Re: [CentOS] Odd issue with C6 and NIS

[John Hodrien]

On Fri, 7 Oct 2011, Steve Rikli wrote:

> Well, somewhat.  E.g. my NIS master doesn't need to publish a "passwd"
> map in order to provide "auto.home" map or whatever, and I don't need
> a "lookup" account to get at the required data in the case of NIS.

You could have LDAP that only contained automounter information and you can
allow anonymous binds.  I don't think you're losing those options.

> Thanks for the discussion & sharing the benefits of your experience,
> John -- much appreciated.

No problem,

jh
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd issue with C6 and NIS

[John Hodrien]

On Fri, 7 Oct 2011, Craig White wrote:

> I would agree with NSCD adding additional mode failures. I try not to
> use it. I know nothing at all about other cache technologies for LDAP.

We'd found the tradeoffs with using nscd with a large centralised
institutional AD directory to be definitely worthwhile.  The caching it does
is dumb, and it's traditionally been prone to failure (although current
versions are far less bad), but it did throw back in necessary speed to the
mix.

> SSD really isn't about user/group caching and I'm not sure how that
> worked its way in here. http://fedoraproject.org/wiki/Features/SSSD In
> reality, you're going to have to use something like libnss or sssd for
> any alternative authentication system.

SSSD keeps a local LDB cache of retreived information, so does indeed maintain
a cache and it sensibly updates that cache while not holding up requests for
the cached data in a configurable manner.  It also caches the nested structure
well, by keeping partial caches of accrued data.  So I don't really understand
why you don't think it's about caching, when that's one of the things it does.

jh
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Mock - Problems building Centos5 package on Centos6 - where can I ask for advice ?

[Morgan Cox]

Hi

Thank you for your extremely quick (and faster than support from any
company..) reply.

Sorry, can you give more detail ?

>From the look of the error the 'mock centos5' is missing these files :-

/usr/share/aclocal/ltoptions.m4
/usr/share/aclocal/ltsugar.m4
/usr/share/aclocal/ltversion.m4
/usr/share/aclocal/lt~obsolete.m4

- which come from libtool2 (on centos6)

Centos5 obviously doesn't have that version...

I noticed in the .spec file it has


---
%build
# aclocal workaround - to be improved
cat `aclocal
--print-ac-dir`/{libtool,ltoptions,ltsugar,ltversion,lt~obsolete}.m4
>>aclocal.m4

# Force use of system libtool:
libtoolize --force --copy
cat `aclocal
--print-ac-dir`/{libtool,ltoptions,ltsugar,ltversion,lt~obsolete}.m4
>build/libtool.m4
---

It also has - from the original .spec file I based it on:-

BuildRequires: bzip2, perl, libtool >= 1.4.3, gcc-c++

I have libtool installed in the mock enviroment ...

Anyone know what i'm doing wrong ?

Regards !







On 6 October 2011 15:57, John Hodrien  wrote:

> On Thu, 6 Oct 2011, Morgan Cox wrote:
>
> > Hi.
> >
> > I am trying to use Mock to rebuild a .src.rpm file I have made for PHP
> 5.3.8
> > (for Centos6)
> >
> > I have managed to install deps fine with mock.
> >
> > When I try to rebuild the package though I get.
>
> BuildRequires are wrong, since this SRPM requires files that aren't being
> pulled in.  Add BuildRequires to satisfy these missing requirements and
> it'll
> work.
>
> jh
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] BIND and a second server resolving itself

[Bob Hoffman]

I am installing my second server in the datacenter but having problems 
getting to the net with it.
I am going to use it as a KVMvirt host and do not want to run bind on 
its base OS.

My thought was to just refer to it in the bind zones as an additional 
record
(main.example.com is the working server now, main2.example.com is the 
new one).

I cannot get the new one to reach out to the net, is there something I 
have to do on the new server to make it resolve
correctly (I have listed my nameservers and hosts file and all that)?
I think I have to allow my original server, the one hosting the 
nameservers, to allow the new server access to query, is that right?

or do I just need to add the IN A record with the ip, main2.example.com. 
IN A xxx.x..x...x..?

this is the first time I ever went with two servers and a bit confused 
as to proper resolution on the second server without having bind on it...

any help appreciated.

happy friday all
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Chroot in CentOS 5.* ?

[przemolicc]

Hello,

can I use chroot users in their home directories under centos 5.* using standard
packages ? How about chrooted sftp in centos 5.* ?
If I cannot - do I have to use centos 6.* ?

Regards
Przemek


Dom pod miastem lub mieszkanie w centrum znajdziesz wlasnie tu!
http://linkint.pl/f2a58
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd issue with C6 and NIS

[John Hodrien]

On Fri, 7 Oct 2011, Stephen Harris wrote:

> You're missing the point.  If the query was sufficiently fast then you
> don't _need_ to worry about caching, and thus cache coherency, speed of
> propagation of changes, inconsistent results between machines etc etc.
>
> Caching is a _kludge_ to hide an underlying problem.  It adds complexity
> and additional failure modes.

In one sense yes, but I don't necessarily see any sense in an 'ls -l' in a
lively directory causing *that* many hits to the information provider every
time when user information changes rarely.

> LDAP is slow.  nscd, sssd, ldapcachemgr et al are all klduges to work
> around that fact.

It all depends on your definition of slow.

$ time ldapsearch 'cn=someuser' >& /dev/null

real0m0.016s

That's not so bad for a LDAP server with ~100k users is it?

jh
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Chroot in CentOS 5.* ?

[Nicolas Thierry-Mieg]

przemol...@poczta.fm wrote:
> can I use chroot users in their home directories under centos 5.* using 
> standard
> packages ? How about chrooted sftp in centos 5.* ?

for the latter have a look at rssh, it's in repoforge (may be ok 
depending on what you call "standard")
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] BIND and a second server resolving itself

[Bob Hoffman]

Going to test tomorrow after install, but this is what I am thinking may 
work

in my example.com, located on main.example.com,  /named/db.example.com I 
am adding
main2.example.com. IN A xx.xxx.xxx.xxx (this is the second server's ip 
address)

in my example.com, located on main.example.com, 
/named/db.xxx.xxx.xxx.xxx.in-addr.arpa I am adding
IN PTR main2.example.com.

In the named.conf, located on main.example.com, I am adding my entire 16 
IP block of addresses along with my localhost
options {
 allow-recursion { localhost; xxx.xxx.xxx.xxx /29;};
 allow-query { localhost; xxx.xxx.xxx.xxx/29; };
};

I am assuming this will allow the new server to resolve correctly and 
allow it to reach out to the net to find domain names (so I can use yum 
update, ssh to it, etc)...and will use this for the KVM guests to 
resolve in the future too.

any help appreciated.. centos 6 by the way.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Chroot in CentOS 5.* ?

[Jorge Fábregas]

On 10/07/2011 05:42 AM, przemol...@poczta.fm wrote:
> How about chrooted sftp in centos 5.* ?
> If I cannot - do I have to use centos 6.* ?

The stock SSH package in the CentOS 5 series doesn't have the chroot
functionality.  The one in CentOS 6 does.

HTH,
Jorge
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd issue with C6 and NIS

[Stephen Harris]

On Thu, Oct 06, 2011 at 07:16:45PM -0700, Craig White wrote:
> On Thu, 2011-10-06 at 19:10 -0400, Stephen Harris wrote:
> > LDAP is slow.  nscd, sssd, ldapcachemgr et al are all klduges to work
> > around that fact.

> OpenLDAP is highly optimized and very fast and can search a large DSA
> much quicker than you can search a large passwd/group setup. Maybe the

*sigh*

I recently stress tested one of our LDAP servers; it handled 100,000
simultaneous collections and performed over 24,000 group "memberid"
searches per second.

The servers are fast.

The protocol is heavy and slow.  You can only get that sort of performance
with persistent connections; ie client side kludges.

> For the record... ldap does have a 'socket' mode that one can use on a
> local machine where speed is of the essence so that sort of blunts the
> point you are trying to make about TCP/IP speeds.

If you want to install software on 30,000 machines... yet another kludge.

> I would agree with NSCD adding additional mode failures. I try not to
> use it. I know nothing at all about other cache technologies for LDAP.

It's _essential_ for reasonable LDAP performance.  Back in the good ol'
days of NIS, "nscd" got the nickname of "Needless Sun Complexity Daemon"
because it was optional and caused more problems than it was worth.
Everyone disabled it.  With LDAP if you don't have nscd then your
performance drops massively and you put a much larger load onto your
LDAP servers.

> SSD really isn't about user/group caching and I'm not sure how that

SSSD is the RedHat 6 replace for nscd; it replaces nscd for LDAP
communication and caching.

> Personally, I think you are making a fallacious argument and offering no
> empirical evidence, no comparison testing methodology and no evidence of
> anything worthwhile to consider.

... and we drop into ad hominem attacks.

FWIW, anyone can do these tests.  Write a loop that does 10,000 ypmatch's
and a loop that does 10,000 ldapsearches.  Time 'em.  Oh.  (Run "netstat
-an" and watch the tcp sockets!  Oh!!).  This demonstrates the utter
essential nature of nscd.  Now with nscd with services configured for
LDAP in nsswitch and run 20 'netstat -a' commands (without the 'n'
option, to force getservbyport() queries).  Whee.  (Maybe this has been
fixed, now; we bitched enough at Sun and RedHat).  Create a /home with
10,000 users and do an "ls -l".  Awww...

Do the same tests against NIS and watch speeds come up.  It's possible
for NIS to be _faster_ (even without nscd) than even a local passwd
and group file 'cos the NIS maps have a primary index and are built
in multiple ways (passwd.byname, passwd.byuid for example).  LDAP has
indexes (multiple indexes!), but the protocol slows you down.

Note: I'm not saying "don't use LDAP".  LDAP is so much more superior than
NIS in almost every respect, except speed.  Work hard on those kludges
(nscd,sssd,ldapcachemgr etc) to bring performance back to a reasonable level.
Use LDAP profiles to automatically configure clients to the closest servers,
and so on.  You'll get a usable LDAP infrastructure.  Just it's now more
complicated than NIS and has more failure modes as a result.

LDAP is definitely a case of 2 steps forward, 1 step back.

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd issue with C6 and NIS

[Stephen Harris]

On Fri, Oct 07, 2011 at 07:19:20AM -0400, Stephen Harris wrote:
> I recently stress tested one of our LDAP servers; it handled 100,000
> simultaneous collections and performed over 24,000 group "memberid"
> searches per second.

Correction; we had 100,000 simultaneous clients; 55,000 bound simultaneously,
the rest were queued.  That's a socket limitation on the server.  Not one
I'd hit practically (we load balance).

-- 

rgds
Stephen
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Migrating CentOS 5 -> 6: where to put /etc/inittab respawn scripts?

[Kenneth Porter]

--On Wednesday, October 05, 2011 7:32 AM -0500 Jim Perrin 
 wrote:

> http://docs.redhat.com/docs/en-US/Red_Hat_Enterprise_Linux/6/html-single/
> Migration_Planning_Guide/index.html
>
> 4.2 Service Initialization ->
>
> "In Red Hat Enterprise Linux 6, *init* from the sysvinit package has been
> replaced with *Upstart*, an event-based init system. This system handles
> the starting of tasks and services during boot, stopping them during
> shutdown and supervising them while the system is running. For more
> information on Upstart itself, refer to the init(8) man page."

For those wanting to get their head around Upstart, start here:




___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 6.x cr repo

[Janne TH. Nyman]

Team CentOS,

Just writing to thank you a lot for the CentOS 6.1 packages made
available on the 26th of September.

I haven't gone through what updates exactly you guys released in the cr
repository but I am well impressed with the improvements.

Great timing as my RHEL self-support contract was due for renewal and I
am so pleased with the refreshed packages, it now works on my ThinkPad
X220, that I won't renew my RHEL subscription.

Awesome work guys and thanks a million. :) CentOS Rocks.

Ps. I found the CR repo information here:
http://lists.centos.org/pipermail/centos-announce/2011-September/018078.html


Janne Nyman AKA JNixus
E: jny...@jbtec.org

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Chroot in CentOS 5.* ?

[Brian Mathis]

2011/10/7 Jorge Fábregas :
> On 10/07/2011 05:42 AM, przemol...@poczta.fm wrote:
>> How about chrooted sftp in centos 5.* ?
>> If I cannot - do I have to use centos 6.* ?
>
> The stock SSH package in the CentOS 5 series doesn't have the chroot
> functionality.  The one in CentOS 6 does.
>
> HTH,
> Jorge

The stock sshd actually does support chroot, but it's an
all-or-nothing type of thing.  You cannot apply the chroot only to
specific groups, so even 'root' is chrooted.

There are 3rd party OpenSSH 5.x packages available that work on CentOS
5 and give you the ability to set the chroot by groups.


-☙ Brian Mathis ❧-
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS-announce Digest, Vol 80, Issue 3

[centos-announce-request]

Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. CEBA-2011:1357 CentOS 5 x86_64 nmap FASTTRACK Update
  (Johnny Hughes)
   2. CEBA-2011:1357 CentOS 5 i386 nmap FASTTRACK Update (Johnny Hughes)
   3. CESA-2011:1359 Moderate CentOS 5 i386 xorg-x11-server Update
  (Johnny Hughes)
   4. CESA-2011:1359 Moderate CentOS 5 x86_64   xorg-x11-server
  Update (Johnny Hughes)


--

Message: 1
Date: Thu, 6 Oct 2011 22:04:46 +
From: Johnny Hughes 
Subject: [CentOS-announce] CEBA-2011:1357 CentOS 5 x86_64 nmap
FASTTRACK   Update
To: centos-annou...@centos.org
Message-ID: <20111006220446.ga12...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2011:1357 

Upstream details at : http://rhn.redhat.com/errata/RHBA-2011-1357.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

x86_64:
cc9136755776e02e074831154a8c681e  nmap-4.11-2.x86_64.rpm
65ce9a21b945c42a7e95cb54f3d09e42  nmap-frontend-4.11-2.x86_64.rpm

Source:
27036bc09971149699ae99614d12d124  nmap-4.11-2.src.rpm


-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 2
Date: Thu, 6 Oct 2011 22:04:46 +
From: Johnny Hughes 
Subject: [CentOS-announce] CEBA-2011:1357 CentOS 5 i386 nmap FASTTRACK
Update
To: centos-annou...@centos.org
Message-ID: <20111006220446.ga12...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Bugfix Advisory 2011:1357 

Upstream details at : http://rhn.redhat.com/errata/RHBA-2011-1357.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

i386:
524f68792dc4d42e8438e30459103eb6  nmap-4.11-2.i386.rpm
1eba5a37fcc1cc512dce6a427773d704  nmap-frontend-4.11-2.i386.rpm

Source:
27036bc09971149699ae99614d12d124  nmap-4.11-2.src.rpm


-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 3
Date: Thu, 6 Oct 2011 22:11:34 +
From: Johnny Hughes 
Subject: [CentOS-announce] CESA-2011:1359 Moderate CentOS 5 i386
xorg-x11-server Update
To: centos-annou...@centos.org
Message-ID: <20111006221134.ga12...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2011:1359 Moderate 

Upstream details at : http://rhn.redhat.com/errata/RHSA-2011-1359.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

i386:
566dfe5253d4216246d79e7bc0386da3  
xorg-x11-server-sdk-1.1.1-48.76.el5_7.5.i386.rpm
9a2a7fdcb5cab116bcb958c64531688e  
xorg-x11-server-Xdmx-1.1.1-48.76.el5_7.5.i386.rpm
471b67cd327f28c2eb358b648c2e21cb  
xorg-x11-server-Xephyr-1.1.1-48.76.el5_7.5.i386.rpm
de4563689fa5b1729c24ac65ec5c7b85  
xorg-x11-server-Xnest-1.1.1-48.76.el5_7.5.i386.rpm
930dafaf623b248b5d6cc2380e6ef6bb  
xorg-x11-server-Xorg-1.1.1-48.76.el5_7.5.i386.rpm
c5eb7da9ca50887619d0bddeaec80f67  
xorg-x11-server-Xvfb-1.1.1-48.76.el5_7.5.i386.rpm
05fdb90676ca14cbbe586c65d4838c62  
xorg-x11-server-Xvnc-source-1.1.1-48.76.el5_7.5.i386.rpm

Source:
3550e4ad86c9faa0220613fed930faaf  xorg-x11-server-1.1.1-48.76.el5_7.5.src.rpm


-- 
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net



--

Message: 4
Date: Thu, 6 Oct 2011 22:11:34 +
From: Johnny Hughes 
Subject: [CentOS-announce] CESA-2011:1359 Moderate CentOS 5 x86_64
xorg-x11-server Update
To: centos-annou...@centos.org
Message-ID: <20111006221134.ga12...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii


CentOS Errata and Security Advisory 2011:1359 Moderate 

Upstream details at : http://rhn.redhat.com/errata/RHSA-2011-1359.html

The following updated files have been uploaded and are currently 
syncing to the mirrors: ( md5sum Filename ) 

x86_64:
092696c5120b4e96af80a66e11995051  
xorg-x11-server-sdk-1.1.1-48.76.el5_7.5.x86_64.rpm
26c50388b913354c37113a4be8c95947  
xorg-x11-server-Xdmx-1.1.1-48.76.el5_7.5.x86_64.rpm
68e3bf9f7f015e877f01310307eb1bbc  
xorg-x11-server-Xephyr-1.1.1-48.76.el5_7.5.x86_64.rpm
7989473d41d12cde205999ac2d0dac51  
xorg-x11-server-Xnest-1.1.1-48.76.el5_7.5.x86_64.rpm
e66be74429b0024bf168511159a35f70  
xorg-x11-server-Xorg-1.1.1-48.76.el5_7.5.x86_64.r

[CentOS] multiple ifcfg-x locations on CentOS-6

[James B. Byrne]

CentOS-5
$ ll /etc/sysconfig/networking/profiles/*
total 0
$ ll /etc/sysconfig/networking/devices
total 0

CentOS-6
$ ll /sysconfig/networking/profiles
total 4
drwxr-xr-x. 2 root root 4096 Oct  7 15:19 default
$ ll /sysconfig/networking/profiles/*
total 24
-rw-r--r--. 2 root root 158 Oct  7 15:19 hosts
-rw-r--r--. 2 root root 116 Oct  7 15:19 ifcfg-br0
-rw-r--r--. 2 root root 238 Oct  7 15:24 ifcfg-eth0
-rw-r--r--. 2 root root 117 Oct  7 15:19 ifcfg-eth1
-rw-r--r--. 2 root root  40 Oct  7 15:19 network
-rw-r--r--. 2 root root 120 Oct  7 15:25 resolv.conf


$ ll /etc/sysconfig/networking/devices
total 12
-rw-r--r--. 2 root root 116 Oct  7 15:19 ifcfg-br0
-rw-r--r--. 2 root root 238 Oct  7 15:24 ifcfg-eth0
-rw-r--r--. 2 root root 117 Oct  7 15:19 ifcfg-eth1

I spent the better part of two hours trying to discover
why I could not configure br0 to start after modifying
/etc/sysconfig/network-scripts following my previously
succesful notes. I finally deleted ifcfg-bro and used the
existing ifcfg-eth0 and -eth1 scripts to at least get a
network connection working.  When I start the network
service I only saw l0 and eth0 start as eth1 is disabled. 
However, when I did an ifconfig I saw that br0 is
configured as well, but not by me.

Looking for br0 in the file system led me to the
directories listed above.  I do not recall seeing these
before and the only difference between this CentOS box and
the previous virtual host I installed is that this time I
selected the virtual host install option instead of
minimal install.  Evidently this was a misstep on my part.
 One that I doubt I shall repeat.

My questions are:  What are these duplicate, and
identical, files doing in multiple places on my system;
and why are they evidently interfering with the normal
processing of /etc/sysconfig/network-scripts through the
service utility?




-- 
***  E-Mail is NOT a SECURE channel  ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited  http://www.harte-lyne.ca
9 Brockley Drive  vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada  L8E 3C3

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] BIND and a second server resolving itself

[Robert Spangler]

On Friday 07 October 2011 06:25, the following was written:

>  In the named.conf, located on main.example.com, I am adding my entire 16
>  IP block of addresses along with my localhost
>  options {
>   allow-recursion { localhost; xxx.xxx.xxx.xxx /29;};
>   allow-query { localhost; xxx.xxx.xxx.xxx/29; };
>  };

Maybe I am missing something here but if you are only allowing your entire 16 
block to query/resolve on your DNS server why are you even running a DNS 
server?  Sounds like an over kill to me.  Why not just setup the resolv.conf 
file to use your Datacenter, Google or some other open DNS server to resolve 
for YUM?


-- 

Regards
Robert

Linux
The adventure of a lifetime.

Linux User #296285
Get Counted
http://linuxcounter.net/
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] multiple ifcfg-x locations on CentOS-6

[Nicolas Thierry-Mieg]

James B. Byrne wrote:
> $ ll /sysconfig/networking/profiles/*
> total 24
> -rw-r--r--. 2 root root 158 Oct  7 15:19 hosts
> -rw-r--r--. 2 root root 116 Oct  7 15:19 ifcfg-br0
> -rw-r--r--. 2 root root 238 Oct  7 15:24 ifcfg-eth0
> -rw-r--r--. 2 root root 117 Oct  7 15:19 ifcfg-eth1
> -rw-r--r--. 2 root root  40 Oct  7 15:19 network
> -rw-r--r--. 2 root root 120 Oct  7 15:25 resolv.conf
>
>
> $ ll /etc/sysconfig/networking/devices
> total 12
> -rw-r--r--. 2 root root 116 Oct  7 15:19 ifcfg-br0
> -rw-r--r--. 2 root root 238 Oct  7 15:24 ifcfg-eth0
> -rw-r--r--. 2 root root 117 Oct  7 15:19 ifcfg-eth1

   ^
look at that 2 there

> My questions are:  What are these duplicate, and
> identical, files doing in multiple places on my system;

those are hard-linked, most likely the same file in both subdirs (not 
identical files, a single file hard-linked twice)

the /etc/sysconfig/networking/* subdirs can exist on C5 as well, I think 
they're used by system-config-network


> and why are they evidently interfering with the normal
> processing of /etc/sysconfig/network-scripts through the
> service utility?

on a C6 machine I have those dirs are empty, as on your C5 system. I 
probably never used system-config-network on it. Networking through 
/etc/init.d/network functions fine without them.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS 6 is a bear

[Bob Hoffman]

Gotta say, centos has been tough to install and get working.

The anaconda installer makes large drive setups horridly tedious 
(especially if reinstalling a lot).

Package selection seems a bit off...

I did a virtualization package, no custom..did not install qemu, 
libvirt, and all attempts to do any virtualization failed due to 
non-installed packages.

Then I decided to select all the virtualization packages in custom, but 
had selected 'web server' as the base package. I was never able to 
connect to the net here at home...apparently some things with 'modprobe' 
did not install and the eth devices 'does not exist' or something like that.

Then I decided on the entire gnome package, with all the bells and 
whistles...everything worked, but who wants that? I removed some 
packages in gnome to see and reboot made machine dead.
Did that 4 different times with very few package removals.

Did a number of various tries with custom selections, but the 
dependencies seem to not be grabbing all it needs to work. Never got a 
non gnome setup to recognize eth devices (well, one time, but it never 
was able to get the net).

I just installed a custom set up, all virtualization packages- 
virtualization selected as base. I added some gnome stuff and a few 
other doo dads.booted up..went right to the command line no virt 
software works, errors everywhere. Display will not come up (x, vnc, or 
gnome no matter what)..

Every installation, in first boot up had major missing or odd problems. 
One time I booted up with a gnome set up and selinux was stopping 5 
differetn gdm programs..at boot...due to security risks... wtf?

Any attempt to disable or make selinux permissive results in a dead 
machine, unable to ever boot again (left one up for 12 hours, never came 
back up, thought it was relabeling, but no message.)

Removing packages with the gnome running only worked about 10% of the 
time, all others resulted in dead machine at reboot.

I am considering, the only way to actually install and use this as a 
virtualized host is to go full desktop and hope the selinux enforcing 
will not break the system (with all the programs it will not let run on 
boot)...

I have never, not once, been able to connect to the net in the command 
line setups...I know how to configure eths, network, dns, etc...not 
once, not even dhcp..config eth0 up, etc.. Gnome has not a single issue 
with the same exact file setups.. Many command line setups would not 
even see the eth devices, something about modprobe this or that not 
installed.wth?

quite an interesting task. I have now taken the server out of the center 
and am just going to endlessly install until I get a system that is low 
resources and actually allows the virtualization to work.

My last install, with all virt packages selected...?. cannot run 
virt-manager, libvirt, though some virt programs do work...why? 
something each needed to run was not installed as a 
dependency

Reinstalling would not be so bad, but the anaconda installer does not 
quite set up the drives the same on a reinstall forcing a deletion of 
partitions and redoing the entire setup..quite annoying

/rant off
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6 is a bear

[TE Dukes]

 

> -Original Message-
> From: centos-boun...@centos.org 
> [mailto:centos-boun...@centos.org] On Behalf Of Bob Hoffman
> Sent: Friday, October 07, 2011 9:14 PM
> To: CentOS mailing list
> Subject: [CentOS] CentOS 6 is a bear
> 
> Gotta say, centos has been tough to install and get working.
> 
> The anaconda installer makes large drive setups horridly 
> tedious (especially if reinstalling a lot).
> 
> Package selection seems a bit off...
> 
> I did a virtualization package, no custom..did not install 
> qemu, libvirt, and all attempts to do any virtualization 
> failed due to non-installed packages.
> 
> Then I decided to select all the virtualization packages in 
> custom, but had selected 'web server' as the base package. I 
> was never able to connect to the net here at 
> home...apparently some things with 'modprobe' 
> did not install and the eth devices 'does not exist' or 
> something like that.
> 
> Then I decided on the entire gnome package, with all the 
> bells and whistles...everything worked, but who wants that? I 
> removed some packages in gnome to see and reboot made machine dead.
> Did that 4 different times with very few package removals.
> 
> Did a number of various tries with custom selections, but the 
> dependencies seem to not be grabbing all it needs to work. 
> Never got a non gnome setup to recognize eth devices (well, 
> one time, but it never was able to get the net).
> 
> I just installed a custom set up, all virtualization 
> packages- virtualization selected as base. I added some gnome 
> stuff and a few other doo dads.booted up..went right to 
> the command line no virt software works, errors 
> everywhere. Display will not come up (x, vnc, or gnome no 
> matter what)..
> 
> Every installation, in first boot up had major missing or odd 
> problems. 
> One time I booted up with a gnome set up and selinux was 
> stopping 5 differetn gdm programs..at boot...due to security 
> risks... wtf?
> 
> Any attempt to disable or make selinux permissive results in 
> a dead machine, unable to ever boot again (left one up for 12 
> hours, never came back up, thought it was relabeling, but no message.)
> 
> Removing packages with the gnome running only worked about 
> 10% of the time, all others resulted in dead machine at reboot.
> 
> I am considering, the only way to actually install and use 
> this as a virtualized host is to go full desktop and hope the 
> selinux enforcing will not break the system (with all the 
> programs it will not let run on boot)...
> 
> I have never, not once, been able to connect to the net in 
> the command line setups...I know how to configure eths, 
> network, dns, etc...not once, not even dhcp..config eth0 up, 
> etc.. Gnome has not a single issue with the same exact file 
> setups.. Many command line setups would not even see the eth 
> devices, something about modprobe this or that not installed.wth?
> 
> quite an interesting task. I have now taken the server out of 
> the center and am just going to endlessly install until I get 
> a system that is low resources and actually allows the 
> virtualization to work.
> 
> My last install, with all virt packages selected...?. 
> cannot run virt-manager, libvirt, though some virt programs 
> do work...why? 
> something each needed to run was not installed as a 
> dependency
> 
> Reinstalling would not be so bad, but the anaconda installer 
> does not quite set up the drives the same on a reinstall 
> forcing a deletion of partitions and redoing the entire 
> setup..quite annoying
> 
> /rant off
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 
Dd!!

I'm not the sharpest knife in the drawer, but I initally installed CentOS
6.0 as a desktop and added from there. After that, I uninstalled the
'fluff'.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6 is a bear

[Bob Hoffman]

TE DUKES wrote
--

Dd!!

I'm not the sharpest knife in the drawer, but I initally installed CentOS
6.0 as a desktop and added from there. After that, I uninstalled the
'fluff'.
-

yea, that is the way I am going to have to go. However, I have done at least 8 
installs like that. I got rid of
some fluff and the system never came back onjust hung.
I assumed if you messed up the gnome somehow, it would revert to command 
line..however, that is
not possible with centos6 it appears.

I will not make the mistake of uninstalling the abrt again...system never 
recovered solely from
uninstalling that one uneeded completely useless program...sigh


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6 is a bear

[Bob Hoffman]

here is just  a small sample of the errors in the messages log after 
initial boot...
I think there is a bug with the video, something to do with grub 
according to peeps on the net.
I want to get rid of abrtd but the computer will never start again if I 
do..which does not make sense.
errors with network manager, gtk warngings, selinux has 5 things it 
wants to stop from running..
this is all at a first boot and second boot...
welcome to centos 6

these here literally make a hundred or so appearances in different forms
Oct  7 23:39:04 main kernel: [drm:radeon_i2c_sw_put_byte] *ERROR* i2c 
0x08 0x3b write failed
Oct  7 23:39:04 main kernel: [drm:r100_bandwidth_update] *ERROR* You may 
not have enough display bandwidth for current mode
Oct  7 23:39:04 main kernel: If you have flickering problem, try to 
lower resolution, refresh rate, or color depth
Oct  7 23:39:46 main kernel: composite sync not supported


Oct  7 23:38:47 main abrtd: Can't load public GPG key 
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-auxiliary
Oct  7 23:38:47 main abrtd: Can't load public GPG key 
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-beta-2
Oct  7 23:38:47 main abrtd: Can't load public GPG key 
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-beta
Oct  7 23:38:47 main abrtd: Can't load public GPG key 
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-former
Oct  7 23:38:47 main abrtd: Can't load public GPG key 
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-release
Oct  7 23:38:47 main abrtd: Can't load public GPG key 
/etc/pki/rpm-gpg/RPM-GPG-KEY-redhat-legacy-rhx
Oct  7 23:38:47 main abrtd: Init complete, entering main loop
Oct  7 23:38:47 main kernel: [drm:radeon_i2c_sw_put_byte] *ERROR*

Oct  7 23:39:13 main gdm-simple-greeter[2948]: Gtk-WARNING: 
gtkwidget.c:5460: widget not within a GtkWindow
Oct  7 23:39:13 main rtkit-daemon[2961]: Sucessfully made thread 2959 of 
process 2959 (/usr/bin/pulseaudio) owned by '42' high priority at nice 
level -11.
Oct  7 23:39:44 main NetworkManager[2258]:  [1318045184.982544] 
[nm-manager.c:1312] user_proxy_init(): could not init user settings 
proxy: (3) Could not get owner of name 
'org.freedesktop.NetworkManagerUserSettings': no such name
Oct  7 23:39:45 main NetworkManager[2258]:  [1318045185.234050] 
[nm-manager.c:1312] user_proxy_init(): could not init user settings 
proxy: (3) Could not get owner of name 
'org.freedesktop.NetworkManagerUserSettings': no such name
Oct  7 23:39:46 main kernel: fuse init (API version 7.13)
Oct  7 23:39:49 main setroubleshoot: SELinux is preventing 
gdm-session-wor "read write" access on root. For complete SELinux 
messages. run sealert -l 61e6aeb2-d3a0-4bab-be99-f3a0e4f705f0
Oct  7 23:39:49 main setroubleshoot: SELinux is preventing 
gdm-session-wor "read write" access on .xsession-errors. For complete 
SELinux messages. run sealert -l 02e77817-cb29-411f-9337-30c296d5cc7e
Oct  7 23:39:49 main setroubleshoot: SELinux is preventing 
gdm-session-wor "remove_name" access on .xsession-errors. For complete 
SELinux messages. run sealert -l 5b8b16b9-339a-4b8f-aaef-4ab911a30857
Oct  7 23:39:49 main setroubleshoot: SELinux is preventing 
gdm-session-wor "remove_name" access on .xsession-errors. For complete 
SELinux messages. run sealert -l 5b8b16b9-339a-4b8f-aaef-4ab911a30857
Oct  7 23:39:50 main setroubleshoot: SELinux is preventing 
gdm-session-wor "remove_name" access on .xsession-errors. For complete 
SELinux messages. run sealert -l 5b8b16b9-339a-4b8f-aaef-4ab911a30857
Oct  7 23:39:50 main setroubleshoot: SELinux is preventing 
gdm-session-wor "create" access on .xsession-errors. For complete 
SELinux messages. run sealert -l e3fe44e2-c58f-4aeb-88d8-8f3531a00cfa
Oct  7 23:39:50 main setroubleshoot: SELinux is preventing 
gdm-session-wor "create" access on .xsession-errors. For complete 
SELinux messages. run sealert -l e3fe44e2-c58f-4aeb-88d8-8f3531a00cfa
Oct  7 23:39:50 main setroubleshoot: SELinux is preventing 
gdm-session-wor "setattr" access on .xsession-errors. For complete 
SELinux messages. run sealert -l 15201ed3-3f1a-40c0-a0d2-a91bb5c55f9a
Oct  7 23:39:51 main kernel: composite sync not supported
Oct  7 23:39:51 main kernel: composite sync not supported
Oct  7 23:47:36 main kernel: composite sync not supported
Oct  7 23:47:36 main kernel: composite sync not supported
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] CentOS CVE "database"?

[Nate Duehr]

Was working on a project tonight to document CVE fixes applied to servers, and 
noted that RedHat has completely jacked up their website.

In the past, I've usually just used their website for links to their CVE list, 
as well as links to their Errata to look up specifics for CentOS machines.

It sure looks like these links are either permanently gone from the public 
pages to be hidden internally only available to Subscribers, or... 

RedHat's Marketing folks have completely destroyed what was once a valuable 
information-filled website.

Either way... the question now becomes...

Is there something similar to RedHat's CVE listings by year and number hosted 
by anyone in the CentOS community or by CentOS itself for CentOS?  I haven't 
had much luck with my GoogleFu tonight.

Thanks, 
Nate
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] CentOS 6 is a bear

[Emmanuel Noobadmin]

On 10/8/11, Bob Hoffman  wrote:
> Gotta say, centos has been tough to install and get working.
>
> The anaconda installer makes large drive setups horridly tedious
> (especially if reinstalling a lot).

I usually try to speed reinstall up by using small / and not
reformating /home. Not sure if it would be useful in your case.

That said, I haven't had all the troubles you have on my sole C6 test
server, before and after installing the desktop package.

> Any attempt to disable or make selinux permissive results in a dead
> machine, unable to ever boot again (left one up for 12 hours, never came
> back up, thought it was relabeling, but no message.)

This is rather odd, I only ever had problems with selinux set to
enforcing. It should be relabelling if you had disabled it. Could
there be some problem with your server hardware that's throwing you
off with all these spurious problems?

> I have never, not once, been able to connect to the net in the command
> line setups...I know how to configure eths, network, dns, etc...not
> once, not even dhcp..config eth0 up, etc.. Gnome has not a single issue
> with the same exact file setups.. Many command line setups would not
> even see the eth devices, something about modprobe this or that not
> installed.wth?

Do you happen to be using an Intel NIC ? Several of us were having
problems until we switched to using the kmod drivers from elrepo.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos