additional security & makes troubleshooting network issues 
> that 
> much more difficult.

So I guess I will look into adding these rules into shorewall.

Thx for all the answers,
JD


  

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Shell Script - Compare packages. rpm.

[Tiago Dias]

Hi,

 I need a script which makes the package compação rpm's through two
text files ...

 Since a file is the output of the command *rpm-qa > pkg.out *

 And the second file is a list of several packages rpm's, multiple
versions and architectures.

 My idea is to compare a package *x* file pkg.out with several
packages *y* of the file update.out and know whether a package and has a
larger version of the package *x* installed and with that I return I have a
package to be updated.

Does anyone can help me do this comparison?

OBS.: The servers do not have access to internet.

Here's an example of the packages described in the files:

[r...@rpm tiago]# tail -n12 pkg.out
glibc-devel-2.3.4-2.39
libuser-devel-0.52.5-1.el4.1
libmudflap-4.1.2-14.EL4
iiimf-libs-devel-12.1-13.EL.6
xorg-x11-devel-6.8.2-1.EL.33
lam-libs-7.1.2-8
libdbi-0.6.5-10.RHEL4.1
unixODBC-kde-2.2.11-1.RHEL4.1
perl-Compress-Zlib-1.42-1.el4
MySQL-python-1.2.1_p2-1.el4.1
nmap-3.70-1
sysstat-5.0.5-16.rhel4
[r...@rpm tiago]#

--

[r...@rpm tiago]# cat update.out
glibc-devel-2.3.4-2.41.i386.rpm
glibc-devel-2.3.4-2.39.i386.rpm
glibc-devel-2.3.4-2.36.i386.rpm
glibc-devel-2.3.4-2.25.i386.rpm
glibc-devel-2.3.4-2.19.i386.rpm
glibc-devel-2.3.4-2.13.i386.rpm
glibc-devel-2.3.4-2.9.i386.rpm
glibc-devel-2.3.4-2.i386.rpm
libuser-devel-0.52.5-1.el4.3.i386.rpm
libuser-devel-0.52.5-1.el4.1.i386.rpm
libuser-devel-0.52.5-1.i386.rpm
libmudflap-4.1.2-42.EL4.i386.rpm
libmudflap-4.1.2-14.EL4.i386.rpm
libmudflap-4.1.1-53.EL4.i386.rpm
libmudflap-4.1.0-18.EL4.3.i386.rpm
libmudflap-4.1.0-18.EL4.i386.rpm
libmudflap-4.0.2-14.EL4.i386.rpm
libmudflap-4.0.1-4.EL4.2.i386.rpm
libmudflap-4.0.0-0.14.EL4.i386.rpm
xorg-x11-devel-6.8.2-1.EL.52.i386.rpm
xorg-x11-devel-6.8.2-1.EL.33.0.4.i386.rpm
xorg-x11-devel-6.8.2-1.EL.33.0.2.i386.rpm
xorg-x11-devel-6.8.2-1.EL.33.0.1.i386.rpm
xorg-x11-devel-6.8.2-1.EL.33.i386.rpm
xorg-x11-devel-6.8.2-1.EL.31.i386.rpm
xorg-x11-devel-6.8.2-1.EL.19.i386.rpm
xorg-x11-devel-6.8.2-1.EL.18.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.37.7.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.37.5.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.37.2.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.37.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.36.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.25.1.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.25.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.20.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.16.i386.rpm
xorg-x11-devel-6.8.2-1.EL.13.6.i386.rpm
xorg-x11-devel-6.8.1-23.EL.i386.rpm
lam-libs-7.1.2-15.el4:2.i386.rpm
lam-libs-7.1.2-8:2.i386.rpm
MySQL-python-1.2.1_p2-1.el4.1.i386.rpm
MySQL-python-1.0.0-1.RHEL4.1.i386.rpm
sysstat-5.0.5-19.el4.i386.rpm
sysstat-5.0.5-16.rhel4.i386.rpm
sysstat-5.0.5-15.0.1.el4.i386.rpm
sysstat-5.0.5-14.rhel4.i386.rpm
sysstat-5.0.5-11.rhel4.i386.rpm
sysstat-5.0.5-7.rhel4.i386.rpm
sysstat-5.0.5-1.i386.rpm
nmap-3.70-1:2.i386.rpm
[r...@rpm tiago]#

Att,

-- 
Tiago Dias da Silva
Administrador de Sistemas GNU/Linux
HomePage: www.dias.eti.br
Email: ti...@dias.eti.br

"A mente que se abre a uma nova idéia jamais voltará ao seu tamanho
original"

(Albert Einstein)
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem compiling cairo-dock under CentOS 5.2

[Ralph Angenendt]

William L. Maltby wrote:
> >   glib2
> If you can wait, some recent posts in other threads indficate that glibc
> is to be upgraded in 5.3

glib, not glibc.

Ralph


pgpWH5sAmjcHa.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Shell Script - Compare packages. rpm.

[Ian Forde]

On Mon, 2009-01-26 at 08:26 -0200, Tiago Dias wrote:
> Hi,
> 
>  I need a script which makes the package compação rpm's
> through two text files ... 
> 
>  Since a file is the output of the command rpm-qa > pkg.out 
> 
>  And the second file is a list of several packages rpm's,
> multiple versions and architectures. 
> 
>  My idea is to compare a package x file pkg.out with several
> packages y of the file update.out and know whether a package and has a
> larger version of the package x installed and with that I return I
> have a package to be updated. 
> 
> Does anyone can help me do this comparison? 

Looks like you want to see what the update packages are without doing
the updates, and without an internet connection.  About 5 years ago I
would have suggest running 'rpm --freshen --test
packagename-from-update.out'.  Today, I'd suggest saving even more time
and just a local instance of mrepo.  Configure your yum repos
in /etc/yum.repos.d/ to point to the repository, and install the
yum-updatesd package to find out what the new packages are... Why
reinvent the wheel? ;)

-I

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] I may have been rooted - but I may not!?

[Nigel Kendrick]

Morning,
 
I am going to treat this as a rooted box and reinstall from scratch, but any
thoughts appreciated:
 
This is a Trixbox Server based on Centos, running kernel 2.6.18-53.1.4.el5
SMP
 
The phone system stopped working but this was traced to a configuration
error with a replacement switch (it did not get added to the vlan properly),
which meant that Trixbox could not see any DNS servers and this b0rks TB.
 
Anyway, during debugging I went to reboot the server and got the following:
 
/dev/kmem missing
 
IDT table read failed
 
I have run rkhunter, which turns up nothing
If have forced a filesystem check - all clean
I have checked the logs and history file and cannot see anything
The server is behind a hardware firewall and the only ports open are those
needed for RTP, IAX2 and SIP - there is no other public access and no user
accounts.
Having fixed the vlan issue, Asterisk is running fine.
 
I re-created /dev/kmem, but it's missing at subsequent reboots. 
 
I have Googled many references to the IDT table problem being associated
with the SuckIT rootkit, but I can find no evidence that it's installed.
 
OK, bearing in mind that I will go ahead and reinstall the server (no biggie
as I have Trixbox config backups and installing TB is not a big task), I
just wanted to check whether there were any IDT table issues that may *NOT*
be rootkit related and if there are any simple fixes I can try on the box
while it's isolated on the bench? 
 
In the other direction, has anyone seen this type of behaviour with any
rootkit that is not detected by rkhunter and doesn't leave any obvious
footprints? Anything to look for?
 
Happy Monday!
 
Thanks
 
Nigel
 
 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] I may have been rooted - but I may not!? FOLLOW UP

[Nigel Kendrick]

Just found ZK root kit.
 
Any ideas on infection vector?
 
Ho hum

  _  

From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
Of Nigel Kendrick
Sent: Monday, January 26, 2009 11:01 AM
To: 'CentOS mailing list'
Subject: [CentOS] I may have been rooted - but I may not!?


Morning,
 
I am going to treat this as a rooted box and reinstall from scratch, but any
thoughts appreciated:
 
This is a Trixbox Server based on Centos, running kernel 2.6.18-53.1.4.el5
SMP
 
The phone system stopped working but this was traced to a configuration
error with a replacement switch (it did not get added to the vlan properly),
which meant that Trixbox could not see any DNS servers and this b0rks TB.
 
Anyway, during debugging I went to reboot the server and got the following:
 
/dev/kmem missing
 
IDT table read failed
 
I have run rkhunter, which turns up nothing
If have forced a filesystem check - all clean
I have checked the logs and history file and cannot see anything
The server is behind a hardware firewall and the only ports open are those
needed for RTP, IAX2 and SIP - there is no other public access and no user
accounts.
Having fixed the vlan issue, Asterisk is running fine.
 
I re-created /dev/kmem, but it's missing at subsequent reboots. 
 
I have Googled many references to the IDT table problem being associated
with the SuckIT rootkit, but I can find no evidence that it's installed.
 
OK, bearing in mind that I will go ahead and reinstall the server (no biggie
as I have Trixbox config backups and installing TB is not a big task), I
just wanted to check whether there were any IDT table issues that may *NOT*
be rootkit related and if there are any simple fixes I can try on the box
while it's isolated on the bench? 
 
In the other direction, has anyone seen this type of behaviour with any
rootkit that is not detected by rkhunter and doesn't leave any obvious
footprints? Anything to look for?
 
Happy Monday!
 
Thanks
 
Nigel
 
 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] I may have been rooted - but I may not!? FOLLOW UP

[Ralph Angenendt]

Nigel Kendrick wrote:
> Just found ZK root kit.
>  
> Any ideas on infection vector?

> This is a Trixbox Server based on Centos, running kernel 2.6.18-53.1.4.el5
> SMP

Not really saying anything about the vector, but that kernel has a local
root exploit (google for 'vmsplice'). One of the reasons one should keep
his boxes updated ...

> I have checked the logs and history file and cannot see anything
> The server is behind a hardware firewall and the only ports open are those
> needed for RTP, IAX2 and SIP - there is no other public access and no user
> accounts.

Did you update asterisk as regularly as you updated the rest of the
system?



And there is exploit code for this vulnerability. So I get in via this
and get root via vmsplice and then suddenly Bob's your uncle and the box
isn't yours anymore.

SIP and IAX2 exploits are from 2007, there has been an information
disclosure weakness in IAX2 too, which has been announced some days ago.
But that would "only" lead to knowledge about valid users on the system.

Ralph


pgpVPvDwVfaLA.pgp
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] I may have been rooted - but I may not!? FOLLOW UP

[Nigel Kendrick]

Ralph,

Thanks for the info. I expect this is Asterisk-related.

Nigel 

-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On Behalf
Of Ralph Angenendt
Sent: Monday, January 26, 2009 11:25 AM
To: centos@centos.org
Subject: Re: [CentOS] I may have been rooted - but I may not!? FOLLOW UP

Nigel Kendrick wrote:
> Just found ZK root kit.
>  
> Any ideas on infection vector?

> This is a Trixbox Server based on Centos, running kernel 2.6.18-53.1.4.el5
> SMP

Not really saying anything about the vector, but that kernel has a local
root exploit (google for 'vmsplice'). One of the reasons one should keep
his boxes updated ...

> I have checked the logs and history file and cannot see anything
> The server is behind a hardware firewall and the only ports open are those
> needed for RTP, IAX2 and SIP - there is no other public access and no user
> accounts.

Did you update asterisk as regularly as you updated the rest of the
system?



And there is exploit code for this vulnerability. So I get in via this
and get root via vmsplice and then suddenly Bob's your uncle and the box
isn't yours anymore.

SIP and IAX2 exploits are from 2007, there has been an information
disclosure weakness in IAX2 too, which has been announced some days ago.
But that would "only" lead to knowledge about valid users on the system.

Ralph

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Completeley disabling SELinux?

[Kevin Thorpe]

Filipe Brandenburger wrote:

Hi,

Probably not what you wanted to hear, but:

On Fri, Jan 23, 2009 at 07:30, Kevin Thorpe  wrote:
  

It's my development server under my desk



And how do you expect the things you develop to run under SELinux in production?

  

so I reallly don't care about security.



Sounds bad. (Yes, I know it is out of context, but it is bad in any context.)

If you develop for Linux, in particular for RHEL/CentOS 4 or 5, you
should take the opportunity to learn more about SELinux and how to
work with it.

You can start here: http://wiki.centos.org/HowTos/SELinux

  

I totally agree but I haven't got time at the moment.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Ldap login

[Per Qvindesland]

Hello List,

I have installed Centos Directory Server to be able to authenticate with
ldap on the other servers in the system, the directory server seems to be
working fine, but when I configure a test server to authenticate up against
this server then it says that there is no such user, I have made sure that
the config is correct on the client /etc/ldap.conf is there also the
/etc/openldap/ldap.conf is there and both is configured correctly, i have
tried to telnet from the client to the server on port 389 and that also
works.

Does anyone have any idea of what I am missing here?


Thanks in advance

Regards
Per Qvindesland
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Shell Script - Compare packages. rpm.

[John Doe]

> From: Tiago Dias 
> I need a script which makes the package compação rpm's through two text files 
> ... 
> Since a file is the output of the command rpm-qa > pkg.out 
> And the second file is a list of several packages rpm's, multiple versions 
> and architectures. 

Just for the fun (and did not really test it):

cat pkg.out 
| 
  awk ' { p=$1; n=match(p, "-[[:digit:]]+"); print substr(p,1,n); } '|
  while read PKG; dogrep "$PKG[0-9]" update.out; done

I will leave you as an exercise to sort the results by versions and head (or 
tail) to keep the highest one... ^_^
But, if your update.out file contained only the latest package (and not all 
different versions), that should work.

JD


  

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ldap login

[Didi Hoffmann]

>
> Hello List,
>
> I have installed Centos Directory Server to be able to authenticate  
> with ldap on the other servers in the system, the directory server  
> seems to be working fine, but when I configure a test server to  
> authenticate up against this server then it says that there is no  
> such user, I have made sure that the config is correct on the  
> client /etc/ldap.conf is there also the /etc/openldap/ldap.conf is  
> there and both is configured correctly, i have tried to telnet from  
> the client to the server on port 389 and that also works.
>
> Does anyone have any idea of what I am missing here?
>
>
> Thanks in advance
>
> Regards
> Per Qvindesland
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

Maybe ldapsearch will help. Try connecting with ldapsearch to the  
server and see if that works.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ldap login

[Per Qvindesland]

Hi

Thanks for replying.

I tried that and I am getting this error:
ldap_sasl_interactive_bind_s:unknown authentication method (-6) additional
info:sasl(-4): no mechanism available:

Any idea?

Regards
Per Qvindesland


On 1/26/09 2:43 PM, "Didi Hoffmann"  wrote:

>> 
>> Hello List,
>> 
>> I have installed Centos Directory Server to be able to authenticate
>> with ldap on the other servers in the system, the directory server
>> seems to be working fine, but when I configure a test server to
>> authenticate up against this server then it says that there is no
>> such user, I have made sure that the config is correct on the
>> client /etc/ldap.conf is there also the /etc/openldap/ldap.conf is
>> there and both is configured correctly, i have tried to telnet from
>> the client to the server on port 389 and that also works.
>> 
>> Does anyone have any idea of what I am missing here?
>> 
>> 
>> Thanks in advance
>> 
>> Regards
>> Per Qvindesland
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
> 
> Maybe ldapsearch will help. Try connecting with ldapsearch to the
> server and see if that works.
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ldap login

[Didi]

> I tried that and I am getting this error:
> ldap_sasl_interactive_bind_s:unknown authentication method (-6) additional
> info:sasl(-4): no mechanism available:
>
> Any idea?

It looks like your server does not know the authentication method.
Does it work with 'ldapsearch -x' ?
And ldapsearch -v should tell you more

Cheers Didi

www.ribalba.de
Email / Jabber: riba...@gmail.com
Skype : ribalba



On Mon, Jan 26, 2009 at 2:48 PM, Per Qvindesland  wrote:
> Hi
>
> Thanks for replying.
>
> Regards
> Per Qvindesland
>
>
> On 1/26/09 2:43 PM, "Didi Hoffmann"  wrote:
>
>>>
>>> Hello List,
>>>
>>> I have installed Centos Directory Server to be able to authenticate
>>> with ldap on the other servers in the system, the directory server
>>> seems to be working fine, but when I configure a test server to
>>> authenticate up against this server then it says that there is no
>>> such user, I have made sure that the config is correct on the
>>> client /etc/ldap.conf is there also the /etc/openldap/ldap.conf is
>>> there and both is configured correctly, i have tried to telnet from
>>> the client to the server on port 389 and that also works.
>>>
>>> Does anyone have any idea of what I am missing here?
>>>
>>>
>>> Thanks in advance
>>>
>>> Regards
>>> Per Qvindesland
>>> ___
>>> CentOS mailing list
>>> CentOS@centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>
>> Maybe ldapsearch will help. Try connecting with ldapsearch to the
>> server and see if that works.
>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ldap login

[Per Qvindesland]

Hi Didi

Thanks again for your help.

When I type ldapsearch -x it comes up with the complete list of users and
groups, but if i do the ldapsearch -v it gives me the same error:
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s:unknown authentication method (-6) additional
info:sasl(-4): no mechanism available:

Any idea of what authentication method ldap uses?

Regards
Per

On 1/26/09 4:34 PM, "Didi"  wrote:

>> I tried that and I am getting this error:
>> ldap_sasl_interactive_bind_s:unknown authentication method (-6) additional
>> info:sasl(-4): no mechanism available:
>> 
>> Any idea?
> 
> It looks like your server does not know the authentication method.
> Does it work with 'ldapsearch -x' ?
> And ldapsearch -v should tell you more
> 
> Cheers Didi
> 
> www.ribalba.de
> Email / Jabber: riba...@gmail.com
> Skype : ribalba
> 
> 
> 
> On Mon, Jan 26, 2009 at 2:48 PM, Per Qvindesland  wrote:
>> Hi
>> 
>> Thanks for replying.
>> 
>> Regards
>> Per Qvindesland
>> 
>> 
>> On 1/26/09 2:43 PM, "Didi Hoffmann"  wrote:
>> 
 
 Hello List,
 
 I have installed Centos Directory Server to be able to authenticate
 with ldap on the other servers in the system, the directory server
 seems to be working fine, but when I configure a test server to
 authenticate up against this server then it says that there is no
 such user, I have made sure that the config is correct on the
 client /etc/ldap.conf is there also the /etc/openldap/ldap.conf is
 there and both is configured correctly, i have tried to telnet from
 the client to the server on port 389 and that also works.
 
 Does anyone have any idea of what I am missing here?
 
 
 Thanks in advance
 
 Regards
 Per Qvindesland
 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
>>> 
>>> Maybe ldapsearch will help. Try connecting with ldapsearch to the
>>> server and see if that works.
>>> 
>>> ___
>>> CentOS mailing list
>>> CentOS@centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>> 
>> 
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Ldap login

[Didi]

On Mon, Jan 26, 2009 at 3:58 PM, Per Qvindesland  wrote:
> Hi Didi
>
> Thanks again for your help.
>
> When I type ldapsearch -x it comes up with the complete list of users and
> groups, but if i do the ldapsearch -v it gives me the same error:
> SASL/EXTERNAL authentication started
> ldap_sasl_interactive_bind_s:unknown authentication method (-6) additional
> info:sasl(-4): no mechanism available:

Does your server/cleint have ssl? How secure does this have to be.
Normally you have to set up the certificates to do it over SASL. If it
is at home and you don't need to be bullet proof you can just use
simple auth. I know people are going to hate me because of this, but
if you just want it to work this might be an option.


> Any idea of what authentication method ldap uses?
http://en.wikipedia.org/wiki/Simple_Authentication_and_Security_Layer

might explain a few things.

Cheers Didi

>
> Regards
> Per
>
> On 1/26/09 4:34 PM, "Didi"  wrote:
>
>>> I tried that and I am getting this error:
>>> ldap_sasl_interactive_bind_s:unknown authentication method (-6) additional
>>> info:sasl(-4): no mechanism available:
>>>
>>> Any idea?
>>
>> It looks like your server does not know the authentication method.
>> Does it work with 'ldapsearch -x' ?
>> And ldapsearch -v should tell you more
>>
>> Cheers Didi
>> 
>> www.ribalba.de
>> Email / Jabber: riba...@gmail.com
>> Skype : ribalba
>>
>>
>>
>> On Mon, Jan 26, 2009 at 2:48 PM, Per Qvindesland  wrote:
>>> Hi
>>>
>>> Thanks for replying.
>>>
>>> Regards
>>> Per Qvindesland
>>>
>>>
>>> On 1/26/09 2:43 PM, "Didi Hoffmann"  wrote:
>>>
>
> Hello List,
>
> I have installed Centos Directory Server to be able to authenticate
> with ldap on the other servers in the system, the directory server
> seems to be working fine, but when I configure a test server to
> authenticate up against this server then it says that there is no
> such user, I have made sure that the config is correct on the
> client /etc/ldap.conf is there also the /etc/openldap/ldap.conf is
> there and both is configured correctly, i have tried to telnet from
> the client to the server on port 389 and that also works.
>
> Does anyone have any idea of what I am missing here?
>
>
> Thanks in advance
>
> Regards
> Per Qvindesland
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

 Maybe ldapsearch will help. Try connecting with ldapsearch to the
 server and see if that works.

 ___
 CentOS mailing list
 CentOS@centos.org
 http://lists.centos.org/mailman/listinfo/centos
>>>
>>>
>>> ___
>>> CentOS mailing list
>>> CentOS@centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

[happymaster23]

Hello,

I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2
and I need encrypted connection. Daemon is configured perfectly, there
is no problem - if iptables is off connection is smoothly established,
but when iptables is on, connection in FTP client ends on command LIST
without response. Last command with response (positive) is PASV.

Thank you for your replies
Martin Šťastný
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

[German Andres Pulido]

> Hello,
>
> I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2
> and I need encrypted connection. Daemon is configured perfectly, there
> is no problem - if iptables is off connection is smoothly established,
> but when iptables is on, connection in FTP client ends on command LIST
> without response. Last command with response (positive) is PASV.
>
> Thank you for your replies
> Martin Šťastný
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

Hi!

The issue is probably with the way FTP is handled. I see two possible 
solutions:

1. Use the ip_conntrack_ftp module of IPtables. What this does is setting 
iptables aware that the data FTP connection should also be allowed since it's 
related to the original one on port 21. Google for more info on it (and the 
exact module name)

2. If you only need encrypted traffic, using SFTP makes sense. It only uses 
the port 22 (It's a subsystem of SSH) and its encryption is very good.

Regards.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

[happymaster23]

Thank you,

I will check it. But - is this only possible solution?

SFTP I am using only for administration purposes (yeah, it is quite
easy to set it up :-D) and it´s better for me, to make FTPS for
customers and SFTP only for me.

2009/1/26 German Andres Pulido :
>> Hello,
>>
>> I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2
>> and I need encrypted connection. Daemon is configured perfectly, there
>> is no problem - if iptables is off connection is smoothly established,
>> but when iptables is on, connection in FTP client ends on command LIST
>> without response. Last command with response (positive) is PASV.
>>
>> Thank you for your replies
>> Martin Šťastný
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
> Hi!
>
> The issue is probably with the way FTP is handled. I see two possible
> solutions:
>
> 1. Use the ip_conntrack_ftp module of IPtables. What this does is setting
> iptables aware that the data FTP connection should also be allowed since it's
> related to the original one on port 21. Google for more info on it (and the
> exact module name)
>
> 2. If you only need encrypted traffic, using SFTP makes sense. It only uses
> the port 22 (It's a subsystem of SSH) and its encryption is very good.
>
> Regards.
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

[Ray Van Dolson]

On Mon, Jan 26, 2009 at 06:48:15PM +0100, happymaster23 wrote:
> Thank you,
> 
> I will check it. But - is this only possible solution?
> 
> SFTP I am using only for administration purposes (yeah, it is quite
> easy to set it up :-D) and it´s better for me, to make FTPS for
> customers and SFTP only for me.

I don't know that that ip_conntrack_ftp would work with TLS encrypted
FTP[1].  It wouldn't be able to "peer" into the FTP stream to determine
the appropriate data ports to open on the firewall.

Your best bet would be to configure ProFTPD to use a predefined range
of passive FTP ports and then just ensure those are opened via
iptables.

Ray

[1] There are options here such as only encrypting the authentication
portion of the connection or CCC, etc...
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Bind Issues

[Joseph L. Casale]

I have a bind server running that cannot resolve www.atbfinancialonline.com.
I turned on "debug 10" in the named.conf and start up dig on it, but dig just
times out, what else can I do to see why exactly it won't resolve this?

Thanks!
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bind Issues

[nate]

Joseph L. Casale wrote:
> I have a bind server running that cannot resolve www.atbfinancialonline.com.
> I turned on "debug 10" in the named.conf and start up dig on it, but dig
> just
> times out, what else can I do to see why exactly it won't resolve this?


Check what name severs are hosting the domain and try resolving
directly from them.

atbfinancialonline.com name server dns1.cidc.telus.com.
atbfinancialonline.com name server dns2.cidc.telus.com.

telus, sounds Australian ..seems like dns1.cidc.telus.com is
not responding.

One of my Debian servers has a tool called 'dnstracer', I'd be
surprised if it was available as part of the stock CentOS but
maybe available in a 3rd party repo or some similar tool:

[ap...@portal:~]$ dnstracer www.atbfinancialonline.com
Tracing to www.atbfinancialonline.com[a] via 127.0.0.1, maximum of 3 retries
127.0.0.1 (127.0.0.1)
 |\___ L.GTLD-SERVERS.NET [com] (192.41.162.30)
 | |\___ dns2.cidc.telus.com [atbfinancialonline.com] (66.203.199.203)
Got authoritative answer
 |  \___ dns1.cidc.telus.com [atbfinancialonline.com] (216.123.224.131)
* * *
 |\___ K.GTLD-SERVERS.NET [com] (192.52.178.30)
 | |\___ dns2.cidc.telus.com [atbfinancialonline.com] (66.203.199.203)
(cached)
 |  \___ dns1.cidc.telus.com [atbfinancialonline.com] (216.123.224.131)
* * *
 |\___ J.GTLD-SERVERS.NET [com] (192.48.79.30)
 | |\___ dns2.cidc.telus.com [atbfinancialonline.com] (66.203.199.203)
(cached)
 |  \___ dns1.cidc.telus.com [atbfinancialonline.com] (216.123.224.131)
* * *
 |\___ I.GTLD-SERVERS.NET [com] (192.43.172.30) *
 | |\___ dns2.cidc.telus.com [atbfinancialonline.com] (66.203.199.203)
(cached)
 |  \___ dns1.cidc.telus.com [atbfinancialonline.com] (216.123.224.131) * *


nate

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

[Les Mikesell]

happymaster23 wrote:
> Thank you,
> 
> I will check it. But - is this only possible solution?
> 
> SFTP I am using only for administration purposes (yeah, it is quite
> easy to set it up :-D) and it´s better for me, to make FTPS for
> customers and SFTP only for me.

If you control the other end as well, why not use scp or rsync over ssh 
which are easier to script anyway?

-- 
   Les Mikesell
lesmikes...@gmail.com

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bind Issues

[Joseph L. Casale]

>Check what name severs are hosting the domain and try resolving
>directly from them.
>
>atbfinancialonline.com name server dns1.cidc.telus.com.
>atbfinancialonline.com name server dns2.cidc.telus.com.

 I shoulda done that:) Yup, so it's only resolving from cache
for those that did hit it I see.

>telus, sounds Australian ..seems like dns1.cidc.telus.com is
>not responding.

Calgary Alberta Canada! Wrong side of the planet:)

>One of my Debian servers has a tool called 'dnstracer', I'd be
>surprised if it was available as part of the stock CentOS but
>maybe available in a 3rd party repo or some similar tool:

Nice tool, thanks Nate!
jlc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bind Issues

[Paul Heinlein]

On Mon, 26 Jan 2009, nate wrote:

> One of my Debian servers has a tool called 'dnstracer', I'd be
> surprised if it was available as part of the stock CentOS but
> maybe available in a 3rd party repo or some similar tool:

dig's +trace option can do the same thing, though its reporting isn't 
as nicely formatted as dnstracer's:

   dig +trace www.atbfinancialonline.com

First you'll see dig resolving "." (the root domain), then getting the 
master servers for "com.", then for "atbfinancialonline.com."

-- 
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Backup methods for an Oracle DB

[Ugo Bellavance]

Hi,

I've been testing different methods and I'd like to have some advice. 
I want to perform a cold backup once a week on the Oracle DB, and put it 
on tape.  I'm using EMC Networker for backup software, and I am not too 
at ease with the fact of doing eveything with Networker, because if 
there is a problem with the backup, the Oracle DB might not come up 
after the backup run.

So I thought of using disk-based backup.  I've tried scp'ing the files 
directly to my backup server, but the operation is too long (120 min). 
I tried generating a tar.gz directly to my backup server via SSH.  A 
decent 40 minutes, using mgzip (multi-thread gzip), 70 Gigs.  120 
minutes for a tar.bz2, using pbzip2 (parralel bzip2) (54 Gigs).  A tar 
sent directly to my backup server is quite huge (318 Gigs).  It is then 
taken to tape on the regular nightly backup.

My concerns are:

- Time needed to perform backup (downtime).
- Time needed to do a recovery.

For the backup, sending a tar.gz directly to the backup server seems to 
be the best option.  However, since I want to minimize the time needed 
to perform a recovery, I'd like to have raw files on tape, not in a 
tarball and not compressed (the tape is compressing anyway).

Up to now, I've been quite disappointed by the speed at which my backup 
server can decompress and untar, and this server has quite good 
hardware.  When I use iostat -x, I find that the %util of the device is 
averaging 80%.

Here is the hardware involved:

Oracle Server:

HP Proliant 380DL + MSA70
16 GB ram
2 x Quad-core Xeons E5345 2.33 Ghz
9 RAID 10 volumes on 32 72G, 15K rpm SAS disks
1X Smart Array P400 w/512 MB BBU
1X Smart Array P800 w/512 MB BBU

Database Server

HP Proliant 360DL
2 x Quad-core Xeons E5345 2.33 Ghz
1 RAID 5 volume on 6 146 GB, 10K rpm SAS disks
1X Smart Array P400 w/512 MB BBU

Any help or suggestions welcome.

Regards,

Ugo

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Backup methods for an Oracle DB

[nate]

Ugo Bellavance wrote:
> Hi,
>
>   I've been testing different methods and I'd like to have some advice.
> I want to perform a cold backup once a week on the Oracle DB, and put it
> on tape.  I'm using EMC Networker for backup software, and I am not too
> at ease with the fact of doing eveything with Networker, because if
> there is a problem with the backup, the Oracle DB might not come up
> after the backup run.

What version and edition of Oracle?

Use RMAN, that's what it's there for. You can backup online, or
offline, full or incremental.

At my last company we ran Oracle 10gR2 standard edition connected to
a small fiber channel SAN. I wrote a script that put the tables on the
primary server in hotbackup mode, then snapshotted the Oracle volumes,
and mounted the snapshots onto a virtual machine that was running
software iSCSI. From there a job kicked off and ran RMAN to backup
the database.

Prior to that we ran enterprise edition and was able to run RMAN
directly from the physical standby server. With standard edition
you can't do that.

The migration from Oracle EE to Oracle SE probably paid for the
SAN in itself let alone the massive increases in productivity
gained by the flexibility of a centralized storage system(copying
production data went from ~2 days to about 1 hour, copying data
to reporting database went from ~8 hours to ~10 minutes).

You can also run RMAN against the primary system as well(any edition
I believe), though I didn't want to do that as it'd impact
performance.

nate


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Bind Issues

[Kai Schaetzl]

Nate wrote on Mon, 26 Jan 2009 10:22:34 -0800 (PST):

> [ap...@portal:~]$ dnstracer www.atbfinancialonline.com

allow me to jump in here. I recently installed dnstracer (from rpmforge), 
but I don't get the expected output on the machine where I want to use it. 
All I get is output like this:

chacha:~ dnstracer www.atbfinancialonline.com
Tracing to www.atbfinancialonline.com[a] via 127.0.0.1, maximum of 3 
retries
127.0.0.1 (127.0.0.1) Refers backwards

This is on the server that provides local dns caching and dns for some 
local non-public domains and reverse dns for the LAN. It's configured to 
use a forwarder.
I may have misconfigured something in bind?


Kai

-- 
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

[happymaster23]

You know, because I am to lazy. All users has shell /sbin/nologin and
all security this are set to only one account via SSH. I am normally
providing FTP access for users and is much easier to give them secured
FTP than other method (SFTP) imcompatible with FTP.

I have an idea - if I use CentOS native FTP daemon (vsFTPd I think),
will there be any change or there is no sense?

Thank you very much

2009/1/26 Les Mikesell :
> happymaster23 wrote:
>> Thank you,
>>
>> I will check it. But - is this only possible solution?
>>
>> SFTP I am using only for administration purposes (yeah, it is quite
>> easy to set it up :-D) and it´s better for me, to make FTPS for
>> customers and SFTP only for me.
>
> If you control the other end as well, why not use scp or rsync over ssh
> which are easier to script anyway?
>
> --
>   Les Mikesell
>lesmikes...@gmail.com
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Backup methods for an Oracle DB

[Ugo Bellavance]

nate a écrit :
> Ugo Bellavance wrote:
>> Hi,
>>
>>  I've been testing different methods and I'd like to have some advice.
>> I want to perform a cold backup once a week on the Oracle DB, and put it
>> on tape.  I'm using EMC Networker for backup software, and I am not too
>> at ease with the fact of doing eveything with Networker, because if
>> there is a problem with the backup, the Oracle DB might not come up
>> after the backup run.
> 
> What version and edition of Oracle?

Oracle Database 10g Enterprise Edition Release 10.2.x.x.x - 64bit Production
With the Partitioning and Data Mining options

> Use RMAN, that's what it's there for. You can backup online, or
> offline, full or incremental.

Well, we only use one main oracle server... the DBA says it is not worth 
the additionnal overhead.  I'm no Oracle guru.

> At my last company we ran Oracle 10gR2 standard edition connected to
> a small fiber channel SAN. I wrote a script that put the tables on the
> primary server in hotbackup mode, then snapshotted the Oracle volumes,
> and mounted the snapshots onto a virtual machine that was running
> software iSCSI. From there a job kicked off and ran RMAN to backup
> the database.

Ok, but is that the equivalent of doing a cold backup?

> Prior to that we ran enterprise edition and was able to run RMAN
> directly from the physical standby server. With standard edition
> you can't do that.

Ok

> The migration from Oracle EE to Oracle SE probably paid for the
> SAN in itself let alone the massive increases in productivity
> gained by the flexibility of a centralized storage system(copying
> production data went from ~2 days to about 1 hour, copying data
> to reporting database went from ~8 hours to ~10 minutes).
> 
> You can also run RMAN against the primary system as well(any edition
> I believe), though I didn't want to do that as it'd impact
> performance.

We don't really care about the performance, as we are ok with up to 
about 2 hours of complete downtime per week.

Thanks,

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Backup methods for an Oracle DB

[nate]

Ugo Bellavance wrote:
> nate a écrit :
>> Ugo Bellavance wrote:
>>> Hi,
>>>
>>> I've been testing different methods and I'd like to have some advice.
>>> I want to perform a cold backup once a week on the Oracle DB, and put it
>>> on tape.  I'm using EMC Networker for backup software, and I am not too
>>> at ease with the fact of doing eveything with Networker, because if
>>> there is a problem with the backup, the Oracle DB might not come up
>>> after the backup run.
>>
>> What version and edition of Oracle?
>
> Oracle Database 10g Enterprise Edition Release 10.2.x.x.x - 64bit Production
> With the Partitioning and Data Mining options
>
>> Use RMAN, that's what it's there for. You can backup online, or
>> offline, full or incremental.
>
> Well, we only use one main oracle server... the DBA says it is not worth
> the additionnal overhead.  I'm no Oracle guru.
>
>> At my last company we ran Oracle 10gR2 standard edition connected to
>> a small fiber channel SAN. I wrote a script that put the tables on the
>> primary server in hotbackup mode, then snapshotted the Oracle volumes,
>> and mounted the snapshots onto a virtual machine that was running
>> software iSCSI. From there a job kicked off and ran RMAN to backup
>> the database.
>
> Ok, but is that the equivalent of doing a cold backup?

That is enough to restore from a blank database.

Since your using enterprise edition, you can even adjust the number
of workers that RMAN uses(increases/decreases throughput assuming
your not totally I/O bound) to throttle it.

The upside with RMAN is you can backup without downtime(though
depending on size of the DB you probably can't backup without some
sort of impact to the primary). And I believe it's the only really
truly supported method of backing up an Oracle DB. (data pump has it's
problems and backing up raw data files is questionable as well).

I haven't gone through it but this looks informative:
http://blogs.oracle.com/AlejandroVargas/gems/RmanHandsOn.pdf

nate



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem compiling cairo-dock under CentOS 5.2

[Blackburn, Marvin]

Yea, I'm pretty sure.

_
"He's no failure. He's not dead yet."
William Lloyd George

-Original Message-
From: centos-boun...@centos.org [mailto:centos-boun...@centos.org] On
Behalf Of Marko Vojinovic
Sent: Sunday, January 25, 2009 5:15 PM
To: centos@centos.org
Subject: Re: [CentOS] Problem compiling cairo-dock under CentOS 5.2

On Sunday 25 January 2009 17:10, Marko Vojinovic wrote:
> I am trying to compile cairo-dock from source (failing to find an
existing
> package for CentOS). I believe all dependencies are satisfied, but
while
> doing "make", at some point it says (I can provide the full make
output if
> it's needed):
>
[snip]
> /home/vmarko/cairo/cairo-dock-2.0.0-beta1/src/cairo-dock.c:724:
undefined
> reference to `g_timeout_add_seconds'

To partially answer my own question, it appears that
g_timeout_add_seconds was 
introduced in glib2 library, starting from version 2.14, while my
current 
CentOS installation has version 2.12.3-2. Now, it turns out that glib2 
depends on glibc, gamin and libselinux, my current versions being
2.5.24, 
0.1.7-8 and 1.33.4-5 respectively.

So, to reformulate the question: is there a clean way to upgrade glib2
from 
2.12 to 2.14 without having to upgrade glibc and friends (and glibc has
*a 
lot* of friends installed on the system :-) ...).

This is a desktop machine which is not quite important for production
etc, so 
I wouldn't mind customizing it if it isn't too much hassle.

I am open to suggestions on what to do ---

* update glib2 and possibly glibc and its dependencies?
* temper with the cairo-dock source to remove references to new
functions and 
make it compatible with glib2 v2.12 (this is possible, but not easy)?
* wait for CentOS 5.3 hoping that it has more recent glib2?
* give up?

Appreciate any help!

Best, :-)
Marko



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] PHP 5.2 on Centos4

[Flaherty, Patrick]

http://www.jasonlitka.com/

I realize I'm a bit late to the party, but Jason Litka has a yum repo of
updated mysql/php/http that is pretty awesome. Doesn't look like
anything's been updated since may of last year (php 5.2.6), but since
the new php only came out in December, he may just be lagging a bit.
You'll probably want to take a good hard look at
http://www.securityfocus.com/ and their vuln db to see if any would
affect you.

Patrick 

> -Original Message-
> From: centos-boun...@centos.org 
> [mailto:centos-boun...@centos.org] On Behalf Of John Clement
> Sent: Thursday, January 22, 2009 12:15 PM
> To: CentOS mailing list
> Subject: [CentOS] PHP 5.2 on Centos4
> 
> Bit of an emergency as I'm told this laptop has to leave here 
> in 15 minutes, I've gone ahead and configured, made, 
> installed PHP 5.2 but an httpd restart still only sees the 
> old PHP 5.0.4, I think there's a fairly simple way to get it 
> to find the 5.2 version I've just installed but can't think what.
> 
> Any help gratefully received!
> 
> thanks
> 
> 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Support for i7 architecture?

[Michael St. Laurent]

> did anyone give insight into the OP question, or is this just email
> bashing class 099 ?

It was answered, thanks.

The offending disclaimer message is gone now.  How does this Sig file
look gentlemen?

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] [OT] Anyone on-list using a Barracuda Spam Firewall?

[Gary Greene]

Normally I don't like posting on this list for off-topic info, but I need to
know "un-biased" opinions regarding Barracuda's Spam Firewall as we're
looking to get one soon where I work and I want to know any pros/cons before
I stake my credibility on it for our spam fighting.

If you've had good or bad experiences with one of these devices, please
contact me _off_ list regarding this. I don't want to spam the list with a
major OT thread. Thanks.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] [OT] Anyone on-list using a Barracuda Spam Firewall?

[Scott Silva]

on 1-26-2009 1:09 PM Gary Greene spake the following:
> Normally I don't like posting on this list for off-topic info, but I need to
> know "un-biased" opinions regarding Barracuda's Spam Firewall as we're
> looking to get one soon where I work and I want to know any pros/cons before
> I stake my credibility on it for our spam fighting.
> 
> If you've had good or bad experiences with one of these devices, please
> contact me _off_ list regarding this. I don't want to spam the list with a
> major OT thread. Thanks.
Before you completely settle on a Barracuda, look at this;

http://www.fsl.com/index.php/barricademx/defendermx-appliance

Last time I checked they were near half the price and way more effective, and
more easily customized.


-- 
MailScanner is like deodorant...
You hope everybody uses it, and
you notice quickly if they don't



signature.asc
Description: OpenPGP digital signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] print from emacs?

[Paul Johnson]

I just noticed this problem in Centos 5.2.

WHile editing a file in Emacs, one can print with the Postscript Print
option from the pull down menu.  However, the ordinary "print" option
from the pull down menu, and the "printer icon" in the toolbar, cause
nothing to happen.  This is a new feature/bug for me.

Can you explain?

pj

-- 
Paul E. Johnson
Professor, Political Science
1541 Lilac Lane, Room 504
University of Kansas
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Sun Java on CentOS 5

[Joseph L. Casale]

The wiki has a long procedure for installing Sun JDK 1.6 but not JRE.
What's the benefit to installing the JDK this way (repackaging it)?

Thanks!
jlc

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] possible CentOS 5.2 yum RPM checksum issue upstream?

[Justin M. Hunter]

hey guys..

I'm continually seeing the following error although I've got the
latest/greatest yum RPM from various CentOS 5.2 repos (mirrors.kernel.org most
recently). is there possibly something wrong with the RPM's checksum
somewhere upstream?

note: I've already regenerated our own mrepo server various times and
refreshed the metadata on my yum clients as well.

***

~# yum clean all; yum update

...

Transaction Summary
=
Install 2 Package(s)
Update 57 Package(s)
Remove 0 Package(s)

Total download size: 97 M
Is this ok [y/N]: y
Downloading Packages:
(1/2): yum-3.2.8-9.el5.ce 100% |=| 582 kB 00:00
http://oak-ss-admin001.sixapart.net/mrepo/centos5.2-x86_64/RPMS.updates/yum-3.2.8-9.el5.centos.2.1.noarch.rpm:
[Errno -1] Package does not match intended download
Trying other mirror.
(2/2): yum-fastestmirror- 100% |=| 13 kB 00:00

~# md5sum /var/tmp/yum-3.2.8-9.el5.centos.2.1.noarch.rpm
d776014eb266b87299465cb38e0f6b96
 /var/tmp/yum-3.2.8-9.el5.centos.2.1.noarch.rpm

***

tia!

Justin
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Newbie

[kmadananteshwar . vbhat]

Hi I'm a linux newbie who has just switched from windows and I'd like to know 
weather or not there is a decent switching guide 
Sent from BlackBerry® on Airtel
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Newbie

[Spiro Harvey]

> Hi I'm a linux newbie who has just switched from windows and I'd like
> to know weather or not there is a decent switching guide

I can't speak for which is decent, but a google search for:

"how to switch from windows to linux"

seems to get much better results than:

"linux switching guide"


the former search netted many many results, ranging from specific
switching guides by magazines, to personal experiences.

just keep in mind that most guides are targetted at one specific
distribution (whatever the author has chosen), but most of the concepts
and programs that they may potentially mention will be available
everywhere.

another hint is that a lot reference Ubuntu, which has a different
method of managing program installations.. Ubuntu guides will refer to
apt-get or Synaptic (I think that's what it's called -- Synaptic does
the same as apt-get except with a windowed interface, rather than via
command line).

CentOS (and redhat and fedora) use RPM. 

If a guide tells you to "apt-get program", on CentOS, load a terminal
and type "yum install program". Most program names are the same or
similar ("yum search program" will look for it but not install it).



-- 
Spiro Harvey  Knossos Networks Ltd
021-295-1923www.knossos.net.nz


signature.asc
Description: PGP signature
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Upgrade to 5.3?

[James Bensley]

Hey Listee's!

I'm not that up on CentOS so I'd be curious to know if it is possible
to upgrade CentOS 5.2 to 5.3 without reinstalling? Perhaps via Yum? Or
can you get update RPMs?

I hope this doesn't pose to much of a stupid question.

Thanks for your help everyone.

Regards,
James ;)

-BEGIN GEEK CODE BLOCK-
  Version: 3.1
GIT/MU/U dpu s: a--> C++>$ U+> L++> B-> P+> E?> W+++>$ N K W++ O M++>$ V-
PS+++ PE++ Y+ PGP t 5 X+ R- tv+ b+> DI D+++ G+ e(+) h--(++) r++ z++
--END GEEK CODE BLOCK--
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Upgrade to 5.3?

[Barry Brimer]

> I'm not that up on CentOS so I'd be curious to know if it is possible
> to upgrade CentOS 5.2 to 5.3 without reinstalling? Perhaps via Yum? Or
> can you get update RPMs?

Once CentOS 5.3 is released, you can just type "yum upgrade" and you will 
be upgraded from CentOS 5.2 to CentOS 5.3.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Old Small Box

[Morten Torstensen]

Ross Walker wrote:
> Well the only reason /boot isn't possible in LVM is because grub can't
> of yet handle reading LVM volumes. As soon as it can though, there will
> be no need for a separate /boot.

Then we just need BIOS support to boot from LVM, and we can create the 
PV on /dev/sda and never care about the old partitions anymore. 
Everything should be in LVM for ease of management.

-- 

//Morten Torstensen
//Email: mor...@mortent.org
//IM: morten.torsten...@gmail.com

I can't listen to that much Wagner. I start getting the urge to conquer 
Poland.
-- Woody Allen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Upgrade to 5.3?

[James Bensley]

Great!

Thanks for that I thought it was probably possible!

Thanks Barry, that's greatly appreciated!

2009/1/27 Barry Brimer :
>> I'm not that up on CentOS so I'd be curious to know if it is possible
>> to upgrade CentOS 5.2 to 5.3 without reinstalling? Perhaps via Yum? Or
>> can you get update RPMs?
>
> Once CentOS 5.3 is released, you can just type "yum upgrade" and you will
> be upgraded from CentOS 5.2 to CentOS 5.3.
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>



-- 
-BEGIN GEEK CODE BLOCK-
  Version: 3.1
GIT/MU/U dpu s: a--> C++>$ U+> L++> B-> P+> E?> W+++>$ N K W++ O M++>$ V-
PS+++ PE++ Y+ PGP t 5 X+ R- tv+ b+> DI D+++ G+ e(+) h--(++) r++ z++
--END GEEK CODE BLOCK--
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] yum problem

[James Bensley]

Can you surf the web ok? Is it a DNS resolution problem, 'Temporary
failure in name resolution' ?

Have you tried another mirror?


-BEGIN GEEK CODE BLOCK-
  Version: 3.1
GIT/MU/U dpu s: a--> C++>$ U+> L++> B-> P+> E?> W+++>$ N K W++ O M++>$ V-
PS+++ PE++ Y+ PGP t 5 X+ R- tv+ b+> DI D+++ G+ e(+) h--(++) r++ z++
--END GEEK CODE BLOCK--
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] yum problem

[Mad Unix]

Hi all

Am trying to update my system Cento

r...@king Tue Jan 27 ~ $ yum update
Loading "fastestmirror" plugin
Determining fastest mirrors
Could not retrieve mirrorlist
http://mirrorlist.centos.org/?release=5&arch=x86_64&repo=os error was
[Errno 4] IOError: 
Error: Cannot find a valid baseurl for repo: base

r...@king Tue Jan 27 ~ $ uname -a
Linux king 2.6.18-92.1.10.el5 #1 SMP Tue Aug 5 07:42:41 EDT 2008
x86_64 x86_64 x86_64 GNU/Linux


Thanks
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos