Re: [CentOS] Xen cpu requirements

2010-07-19 Thread Pasi Kärkkäinen 
On Wed, Jul 14, 2010 at 02:12:52PM -0500, David Dyer-Bennet wrote:
> 
> On Wed, July 14, 2010 14:09, Brian Mathis wrote:
> 
> > Are you checking the stats from inside the dom0 or a domU?  What's the
> > output of 'uname -a'?
> 
> In dom0; I haven't gone ahead creating domUs yet, until I'm sure I've got
> the dom0 right.
> 
> [local...@prcapp00 ~]$ uname -a
> Linux prcapp00.pinerivercapital.local 2.6.18-194.8.1.el5.centos.plusxen #1
> SMP Wed Jul 7 12:25:41 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
> 
> I ran a yum update after installing from the DVDs I had from a week or two
> ago, and have rebooted since that update (there wasn't a new kernel in the
> update).
> 

Please run "xm info". Do you see "hvm" entries in the caps? 
Also please run "xm dmesg" and search for HVM and/or VMX.

Dom0 Linux doesn't see VMX flag because Xen hypervisor (xen.gz) is using it..

-- Pasi

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Paravirtualized Centos 5.5 guest under Xen

2010-07-19 Thread Pasi Kärkkäinen 
On Thu, Jul 15, 2010 at 10:42:44AM -0500, David Dyer-Bennet wrote:
> The virtualization manual doesn't seem to say; does one have to do
> anything to get the Centos 5.5 paravirtualization drivers installed? Or is
> it sufficient to specify a paravirtualized guest, and the Centos install
> will then detect that and load the right things?
> 
> And, is there a way to check in the guest that the right drivers are
> loaded? What are they?
> 

If you have a Xen PV (paravirtualized) guest, then it's already using 
optimized/paravirtualized drivers. No additional drivers needed. 
The Xen PV guest kernel is automatically aware of the hypervisor.

Additional PV drivers are needed for Xen HVM (fully virtualized) guests,
to bypass the Xen (Qemu) emulated IDE/NIC devices.

-- Pasi

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] xm console -- what should I get?

2010-07-19 Thread Pasi Kärkkäinen 
On Fri, Jul 16, 2010 at 08:35:36AM -0700, Gordon Messmer wrote:
> On 07/16/2010 05:06 AM, Theo Band wrote:
> > It works for para-virtualized guests (with xen kernel) not for
> > fully-virtualized ones.
> 
> For fully-virtualized guests, make sure the guest definition contains:
> 
>
>  
>
>
>  
>
> 
> If you add this, you'll need to redefine the guest, then shut it down 
> completely ("poweroff" the guest, not reboot).
> 
> # virsh define /etc/libvirt/qemu/guest.xml
> 
> Once a serial console is defined in the guest, set up grub.  Edit 
> /boot/grub/grub.conf and replace the timeout, splashimage, and 
> hiddenmenu lines with:
> 
> timeout=5
> serial --unit=0 --speed=115200 --word=8 --parity=no --stop=1
> terminal --timeout=5 serial console
> 
> Make sure all of the "kernel" lines contain a serial console arg:
> 
>  kernel /boot/vmlinuz-... ro root=LABEL=/ console=ttyS0,115200
> 
> And finally make sure that /etc/inittab starts a getty on the serial 
> console:
> 
> s0:2345:respawn:/sbin/agetty -L 115200 ttyS0 vt100
> 
> The last three are the same steps you'd take to set up a machine with a 
> physical serial console.
>

Also there's an entry about setting up the "xm console" serial console 
for Xen HVM guests at:
http://wiki.xensource.com/xenwiki/XenCommonProblems

-- Pasi

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] www.centos.org - SSL Cert Expired - CSS fubar'd

2010-07-19 Thread Mike Putnam 
Hi All,

I hadn't seen mention of it on the mailing list yet so I thought I'd
post it.

It seems the wildcard SSL cert for *.centos.org has expired.  Since
the www.centos.org stuff references its CSS via the http[S] urls, the
CSS and images are now missing from http://www.centos.org/

"The certificate expired on 7/16/2010 7:23 PM."

Mike
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] www.centos.org - SSL Cert Expired - CSS fubar'd

2010-07-19 Thread Garry.Dale 
On Mon, Jul 19, 2010 at 6:57 AM, Mike Putnam  wrote:
> It seems the wildcard SSL cert for *.centos.org has expired.  Since
> the www.centos.org stuff references its CSS via the http[S] urls, the
> CSS and images are now missing from http://www.centos.org/

Hi. I went ahead and reported this under the website category in Bug
Tracker, id=4447.

gd
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread Todd Denniston 
Rudi Ahlers wrote, On 07/16/2010 02:56 AM:
> On Thu, Jul 15, 2010 at 10:06 PM, David Dyer-Bennet  wrote:
>> My dom0 /var/log/messages doesn't have anything on assignments to guests.
>> bs004 (ID 9), for example, currently has 192.168.1.143, but there's
>> nothing about that IP in dom0 /var/log/messages.
>>

is the dom0 a static IP or a static DNS name?
If dom0 is static in some way, how about having the syslogs on all the domUs 
setup to all send their
logs to the dom0?
You might have to use logger(1) on boot (rc.local?) to add a message that will 
help you distinguish
between the different hosts.

-- 
Todd Denniston
Crane Division, Naval Surface Warfare Center (NSWC Crane)
Harnessing the Power of Technology for the Warfighter
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread m . roth 
Jay Leafey wrote:
> JohnS wrote:
>>
 && Why you scrub the MACS?
>>> Sheer paranoia and long-standing habit.
>>
>> Elaborate, you that paranoid?  Over paranoid gets you faster than
>> scrubing MACs.  I would worry about, does my router have holes in it?
>> Plus let your MAC fly on the wireless network.  I let my neighbor
>> connect to mine, they can't afford the internet.  One caveat, all they
>> have is net access.
>>
>
> Back in the mists of time, when I was working with VAXen and DECnet
> Phase IV, the general practice in our shop was to be careful about
> making MAC addresses generally known.  Seems a quaint habit considering
> the network today, but old habits are sometimes hard to break... and
> they are not always a bad thing!

Yep.
>
> As far as the security of my home network goes, I get a giggle every
> time I scan for wireless networks at home.  Mine is the ONLY network
> that I can reach that is encrypted.

Please - I've enabled WPA, whatever I can, on my ladyfriend's FIOS, and my
own DSL, and push everyone else. It boggles my mind when I look for
wireless networks in a residential neighborhood, and see so many that are
just *open*.
>
> As far as paranoia goes, one of my mentors once told me that a mild
> degree was a useful attribute for a system administrator.  It tends to
> make one spend more time thinking about what CAN go wrong, which is
> great if you actually put the results into practice.

A buddy of mine, who was the sr. systems and network admin I worked with
10 years ago, used to say he was professionally paid to be paranoid.

 mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread Benjamin Franz 
On 07/19/2010 07:09 AM, m.r...@5-cent.us wrote:
> Jay Leafey wrote:
>
>> As far as paranoia goes, one of my mentors once told me that a mild
>> degree was a useful attribute for a system administrator.  It tends to
>> make one spend more time thinking about what CAN go wrong, which is
>> great if you actually put the results into practice.
>>  
> A buddy of mine, who was the sr. systems and network admin I worked with
> 10 years ago, used to say he was professionally paid to be paranoid.
>
>   mark
>

'The question is not "Am I paranoid?", it is "Am I paranoid *enough*?"'

It's an old sysadmin adage.

-- 
Benjamin Franz
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread m . roth 
David Dyer-Bennet wrote:
> On 16-Jul-10 19:17, Kahlil Hodgson wrote:
>> On 07/17/2010 12:39 AM, David Dyer-Bennet wrote:
>>> The domU got it's ip from the corporate DHCP server, which is what I
>>> intended (that's why I'm running bridged, I'm using virtual servers to
>>> separate functions while conserving physical boxes, so I want them to
>>> present as separate systems to users on the network).
>>
>> An alternative, if you have some control over the DHCP server, might be
>> to enforce a mapping of MAC addresses to IPs.  You can pretty much set
>> you guest MAC addresses to whatever you want so long as they don't
>> conflict with anything else.
>
> In the long run, they'll be static; but at the moment the permanent IPs
> haven't been assigned, and I'm just letting them pick something up via
> corporate DHCP (to avoid conflicting with anything else on the network).
>   It's at this early experimental stage that it'd be handy to find out
> externally what they ended up being.

Haven't really been following this thread, but why not set the guests VMs
up with 192.168 IPs, and let the host serve DHCP with masquerading to
them?

   mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread Stephen Harris 
On Mon, Jul 19, 2010 at 10:09:37AM -0400, m.r...@5-cent.us wrote:
> Jay Leafey wrote:

> > As far as paranoia goes, one of my mentors once told me that a mild
> > degree was a useful attribute for a system administrator.  It tends to
> > make one spend more time thinking about what CAN go wrong, which is
> > great if you actually put the results into practice.
> 
> A buddy of mine, who was the sr. systems and network admin I worked with
> 10 years ago, used to say he was professionally paid to be paranoid.

Reasonable paranoia is good; excessive paranoia is prohibitive and
results in the computer being locked in a steel box, covered in cement
and dropped into the middle of the ocean.

The security professional balances paranoia with practicality and
usability.

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] kernel mod compilation frustration

2010-07-19 Thread m . roth 
I want to add a sleep() to a module. It tells me it can't find ;
if I tell it "/usr/include/time.h", it gives me a ton of errors (I *have*
put the #include just above where I call sleep, not up at the top).

Any clues as to what I'm doing wrong? With kernel
/vmlinuz-2.6.18-194.3.1.el5, I just added the line
extern unsigned int sleep( unsigned int seconds );
and everything was wonderful; with the current kernel, it complains sleep
is undefined.

??
   mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] GFS performance issue

2010-07-19 Thread Fred Wittekind 
 Two web servers, both virtualized with CentOS Xen servers as host
(residing on two different physical servers). 
GFS used to store home directories containing web document roots.

Shared block device used by GFS is an ISCSI target with the ISCSI
initiator residing on the Dom-0, and presented to Dom-U webservers as
drives.
Also, providing a second shared block device for quorum disk.

If I hit the web site on just one of the nodes, it behaves as expected. 
If I try to load the websites from both nodes at the same time (two web
browser instances), the load average on both nodes spikes, and page
loads very slowly.  The site I am trying to host is very high traffic,
and if the servers can be nearly brought to there knees with two web
browser instances running on a single workstation, that's not going to work.

I am not seeing any error messages in the logs regarding the cluster.

Any help or suggestions on how to troubleshoot this issue would be
greatly appreciated.


[r...@www3 www]# find ./ | wc -l
64815

[r...@www3 www]# gfs2_tool df /home/www
/home/www:
  SB lock proto = "lock_dlm"
  SB lock table = "Web:homewww"
  SB ondisk format = 1801
  SB multihost format = 1900
  Block size = 4096
  Journals = 2
  Resource Groups = 316
  Mounted lock proto = "lock_dlm"
  Mounted lock table = "Web:homewww"
  Mounted host data = "jid=1:id=393217:first=0"
  Journal number = 1
  Lock module flags = 0
  Local flocks = FALSE
  Local caching = FALSE

  Type   Total Blocks   Used BlocksFree Blocksuse%
  
  data   20707148   434723716359911   21%
  inodes 16426386   66475  16359911   0%

[r...@www3 www]# gfs2_tool gettune /home/www
new_files_directio = 0
new_files_jdata = 0
quota_scale = 1.   (1, 1)
logd_secs = 1
recoverd_secs = 60
statfs_quantum = 30
stall_secs = 600
quota_cache_secs = 300
quota_simul_sync = 64
statfs_slow = 0
complain_secs = 10
max_readahead = 262144
quota_quantum = 60
quota_warn_period = 10
jindex_refresh_secs = 60
log_flush_secs = 60
incore_log_blocks = 1024

[r...@www3 www]# cat /etc/cluster/cluster.conf |egrep '(dlm)|(gfs)'




Fred Wittekind
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] redundant networked secure file system recommendation

2010-07-19 Thread Boris Epstein 
Hi all,

We are currently running a NFS-based server centric setup. I would
like to set up something where I can easily have more than one
redundant server, security/authentication (this part seems a little
flaky with NFS, at least did several years ago), with the capability
to easily add/remove servers as necessary, take redundant servers down
for maintenance, etc. Total volume we expect to run on the server side
will be somewhere between 10-30 TB. The servers will most likely be
CentOS machines, the clients mostly Linux machines with some Macs and
possibly Windows (the latter part not that important).

Any insight, thoughts and recommendations will be much appreciated.

Thanks.

Boris.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Desktop Supercomputer

2010-07-19 Thread m . roth 
Would this be of interest?



mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] www.centos.org - SSL Cert Expired - CSS fubar'd

2010-07-19 Thread R P Herrold 
On Mon, 19 Jul 2010, Mike Putnam wrote:

> I hadn't seen mention of it on the mailing list yet so I 
> thought I'd post it.

We are aware of the matter and needed for the weekday to start 
to get to computers holding the needed (and protected) access 
credentials.  As the issue was not disabling except for 
certain limited forum transactions, we did not escalate it as 
worth driving in on a weekend to reach the same credentials

A new PEM certificate countersign has been received and 
distributed, such cross-signing by a registrar in all 
reasonably recent browsers. We will swap it in during 
maintenance regular, probably later today

Thanks for the reports and the bug -- There was an earlier 
infrastructure team bug as well that I filed over the weekend, 
but it is not globally visible, wo we were aware of the 
matter.  But these reports are appreciated  ;)

-- Russ herrold
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Problem with yum

2010-07-19 Thread James B. Byrne 
I am experiencing a problem with yum on one of my CentOS-5.5
systems.  Specifically, on Friday past (July 16), I ran yum update
as root.  Yum displayed all of the outdated packages and asked if I
wanted to proceed.  An answered yes.  This first package downloaded
was nss.  At this point yum simply stopped processing or responding.
 A ctrl-c at the yum session terminal window did not interrupt the
task.  Top did not display any yum processes.

I killed that particular process to regain the console session, but
I had to use -9 because nothing else worked.  Yum continues to
behave in this strange manner.   Any invocation of yum with any
option just stops responding.

Before I manually remove yum and reinstall it using rpm could anyone
provide a clue as to what might be happening here and how it might
be cured.  I found this one entry from yum in the log files:

/var/log/messages.1:Jul 16 00:14:43 gway01 kernel: Out of memory:
Killed process 1380, UID 0, (yum-updatesd-he).

However, this entry occurred some time before I attempted my update
task later that same morning.

I would like to be directly copied on any replies as I am a digest
subscriber.

Sincerely,

-- 
***  E-Mail is NOT a SECURE channel  ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread Les Mikesell 
On 7/19/2010 9:22 AM, m.r...@5-cent.us wrote:
>>
>> In the long run, they'll be static; but at the moment the permanent IPs
>> haven't been assigned, and I'm just letting them pick something up via
>> corporate DHCP (to avoid conflicting with anything else on the network).
>>It's at this early experimental stage that it'd be handy to find out
>> externally what they ended up being.
>
> Haven't really been following this thread, but why not set the guests VMs
> up with 192.168 IPs, and let the host serve DHCP with masquerading to
> them?
>

Has anyone suggested arpwatch yet?  I think it can send you email when a 
new mac/ip appears on the network and would be useful even outside the 
context of virtual machines.

-- 
   Les Mikesell
lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread David Dyer-Bennet 

On Mon, July 19, 2010 12:29, Les Mikesell wrote:
> On 7/19/2010 9:22 AM, m.r...@5-cent.us wrote:
>>>
>>> In the long run, they'll be static; but at the moment the permanent IPs
>>> haven't been assigned, and I'm just letting them pick something up via
>>> corporate DHCP (to avoid conflicting with anything else on the
>>> network).
>>>It's at this early experimental stage that it'd be handy to find out
>>> externally what they ended up being.
>>
>> Haven't really been following this thread, but why not set the guests
>> VMs
>> up with 192.168 IPs, and let the host serve DHCP with masquerading to
>> them?
>>
>
> Has anyone suggested arpwatch yet?  I think it can send you email when a
> new mac/ip appears on the network and would be useful even outside the
> context of virtual machines.

Nobody has previously, that I've noticed anyway.  Thanks, that sounds like
it does just what I'm looking for.

-- 
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread David Dyer-Bennet 

On Mon, July 19, 2010 09:00, Todd Denniston wrote:
> Rudi Ahlers wrote, On 07/16/2010 02:56 AM:
>> On Thu, Jul 15, 2010 at 10:06 PM, David Dyer-Bennet 
>> wrote:
>>> My dom0 /var/log/messages doesn't have anything on assignments to
>>> guests.
>>> bs004 (ID 9), for example, currently has 192.168.1.143, but there's
>>> nothing about that IP in dom0 /var/log/messages.
>>>
>
> is the dom0 a static IP or a static DNS name?
> If dom0 is static in some way, how about having the syslogs on all the
> domUs setup to all send their
> logs to the dom0?
> You might have to use logger(1) on boot (rc.local?) to add a message that
> will help you distinguish
> between the different hosts.

Ah, another good idea.  I had a static IP on the dom0 well before I got
them for the guests, so that would have been useful there, yes.

Thanks!
-- 
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread David Dyer-Bennet 

On Mon, July 19, 2010 09:09, m.r...@5-cent.us wrote:
> Jay Leafey wrote:

>> As far as the security of my home network goes, I get a giggle every
>> time I scan for wireless networks at home.  Mine is the ONLY network
>> that I can reach that is encrypted.
>
> Please - I've enabled WPA, whatever I can, on my ladyfriend's FIOS, and my
> own DSL, and push everyone else. It boggles my mind when I look for
> wireless networks in a residential neighborhood, and see so many that are
> just *open*.

On the other hand, Bruce Schneier does not really agree with you
.

There are two issues I see with wireless network security.

One is that people could use it to compromise your data.  I think this is
an inappropriate worry.  What you should do is configure your systems so
that they don't depend on the security of the network they're attached to.
 This is especially important for laptops -- if you ever take them away
from home and connect to other networks, you *must* secure the *system*,
not the network.  (Bruce spends huge amounts of time away from home, so
this is perhaps more obvious to him than to most people.)

The other is somebody using it to do something that draws unwanted
attention (and possibly is criminal), but not *directly* harmful to you. 
This could indeed cause you annoyance; on the other hand, it's not very
likely.  And they could do the same by hacking into a supposedly secured
system (probably) or otherwise compromising one of your computers.  One of
the biggest risks is probably an RIAA suit; how many people have they sued
(it was 26,000 in 2008 when Bruce's article was written)?  But that's
26,000 out of, it is widely believed, hundreds of millions of downloaders;
not very high odds of being hit.  AND you could still deploy the "some
other dude done it" defense.

It's certainly very handy to have access to wireless when I visit friends,
go to parties, and so forth.  I have an unsecured network of my own at
home that I turn on for parties (fairly small bandwidth).
-- 
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Xen cpu requirements

2010-07-19 Thread David Dyer-Bennet 

On Mon, July 19, 2010 04:38, Pasi Kärkkäinen wrote:
> On Wed, Jul 14, 2010 at 02:12:52PM -0500, David Dyer-Bennet wrote:
>>
>> On Wed, July 14, 2010 14:09, Brian Mathis wrote:
>>
>> > Are you checking the stats from inside the dom0 or a domU?  What's the
>> > output of 'uname -a'?
>>
>> In dom0; I haven't gone ahead creating domUs yet, until I'm sure I've
>> got
>> the dom0 right.
>>
>> [local...@prcapp00 ~]$ uname -a
>> Linux prcapp00.pinerivercapital.local 2.6.18-194.8.1.el5.centos.plusxen
>> #1
>> SMP Wed Jul 7 12:25:41 EDT 2010 x86_64 x86_64 x86_64 GNU/Linux
>>
>> I ran a yum update after installing from the DVDs I had from a week or
>> two
>> ago, and have rebooted since that update (there wasn't a new kernel in
>> the
>> update).
>>
>
> Please run "xm info". Do you see "hvm" entries in the caps?
> Also please run "xm dmesg" and search for HVM and/or VMX.
>
> Dom0 Linux doesn't see VMX flag because Xen hypervisor (xen.gz) is using
> it..

Yes, thanks (somebody had pointed this out last week, too).  There was a
reference to VMX in xm dmesg, which let us convince ourselves that it was
properly configured.
-- 
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread David Dyer-Bennet 

On Sun, July 18, 2010 20:54, Kahlil Hodgson wrote:
> On 18/07/10 12:04, David Dyer-Bennet wrote:
>>> An alternative, if you have some control over the DHCP server, might be
>>> to enforce a mapping of MAC addresses to IPs.  You can pretty much set
>>> you guest MAC addresses to whatever you want so long as they don't
>>> conflict with anything else.
>>
>> In the long run, they'll be static; but at the moment the permanent IPs
>> haven't been assigned, and I'm just letting them pick something up via
>> corporate DHCP (to avoid conflicting with anything else on the network).
>>   It's at this early experimental stage that it'd be handy to find out
>> externally what they ended up being.
>
> As a quick hack, while you experiment, you could just get the guest to
> send you an email on boot with its current IP.  Say, by putting the
> following at the end of your /etc/rc.local
>
> /sbin/ip ad | /bin/mailx -s "IP details for `hostname`" 

Good hack, should have thought of that!  Thanks.
-- 
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread m . roth 
Les Mikesell wrote:
> On 7/19/2010 9:22 AM, m.r...@5-cent.us wrote:
>>>
>>> In the long run, they'll be static; but at the moment the permanent IPs
>>> haven't been assigned, and I'm just letting them pick something up via
>>> corporate DHCP (to avoid conflicting with anything else on the
>>> network).
>
>> Haven't really been following this thread, but why not set the guests
>> VMs up with 192.168 IPs, and let the host serve DHCP with masquerading to
>> them?
>
> Has anyone suggested arpwatch yet?  I think it can send you email when a
> new mac/ip appears on the network and would be useful even outside the
> context of virtual machines.

 Good suggestion, Mike (he says, having just gotten an
arpwatch email)

  mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread m . roth 
David Dyer-Bennet wrote:
>
> On Mon, July 19, 2010 09:09, m.r...@5-cent.us wrote:
>> Jay Leafey wrote:
>
>>> As far as the security of my home network goes, I get a giggle every
>>> time I scan for wireless networks at home.  Mine is the ONLY network
>>> that I can reach that is encrypted.
>>
>> Please - I've enabled WPA, whatever I can, on my ladyfriend's FIOS, and
>> my own DSL, and push everyone else. It boggles my mind when I look for
>> wireless networks in a residential neighborhood, and see so many that
>> are just *open*.
>
> On the other hand, Bruce Schneier does not really agree with you
> .

Yeah, well, I'll talk to Bruce, next time he shows up at a con I'm at.
I've *had* my IP blocked, and that was by, what, DNSORBS, or what was his
name's thing, and what got blocked was the range of my ISP's range for the
city. I also *do* worry about someone I know sending out crap having
forged my email address, so, yeah, there's a lot of small-time nastiness
out there, and so I *do* secure it as best I can.

I ought to email him, and see if he still feels that way.
>
> There are two issues I see with wireless network security.

> It's certainly very handy to have access to wireless when I visit friends,
> go to parties, and so forth.  I have an unsecured network of my own at
> home that I turn on for parties (fairly small bandwidth).

Right. If I trust someone to come over who wants to use a laptop/netbook,
I trust 'em enough to hand them the WPA key. I *don't* trust a wardriver
at all.

  mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Finding DHCP IP of guest system

2010-07-19 Thread David Dyer-Bennet 

On Mon, July 19, 2010 13:39, m.r...@5-cent.us wrote:
> David Dyer-Bennet wrote:
>>
>> On Mon, July 19, 2010 09:09, m.r...@5-cent.us wrote:
>>> Jay Leafey wrote:
>>
 As far as the security of my home network goes, I get a giggle every
 time I scan for wireless networks at home.  Mine is the ONLY network
 that I can reach that is encrypted.
>>>
>>> Please - I've enabled WPA, whatever I can, on my ladyfriend's FIOS, and
>>> my own DSL, and push everyone else. It boggles my mind when I look for
>>> wireless networks in a residential neighborhood, and see so many that
>>> are just *open*.
>>
>> On the other hand, Bruce Schneier does not really agree with you
>> .
>
> Yeah, well, I'll talk to Bruce, next time he shows up at a con I'm at.
> I've *had* my IP blocked, and that was by, what, DNSORBS, or what was his
> name's thing, and what got blocked was the range of my ISP's range for the
> city. I also *do* worry about someone I know sending out crap having
> forged my email address, so, yeah, there's a lot of small-time nastiness
> out there, and so I *do* secure it as best I can.
>
> I ought to email him, and see if he still feels that way.

He still did last time we talked about it, which wasn't too many months
ago.  Although some of the potential legal nastiness, particular if it's
done deliberately as a frame rather than just exploiting the open
bandwidth, does seem to be starting to worry him just a little.  (Also
he's in the position of being a more likely potential target for such
things than most of us.)

>> There are two issues I see with wireless network security.
> 
>> It's certainly very handy to have access to wireless when I visit
>> friends,
>> go to parties, and so forth.  I have an unsecured network of my own at
>> home that I turn on for parties (fairly small bandwidth).
>
> Right. If I trust someone to come over who wants to use a laptop/netbook,
> I trust 'em enough to hand them the WPA key. I *don't* trust a wardriver
> at all.

Trouble is, a good key is enough trouble to type in that lots of people
don't get it right, so there's *support* work too. So my party network is
open.

Maybe I should load it onto a thumb drive to pass around; though that
wouldn't help people like me that might want it on a smartphone or tablet
(mini-tabled, Nokia N800 in my case) that doesn't read USB drives.  But it
at least covers the laptop people.
-- 
David Dyer-Bennet, d...@dd-b.net; http://dd-b.net/
Snapshots: http://dd-b.net/dd-b/SnapshotAlbum/data/
Photos: http://dd-b.net/photography/gallery/
Dragaera: http://dragaera.info

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem with yum

2010-07-19 Thread Bowie Bailey 
 On 7/19/2010 1:00 PM, James B. Byrne wrote:
> I am experiencing a problem with yum on one of my CentOS-5.5
> systems.  Specifically, on Friday past (July 16), I ran yum update
> as root.  Yum displayed all of the outdated packages and asked if I
> wanted to proceed.  An answered yes.  This first package downloaded
> was nss.  At this point yum simply stopped processing or responding.
>  A ctrl-c at the yum session terminal window did not interrupt the
> task.  Top did not display any yum processes.
>
> I killed that particular process to regain the console session, but
> I had to use -9 because nothing else worked.  Yum continues to
> behave in this strange manner.   Any invocation of yum with any
> option just stops responding.
>
> Before I manually remove yum and reinstall it using rpm could anyone
> provide a clue as to what might be happening here and how it might
> be cured.  I found this one entry from yum in the log files:
>
> /var/log/messages.1:Jul 16 00:14:43 gway01 kernel: Out of memory:
> Killed process 1380, UID 0, (yum-updatesd-he).
>
> However, this entry occurred some time before I attempted my update
> task later that same morning.
>
> I would like to be directly copied on any replies as I am a digest
> subscriber.

My first attempt would be to do a "yum clean all" and then try it again.

-- 
Bowie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem with yum

2010-07-19 Thread James Hogarth 
With the kernel logging an out of memory error? My first instinct would be
to check free to see the status of RAM and swap and perhaps end unnecessary
processes..

James

Sent from Android mobile

On 19 Jul 2010 20:18, "Bowie Bailey"  wrote:
> On 7/19/2010 1:00 PM, James B. Byrne wrote:
>> I am experiencing a problem with yum on one of my CentOS-5.5
>> systems. Specifically, on Friday past (July 16), I ran yum update
>> as root. Yum displayed all of the outdated packages and asked if I
>> wanted to proceed. An answered yes. This first package downloaded
>> was nss. At this point yum simply stopped processing or responding.
>> A ctrl-c at the yum session terminal window did not interrupt the
>> task. Top did not display any yum processes.
>>
>> I killed that particular process to regain the console session, but
>> I had to use -9 because nothing else worked. Yum continues to
>> behave in this strange manner. Any invocation of yum with any
>> option just stops responding.
>>
>> Before I manually remove yum and reinstall it using rpm could anyone
>> provide a clue as to what might be happening here and how it might
>> be cured. I found this one entry from yum in the log files:
>>
>> /var/log/messages.1:Jul 16 00:14:43 gway01 kernel: Out of memory:
>> Killed process 1380, UID 0, (yum-updatesd-he).
>>
>> However, this entry occurred some time before I attempted my update
>> task later that same morning.
>>
>> I would like to be directly copied on any replies as I am a digest
>> subscriber.
>
> My first attempt would be to do a "yum clean all" and then try it again.
>
> --
> Bowie
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Problem with yum

2010-07-19 Thread Bowie Bailey 
 On 7/19/2010 4:00 PM, James Hogarth wrote:
>
> With the kernel logging an out of memory error? My first instinct
> would be to check free to see the status of RAM and swap and perhaps
> end unnecessary processes..
>
> James
>
> Sent from Android mobile
>
> On 19 Jul 2010 20:18, "Bowie Bailey"  > wrote:
> > On 7/19/2010 1:00 PM, James B. Byrne wrote:
> >> I am experiencing a problem with yum on one of my CentOS-5.5
> >> systems. Specifically, on Friday past (July 16), I ran yum update
> >> as root. Yum displayed all of the outdated packages and asked if I
> >> wanted to proceed. An answered yes. This first package downloaded
> >> was nss. At this point yum simply stopped processing or responding.
> >> A ctrl-c at the yum session terminal window did not interrupt the
> >> task. Top did not display any yum processes.
> >>
> >> I killed that particular process to regain the console session, but
> >> I had to use -9 because nothing else worked. Yum continues to
> >> behave in this strange manner. Any invocation of yum with any
> >> option just stops responding.
> >>
> >> Before I manually remove yum and reinstall it using rpm could anyone
> >> provide a clue as to what might be happening here and how it might
> >> be cured. I found this one entry from yum in the log files:
> >>
> >> /var/log/messages.1:Jul 16 00:14:43 gway01 kernel: Out of memory:
> >> Killed process 1380, UID 0, (yum-updatesd-he).
> >>
> >> However, this entry occurred some time before I attempted my update
> >> task later that same morning.
> >>
> >> I would like to be directly copied on any replies as I am a digest
> >> subscriber.
> >
> > My first attempt would be to do a "yum clean all" and then try it again.
>
> With the kernel logging an out of memory error? My first instinct
> would be to check free to see the status of RAM and swap and perhaps
> end unnecessary processes..
>

Ahh...  I must have missed that.

So if memory is the problem, then check your RAM as James suggested. 
Run 'free' and see how much free memory you have.

On the other hand, it's still a good idea to clean out yum's databases
from time to time.

-- 
Bowie
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Want MySQL source rpms pertinent to CentOS 5.4; what packages should I request via yum?

2010-07-19 Thread Kenneth Wolcott 
Hi;

I want MySQL source rpms pertinent to CentOS 5.4; what packages should I
request via yum?

I first went to mysql.org but I could not find (perhaps I am blind) any
MySQL source tarballs or rpms, only binary rpms.

I would like to compile MySQL from source.

BTW, what happened to centos.org?  When using Firefox or Chrome it looks
like it is text-only as if I were visiting it with lynx!

Thanks in advance for pointers/advice towards answering a very lame
question.

Ken Wolcott
kennethwolc...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Want MySQL source rpms pertinent to CentOS 5.4; what packages should I request via yum?

2010-07-19 Thread Kenneth Wolcott 
On Mon, Jul 19, 2010 at 14:44, Kenneth Wolcott wrote:

> Hi;
>
> I want MySQL source rpms pertinent to CentOS 5.4; what packages should I
> request via yum?
>
> I first went to mysql.org but I could not find (perhaps I am blind) any
> MySQL source tarballs or rpms, only binary rpms.
>
> I would like to compile MySQL from source.
>
> BTW, what happened to centos.org?  When using Firefox or Chrome it looks
> like it is text-only as if I were visiting it with lynx!
>
> Thanks in advance for pointers/advice towards answering a very lame
> question.
>
> Ken Wolcott
> kennethwolc...@gmail.com
>

It looks like the CentOS web site looks like it used to look now; I wonder
what happened?

Ken Wolcott
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Want MySQL source rpms pertinent to CentOS 5.4; what packages should I request via yum?

2010-07-19 Thread Markus Falb 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 19/07/2010 23:44, Kenneth Wolcott wrote:
> Hi;
> 
> I want MySQL source rpms pertinent to CentOS 5.4; what packages should I
> request via yum?
> 
> I first went to mysql.org  but I could not find
> (perhaps I am blind) any MySQL source tarballs or rpms, only binary rpms.
> 


I believe if your yum is appropiatly configured centos 5.4 you could
install yum-utils and do something like the following or similar:

#$ yumdownloader --source mysql-server
#$ rpm -ivhp just-downloaded-rpm

Or you could also browse http://mirror.centos.org/ for the source rpm

But if you insist and dont want the source for the very mysql provided
by centos 5.4 you could browse mysql.com (or org maybe):

http://www.mysql.com/downloads/mysql
not too far from the top is a drop down box - select "source code" and
that will lead to sources.

- -- 
Regards, Markus
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxE4DUACgkQYoWFBIJE9eXX0wCgj7Lxwv63R61ARsbHKTeDK2Ug
gbYAniYyOBauSFC+uKPjSTASLheItJLU
=6Z20
-END PGP SIGNATURE-

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Want MySQL source rpms pertinent to CentOS 5.4; what packages should I request via yum?

2010-07-19 Thread Markus Falb 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

On 20/07/2010 00:10, Kenneth Wolcott wrote:

> It looks like the CentOS web site looks like it used to look now; I
> wonder what happened?

maybe http://bugs.centos.org/view.php?id=4447

- -- 
Regards, Markus
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxE4RUACgkQYoWFBIJE9eUK7QCfTKu4f36xmX7fVNfThSqFNYJw
0YIAnA6y3XVXVjQIeP5+qIiuJmw6CoXR
=jVUI
-END PGP SIGNATURE-

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] acl and chmod interaction

2010-07-19 Thread Markus Falb 
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

#$ setfacl -m u:mf:r bla
#$ getfacl bla
# file: bla
# owner: root
# group: root
user::rw-
user:mf:r--
group::r--
mask::r--
other::r--

It is readable by mf like intended.

#$ chmod go-rwx bla
#$ getfacl bla
# file: bla
# owner: root
# group: root
user::rw-
user:mf:r-- #effective:---
group::r--  #effective:---
mask::---
other::---

It is not readable no more by mf which was not intended.
Obviously the mask:: is cleared, but why ? OTOH group::r ?

Confused am i

- -- 
Regards,
markus
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.10 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAkxE6wEACgkQYoWFBIJE9eVXMwCfRWhN2OKvi4WyJUumB7leuCGY
v3UAoIEAzpq+m96IQeilRIXSAdNEU6km
=FOj6
-END PGP SIGNATURE-

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Audio fails on centos 5.5 sony laptop - snd-hda-intel

2010-07-19 Thread Rob Kampen 

Rob Kampen wrote:
Hi List, been chasing my tail for the last two hours and getting 
nowhere on my wifes laptop.
I only do updates monthly on her machine, as it is safely behind 
firewalls and only does email and browser stuff.
I have never had audio problems on this laptop, Centos just worked 
from day one - even the wireless.


It appears that the 5.5 kernels and related audio driver snd-hda-intel 
do not function.

If I reboot into 2.6.18-164.15.1.el5.centos.plus all is well.
$ cat /proc/asound/cards
0 [Intel  ]: HDA-Intel - HDA Intel
 HDA Intel at 0x8000 irq 169
1 [U0x46d0x804]: USB-Audio - USB Device 0x46d:0x804
 USB Device 0x46d:0x804 at usb-:00:1d.7-3, 
high speed


Neither 2.6.18-194.3.1.el5.centos.plus or 
2.6.18-194.8.1.el5.centos.plus have functioning sound.

on these kernels I get
$ cat /proc/asound/cards
0 [U0x46d0x804]: USB-Audio - USB Device 0x46d:0x804
 USB Device 0x46d:0x804 at usb-:00:1d.7-3, 
high speed


yet lsmod shows

snd_hda_intel 472337  0
snd_seq_dummy   7877  0
snd_seq_oss32577  0
snd_seq_midi_event 11073  1 snd_seq_oss
snd_seq49585  5 
snd_seq_dummy,snd_seq_oss,snd_seq_midi_event

snd_pcm_oss42817  0
snd_usb_audio  77761  2
snd_mixer_oss  19009  1 snd_pcm_oss
snd_pcm72133  3 snd_hda_intel,snd_pcm_oss,snd_usb_audio
snd_usb_lib19137  1 snd_usb_audio
snd_rawmidi26561  1 snd_usb_lib
snd_timer  24517  2 snd_seq,snd_pcm
snd_page_alloc 14281  2 snd_hda_intel,snd_pcm
snd_seq_device 11725  4 
snd_seq_dummy,snd_seq_oss,snd_seq,snd_rawmidi

snd_hwdep  12869  2 snd_hda_intel,snd_usb_audio
snd55749  15 
snd_hda_intel,snd_seq_oss,snd_seq,snd_pcm_oss,snd_usb_audio,snd_mixer_oss,snd_pcm,snd_rawmidi,snd_timer,snd_seq_device,snd_hwdep 


soundcore  11553  1 snd

So I remembered the bug rh introduced with the 194 kernels and nvidia 
chipsets (not my case but I'm desperate) and added the enable_msi=0 so 
that my modprobe.conf is now


options snd cards_limit=8
alias snd-card-0 snd-hda-intel
options snd-hda-intel index=0 enable_msi=0

but it still will not work.

I am getting frustrated at the retrograde steps that seem to be 
hitting kernel and 5.x upgrades lately.
yum update used to just work, get me the latest patches and all was 
well - after all that is why I use Centos.


I have tried modprobe -r to remove and reload module but to no avail.
Anyone have any ideas as to what I try next?
Google has not given me any ideas yet.
TIA

Still no joy - I am at a loss to know what to check - if I boot a 194 
kernel no sound, 164 kernel is fine - why the regression?
Same configs, same modules loaded but now no sound - what can I check to 
determine problem and find a solution?

no errors in logs or dmesg

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
  


<>___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] RDAC for IBM DS4700

2010-07-19 Thread Wahyu Darmawan 
Hi all,



I have problem with my servers. I use two of HP Blade Servers and RHEL 4.6
installed on them, and have IBM DS4700 connected to them.

In those servers are running RHCS (Red Hat Cluster Suite) with GFS for
handling Oracle Database.

Yesterday, I had missing one partition from the storage, suddenly. I called
IBM and they suggested to use RDAC.

The question is, Why should use IBM RDAC for multipath on RHEL 4, and why HP
Blade + HP EVA Storage don't use any addition plugins software to keep
server + storage connection?

I appreciate for some reasons by all of you.

Thank you.



Regards,

Wahyu
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] RDAC for IBM DS4700

2010-07-19 Thread Jim Perrin 
On Mon, Jul 19, 2010 at 11:13 PM, Wahyu Darmawan
 wrote:
> Hi all,
>
>
>
> I have problem with my servers. I use two of HP Blade Servers and RHEL 4.6
> installed on them, and have IBM DS4700 connected to them.
>
> In those servers are running RHCS (Red Hat Cluster Suite) with GFS for
> handling Oracle Database.
>
> Yesterday, I had missing one partition from the storage, suddenly. I called
> IBM and they suggested to use RDAC.

They suggest this because it's what they're familiar with and what
they support.

> The question is, Why should use IBM RDAC for multipath on RHEL 4, and why HP
> Blade + HP EVA Storage don't use any addition plugins software to keep
> server + storage connection?

I'm not sure if the dm-multipath in centos4 is recent enough, but in
centos5 you don't need to use the rdac stuff at all. You can simply
configure the ds4700 using the rhel device-mapper-multipath package
and a couple modifications in the file for wwid and other bits. You
might check into see if this is the case for centos4 as well. We have
a DS4700 as well though with IBM blades, and the mpp (rdac) drivers
are a royal PITA when it comes to updating the kernel. I would look to
see if this blog post helps you ->
http://www.bofh-hunter.com/2009/09/02/dm-multipath-and-the-ds4700/





-- 
During times of universal deceit, telling the truth becomes a revolutionary act.
George Orwell
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] freetype bytecode interpreter

2010-07-19 Thread Frank Cox 
It may yet be too early to get a definite answer about this, but I'm
wondering what the status of the formerly patented bytecode interpreter
in freetype will be in RHEL/Centos 6 and possibly future updates to
RHEL/Centos 5.

The patent on the technology has apparently now expired.
http://freetype.sourceforge.net/patents.html and
http://apple.slashdot.org/story/10/07/19/1524250/FreeType-Project-Cheers-TrueType-Patent-Expiration

Effective with freetype 2.4 the technology will enabled by default at
the freetype website.  I just checked and the version in the RHEL 6 beta
appears to be 2.3.11


-- 
MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos