Re: [CentOS] Openswan or Ipsec-tools?
On 14/05/2012 19:15, Steve Clark wrote: > Yes the fc12 version loads just fine. > ipsec-tools-0.7.3-4.fc12.i686 > So it's not in CentOS 6. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] using fscache
Hello, I was wondering if anyone used fscache and what their experience was. Is it stable and available on Centos 5.8? -- --- Get your facts first, then you can distort them as you please.-- ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Everyday System Report CentOS 6.2
Hi list Members, i receive one email everyday (system report) from CentOS5, such as ssh attempt made, available disk space etc.. but CentOS 6.2 does not do that. Any idea why that? Thanks / Shiv. NK ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Everyday System Report CentOS 6.2
On Tue, 15 May 2012 11:47:12 - "Shiv. NK" wrote: > Hi list Members, > > i receive one email everyday (system report) from CentOS5, such as ssh > attempt made, available disk space etc.. > > but CentOS 6.2 does not do that. Any idea why that? install logwatch (and configure postfix or sendmail if you use that one). HTH, Laurent. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Everyday System Report CentOS 6.2
> On Tue, 15 May 2012 11:47:12 - > "Shiv. NK" wrote: > >> Hi list Members, >> >> i receive one email everyday (system report) from CentOS5, such as ssh >> attempt made, available disk space etc.. >> >> but CentOS 6.2 does not do that. Any idea why that? > install logwatch (and configure postfix or sendmail if you use that > one). > HTH, > Laurent. > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Dear Laurent, thanks for the assistance, i will do that. Regards ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] cpuspeed causing high load average?
On a new server's CentOS5 install, with nothing in the way of applications running yet, I noticed that the load average was sitting between 2 and 5 all the time, even though top told me CPU was 100% idle. Eventually I found that stopping the "cpuspeed" subsystem allowed the load average to drop down to near zero, as I would expect it to be. I have the default /etc/sysconfig/cpuspeed with no customizations. Is the above behaviour expected? It seems wrong to me. Is cpuspeed broken? I did notice that with cpuspeed running, the CPUs were running at their minimum frequency of 1.6GHz, and after stopping the cpuspeed service they went up to their maximum speed of 2.8GHz. The system has a pair of E5660 Xeons, which Linux reports as 24 CPUs! Cheers Tony -- Tony Mountifield Work: t...@softins.co.uk - http://www.softins.co.uk Play: t...@mountifield.org - http://tony.mountifield.org ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Excluding ConsoleKit in kickstart
On 05/15/2012 05:22 AM, m...@tdiehl.org wrote: > On Tue, 15 May 2012, Dennis Jacobfeuerborn wrote: > >> Hi, >> I'm working on automating virtual machine installs using kickstart files >> and virt-install. The problem I have is that these kickstart installations >> install different packages than a minimal manual install. While I got rid >> of some of them I can't seem to prevent ConsoleKit from getting installed. >> I put "-ConsoleKit" in the packages section and later also added packages >> that require it but in the end it is still getting installed. >> Any ideas what I could do to stop it from being installed? > > You have to find the package that is pulling it in as a dependency and > exclude that. What I would try first is to do a yum erase ConsoleKit and > see what else it wants to erase. Then exclude those packages as well. > > I tried this on a headless machine I have running and got the following > results: > > Removing: > ConsoleKit x86_64 0.4.1-3.el6 > @anaconda-CentOS-201112102333.x86_64/6.2 263 k > Removing for dependencies: > halx86_64 0.5.14-11.el6 > @anaconda-CentOS-201112102333.x86_64/6.2 1.2 M > hal-info noarch 20090716-3.1.el6 > @anaconda-CentOS-201112102333.x86_64/6.2 310 k > pm-utils x86_64 1.2.5-9.el6 > @anaconda-CentOS-201112102333.x86_64/6.2 254 k > polkit x86_64 0.96-2.el6_0.1 > @anaconda-CentOS-201112102333.x86_64/6.2 601 k > > While you might be able to run without polkit and pm-utils, I suspect that > you most likely want the hal packages. That's what I tried and this worked with other packages that I have excluded but not for ConsoleKit. This is what my packages section looks like: %packages @core @server-policy -mlocate -abrt* -mdadm -kexec-tools -prelink -readahead -hal -hal-info* -pm-utils -ConsoleKit* -polkit -libfprint %end I excluded "abrt" but that got dragged in again by some sub-packages so I excluded "abrt*" instead and that works fine but even if I remove all the packages that pull in ConsoleKit after the installation and reboot I still see the console-kit-daemon running. I'm not sure if I need hal. The default minimal installation of Centos 6 doesn't include it so I don't think it's really necessary. Regards, Dennis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] True bond howto for Centos 6
On Sun, May 13, 2012 at 12:42:52PM -0700, Jerry Franz wrote: > On 05/13/2012 10:16 AM, bob wrote: > > > > from what i get it is a problem with libvirt, using a bridge that is > > going through a bondon the same machine. > > It must be rather detailed to fix and only a few people seem to use that > > route. (like you and me) > > > > I've been running 14 CentOS5 VMs with bridged over active-backup bonded > interfaces (actually, over three sets of bonded interfaces) on a single > Ubuntu 10.04-LTS server KVM host for a couple of years now. The only > real issue I have had is that during a host reboot the 'thundering herd' > trying to autostart simultaneously sometimes doesn't reliably start all > 14 VMs and I have to manually launch the one or two VMs that fail to > launch. I used to see the same for RHEL5-based kvm-servers, but haven't seen this with any RHEL6-based servers that I would recommend for kvm installs now. > Also, I had to roll my own shutdown script because for whatever reason > Ubuntu 10.04 thinks shooting running VMs in the head during a shutdown > is a better approach than waiting for them to properly shutdown on request. I also tend to favour shutdown/reboots for kvm guests instead of suspend/resume... best regards, Florian La Roche ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] True bond howto for Centos 6
On Tue, May 15, 2012 at 7:41 AM, Florian La Roche wrote: > I also tend to favour shutdown/reboots for kvm guests instead of > suspend/resume... > Florian La Roche Slightly OT now, but, Florian, can you take a look at http://bugs.centos.org/view.php?id=5726 I think it has to do with shutdown/reboots versus suspend/resume. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] VPN Traffic
Hi List Members, i understand that perhaps i should not ask this question here. But you all are technical. Therefor, has anyone ever monitor the VPN traffic using any open source tools such as Zabbix/Nagios/Cacti? or any other Thanks ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VPN Traffic
On 15/05/2012 15:56, Shiv. NK wrote: Hi List Members, i understand that perhaps i should not ask this question here. But you all are technical. Therefor, has anyone ever monitor the VPN traffic using any open source tools such as Zabbix/Nagios/Cacti? or any other Thanks Can you provide a somewhat less generic term for "the VPN traffic"? If the VPN has an interface, then you can monitor this like you monitor any other interface, yes with Nagios / Cacti and the like... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VPN Traffic
> Can you provide a somewhat less generic term for "the VPN traffic"? > > If the VPN has an interface, then you can monitor this like you monitor > any other interface, yes with Nagios / Cacti and the like... > Dear Glies, Thanks for the information sent. VPN is between two Cisco routers. using SNMP, it is possible to monitor the interface traffic for a snmp enabled device through Zabbix/Cacti. But cannot differentiate between the the kind of traffic. Saying other way, there is internet traffic on the same interface part from VPN consumption. I am searching for a specific tool if exists, that can differentiate the kind of traffic and graph separately. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] True bond howto for Centos 6
On Tue, May 15, 2012 at 07:52:05AM -0700, Akemi Yagi wrote: > http://bugs.centos.org/view.php?id=5726 > > I think it has to do with shutdown/reboots versus suspend/resume. FWIW, I hit this last week; had shut down the host to do a hardware upgrade (eSATA controller, 12Tb of disks). After I brought the machine back up it all looked good. Until the next morning when "logwatch" reports from a guest complained that ntp had shut down 'cos the time difference was too great. Oops! -- rgds Stephen ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VPN Traffic
On 15/05/2012 16:10, Shiv. NK wrote: Can you provide a somewhat less generic term for "the VPN traffic"? If the VPN has an interface, then you can monitor this like you monitor any other interface, yes with Nagios / Cacti and the like... Dear Glies, Thanks for the information sent. VPN is between two Cisco routers. using SNMP, it is possible to monitor the interface traffic for a snmp enabled device through Zabbix/Cacti. But cannot differentiate between the the kind of traffic. Saying other way, there is internet traffic on the same interface part from VPN consumption. I am searching for a specific tool if exists, that can differentiate the kind of traffic and graph separately. If you were using tunnel interfaces on Cisco routers then you can monitor these with SNMP just like any interface. If you're using the nat classifier (it appears that you are) on an existing interface you would need to find a different SNMP OID for this, and I don't know whether it exists. I'd suggest asking in the Cisco-NSP mailing list. Failing that, if you export Netflow to a collector then you may be able to get good information on a flow (ip src :src port <--> ip dst: dst port) basis and you can identify your VPN traffic by source and destination addresses. Might be overkill, but it is good for getting all kinds of information. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 87, Issue 9
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org
You can reach the person managing the list at
centos-announce-ow...@centos.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."
Today's Topics:
1. CEBA-2012:0581 CentOS 5 aspell-en FASTTRACK Update (Johnny Hughes)
--
Message: 1
Date: Tue, 15 May 2012 08:57:00 +
From: Johnny Hughes
Subject: [CentOS-announce] CEBA-2012:0581 CentOS 5 aspell-en FASTTRACK
Update
To: centos-annou...@centos.org
Message-ID: <20120515085700.ga13...@chakra.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2012:0581
Upstream details at : http://rhn.redhat.com/errata/RHEA-2012-0581.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
3f3a755d69e428cdaeae28072937ef488c496fcdbfd6fd933cf53c900919a55e
aspell-en-6.0-3.i386.rpm
x86_64:
ab6d656dd97b56d7ddd9e51f5aed5e58c748b564f33a42c02d6ebe259fe85b07
aspell-en-6.0-3.x86_64.rpm
Source:
710c6e0bd3dad00191d38d0c7b8ed8ca0a5139c23fc4150e20df0792d2592284
aspell-en-6.0-3.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
___
CentOS-announce mailing list
centos-annou...@centos.org
http://lists.centos.org/mailman/listinfo/centos-announce
End of CentOS-announce Digest, Vol 87, Issue 9
**
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VPN Traffic
On Tue, 2012-05-15 at 15:10 +, Shiv. NK wrote: > Thanks for the information sent. VPN is between two Cisco routers. using > SNMP, it is possible to monitor the interface traffic for a snmp enabled > device through Zabbix/Cacti. But cannot differentiate between the the kind > of traffic. > Saying other way, there is internet traffic on the same interface part > from VPN consumption. I am searching for a specific tool if exists, that > can differentiate the kind of traffic and graph separately. VPNs usually create Tunnel interfaces. These interfaces have statistics like any other interface. Those statistics can be polled via SNMP. So any decent NMS should be able to monitor those. I monitor dozens of Tunnel (VPN) interfaces using ZenOSS; in my case these are GRE tunnels protected using IPSec associations. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] LAMP (Perl) Consultant.
Hello all, I am looking for a LAMP (perl) consultant. Preference given to one who is located in Canada. If you are interested, please contact me by email off list. Thanks. Milton Calnek / Manager of Operations / LiveBlock Auctions International P. 306.584.1383 / C. 306.526.8408 Service Desk: 1.877.694.6100 / 306.694.6100 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] ldirectord package on centos 6
Hi, I'm looking for the ldirectord package but can't find it. Previously this was available as "heartbeat-ldirectord" and nowadays it is built as an independent package from "resource-agents" however neither seems to be available either in core centos 6 or epel. Where did it go? Regards, Dennis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Sendmail problem - baffled
Our backup mail server (which I have just re-configured) tries to contact the primary mail server, and fails. My log shows repeatedly "connection refused": May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: makeconnection (mail.greenspot.fi. [83.143.217.182]) failed: Connection refused by mail.greenspot.fi. May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: to=, delay=00:38:16, xdelay=00:00:00, mailer=esmtp, pri=10021795, relay=mail.greenspot.fi. [83.143.217.182], dsn=4.0.0, stat=Deferred: Connection refused by mail.greenspot.fi. But yet I can successfully telnet that host: # telnet mail.greenspot.fi 25 Trying 83.143.217.182... Connected to mail.greenspot.fi (83.143.217.182). Escape character is '^]'. 220 mail.greenspot.fi ESMTP Sendmail; Tue, 15 May 2012 22:34:22 +0300 Also, the mailer-daemon *can* send automatic warning messages to mail.greenspot.fi just fine. So, the error probably is in my sendmail configuration. The error appeared as I today reconfigured the backup mail server to use a "dual sendmail" setup with amavis and greylisting. How could I proceed? - Jussi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Maintainer for Krita on CentOS
On 05/14/2012 04:14 PM, Michael Lampe wrote: > wrote: > erm... that is going to mean that everytime there is an update for either QT or anything that it links into or anything that is in a lib associated down that chain - the entire stack needs to be rebuilt. Are you sure this is a good idea ? >>> I'm not sure, but the guy who is maintaining it seems to think so. I >>> advised him to build for CentOS 6, not 5, but 5 is much more widely >>> distributed and there are other reasons for staying with CentOS 5, >>> such as AutoDesk support. >> I hate having to worry about multiple libraries. And in updates of the >> std. packages, it can break your specialized one. I would have to >> recommend to your krista list to build against the library we have now. > Nothing in el5 depends on the qt4-4.2.x that ships with el5. It's an > old, rotten, and completely pointless package. Nothing of any interest > could be build with it for years now, probably never ever was it of any > use to anyone. > > I replaced it with a rebuild of qt4-4.6.2-20 from el6. This gives me a > common and useable base for both el5 and el6. > > That could be a sensible approach for a krita.el5 package, too. > I would certainly build and put that package into centosplus for el5 .. it would give us the ability build several el6 packages for el5 too ... if Kitra will work with that, then this might be able to move forward. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OSS DSP sound card input on CentOS 6.2?
Hello everyone, I'm streaming audio on CentOS 5.8 with no problem, even on a cheap sound card using DarkIce as the input tool. For the input under CentOS5, I use: device= /dev/dsp # OSS DSP soundcard device for the audio input But under CentOS 6.2, there is no such device. I see /dev/snd, and it has: controlC0 hwC0D2midiC0D1 pcmC0D0p pcmC0D2p pcmC1D0p seq controlC1 hwC1D0midiC0D2 pcmC0D1c pcmC0D3p pcmC1D1p timer hwC0D0 midiC0D0 pcmC0D0c pcmC0D2c pcmC1D0c pcmC1D2c But nothing that looks OSS-ish to me. Any ideas as to what I need to point at, and why? Any help is greatly appreciated. Thanks! Gilbert *** Gilbert Sebenste (My opinions only!) ** *** ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Am 15.05.2012 21:44, schrieb Jussi Hirvi: > Our backup mail server (which I have just re-configured) tries to > contact the primary mail server, and fails. My log shows repeatedly > "connection refused": > > May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: makeconnection > (mail.greenspot.fi. [83.143.217.182]) failed: Connection refused by > mail.greenspot.fi. > May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: > to=, delay=00:38:16, xdelay=00:00:00, mailer=esmtp, > pri=10021795, relay=mail.greenspot.fi. [83.143.217.182], dsn=4.0.0, > stat=Deferred: Connection refused by mail.greenspot.fi. > > But yet I can successfully telnet that host: > > # telnet mail.greenspot.fi 25 > Trying 83.143.217.182... > Connected to mail.greenspot.fi (83.143.217.182). > Escape character is '^]'. > 220 mail.greenspot.fi ESMTP Sendmail; Tue, 15 May 2012 22:34:22 +0300 It is technically impossible that the telnet to target port 25 succeeds from the same system on which the Sendmail gets a connection refused, unless Sendmail is configured to use a non-standard target port. > Also, the mailer-daemon *can* send automatic warning messages to > mail.greenspot.fi just fine. > > So, the error probably is in my sendmail configuration. > > The error appeared as I today reconfigured the backup mail server to use > a "dual sendmail" setup with amavis and greylisting. How could I proceed? Deeply inspect your sendmail.mc files. Provide them here if you like to get assistance. > - Jussi Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Some more info. Below is a more complete telnet session from backup mail server (mx2.greenspot.fi) to primary mail server (mail.greenspot.fi). It only proves that sending mail works fine from command-line. But my sendmail setup cannot do the same. I wrote that MAILER-DAEMON can get mail through. I am not actually sure about that. (One warning message did come through, but maybe it was because something I changed in the config - not sure anymore.) Here's the successful telnet session: [root@mx2 ~]# telnet mail.greenspot.fi 25 Trying 83.143.217.182... Connected to mail.greenspot.fi (83.143.217.182). Escape character is '^]'. 220 mail.greenspot.fi ESMTP Sendmail; Tue, 15 May 2012 23:17:59 +0300 HELO mx2.greenspot.fi 250 mail.greenspot.fi Hello mx2.greenspot.fi [83.143.217.179], pleased to meet you MAIL FROM: m...@domain.com 250 2.1.0 m...@domain.com... Sender ok RCPT TO: m...@domain.com 250 2.1.5 m...@domain.com... Recipient ok DATA 354 Enter mail, end with "." on a line by itself Testing testing . 250 2.0.0 q4FKHxf7012785 Message accepted for delivery QUIT 221 2.0.0 mail.greenspot.fi closing connection Connection closed by foreign host. - Jussi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] True bond howto for Centos 6
On Tue, May 15, 2012 at 07:52:05AM -0700, Akemi Yagi wrote: > On Tue, May 15, 2012 at 7:41 AM, Florian La Roche > wrote: > > > I also tend to favour shutdown/reboots for kvm guests instead of > > suspend/resume... > > > Florian La Roche > > Slightly OT now, but, Florian, can you take a look at > > http://bugs.centos.org/view.php?id=5726 > > I think it has to do with shutdown/reboots versus suspend/resume. Hello Akemi, seems this is indeed dependent on suspend/resume versus save/restore and I'd suggest reporting this upstream to see if this can become an option versus hardcoded behaviour. best regards, Florian La Roche ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Jussi Hirvi wrote: > Some more info. Below is a more complete telnet session from backup mail > server (mx2.greenspot.fi) to primary mail server (mail.greenspot.fi). > > It only proves that sending mail works fine from command-line. But my > sendmail setup cannot do the same. Is there any chance that your sendmail is sending an invalid id? mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 15.5.2012 23.22, Alexander Dalloz wrote: > It is technically impossible that the telnet to target port 25 succeeds > from the same system on which the Sendmail gets a connection refused, > unless Sendmail is configured to use a non-standard target port. That is why I am baffled. :-/ I could use a way to see what port sendmail is actually using to make the contact. My assumption is that when the log entry (see my orig post) says "mailer=esmtp,", it implies port 25 - but then it really does not make sense that the connection is refused. On the primary mail server (which I try in vain to contact) I see *nothing* about the failed connections in the maillog, even though I raised log_level to 19. Below is my thishost-tx.mc. It looks totally ok to me, but maybe somebody else spots something there. This is a dual-sendmail setup, and this is the conf for the transmitting sendmail instance. - Jussi divert(-1)dnl include(`/usr/share/sendmail-cf/m4/cf.m4')dnl VERSIONID(`MTA-TX jh-2012-05')dnl OSTYPE(`linux')dnl define(`confSMTP_LOGIN_MSG', `$w.tx.$m Sendmail $v/$Z; $b')dnl MTA-TX define(`confLOG_LEVEL', `19')dnl define(`confDEF_USER_ID', ``8:12'')dnl define(`confTO_CONNECT', `1m')dnl define(`confTRY_NULL_MX_LIST', `True')dnl define(`confDONT_PROBE_INTERFACES', `True')dnl define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl define(`ALIAS_FILE', `/etc/aliases')dnl define(`STATUS_FILE', `/var/log/mail/statistics')dnl define(`UUCP_MAILER_MAX', `200')dnl define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnldefine(`confPRIVACY_FLAGS', `authwarnings,novrfy,noexpn,restrictqrun,restrictmai lq')dnl define(`confAUTH_OPTIONS', `A')dnl define(`confTO_QUEUEWARN', `2h')dnl define(`confTO_QUEUERETURN', `2d')dnl define(`confREFUSE_LA', `999')dnl disabled; limiting belongs to MTA-RX define(`confTO_IDENT', `0')dnl FEATURE(`no_default_msa', `dnl')dnl FEATURE(`nocanonify')dnl host/dom names considered caninical at MTA-TX FEATURE(`smrsh', `/usr/sbin/smrsh')dnl FEATURE(`mailertable', `hash /etc/mail/mailertable.db')dnl FEATURE(`virtusertable', `hash /etc/mail/virtusertable.db')dnl FEATURE(redirect)dnl FEATURE(always_add_domain)dnl FEATURE(use_cw_file)dnl (= local-host-names) FEATURE(use_ct_file)dnl define(`confMAX_DAEMON_CHILDREN', `0') dnl disabled; limiting belongs to MTA-RX FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl EXPOSED_USER(`root')dnl DAEMON_OPTIONS(`Addr=127.0.0.1,Port=10025,Name=MTA-TX')dnl FEATURE(`accept_unresolvable_domains')dnl LOCAL_DOMAIN(`localhost.localdomain')dnl LOCAL_DOMAIN(`[127.0.0.1]')dnl LOCAL_DOMAIN(`127.0.0.1')dnl MAILER(smtp)dnl ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 15.5.2012 23.33, m.r...@5-cent.us wrote: > Is there any chance that your sendmail is sending an invalid id? Uh, what do you mean by id? Domain name? I assume that comes from /etc/sysconfig/network. which correctly says > HOSTNAME=mx2.greenspot.fi - Jussi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Am 15.05.2012 22:48, schrieb Jussi Hirvi: > Below is my thishost-tx.mc. It looks totally ok to me, but maybe > somebody else spots something there. This is a dual-sendmail setup, and > this is the conf for the transmitting sendmail instance. > > - Jussi > > divert(-1)dnl > include(`/usr/share/sendmail-cf/m4/cf.m4')dnl > VERSIONID(`MTA-TX jh-2012-05')dnl > OSTYPE(`linux')dnl > define(`confSMTP_LOGIN_MSG', `$w.tx.$m Sendmail $v/$Z; $b')dnl MTA-TX > define(`confLOG_LEVEL', `19')dnl > define(`confDEF_USER_ID', ``8:12'')dnl > define(`confTO_CONNECT', `1m')dnl > define(`confTRY_NULL_MX_LIST', `True')dnl > define(`confDONT_PROBE_INTERFACES', `True')dnl > define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl > define(`ALIAS_FILE', `/etc/aliases')dnl > define(`STATUS_FILE', `/var/log/mail/statistics')dnl > define(`UUCP_MAILER_MAX', `200')dnl > define(`confUSERDB_SPEC', > `/etc/mail/userdb.db')dnldefine(`confPRIVACY_FLAGS', > `authwarnings,novrfy,noexpn,restrictqrun,restrictmai > lq')dnl > define(`confAUTH_OPTIONS', `A')dnl > define(`confTO_QUEUEWARN', `2h')dnl > define(`confTO_QUEUERETURN', `2d')dnl > define(`confREFUSE_LA', `999')dnl disabled; limiting belongs to MTA-RX > define(`confTO_IDENT', `0')dnl > FEATURE(`no_default_msa', `dnl')dnl > FEATURE(`nocanonify')dnl host/dom names considered caninical at MTA-TX > FEATURE(`smrsh', `/usr/sbin/smrsh')dnl > FEATURE(`mailertable', `hash /etc/mail/mailertable.db')dnl > FEATURE(`virtusertable', `hash /etc/mail/virtusertable.db')dnl > FEATURE(redirect)dnl > FEATURE(always_add_domain)dnl > FEATURE(use_cw_file)dnl (= local-host-names) > FEATURE(use_ct_file)dnl > define(`confMAX_DAEMON_CHILDREN', `0') dnl disabled; limiting belongs to > MTA-RX > FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl > EXPOSED_USER(`root')dnl > DAEMON_OPTIONS(`Addr=127.0.0.1,Port=10025,Name=MTA-TX')dnl > FEATURE(`accept_unresolvable_domains')dnl > LOCAL_DOMAIN(`localhost.localdomain')dnl > LOCAL_DOMAIN(`[127.0.0.1]')dnl > LOCAL_DOMAIN(`127.0.0.1')dnl > MAILER(smtp)dnl What is the content of the submit.mc? Your previous log snipplet showed > May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: makeconnection So there must be "sm-mta-rx" be defined somewhere. Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 5/15/2012 4:48 PM, Jussi Hirvi wrote: > On 15.5.2012 23.22, Alexander Dalloz wrote: >> It is technically impossible that the telnet to target port 25 succeeds >> from the same system on which the Sendmail gets a connection refused, >> unless Sendmail is configured to use a non-standard target port. > That is why I am baffled. :-/ > > I could use a way to see what port sendmail is actually using to make > the contact. My assumption is that when the log entry (see my orig post) > says "mailer=esmtp,", it implies port 25 - but then it really does not > make sense that the connection is refused. > > On the primary mail server (which I try in vain to contact) I see > *nothing* about the failed connections in the maillog, even though I > raised log_level to 19. You could use wireshark to monitor the network traffic and determine exactly what happens when sendmail tries to make the connection. -- Bowie ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Excluding ConsoleKit in kickstart
On 05/15/2012 04:19 PM, Dennis Jacobfeuerborn wrote: > On 05/15/2012 05:22 AM, m...@tdiehl.org wrote: >> On Tue, 15 May 2012, Dennis Jacobfeuerborn wrote: >> >>> Hi, >>> I'm working on automating virtual machine installs using kickstart files >>> and virt-install. The problem I have is that these kickstart installations >>> install different packages than a minimal manual install. While I got rid >>> of some of them I can't seem to prevent ConsoleKit from getting installed. >>> I put "-ConsoleKit" in the packages section and later also added packages >>> that require it but in the end it is still getting installed. >>> Any ideas what I could do to stop it from being installed? >> >> You have to find the package that is pulling it in as a dependency and >> exclude that. What I would try first is to do a yum erase ConsoleKit and >> see what else it wants to erase. Then exclude those packages as well. >> >> I tried this on a headless machine I have running and got the following >> results: >> >> Removing: >> ConsoleKit x86_64 0.4.1-3.el6 >> @anaconda-CentOS-201112102333.x86_64/6.2 263 k >> Removing for dependencies: >> halx86_64 0.5.14-11.el6 >> @anaconda-CentOS-201112102333.x86_64/6.2 1.2 M >> hal-info noarch 20090716-3.1.el6 >> @anaconda-CentOS-201112102333.x86_64/6.2 310 k >> pm-utils x86_64 1.2.5-9.el6 >> @anaconda-CentOS-201112102333.x86_64/6.2 254 k >> polkit x86_64 0.96-2.el6_0.1 >> @anaconda-CentOS-201112102333.x86_64/6.2 601 k >> >> While you might be able to run without polkit and pm-utils, I suspect that >> you most likely want the hal packages. > > That's what I tried and this worked with other packages that I have > excluded but not for ConsoleKit. This is what my packages section looks like: > > %packages > @core > @server-policy > -mlocate > -abrt* > -mdadm > -kexec-tools > -prelink > -readahead > -hal > -hal-info* > -pm-utils > -ConsoleKit* > -polkit > -libfprint > %end > > I excluded "abrt" but that got dragged in again by some sub-packages so I > excluded "abrt*" instead and that works fine but even if I remove all the > packages that pull in ConsoleKit after the installation and reboot I still > see the console-kit-daemon running. > > I'm not sure if I need hal. The default minimal installation of Centos 6 > doesn't include it so I don't think it's really necessary. As an FYI I found out what was pulling this in and it was the fprintd package (plus fprintd-pam). This pulls in libfprint but not as an explicit dependeny but via an implicit dependency on the filename of the library. After getting rid of this the number of installed packages went from 349 to 311. Apparently a few other packages like X libraries, gtk2, pango, cairo, etc. got pulled in by this as well. Regards, Dennis ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 5/15/2012 4:57 PM, Bowie Bailey wrote: > On 5/15/2012 4:48 PM, Jussi Hirvi wrote: >> On 15.5.2012 23.22, Alexander Dalloz wrote: >>> It is technically impossible that the telnet to target port 25 succeeds >>> from the same system on which the Sendmail gets a connection refused, >>> unless Sendmail is configured to use a non-standard target port. >> That is why I am baffled. :-/ >> >> I could use a way to see what port sendmail is actually using to make >> the contact. My assumption is that when the log entry (see my orig post) >> says "mailer=esmtp,", it implies port 25 - but then it really does not >> make sense that the connection is refused. >> >> On the primary mail server (which I try in vain to contact) I see >> *nothing* about the failed connections in the maillog, even though I >> raised log_level to 19. > You could use wireshark to monitor the network traffic and determine > exactly what happens when sendmail tries to make the connection. > A couple of things to check. I don't know if these servers are in the same location or not but it is possible if not, that your provider blocks port 25. Here are two configs to check. dnl # The following causes sendmail to only listen on the IPv4 loopback address dnl # 127.0.0.1 and not on any other network devices. Remove the loopback dnl # address restriction to accept email from the internet or intranet. dnl # DAEMON_OPTIONS(`Port=smtp, Name=MTA')dnl If this is not done on the primary, it will not listen to anything but itself so the backup wouldn't be able to contact it. dnl # dnl # The following causes sendmail to additionally listen to port 587 for dnl # mail from MUAs that authenticate. Roaming users who can't reach their dnl # preferred sendmail daemon due to port 25 being blocked or redirected find dnl # this useful. dnl # DAEMON_OPTIONS(`Port=submission, Name=MSA, M=Ea')dnl and this if it is possible that port 25 is blocked. Sorry if this has already been discussed. I stepped in late on the conversation. -- John Hinton 877-777-1407 ext 502 http://www.ew3d.com Comprehensive Online Solutions ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 15.5.2012 23.54, Alexander Dalloz wrote:
> What is the content of the submit.mc? Your previous log snipplet showed
>
>> > May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: makeconnection
> So there must be "sm-mta-rx" be defined somewhere.
Yes. In a dual sendmail setup there are two instances of sendmail. The
receiving one ("rx") dumps all email to amavis (TCP 10024), and then
amavis hauls everything back again to the other instance ("tx") (using
TCP 10025), which sends it away over net or piles it up in local mailboxes.
My conf for the "rx" instance is probably not important, as the "rx"
instance does not actually contact anything outside localhost. The
submit conf is for mail submission, so it is probably not used here.
- Jussi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Jussi Hirvi wrote:
> On 15.5.2012 23.54, Alexander Dalloz wrote:
>> What is the content of the submit.mc? Your previous log snipplet showed
>>
>>> > May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: makeconnection
>
>> So there must be "sm-mta-rx" be defined somewhere.
>
> Yes. In a dual sendmail setup there are two instances of sendmail. The
> receiving one ("rx") dumps all email to amavis (TCP 10024), and then
> amavis hauls everything back again to the other instance ("tx") (using
> TCP 10025), which sends it away over net or piles it up in local
> mailboxes.
>
> My conf for the "rx" instance is probably not important, as the "rx"
> instance does not actually contact anything outside localhost. The
> submit conf is for mail submission, so it is probably not used here.
Hmmm... dumb question: is anything out of disk space?
mark
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] True bond howto for Centos 6
On Tue, May 15, 2012 at 1:27 PM, Florian La Roche wrote: > On Tue, May 15, 2012 at 07:52:05AM -0700, Akemi Yagi wrote: >> On Tue, May 15, 2012 at 7:41 AM, Florian La Roche >> wrote: >> >> > I also tend to favour shutdown/reboots for kvm guests instead of >> > suspend/resume... >> >> > Florian La Roche >> >> Slightly OT now, but, Florian, can you take a look at >> >> http://bugs.centos.org/view.php?id=5726 >> >> I think it has to do with shutdown/reboots versus suspend/resume. > > Hello Akemi, > > seems this is indeed dependent on suspend/resume versus save/restore and > I'd suggest reporting this upstream to see if this can become an option > versus hardcoded behaviour. Thanks, Florian, for your note and also for adding a comment to the bug tracker. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] True bond howto for Centos 6
On Tue, May 15, 2012 at 8:14 AM, Stephen Harris wrote: > On Tue, May 15, 2012 at 07:52:05AM -0700, Akemi Yagi wrote: >> http://bugs.centos.org/view.php?id=5726 >> >> I think it has to do with shutdown/reboots versus suspend/resume. > > FWIW, I hit this last week; had shut down the host to do a hardware > upgrade (eSATA controller, 12Tb of disks). After I brought the machine > back up it all looked good. Until the next morning when "logwatch" > reports from a guest complained that ntp had shut down 'cos the time > difference was too great. > > Oops! Yes, that confirms what the bug sumbitter described. Thanks for the note. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 16.5.2012 0.18, John Hinton wrote: > A couple of things to check. I don't know if these servers are in the > same location or not but it is possible if not, that your provider > blocks port 25. Here are two configs to check. Thanks for input. I can make the contact from the backup-mailserver to the primary mailserver manually using telnet (details in previous posts), which proves that 25 is not blocked. BTW, the two servers are virtual machines in one and the same physical box. - Jussi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 16.5.2012 0.24, m.r...@5-cent.us wrote: > Hmmm... dumb question: is anything out of disk space? There are no dumb questions here. :-) The culprit has to be something simple like that. However, df shows that there is still room. - Jussi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On Wed, 16 May 2012 00:31:22 +0300 Jussi Hirvi wrote: > BTW, the two servers are virtual machines in one and the same physical box. What's the point of that? (Genuine question.) One server here, one across town, or even two separate boxes in a single room -- sure. But in the same box? If the the box is on fire, now you're out both your main and your backup server. I must be missing something; what is it? -- MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com www.creekfm.com - FIFTY THOUSAND WATTS of POW WOW POWER! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 15.5.2012 23.54, Alexander Dalloz wrote:
> So there must be "sm-mta-rx" be defined somewhere.
Just in case, here is my conf for the rx instance. To repeat, this
sendmail instance sends everything to amavisd at port 10024.
- Jussi
divert(-1)dnl
include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
VERSIONID(`MTA-RX jh-2012-05')dnl
OSTYPE(`linux')dnl
define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
define(`confLOG_LEVEL', `19')dnl # default: 9
INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')
define(`confDEF_USER_ID', ``8:12'')dnl
define(`confTO_INITIAL', `6m')dnl
define(`confTO_CONNECT', `1m')dnl
define(`confTO_HELO', `5m')dnl
define(`confTO_HOSTSTATUS', `2m')dnl
define(`confTO_DATAINIT', `6m')dnl
define(`confTO_DATABLOCK', `60m')dnl
define(`confTRY_NULL_MX_LIST', `True')dnl
define(`confDONT_PROBE_INTERFACES', `True')dnl
define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
define(`UUCP_MAILER_MAX', `200')dnl
define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
define(`confPRIVACY_FLAGS',
`authwarnings,novrfy,noexpn,noverb,needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictmailq')dnl
define(`confAUTH_OPTIONS', `A')dnl
define(`confCRL', `/etc/mail/certs/revoke.crl')dnl
define(`confTO_QUEUEWARN', `5m')dnl
define(`confTO_QUEUERETURN', `2d')dnl
define(`confDELAY_LA', `12')dnl added by jh, see batbook 1002
define(`confREFUSE_LA', `20')dnl upped by jh from 18
define(`confTO_IDENT', `0')dnl 0 = ident disabled
define(`confTO_RESOLVER_RETRANS_FIRST', `2')dnl
define(`confTO_RESOLVER_RETRANS_NORMAL', `10')dnl
define(`confTO_RESOLVER_RETRY_FIRST', `2')dnl
define(`confTO_RESOLVER_RETRY_NORMAL', `5')dnl
FEATURE(`no_default_msa', `dnl')dnl
FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
FEATURE(`mailertable', `hash /etc/mail/mailertable.db')dnl
FEATURE(`virtusertable', `hash /etc/mail/virtusertable.db')dnl
FEATURE(redirect)dnl
FEATURE(always_add_domain)dnl
FEATURE(nocanonify)dnl
FEATURE(use_cw_file)dnl
FEATURE(use_ct_file)dnl
define(`confMAX_DAEMON_CHILDREN', `130')dnl
define(`confMIN_FREE_BLOCKS', `1')dnl added by jh (see dual-readme)
define(`confCONNECTION_RATE_THROTTLE', `3')dnl
FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
FEATURE(`access_db', `hash -T -o /etc/mail/access.db')dnl
FEATURE(`blacklist_recipients')dnl
FEATURE(`greet_pause',`1000')dnl
FEATURE(`compat_check')dnl
EXPOSED_USER(`root')dnl
FEATURE(`dnsbl', `blackholes.mail-abuse.org', `"550 Email rejected due
to sending server misconfiguration - see
http://blackholes.mail-abuse.org/faq/#why_rejected";')dnl
FEATURE(`dnsbl', `bl.spamcop.net', `"550 Email rejected due to sending
server misconfiguration - see:
http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
DAEMON_OPTIONS(`Port=smtp,Name=MTA25-RX,M=SA')dnl
FEATURE(`accept_unresolvable_domains')dnl
LOCAL_DOMAIN(`localhost.localdomain')dnl
define(`confPID_FILE', `/var/run/sendmail-rx.pid')dnl
define(`STATUS_FILE', `/etc/mail/stat-rx')dnl
define(`QUEUE_DIR', `/var/spool/mqueue-rx')dnl
define(`confQUEUE_SORT_ORDER', `Modification')dnl
QUEUE_GROUP(`mqueue',``P=/var/spool/mqueue-rx,R=4,F=f'')dnl
FEATURE(stickyhost)dnl Keep env addr "u...@local.host" when fwd to MAIL_HUB
define(`MAIL_HUB', `esmtp:[127.0.0.1]')dnl fw all local mail to amavisd
define(`SMART_HOST', `esmtp:[127.0.0.1]')dnl fw all other mail to amavisd
define(`LOCAL_RELAY',`esmtp:[127.0.0.1]')dnl
define(`confDELIVERY_MODE',`q')dnl a must, if u want to specify nr of q
runners
define(`ESMTP_MAILER_ARGS',`TCP $h 10024')dnl
define(`SMTP_MAILER_MAXMSGS',`10')dnl Max no. of msgs in a single
connection
define(`ALIAS_FILE', `/etc/aliases')dnl
dnl # three undefines for dual-sendmail setup - jh
undefine(`UUCP_RELAY')dnl
undefine(`BITNET_RELAY')dnl
undefine(`DECNET_RELAY')dnl
MAILER(smtp)dnl
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Am 15.05.2012 23:19, schrieb Jussi Hirvi:
> On 15.5.2012 23.54, Alexander Dalloz wrote:
>> What is the content of the submit.mc? Your previous log snipplet showed
>>
May 15 22:21:41 mx2 sm-mta-rx[8674]: q4FIhPij007483: makeconnection
>
>> So there must be "sm-mta-rx" be defined somewhere.
>
> Yes. In a dual sendmail setup there are two instances of sendmail. The
> receiving one ("rx") dumps all email to amavis (TCP 10024), and then
> amavis hauls everything back again to the other instance ("tx") (using
> TCP 10025), which sends it away over net or piles it up in local mailboxes.
>
> My conf for the "rx" instance is probably not important, as the "rx"
> instance does not actually contact anything outside localhost. The
> submit conf is for mail submission, so it is probably not used here.
>
> - Jussi
And exactly somewhere there is your issue!
sm-mta-rx is failing according to your log. We can't judge if more is
failing as you did not post any further log content showing connection
problems.
I know what the dual Sendmail setup is, used it some time in the past,
dropped it when the milter came out.
Repeated, your issue at this point is the sm-mta-rx instance.
Unfortunately you did not provide the complete configuration, especially
not the config with the sm-mta-rx definition. At least sm-mta-rx does
not transport the mail to amavis but tries to deliver it to the primary
mail server.
Alexander
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On Tue, May 15, 2012 at 3:37 PM, Frank Cox wrote: > On Wed, 16 May 2012 00:31:22 +0300 > Jussi Hirvi wrote: > >> BTW, the two servers are virtual machines in one and the same physical box. > > What's the point of that? (Genuine question.) > > One server here, one across town, or even two separate boxes in a single room > -- sure. But in the same box? If the the box is on fire, now you're out both > your main and your backup server. > > I must be missing something; what is it? I've never been a fan of doing that, but I've recently been seeing it at a lot of clients. They have 2 older machines each running its own app. They get a new honking big box with enough HP to run both apps and they create 2 VMs one for each app. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Am 15.05.2012 23:37, schrieb Frank Cox: > On Wed, 16 May 2012 00:31:22 +0300 > Jussi Hirvi wrote: > >> BTW, the two servers are virtual machines in one and the same physical box. > > What's the point of that? (Genuine question.) > > One server here, one across town, or even two separate boxes in a single room > -- sure. But in the same box? If the the box is on fire, now you're out both > your main and your backup server. > > I must be missing something; what is it? I feld exactly the same when I saw both mail servers where in the same subnet. No point in doing that. Jussi should run 2 identical setups in 2 hosts as MX with same priority if redundancy is desired. Of course, having them as VMs on the same hosts limits the redundancy quite a bit as the host is the single point of failure here. Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Am 15.05.2012 23:42, schrieb Larry Martell: > On Tue, May 15, 2012 at 3:37 PM, Frank Cox > wrote: >> On Wed, 16 May 2012 00:31:22 +0300 >> Jussi Hirvi wrote: >> >>> BTW, the two servers are virtual machines in one and the same physical box. >> >> What's the point of that? (Genuine question.) >> >> One server here, one across town, or even two separate boxes in a single >> room >> -- sure. But in the same box? If the the box is on fire, now you're out >> both >> your main and your backup server. >> >> I must be missing something; what is it? > > I've never been a fan of doing that, but I've recently been seeing it > at a lot of clients. They have 2 older machines each running its own > app. They get a new honking big box with enough HP to run both apps > and they create 2 VMs one for each app. Yes, one point is to consolidate using virtualization. It is done in small environments and in really large ones. A very different thing is to run a main and a backup mail server on the same virtualization host as 2 VMs. Alone the fact to build up a setup with a backup mail server is nowadays to 99% a design flaw and non-optimal. Alexander ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
on 5/15/2012 2:39 PM Jussi Hirvi spake the following: > On 15.5.2012 23.54, Alexander Dalloz wrote: >> So there must be "sm-mta-rx" be defined somewhere. > > Just in case, here is my conf for the rx instance. To repeat, this > sendmail instance sends everything to amavisd at port 10024. > - Jussi > > EXPOSED_USER(`root')dnl > FEATURE(`dnsbl', `blackholes.mail-abuse.org', `"550 Email rejected due > to sending server misconfiguration - see > http://blackholes.mail-abuse.org/faq/#why_rejected";')dnl Trend micro bought this blackholes list a while back... is it still working? I thought it moved to a dot com domain... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 16.5.2012 0.37, Frank Cox wrote: > What's the point of that? (Genuine question.) > > One server here, one across town, or even two separate boxes in a single room > -- sure. But in the same box? If the the box is on fire, now you're out both > your main and your backup server. > > I must be missing something; what is it? No, you are right. However, two servers still are better than one. There are cases when one of them is down but not the other. And later, if I get another box, I can move the vm there easily. However, let's not get sidetracked too deep in this. - Jussi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
Am 15.05.2012 23:39, schrieb Jussi Hirvi:
> On 15.5.2012 23.54, Alexander Dalloz wrote:
>> So there must be "sm-mta-rx" be defined somewhere.
>
> Just in case, here is my conf for the rx instance. To repeat, this
> sendmail instance sends everything to amavisd at port 10024.
> - Jussi
Ah, here it is. Sorry, did not see this mail.
> divert(-1)dnl
> include(`/usr/share/sendmail-cf/m4/cf.m4')dnl
> VERSIONID(`MTA-RX jh-2012-05')dnl
> OSTYPE(`linux')dnl
> define(`confSMTP_LOGIN_MSG', `$j Sendmail; $b')dnl
> define(`confLOG_LEVEL', `19')dnl # default: 9
> INPUT_MAIL_FILTER(`greylist',`S=local:/var/milter-greylist/milter-greylist.sock')
> define(`confDEF_USER_ID', ``8:12'')dnl
> define(`confTO_INITIAL', `6m')dnl
> define(`confTO_CONNECT', `1m')dnl
> define(`confTO_HELO', `5m')dnl
> define(`confTO_HOSTSTATUS', `2m')dnl
> define(`confTO_DATAINIT', `6m')dnl
> define(`confTO_DATABLOCK', `60m')dnl
> define(`confTRY_NULL_MX_LIST', `True')dnl
> define(`confDONT_PROBE_INTERFACES', `True')dnl
> define(`PROCMAIL_MAILER_PATH', `/usr/bin/procmail')dnl
> define(`UUCP_MAILER_MAX', `200')dnl
> define(`confUSERDB_SPEC', `/etc/mail/userdb.db')dnl
> define(`confPRIVACY_FLAGS',
> `authwarnings,novrfy,noexpn,noverb,needmailhelo,needexpnhelo,needvrfyhelo,restrictqrun,restrictmailq')dnl
> define(`confAUTH_OPTIONS', `A')dnl
> define(`confCRL', `/etc/mail/certs/revoke.crl')dnl
> define(`confTO_QUEUEWARN', `5m')dnl
> define(`confTO_QUEUERETURN', `2d')dnl
> define(`confDELAY_LA', `12')dnl added by jh, see batbook 1002
> define(`confREFUSE_LA', `20')dnl upped by jh from 18
> define(`confTO_IDENT', `0')dnl 0 = ident disabled
> define(`confTO_RESOLVER_RETRANS_FIRST', `2')dnl
> define(`confTO_RESOLVER_RETRANS_NORMAL', `10')dnl
> define(`confTO_RESOLVER_RETRY_FIRST', `2')dnl
> define(`confTO_RESOLVER_RETRY_NORMAL', `5')dnl
> FEATURE(`no_default_msa', `dnl')dnl
> FEATURE(`smrsh', `/usr/sbin/smrsh')dnl
> FEATURE(`mailertable', `hash /etc/mail/mailertable.db')dnl
> FEATURE(`virtusertable', `hash /etc/mail/virtusertable.db')dnl
> FEATURE(redirect)dnl
> FEATURE(always_add_domain)dnl
> FEATURE(nocanonify)dnl
> FEATURE(use_cw_file)dnl
> FEATURE(use_ct_file)dnl
> define(`confMAX_DAEMON_CHILDREN', `130')dnl
> define(`confMIN_FREE_BLOCKS', `1')dnl added by jh (see dual-readme)
> define(`confCONNECTION_RATE_THROTTLE', `3')dnl
> FEATURE(local_procmail, `', `procmail -t -Y -a $h -d $u')dnl
> FEATURE(`access_db', `hash -T -o /etc/mail/access.db')dnl
> FEATURE(`blacklist_recipients')dnl
> FEATURE(`greet_pause',`1000')dnl
> FEATURE(`compat_check')dnl
> EXPOSED_USER(`root')dnl
> FEATURE(`dnsbl', `blackholes.mail-abuse.org', `"550 Email rejected due
> to sending server misconfiguration - see
> http://blackholes.mail-abuse.org/faq/#why_rejected";')dnl
> FEATURE(`dnsbl', `bl.spamcop.net', `"550 Email rejected due to sending
> server misconfiguration - see:
> http://spamcop.net/bl.shtml?"$&{client_addr}')dnl
> DAEMON_OPTIONS(`Port=smtp,Name=MTA25-RX,M=SA')dnl
> FEATURE(`accept_unresolvable_domains')dnl
> LOCAL_DOMAIN(`localhost.localdomain')dnl
> define(`confPID_FILE', `/var/run/sendmail-rx.pid')dnl
> define(`STATUS_FILE', `/etc/mail/stat-rx')dnl
> define(`QUEUE_DIR', `/var/spool/mqueue-rx')dnl
> define(`confQUEUE_SORT_ORDER', `Modification')dnl
> QUEUE_GROUP(`mqueue',``P=/var/spool/mqueue-rx,R=4,F=f'')dnl
> FEATURE(stickyhost)dnl Keep env addr "u...@local.host" when fwd to MAIL_HUB
> define(`MAIL_HUB', `esmtp:[127.0.0.1]')dnl fw all local mail to amavisd
> define(`SMART_HOST', `esmtp:[127.0.0.1]')dnl fw all other mail to amavisd
> define(`LOCAL_RELAY',`esmtp:[127.0.0.1]')dnl
> define(`confDELIVERY_MODE',`q')dnl a must, if u want to specify nr of q
> runners
> define(`ESMTP_MAILER_ARGS',`TCP $h 10024')dnl
Right, here you modify the target port of that Sendmail instance. And I
bet $1.000 that if you tcpdump on the main mail server you will see the
sending attempt to come in there at port 10024 and thus Sendmail (this
one here) gets a connection refused.
> define(`SMTP_MAILER_MAXMSGS',`10')dnl Max no. of msgs in a single
> connection
> define(`ALIAS_FILE', `/etc/aliases')dnl
> dnl # three undefines for dual-sendmail setup - jh
> undefine(`UUCP_RELAY')dnl
> undefine(`BITNET_RELAY')dnl
> undefine(`DECNET_RELAY')dnl
> MAILER(smtp)dnl
Alexander
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 16.5.2012 1.03, Alexander Dalloz wrote:
>> define(`ESMTP_MAILER_ARGS',`TCP $h 10024')dnl
> Right, here you modify the target port of that Sendmail instance. And I
> bet $1.000 that if you tcpdump on the main mail server you will see the
> sending attempt to come in there at port 10024 and thus Sendmail (this
> one here) gets a connection refused.
Looks like you are right - and that's a breakthrough! I checked on the
primary mail server using simply
tcpdump host 83.143.217.179
and I noticed connections to port 10024.
I should have used tcpdump earlier in this process - but better late
than never.
Now I just have to fix the sendmail ("rx" instance) config so that it
really sends the email to localhost (where amavis is listening), instead
of trying to send directly to the final destination. So far no luck. A
similar setup works ok on the primary mail server, so I don't know why
this one does not work.
- Jussi
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Sendmail problem - baffled
On 16.5.2012 2.42, Jussi Hirvi wrote:
> Now I just have to fix the sendmail ("rx" instance) config so that it
> really sends the email to localhost (where amavis is listening), instead
> of trying to send directly to the final destination.
Ok, I found it, and it is *so* obvious. Still it took me hours to find it.
I had this in my config for the "rx" instance of sendmail.
FEATURE(`mailertable', `hash /etc/mail/mailertable.db')
And my mailertable contained static routing for all domains that are
local to our primary mail server. Example:
greenspot.fiesmtp:[mail.greenspot.fi]
So sendmail was only following orders. Solution: comment out the
mailertable line from the sendmail config.
Thanks to everyone, and especially to Alexander for reading so carefully
my emails and giving the breakthrough tip. I love you!
- Jussi
4.55 AM local time
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] ldirectord package on centos 6
Am Tue, 15 May 2012 21:11:00 +0200 schrieb Dennis Jacobfeuerborn: > I'm looking for the ldirectord package but can't find it. Previously > this was available as "heartbeat-ldirectord" and nowadays it is built as > an independent package from "resource-agents" however neither seems to > be available either in core centos 6 or epel. Where did it go? Look at the resource-agents SPEC file, the ldirectord is not built anymore. Some tweaking in the SPEC will give you the package back. However, upstream (RH) has decided to not support ldirectord any more. Regards, Peter ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
