Re: [CentOS] How to install PHP PEAR stuff best?
Maybe I should just copy gChartPhp's files here: # ls GChartPhp/PEAR/ gBarChart.phpgMapChart.phpgScatterChart.php gChart.php gMeterChart.php gStackedBarChart.php gConcentricPieChart.php gOverlappedBarChart.php gVennDiagram.php gFormula.php gPie3DChart.php utility.php gGroupedBarChart.php gPieChart.php gLineChart.php gQRCode.php into /usr/share/pear/PEAR? With perl I install additional modules (those which aren't available as rpm's yet) easily with "perl -MCpan -e shell" But with PHP stuff I'm lost. I'm not sure if I can just copy files into /usr/share/pear without updating some housekeeping files... Regards Alex ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install PHP PEAR stuff best?
Alexander Farber wrote on Fri, 26 Nov 2010 11:09:09 +0100: > Maybe I should just copy gChartPhp's files here: I don't quite understand your whole question. What has this to do with PEAR? It's not a PEAR package, it's a library that's hosted on code.google.com. Kai -- Get your web at Conactive Internet Services: http://www.conactive.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] good shell script examples?
On Wednesday 17 Nov 2010 07:47:17 洪 川 wrote:
> #!/bin/bash
>
>
> H="
> 192.168.1.1
> 192.168.1.2
> 192.168.1.3
> 192.168.1.4
> "
>
>
> for i in $H ; do
> expect << -EOF-
> set timeout 2
> spawn scp ${rootidfile} r...@${host}:/tmp/id_file
> expect "d:"
> send "${password}\n"
> expect eof
> spawn ssh ${host}
> expect "d:"
> send "${password}\n"
> expect "#"
> send "mkdir -p /root/.ssh; chmod 700 /root/.ssh\n"
> expect "#"
> send "cat /tmp/id_file >> /root/.ssh/authorized_keys\n"
> expect "#"
> send "rm -f /tmp/id_file; exit\n"
> expect eof
> -EOF-
>
> done
Or have a look at Fabric [1] which deals with SSH, sudo, passwords, etc. and
multiple hosts so it would be a matter of:
@hosts('192.168.1.1', '192.168.1.2', '192.168.1.3', '192.168.1.4')
def some_task():
put('rootidfile', '~/.ssh/authorized_keys')
and run it as:
$ fab -U root some_task
[1] http://fabfile.org/
--
Michael Gliwinski
Henderson Group Information Services
9-11 Hightown Avenue, Newtownabby, BT36 4RT
Phone: 028 9034 3319
**
The information in this email is confidential and may be legally privileged.
It is intended solely for the addressee and access to the email by anyone else
is unauthorised.
If you are not the intended recipient, any disclosure, copying, distribution or
any action taken or omitted to be taken in reliance on it, is prohibited and
may be unlawful.
When addressed to our clients, any opinions or advice contained in this e-mail
are subject to the terms and conditions expressed in the governing client
engagement leter or contract.
If you have received this email in error please notify
supp...@henderson-group.com
John Henderson (Holdings) Ltd
Registered office: 9 Hightown Avenue, Mallusk, County Antrim, Northern Ireland,
BT36 4RT.
Registered in Northern Ireland
Registration Number NI010588
Vat No.: 814 6399 12
*
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install PHP PEAR stuff best?
Hello, On Fri, Nov 26, 2010 at 1:31 PM, Kai Schaetzl wrote: > I don't quite understand your whole question. What has this to do with > PEAR? It's not a PEAR package, it's a library that's hosted on > code.google.com. yes, but it has the subdir called "PEAR" in it... If someone would ask: "how to install a Perl module which is not available as an rpm for CentOS?" Then I would answer: "run perl -MCPAN -e shell and then search module, install module in there" So I've asked here in the hope that someone administering CentOS with many PHP libraries would share his/her tricks in doing so. I'm sorry that it is drifting towards offtopic, I was hoping for a short hint here Regards Alex ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to install PHP PEAR stuff best?
> Hello, > > On Fri, Nov 26, 2010 at 1:31 PM, Kai Schaetzl > wrote: >> I don't quite understand your whole question. What has this to do with >> PEAR? It's not a PEAR package, it's a library that's hosted on >> code.google.com. > > yes, but it has the subdir called "PEAR" in it... > > If someone would ask: > "how to install a Perl module which is not available as an rpm for > CentOS?" > Then I would answer: > "run perl -MCPAN -e shell and then search module, install module in there" The analogon would be "pear install "; see http://pear.php.net/manual/de/faq.users.php But it is discouraged to do so and for the Perl CPAN install way documented and explained why not to run through this. If you really can't get the Pear package you need from CentOS or any 3rd party repository, use your testing and development system to create an RPM your own, using the .spec from a different Pear RPM. You will certainly benefit from this approach in the long run to administrate your systems in the light of security and maintainability. > So I've asked here in the hope that someone administering CentOS > with many PHP libraries would share his/her tricks in doing so. > > I'm sorry that it is drifting towards offtopic, I was hoping for a > short hint here > > Regards > Alex Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Add application to start at booting
On Thu, 25 Nov 2010, Les Mikesell wrote: > To: centos@centos.org > From: Les Mikesell > Subject: Re: [CentOS] Add application to start at booting > > On 11/25/2010 1:32 PM, Johan Scheepers wrote: > >> >> What I was looking for is this.. >> >> System -> Preferences -> More Preferences -> Sessions -> Startup >> Programs -> Add > > Doesn't that start at login rather than boot time? Try /etc/rc.d/rc.local Keith -- In theory, theory and practice are the same; in practice they are not. This email was sent from my laptop with Centos 5.5 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Centos and Bridging
Hello, Presently I am running CentOS release 5.5 (Final). I am looking to setup bridging as I would like to setup some KVM virtual hosts on my system as a test lab. I am following the the instruction at this site > http://tldp.org/HOWTO/BRIDGE-STP-HOWTO/index.html but I cannot figure out where I am going wrong and would be thankful if someone could point me in the right direction. Here is what I have done: Check bridge information with the following: > ~ $ modprobe -v bridge No issues or errors > ~ $ cat /proc/modules | grep bridge > bidge 91889 0 - Live 0x89247000 Check to ensure forwarding is turned on: > ~ $ cat /proc/sys/net/ipv4/ip_forward > 1 Checked that my interface are up and running (Was sure of this but did the check anyway): > ~ $ ifconfig > eth0 Link encap:Ethernet HWaddr 48:5B:39:2A:07:D5 > inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 > inet6 addr: fe80::4a5b:39ff:fe2a:7d5/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:1059 errors:0 dropped:0 overruns:0 frame:0 > TX packets:1080 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:454226 (443.5 KiB) TX bytes:120584 (117.7 KiB) > Interrupt:90 Base address:0x8400 > > loLink encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:92 errors:0 dropped:0 overruns:0 frame:0 > TX packets:92 errors:0 dropped:0 overruns:0 carrier:0[Thu Nov 25 So now I begin to create the bridge form CLI as I want to make sure everything works before committing it to the config: > brctl addbr br0 > ifconfig eth0 down > ifconfig br0 192.168.1.100 up > ifconfig eth0 0.0.0.0 up > route add default gw 192.168.1.254 I check my interfaces and routing: > ~ $ ifconfig > br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 > inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 > inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:0 (0.0 b) TX bytes:398 (398.0 b) > > eth0 Link encap:Ethernet HWaddr 48:5B:39:2A:07:D5 > inet6 addr: fe80::4a5b:39ff:fe2a:7d5/64 Scope:Link > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:64662 errors:0 dropped:0 overruns:0 frame:0 > TX packets:63301 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:17699194 (16.8 MiB) TX bytes:7958063 (7.5 MiB) > Interrupt:90 Base address:0x8400 > > loLink encap:Local Loopback > inet addr:127.0.0.1 Mask:255.0.0.0 > inet6 addr: ::1/128 Scope:Host > UP LOOPBACK RUNNING MTU:16436 Metric:1 > RX packets:211 errors:0 dropped:0 overruns:0 frame:0 > TX packets:211 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:0 > RX bytes:17346 (16.9 KiB) TX bytes:17346 (16.9 KiB) > ~ $ route -n > Kernel IP routing table > Destination Gateway Genmask Flags Metric RefUse Iface > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 br0 > 0.0.0.0 192.168.1.254 0.0.0.0 UG0 00 br0 Time to test if ping works: > ~ $ ping -c3 192.168.1.254 > PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. > ping: sendmsg: Operation not permitted > ping: sendmsg: Operation not permitted > ping: sendmsg: Operation not permitted > > --- 192.168.1.254 ping statistics --- > 3 packets transmitted, 0 received, 100% packet loss, time 2000ms I know the firewall is causing this issue so I stop the firewall: > ~ $ service iptables stop > Flushing firewall rules: [ OK ] > Setting chains to policy ACCEPT: nat filter[ OK ] > Unloading iptables modules:[ OK ] Time to try ping again: > ~ $ ping -c3 192.168.1.254 > PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. > From 192.168.1.100 icmp_seq=1 Destination Host Unreachable > From 192.168.1.100 icmp_seq=2 Destination Host Unreachable > From 192.168.1.100 icmp_seq=3 Destination Host Unreachable > > --- 192.168.1.254 ping statistics --- > 3 packets transmitted, 0 received, +3 errors, 100% packet loss, time 1999ms To back out all I needed to do was: > ifconfig br0 down > brctl delbr br0 > service iptables start > service netowrk restart Everything is back to normal. I cannot figure out what am I missing here? Interfaces and routing look to be setup correctly. Is there something else I need to be
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 2:15 PM, Robert Spangler wrote: > Hello, > > Presently I am running CentOS release 5.5 (Final). I am looking to setup > bridging as I would like to setup some KVM virtual hosts on my system as a > Time to test if ping works: > >> ~ $ ping -c3 192.168.1.254 >> PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. >> ping: sendmsg: Operation not permitted >> ping: sendmsg: Operation not permitted >> ping: sendmsg: Operation not permitted Did you remember to brctl addif the regular interfaces? -- Eduardo Grosclaude Universidad Nacional del Comahue Neuquen, Argentina ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 9:15 AM, Robert Spangler wrote: > Hello, > > Presently I am running CentOS release 5.5 (Final). I am looking to setup > bridging as I would like to setup some KVM virtual hosts on my system as a > test lab. I am following the the instruction at this site > >> http://tldp.org/HOWTO/BRIDGE-STP-HOWTO/index.html (snip) > Everything is back to normal. I cannot figure out what am I missing here? > Interfaces and routing look to be setup correctly. Is there something else I > need to be looking at? I recommend you look at the documentaion available from docs.redhat.com. For setting up bridged networking, see: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/Virtualization/index.html#sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
At Fri, 26 Nov 2010 12:15:51 -0500 CentOS mailing list wrote: > > Hello, > > Presently I am running CentOS release 5.5 (Final). I am looking to setup > bridging as I would like to setup some KVM virtual hosts on my system as a > test lab. I am following the the instruction at this site > > > http://tldp.org/HOWTO/BRIDGE-STP-HOWTO/index.html > > but I cannot figure out where I am going wrong and would be thankful if > someone could point me in the right direction. > > Here is what I have done: > > Check bridge information with the following: > > > ~ $ modprobe -v bridge > > No issues or errors > > > ~ $ cat /proc/modules | grep bridge > > bidge 91889 0 - Live 0x89247000 > > Check to ensure forwarding is turned on: > > > ~ $ cat /proc/sys/net/ipv4/ip_forward > > 1 > > Checked that my interface are up and running > (Was sure of this but did the check anyway): > > > ~ $ ifconfig > > eth0 Link encap:Ethernet HWaddr 48:5B:39:2A:07:D5 > > inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 > > inet6 addr: fe80::4a5b:39ff:fe2a:7d5/64 Scope:Link > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:1059 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:1080 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:454226 (443.5 KiB) TX bytes:120584 (117.7 KiB) > > Interrupt:90 Base address:0x8400 > > > > loLink encap:Local Loopback > > inet addr:127.0.0.1 Mask:255.0.0.0 > > inet6 addr: ::1/128 Scope:Host > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > RX packets:92 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:92 errors:0 dropped:0 overruns:0 carrier:0[Thu Nov 25 > > So now I begin to create the bridge form CLI as I want to make sure > everything > works before committing it to the config: > > > brctl addbr br0 > > ifconfig eth0 down > > ifconfig br0 192.168.1.100 up > > ifconfig eth0 0.0.0.0 up brctl addif br0 eth0 You need to add the physical interface(s) to the bridge interface. You can set this up to go automagically like this: sauron.deepsoft.com% cat /etc/sysconfig/network-scripts/ifcfg-eth0 # nVidia Corporation MCP77 Ethernet DEVICE=eth0 BOOTPROTO=static HWADDR=00:19:66:D6:ED:93 ONBOOT=yes BRIDGE=br0 sauron.deepsoft.com% cat /etc/sysconfig/network-scripts/ifcfg-br0 DEVICE=br0 TYPE=Bridge BOOTPROTO=static BROADCAST=192.168.250.255 IPADDR=192.168.250.1 NETMASK=255.255.255.0 NETWORK=192.168.250.0 ONBOOT=yes (change as needed to match your interaces and ipaddresses, etc.) > > route add default gw 192.168.1.254 > > I check my interfaces and routing: > > > ~ $ ifconfig > > br0 Link encap:Ethernet HWaddr 00:00:00:00:00:00 > > inet addr:192.168.1.100 Bcast:192.168.1.255 Mask:255.255.255.0 > > inet6 addr: fe80::200:ff:fe00:0/64 Scope:Link > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:0 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:5 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:0 > > RX bytes:0 (0.0 b) TX bytes:398 (398.0 b) > > > > eth0 Link encap:Ethernet HWaddr 48:5B:39:2A:07:D5 > > inet6 addr: fe80::4a5b:39ff:fe2a:7d5/64 Scope:Link > > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > > RX packets:64662 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:63301 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:1000 > > RX bytes:17699194 (16.8 MiB) TX bytes:7958063 (7.5 MiB) > > Interrupt:90 Base address:0x8400 > > > > loLink encap:Local Loopback > > inet addr:127.0.0.1 Mask:255.0.0.0 > > inet6 addr: ::1/128 Scope:Host > > UP LOOPBACK RUNNING MTU:16436 Metric:1 > > RX packets:211 errors:0 dropped:0 overruns:0 frame:0 > > TX packets:211 errors:0 dropped:0 overruns:0 carrier:0 > > collisions:0 txqueuelen:0 > > RX bytes:17346 (16.9 KiB) TX bytes:17346 (16.9 KiB) > > > > ~ $ route -n > > Kernel IP routing table > > Destination Gateway Genmask Flags Metric RefUse > Iface > > 192.168.1.0 0.0.0.0 255.255.255.0 U 0 00 br0 > > 0.0.0.0 192.168.1.254 0.0.0.0 UG0 00 br0 > > Time to test if ping works: > > > ~ $ ping -c3 192.168.1.254 > > PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. > > ping: sendmsg: Operation not permitted > > ping: sendmsg: Operation not permitted > > ping: sendmsg: Operation not permitted > > > > --- 192.168.1.254 ping statistics --- > > 3 packets transmitted, 0 received, 100% packet loss, time 2000ms > > I know the firewall is causing this issue so I stop the firewall: > > > ~ $ service iptables stop > > Flushing firewall rules:
[CentOS] rsyslog as default syslog daemon?
Hi all! Is anybody here using rsyslog? I am looking for the right solution how to use rsyslog in CentOS 5 as the default logging daemon. We use it because of filtering using regular expressions. I switched from sysklogd to rsyslog simply using chkconfig --del syslog chkconfig --add rsyslog chkconfig rsyslog on service syslog stop service rsyslog start but this seems not to be "bullet-proof" solution - when yum automaticaly install updates, sysklogd rpm package runs postinstall scriptlet which unfortunately returns sysklogd back to game (and breaks logging based on regex). # rpm -q --scripts sysklogd postinstall scriptlet (using /bin/sh): if [ "$1" -ge 1 ]; then /sbin/chkconfig --add syslog< /dev/null 2>&1 fi exit 0 ... # chkconfig --list syslog syslog 0:off 1:off 2:on3:on4:on5:on6:off Meanwhile, automatic update of rsyslog package results (thanks to postinstall scriptlet) into disabled rsyslog :-/ ... # rpm -q --scripts rsyslog postinstall scriptlet (using /bin/sh): /sbin/chkconfig --add rsyslog
Re: [CentOS] Postfix - message queue filling with Host or name not found - try again
On Tue, Nov 16, 2010 at 11:49 AM, Rob Kampen wrote: > Hi list, > I have noted over the last week or so my DNS servers are dumping lots of > messages for bogus domain lookups. Examining the postfix queue with > postqueue -p: I see many > (Host or domain name not found. Name service error for > name=bdgiedjhea.po6e4ina.com type=MX: Host not found, try again) > j...@bdgiedjhea.po6e4ina.com > My question - why does this stay in the message queue - why not dumped back > with message undeliverable or dropped? > I understand this is probably related to my config - which follows: > Here's what you want (copied from my config): maps_rbl_reject_code = 450 non_fqdn_reject_code = 450 smtpd_delay_reject = yes smtpd_helo_required = yes smtpd_helo_restrictions = reject_unauth_pipelining permit_sasl_authenticated permit_mynetworks reject_invalid_hostname reject_non_fqdn_hostname reject_unknown_helo_hostname permit smtpd_sender_restrictions = reject_unauth_pipelining reject_non_fqdn_sender reject_non_fqdn_recipient reject_unknown_recipient_domain reject_unknown_sender_domain permit smtpd_client_restrictions = # sleep 1 reject_unauth_pipelining permit_sasl_authenticated permit_mynetworks reject_unknown_client_hostname permit smtpd_recipient_restrictions = reject_unauth_pipelining reject_non_fqdn_recipient reject_unknown_recipient_domain permit_mynetworks permit_sasl_authenticated reject_unauth_destination #fully automated RBLs reject_rbl_client truncate.gbudb.net reject_rbl_client dnsbl.proxybl.org reject_rbl_client psbl.surriel.com reject_rbl_client db.wpbl.info reject_rbl_client bl.spamcop.net # reject_rbl_client bl.spamcannibal.org #blocked charles reject_rbl_client intercept.datapacket.net reject_rbl_client spamtrap.drbl.drand.net # reject_rbl_client dnsbl.ahbl.org #blocked godaddy reject_rbl_client dnsbl-1.uceprotect.net reject_rbl_client bhnc.njabl.org reject_rbl_client dnsbl.njabl.org #larder RBLs with some non-automation and larger ranges of IPs # reject_rbl_client dnsbl.sorbs.net #(blocked fedora) # reject_rbl_client dnsbl-2.uceprotect.net reject_rbl_client dnsbl-3.uceprotect.net reject_rbl_client zen.spamhaus.org # reject_rbl_client # reject_rbl_client dnsbl-2.uceprotect.net, # check_policy_service unix:private/spfpolicy # check_policy_service inet:127.0.0.1:10023 permit strict_rfc821_envelopes = yes smtpd_reject_unlisted_sender = yes ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Friday 26 November 2010 12:22, Eduardo Grosclaude wrote: > > Presently I am running CentOS release 5.5 (Final). I am looking to > > setup bridging as I would like to setup some KVM virtual hosts on my > > system as a > > > > Time to test if ping works: > >> ~ $ ping -c3 192.168.1.254 > >> PING 192.168.1.254 (192.168.1.254) 56(84) bytes of data. > >> ping: sendmsg: Operation not permitted > >> ping: sendmsg: Operation not permitted > >> ping: sendmsg: Operation not permitted > > Did you remember to brctl addif the regular interfaces? Nope, that is what I had forgotten. Thnx -- Regards Robert Linux The adventure of a life time. Linux User #296285 Get Counted http://counter.li.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Friday 26 November 2010 12:27, Akemi Yagi wrote: > I recommend you look at the documentaion available from > docs.redhat.com. For setting up bridged networking, see: > > > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/Vi >rtualization/index.html#sect-Virtualization-Network_Configuration-Bridged_ne >tworking_with_libvirt Thank you kindly for the link. I have some reading a head of me. -- Regards Robert Linux The adventure of a life time. Linux User #296285 Get Counted http://counter.li.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Friday 26 November 2010 12:28, Robert Heller wrote: > > works before committing it to the config: > > > brctl addbr br0 > > > ifconfig eth0 down > > > ifconfig br0 192.168.1.100 up > > > ifconfig eth0 0.0.0.0 up > > brctl addif br0 eth0 > > You need to add the physical interface(s) to the bridge interface. Yes, thank you for this information. This is the set I had missed. > You can set this up to go automagically like this: > > sauron.deepsoft.com% cat /etc/sysconfig/network-scripts/ifcfg-eth0 > # nVidia Corporation MCP77 Ethernet > DEVICE=eth0 > BOOTPROTO=static > HWADDR=00:19:66:D6:ED:93 > ONBOOT=yes > BRIDGE=br0 > > sauron.deepsoft.com% cat /etc/sysconfig/network-scripts/ifcfg-br0 > DEVICE=br0 > TYPE=Bridge > BOOTPROTO=static > BROADCAST=192.168.250.255 > IPADDR=192.168.250.1 > NETMASK=255.255.255.0 > NETWORK=192.168.250.0 > ONBOOT=yes Thnx again for this information. -- Regards Robert Linux The adventure of a life time. Linux User #296285 Get Counted http://counter.li.org/ ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 12:15 PM, Robert Spangler wrote: > Hello, > > Presently I am running CentOS release 5.5 (Final). I am looking to setup > bridging as I would like to setup some KVM virtual hosts on my system as a > test lab. I am following the the instruction at this site Don't bother. The Qemu based tools in libvirt, and their implementation in virt-manager, should be taken out back and forced to read Eric Raymond's screed on open source interfaces (The Luxury of Ignorance). Compatibility with arbitrary virtualization suites is not your friend when it's done that badly. Simple operations, like "set up two disks at first setup", are not possible from the GUI. This is one among numerous utilities available from the command line setup tool that are not accessible from the GUI: that's just a failure of GUI design. KVM, itself, was unusable in my testing due to the "bridged network" mishandling and its complete lack of a concept of failover for network issues, particularly pair bonding for the server itself. PXE for the clients was unusable, and it ran like a dyslexic on too many opiates, slow, twitchy, and unpredicatable. VMWare works well, even the free personal versions, and Xen used to work well (although its purchase by Citrix has me concerned, I've not played with it in 2 years now, and I'm very unhappy with libvirt.) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On November 26, 2010 11:25:06 am Nico Kadel-Garcia wrote: > KVM, itself, was unusable in my testing due to the "bridged network" > mishandling and its complete lack of a concept of failover for network > issues, particularly pair bonding for the server itself. PXE for the > clients was unusable, and it ran like a dyslexic on too many opiates, > slow, twitchy, and unpredicatable. The UI in RHEL 5/CentOS 5 is definitely very limited, but KVM does work with all these things under the hood. In particular KVM seems to run fine on top of a simple host bridge, which can in turn rely on a bonded interface. I have had no problems with boot support, although I confess I don't use PXE - DHCP and kickstart over the LAN work fine, though. I do hope the interface implementation in RHEL 6 will be much more usable. I don't mind doing things in XML files and command lines, but lots of people do. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Postfix - message queue filling with Host or name not found - try again
Am 26.11.2010 19:48, schrieb Mike Fedyk: > On Tue, Nov 16, 2010 at 11:49 AM, Rob Kampen > wrote: >> Hi list, >> I have noted over the last week or so my DNS servers are dumping lots of >> messages for bogus domain lookups. Examining the postfix queue with >> postqueue -p: I see many >> (Host or domain name not found. Name service error for >> name=bdgiedjhea.po6e4ina.com type=MX: Host not found, try again) >>j...@bdgiedjhea.po6e4ina.com >> My question - why does this stay in the message queue - why not dumped back >> with message undeliverable or dropped? >> I understand this is probably related to my config - which follows: >> > > > Here's what you want (copied from my config): Not really - because the shown part of the Postfix config is doubtful. > maps_rbl_reject_code = 450 > non_fqdn_reject_code = 450 Why a temporary DSN? You want those to come back again and again and again ...? > smtpd_delay_reject = yes Running the default of a delayed reject, why then splitting up the smtpd_*_restrictions causing plenty of tests to be run more than 1 time? > smtpd_helo_required = yes > > smtpd_helo_restrictions = > reject_unauth_pipelining > permit_sasl_authenticated > permit_mynetworks > reject_invalid_hostname > reject_non_fqdn_hostname Can lead to a lot of rejects for legitimate senders. > reject_unknown_helo_hostname > permit > > smtpd_sender_restrictions = > reject_unauth_pipelining > reject_non_fqdn_sender > reject_non_fqdn_recipient Again in smptd_recipient_restrictions. > reject_unknown_recipient_domain Again in smptd_recipient_restrictions. > reject_unknown_sender_domain > permit > > smtpd_client_restrictions = > # sleep 1 > reject_unauth_pipelining > permit_sasl_authenticated > permit_mynetworks > reject_unknown_client_hostname > permit > > smtpd_recipient_restrictions = > reject_unauth_pipelining > reject_non_fqdn_recipient > reject_unknown_recipient_domain > permit_mynetworks > permit_sasl_authenticated > reject_unauth_destination > #fully automated RBLs Much too much RBLs, really. > reject_rbl_client truncate.gbudb.net > reject_rbl_client dnsbl.proxybl.org > reject_rbl_client psbl.surriel.com > reject_rbl_client db.wpbl.info > reject_rbl_client bl.spamcop.net spamcop can be too aggressive. > # reject_rbl_client bl.spamcannibal.org #blocked charles > reject_rbl_client intercept.datapacket.net > reject_rbl_client spamtrap.drbl.drand.net > # reject_rbl_client dnsbl.ahbl.org #blocked godaddy > reject_rbl_client dnsbl-1.uceprotect.net > reject_rbl_client bhnc.njabl.org > reject_rbl_client dnsbl.njabl.org > #larder RBLs with some non-automation and larger ranges of IPs > # reject_rbl_client dnsbl.sorbs.net #(blocked fedora) > # reject_rbl_client dnsbl-2.uceprotect.net > reject_rbl_client dnsbl-3.uceprotect.net > reject_rbl_client zen.spamhaus.org > # reject_rbl_client > # reject_rbl_client dnsbl-2.uceprotect.net, > # check_policy_service unix:private/spfpolicy > # check_policy_service inet:127.0.0.1:10023 > permit > > strict_rfc821_envelopes = yes > smtpd_reject_unlisted_sender = yes Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Checking what's running inside a httpd process
I'm trying to fix a CentOS (5.5 x86_64) VM that we have where it become unstable due to swapping. But I did notice something: I have 10 httpd processes, and 5 of them are using 13 MB of resident memory, the other are using between 91 and 96 MB of RAM. I find it quite strange to see such differences in RAM usage. I ran a "lsof -P -p" on the processes, and I didn't see any major differences, so I'm wondering what is the best way to know what the processes are doing? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] simple website hit counter
Googling for this finds me a ton of stuff that doesn't actually do what I'm looking for. I want a simple hit counter cgi script of some kind that will increment a counter on every page load but I want to access the counter from a different page. In other words, I don't want to have a visible hit counter on the webpage itself. I want to have a different webpage that will show me the number. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Checking what's running inside a httpd process
Bonjour Robert. From experience with this kind of problems, you need to check what script (php or other) is served by that process at the moment it takes that much ram. The first thing you need to look is was the httpd process is responding to. If it's not, switch the ExtendedStatus to on, and then permit the access to /server-status to your station or network. Now, access the servername/server-status page in your web browser. You will see there what is the virtualhost (if any) and query that is serving for what process id. If you used your own compile of apache, it'll be compiled with mpm=prefork, and so one precess will have one thread and it'll be easier to spot. If it is compiled with mpm=worker (I don't know if centos' httpd compiled that way), then each process will serve many thread. If the process you examin is serving several page, it'll be more difficult to spot. From the number of process you have, either it's a low-traffic server or it use mpm=worker. If you got 10 process at 15 megs, plus one at 100 megs, that sums up to 250 megs. How much memory you server has ? Now that you have identified that, you need to trace where the memory hug is in that particular language. One of the advantage of mpm=prefork is that it isolates potential problem from one process to the other, but it takes more ram. So if you server is compiled with mpm=prefork, you can re-compile it with mpm=worker, it'll take less ressources on the server side. If your're using php, then you must re-compile php as well. Best regards, Nicolas Le 2010-11-26 à 16:06, Pascal Robert a écrit : > I'm trying to fix a CentOS (5.5 x86_64) VM that we have where it become > unstable due to swapping. But I did notice something: I have 10 httpd > processes, and 5 of them are using 13 MB of resident memory, the other are > using between 91 and 96 MB of RAM. I find it quite strange to see such > differences in RAM usage. I ran a "lsof -P -p" on the processes, and I didn't > see any major differences, so I'm wondering what is the best way to know what > the processes are doing? > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Checking what's running inside a httpd process
Also, a thing I've notice is that httpd process tend not to relase it's used memory very fast. So if you see that the process is not doing much (via server-status), you can safely kill it. The parent httpd process will create a new one when needed. Regards, Nicolas Le 2010-11-26 à 16:06, Pascal Robert a écrit : > I'm trying to fix a CentOS (5.5 x86_64) VM that we have where it become > unstable due to swapping. But I did notice something: I have 10 httpd > processes, and 5 of them are using 13 MB of resident memory, the other are > using between 91 and 96 MB of RAM. I find it quite strange to see such > differences in RAM usage. I ran a "lsof -P -p" on the processes, and I didn't > see any major differences, so I'm wondering what is the best way to know what > the processes are doing? > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SELinux - way of the future or good idea but !!!
Hi, total newbie on CentOS. Just firing up an install of 5.5 on a development webserver. Installed Webmin, Awstats, PHPMyAdmin and Drupal successfully. Yet to work on Sendmail and Samba. SELinux in enforcing mode, reporting "SELinux preventing ifconfig (ifconfig_t) "read write" to /var/webminsessiondb.pag (var_t)". Googled the error message without real success in finding fix - bug reports showing. Question is whether worth pursuing as SELinux is the way of the future. Or is SELinux a good idea that never really made it's way into the sun. Thoughts please. Alison PS. Semi-retired. Cut my teeth as sys prog on RSX11-M systems eons ago. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Fri, 26 Nov 2010, Frank Cox wrote: > To: centos@centos.org > From: Frank Cox > Subject: [CentOS] simple website hit counter > > Googling for this finds me a ton of stuff that doesn't actually do what I'm > looking for. > > I want a simple hit counter cgi script of some kind that will increment a > counter on every page load but I want to access the counter from a different > page. > > In other words, I don't want to have a visible hit counter on the webpage > itself. I want to have a different webpage that will show me the number. Hi Frank. Is this for one particular page, or every page on your site? Regards, Keith -- In theory, theory and practice are the same; in practice they are not. This email was sent from my laptop with Centos 5.5 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Nov 26, 2010, at 17:00, Frank Cox wrote: > Googling for this finds me a ton of stuff that doesn't actually do what I'm > looking for. > > I want a simple hit counter cgi script of some kind that will increment a > counter on every page load but I want to access the counter from a different > page. > > In other words, I don't want to have a visible hit counter on the webpage > itself. I want to have a different webpage that will show me the number. > > -- > MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com For much less effort you can setup Google Analytics and also get a lot more information. Otherwise, you should probably take a look at one of the reporting packages like AWstats that analyze the Apache logs. No one really uses those simple counters much anymore. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
2010/11/27 Alison : > Hi, > > total newbie on CentOS. Just firing up an install of 5.5 on a development > webserver. Installed Webmin, Awstats, PHPMyAdmin and Drupal successfully. Yet > to work on Sendmail and Samba. SELinux in enforcing mode, reporting "SELinux > preventing ifconfig (ifconfig_t) "read write" to /var/webminsessiondb.pag > (var_t)". > > Googled the error message without real success in finding fix - bug reports > showing. Question is whether worth pursuing as SELinux is the way of the > future. Or is SELinux a good idea that never really made it's way into the > sun. Thoughts please. Just turn selinux off. setenforce "0" works without rebooting server, but /etc/sysconfig/selinux is correct place to finalize setting.. -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On Sat, Nov 27, 2010 at 10:58:00AM +1100, Alison wrote: > Hi, > > total newbie on CentOS. Just firing up an install of 5.5 on a > development webserver. Installed Webmin, Awstats, PHPMyAdmin and > Drupal successfully. Yet to work on Sendmail and Samba. SELinux in > enforcing mode, reporting "SELinux preventing ifconfig (ifconfig_t) > "read write" to /var/webminsessiondb.pag (var_t)". There is a reason that control panels are effectively unsupported; you just hit on one of those reasons. Although I must admit I don't fully grasp why webmin is referencing ifconfig_t. > Googled the error message without real success in finding fix - bug > reports showing. Question is whether worth pursuing as SELinux is the > way of the future. Or is SELinux a good idea that never really made > it's way into the sun. Thoughts please. There are only a small number of corner cases in which SElinux is not appropriate; for all other cases it should be enabled. It exists for a reason and is shipped fully enabled for a reason. Being able to limit access based on contexts and roles is an incredibly powerful tool which greatly improves the security of your server and the integrity of your data. Following is a list of very useful SElinux resources. http://wiki.centos.org/HowTos/SELinux http://wiki.centos.org/TipsAndTricks/SelinuxBooleans http://docs.fedoraproject.org/selinux-user-guide/f10/en-US/ http://fedorasolved.org/security-solutions/selinux-module-building http://centoshelp.org/security/selinux-common-commands-troubleshooting Some quality time with these resources will allow you to correct the SElinux exception you listed above and also give you a much better understanding of SElinux as a whole. John -- The best argument against democracy is a five minute conversation with the average voter. -- Winston Churchill pgpXbIxpeskNR.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On Sat, Nov 27, 2010 at 02:53:30AM +0200, Eero Volotinen wrote: > > Just turn selinux off. setenforce "0" works without rebooting server, > but /etc/sysconfig/selinux is correct place to finalize setting.. Oh please. This is perhaps the most idiotic advice I've seen on this list in months. John -- Motivation is the art of getting people to do what you want them to do because they want to do it. -- Dwight D. Eisenhower (1890-1969), Thirty-fourth President of the USA pgpTRhjW256RA.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 02:12:04PM -0500, Robert Spangler wrote: > On Friday 26 November 2010 12:27, Akemi Yagi wrote: > > > I recommend you look at the documentaion available from > > docs.redhat.com. For setting up bridged networking, see: > > > > > > http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/Vi > >rtualization/index.html#sect-Virtualization-Network_Configuration-Bridged_ne > >tworking_with_libvirt > > Thank you kindly for the link. I have some reading a head of me. Much as I respect Akemi san, I would say, don't bother. It's the usual poorly written RH documentation. In contrast, there is the CentOS wiki, written by someone who actually knows something about writing documentation that people can understand. Ohwait, it's me. Actually, the KVM wiki article is very out of date, but the section on bridging is applicable. The RH docs were so bad, that I still had to go back to my own article. http://wiki.centos.org/HowTos/KVM -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 11/27/2010 01:53 AM, Eero Volotinen wrote: > 2010/11/27 Alison: >> Hi, >> >> total newbie on CentOS. Just firing up an install of 5.5 on a development >> webserver. Installed Webmin, Awstats, PHPMyAdmin and Drupal successfully. >> Yet to work on Sendmail and Samba. SELinux in enforcing mode, reporting >> "SELinux preventing ifconfig (ifconfig_t) "read write" to >> /var/webminsessiondb.pag (var_t)". >> >> Googled the error message without real success in finding fix - bug reports >> showing. Question is whether worth pursuing as SELinux is the way of the >> future. Or is SELinux a good idea that never really made it's way into the >> sun. Thoughts please. > > Just turn selinux off. setenforce "0" works without rebooting server, > but /etc/sysconfig/selinux is correct place to finalize setting.. What's with people recommending to turn off SELinux?! That's just bad advice and like recommending people keep their doors unlocked at all times. Really, stop doing that. SELinux is there for a reason. Afaik Webmin does not have a very good reputation when it comes to security. With that in mind your advice makes Alison's box much more vulnerable. My advice to Alison is to remove Webmin and use the tools that come with CentOS 5.5. Also make sure that phpMyAdmin can only be accessed from your local LAN, use strong passwords, turn on a tight firewall and do anything else that one should do to keep the bad guys from gaining illegal access to your server. The NSA has some nice guides how to keep your server secure. The guides are on this page: http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml Regards, Patrick ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On 11/26/2010 11:00 PM, Frank Cox wrote: > Googling for this finds me a ton of stuff that doesn't actually do what I'm > looking for. > > I want a simple hit counter cgi script of some kind that will increment a > counter on every page load but I want to access the counter from a different > page. > > In other words, I don't want to have a visible hit counter on the webpage > itself. I want to have a different webpage that will show me the number. Have you looked at Piwiki? See http://piwik.org/ Regards, Patrick ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
>> Just turn selinux off. setenforce "0" works without rebooting server, >> but /etc/sysconfig/selinux is correct place to finalize setting.. > > What's with people recommending to turn off SELinux?! That's just bad > advice and like recommending people keep their doors unlocked at all > times. Really, stop doing that. SELinux is there for a reason. Usually it causes more problems. If you have unlimited resources to tune it up, then it possibly helps on the way. > My advice to Alison is to remove Webmin and use the tools that come with > CentOS 5.5. Also make sure that phpMyAdmin can only be accessed from > your local LAN, use strong passwords, turn on a tight firewall and do .. and disable password authentication on sshd server. > anything else that one should do to keep the bad guys from gaining > illegal access to your server. > > The NSA has some nice guides how to keep your server secure. The guides > are on this page: > http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml http://www.zlinuxtoday.com/z/wp-content/uploads/2010/06/CIS_RHEL_5.0-5.1_Benchmark_v.1.1.2.pdf -- Eero ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On Sat, Nov 27, 2010 at 03:29:49AM +0200, Eero Volotinen wrote: > > Usually it causes more problems. If you have unlimited resources to tune it > up, > then it possibly helps on the way. Only if you don't bother to take the time to read any of the resources I previously provided or any of the other SElinux resources available on the 'net. SElinux is not brain surgery; spend some time with the documentation and you'll be surprised at how easily it all comes together after a while. Telling people to disable it is not only foolish but completely irresponsible; doubly so in a medium that exists to support users. If the best avenue was to disable it do you honestly think that upstream would enable it by default? This is 2010 - people are expected to actually make an effort at learning the systems they so casually throw up on the 'net and to take responsibility for those systems. Every time a box gets compromised it can pose a risk to the rest of us; please be mature and responsible enough to make it as difficult as possible to permit such a compromise in the first place. John -- Live a good life. If there are gods and they are just, they will not care how devout you have been, but will welcome you based on the virtues you have lived by. If there are gods, but unjust, then you should not want to worship them. If there are no gods, then you will be gone, but will have lived a noble life that will live on in the memories of your loved ones. -- Marcus Aurelius (121-180), philosopher and writer pgpXPEQ2uLoiZ.pgp Description: PGP signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 5:16 PM, Scott Robbins wrote: > On Fri, Nov 26, 2010 at 02:12:04PM -0500, Robert Spangler wrote: >> On Friday 26 November 2010 12:27, Akemi Yagi wrote: >> >> > I recommend you look at the documentaion available from >> > docs.redhat.com. For setting up bridged networking, see: http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/5/html-single/Virtualization/index.html#sect-Virtualization-Network_Configuration-Bridged_networking_with_libvirt > Much as I respect Akemi san, I would say, don't bother. It's the usual > poorly written RH documentation. > > In contrast, there is the CentOS wiki, written by someone who actually > knows something about writing documentation that people can understand. > Ohwait, it's me. > > Actually, the KVM wiki article is very out of date, but the section on > bridging is applicable. The RH docs were so bad, that I still had to go > back to my own article. > > http://wiki.centos.org/HowTos/KVM Mmm? I may not be the biggest fan of the Red Hat docs but I have to give a good score to that one about bridged networking. I followed the instructions in there and had no problem setting it up on my KVM hosts. It has couple of points the OP may need to know. One is that NetworkManager needs to be disabled. The other is how to handle iptables (OP disable it while troubleshooting). Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 06:09:26PM -0800, Akemi Yagi wrote: > On Fri, Nov 26, 2010 at 5:16 PM, Scott Robbins wrote: > > > > http://wiki.centos.org/HowTos/KVM > > Mmm? I may not be the biggest fan of the Red Hat docs but I have to > give a good score to that one about bridged networking. I followed > the instructions in there and had no problem setting it up on my KVM > hosts. > > It has couple of points the OP may need to know. One is that > NetworkManager needs to be disabled. The other is how to handle > iptables (OP disable it while troubleshooting). Ah, aikawarazu, good point. Not using NetworkManager--to be honest, I find it causes more problems than it solves, I was't aware of that. (The wiki article does mention additions to iptables.) Regrettably, however, I've found KVM to be somewhat of a disappointment. (My own personal experience.) For any workstation, I'm finding VMware-player to be the new contender, running guests faster than the later VirtualBoxes and/or KVM, and for serious production, I -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 11/26/10 8:01 PM, John R. Dennison wrote: > > > If the best avenue was to disable it do you honestly think that > upstream would enable it by default? They are, after all, selling service. What distro enables it that doesn't have a service for pay model (besides Centos, which just inherits it)? -- Les Mikesell lesmikes...@gmail.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Sat, 27 Nov 2010 00:04:35 + (GMT) Keith Roberts wrote: > Is this for one particular page, or every page on your site? A small business owner that has a webpage on a Centos webserver that I look after asked me for a simple counter to count the number of hits that she gets on her webpage (index.html). Awstats and similar log analyzers provide far more information than she cares about, understands or wants to see, and most of the hit counters that I can find on a google search either put the count on the same page that is being counted, or are trying to sell some kind of a third-party service. I could probably write this thing myself if I have to but it seems so basic that I figure I would be reinventing the wheel. I could read access.log and count hits on a daily basis or something, but I'm not sure that I understand the log structure well enough to do it right. There are several files names index.html on that webserver and on a cursory examination it seems that a lot of the time the initial hit on a website is logged as "/". -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Sat, 27 Nov 2010 02:20:01 +0100 Patrick Lists wrote: > Have you looked at Piwiki? See http://piwik.org/ As with awstats, that looks like it does far more than just count hits on index.html. I've found a stack of comprehensive reporting tools, and I've also found a ton of counters that put the number on the webpage that's being counted. Unfortunately, I still haven't found a simple counter that puts the count on a different webpage. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On 11/26/2010 11:24 PM, Frank Cox wrote: > On Sat, 27 Nov 2010 02:20:01 +0100 > Patrick Lists wrote: > >> Have you looked at Piwiki? See http://piwik.org/ > As with awstats, that looks like it does far more than just count hits on > index.html. > > I've found a stack of comprehensive reporting tools, and I've also found a ton > of counters that put the number on the webpage that's being counted. > > Unfortunately, I still haven't found a simple counter that puts the count on a > different webpage. > Webalizer comes with CentOS. I find it easy to enable and provides all the basic stats one would need. -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Fri, 26 Nov 2010 23:32:07 -0500 John Hinton wrote: > Webalizer comes with CentOS. I find it easy to enable and provides all > the basic stats one would need. As far as I'm aware, webalizer is a comprehensive reporting tool similar to awstats. Which is a much bigger hammer than what I'm looking for. -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Nov 26, 2010, at 11:37 PM, Frank Cox wrote: > On Fri, 26 Nov 2010 23:32:07 -0500 > John Hinton wrote: > >> Webalizer comes with CentOS. I find it easy to enable and provides all >> the basic stats one would need. > > As far as I'm aware, webalizer is a comprehensive reporting tool similar to > awstats. Which is a much bigger hammer than what I'm looking for. > > -- > MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos Hello, How about something like this: http://www.abiglime.com/webmaster/articles/cgi/110497.htm Perl script which shows the count. You dont have to display it on the main page even, can set it up to display on a page only the customer has access to. Tommy Craddock Systems Administrator to...@hivelocity.net Hivelocity.Net Impressive Support ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] simple website hit counter
On Sat, 27 Nov 2010 00:03:25 -0500 Tommy E Craddock Jr wrote: > How about something like this: > > http://www.abiglime.com/webmaster/articles/cgi/110497.htm > > Perl script which shows the count. You dont have to display it on the main > page even, can set it up to display on a page only the customer has access > to. In the immortal words of Wayne, "Schwing!" That looks like it'll do the job. Thanks! -- MELVILLE THEATRE ~ Melville Sask ~ http://www.melvilletheatre.com ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos and Bridging
On Fri, Nov 26, 2010 at 3:00 PM, Alan Hodgson wrote: > On November 26, 2010 11:25:06 am Nico Kadel-Garcia wrote: >> KVM, itself, was unusable in my testing due to the "bridged network" >> mishandling and its complete lack of a concept of failover for network >> issues, particularly pair bonding for the server itself. PXE for the >> clients was unusable, and it ran like a dyslexic on too many opiates, >> slow, twitchy, and unpredicatable. > > The UI in RHEL 5/CentOS 5 is definitely very limited, but KVM does work with > all these things under the hood. In particular KVM seems to run fine on top of > a simple host bridge, which can in turn rely on a bonded interface. I have had > no problems with boot support, although I confess I don't use PXE - DHCP and > kickstart over the LAN work fine, though. It is not merely "limited". PXE is very common for server installations of brand new hardware, or for remote KVM managed hardware, to avoid having to pop a CD in it. It's well undertood, and I got nowhere, even with it for KVM. (VMWare and Xen worked fine.) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
Thanks for all the input. Particularly John and Patricks URL's for reading material. Starting with the stuff here http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml Which is really good. I can get 1.5Mb/s upload using Annex M, but have previously purchased hosting as I have had little experience in "battle hardening" a server. Feeling much more confident now that I have reading material to guide me in keeping the bad guys out. Alison At 01:01 PM 27/11/2010, you wrote: >On Sat, Nov 27, 2010 at 03:29:49AM +0200, Eero Volotinen wrote: >> >> Usually it causes more problems. If you have unlimited resources to tune it >> up, >> then it possibly helps on the way. > >Only if you don't bother to take the time to read any of the >resources I previously provided or any of the other SElinux >resources available on the 'net. > >SElinux is not brain surgery; spend some time with the >documentation and you'll be surprised at how easily it all comes >together after a while. > >Telling people to disable it is not only foolish but completely >irresponsible; doubly so in a medium that exists to support >users. > >If the best avenue was to disable it do you honestly think that >upstream would enable it by default? > >This is 2010 - people are expected to actually make an effort at >learning the systems they so casually throw up on the 'net and >to take responsibility for those systems. Every time a box gets >compromised it can pose a risk to the rest of us; please be >mature and responsible enough to make it as difficult as >possible to permit such a compromise in the first place. > > > > >John >-- >Live a good life. If there are gods and they are just, they will not care >how devout you have been, but will welcome you based on the virtues you >have lived by. If there are gods, but unjust, then you should not want to >worship them. If there are no gods, then you will be gone, but will have >lived a noble life that will live on in the memories of your loved ones. > >-- Marcus Aurelius (121-180), philosopher and writer > > >___ >CentOS mailing list >CentOS@centos.org >http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SELinux - way of the future or good idea but !!!
On 27/11/10 06:33, Alison wrote: > > Thanks for all the input. Particularly John and Patricks URL's for reading > material. Starting with the stuff here > http://www.nsa.gov/ia/guidance/security_configuration_guides/operating_systems.shtml > Which is really good. > There is also a guide to SELinux on the CentOS Wiki: http://wiki.centos.org/HowTos/SELinux Hope that helps. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
