Re: [CentOS] Xorg fills up /var/log/Xorg.0.log with AUDIT messages (up to system crash) [solved]

2013-10-04 Thread Frank Thommen 
Problem solved: A user had configured his "preferred browser" to be 
Thunderbird(!).  As soon as he clicked on a link in an email, he ended 
in an endless loop with TB trying to open the link with the "preferred 
browser" (aka itself) again and again. This resulted in 40 MB audit 
loglines/hour in /var/log/Xorg.0.log.

Cheers
frank


On 03.10.13 17:15, Frank Thommen wrote:
> Hi,
>
> on a CentOS 6.4-workstation we have the problem, that Xorg fills up
> /var/log/Xorg.0.log with AUDIT messages faster than one can read. Within
> four hours the logfile grew to 160 MB and usually within 1-2 days
> applications and sometimes the OS crash because /var becomes full.
>
> Here a small extract of /var/log/Xorg.0.log:
>
> [...]
> [ 24272.458] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.487] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24951 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.490] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.500] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 disconnected
> [ 24272.516] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24948 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.516] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 connected
> from local host ( uid=9435 gid=577 pid=24952 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.521] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.549] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24957 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.552] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.564] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 disconnected
> [ 24272.575] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24954 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.577] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 connected
> from local host ( uid=9435 gid=577 pid=24958 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.585] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.612] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24963 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.616] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.628] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 disconnected
> [ 24272.630] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24960 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.633] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 connected
> from local host ( uid=9435 gid=577 pid=24964 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.644] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.673] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24969 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.679] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [ 24272.691] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 disconnected
> [ 24272.692] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 connected
> from local host ( uid=9435 gid=577 pid=24966 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.697] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 30 connected
> from local host ( uid=9435 gid=577 pid=24970 )
> Auth name: MIT-MAGIC-COOKIE-1 ID: 572
> [ 24272.711] AUDIT: Wed Oct  2 15:41:44 2013: 2625: client 28 disconnected
> [...]
>
> The client numbers are just a small repeating set, but trying to find
> the associated processes through the pids fails, because when the
> logfile entry is written, the processes are already gone.  For sure
> these messages are associated with "something" the user(s) do, because
> as soon as nobody is logged in, these messages stop.  We have lots of
> CentOS 6 machines, but this is the only one with such an issue, even
> though there are more or less the same applications running on all machines.
>
>
> Xorg is running with the following options (CentOS 6 default settings):
> /usr/bin/Xorg :0 -nr -verbose -audit 4 -auth
> /var/run/gdm/auth-for-gdm-jQ4DVP/database -nolisten tcp vt1
>
>
> Questions:
>
> * How can one find out which processes are responsible for these
>   audit messages?
>
> * How can I stop auditing completely?  With CentOS 5 Xorg ran
>   with "audit 0" and I was unable to find the place where the
>   audit level is set.
>
> * (more generally) What's auditing good/used for anyway?
>
>
> Any hint is appreciated.
>
> Cheers
> frank
>
> [cross-posted on lopsa-tech maillist]
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/list

[CentOS] php 5.1 to 5.3

2013-10-04 Thread Nikos Gatsis - Qbit 

Hello list
I'm managing a web server with centos-release-5-9.el5.centos.1.
I have php-5.1.6-40.el5_9 right now and I'd like to update it to php53.
I wander if its easy or complicated. If somebody have any instructions
I'd be very glad!

Thank you in advance.
Nikos


-- 
Untitled Document

*Γατσής Νίκος - Gatsis Nikos*
Web developer
tel.: 2108256721 - 2108256722
fax: 2108256712
email: ngat...@qbit.gr
http://www.qbit.gr
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] php 5.1 to 5.3

2013-10-04 Thread Carl T. Miller 
Nikos Gatsis - Qbit wrote:
>
> Hello list
> I'm managing a web server with centos-release-5-9.el5.centos.1.
> I have php-5.1.6-40.el5_9 right now and I'd like to update it to php53.
> I wander if its easy or complicated. If somebody have any instructions
> I'd be very glad!

Hi Nikos,

There is a very nice set of instructions available here.


c


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] php 5.1 to 5.3

2013-10-04 Thread John R Pierce 
On 10/4/2013 4:51 AM, Nikos Gatsis - Qbit wrote:
> I'm managing a web server with centos-release-5-9.el5.centos.1.
> I have php-5.1.6-40.el5_9 right now and I'd like to update it to php53.
> I wander if its easy or complicated. If somebody have any instructions
> I'd be very glad!

installing php53 is as simple as `yum install php53`, and tweaking a few 
things.

note that php53 will break a LOT of older php code which worked fine in 
php 5.1


-- 
john r pierce  37N 122W
somewhere on the middle of the left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] php 5.1 to 5.3

2013-10-04 Thread John R Pierce 
On 10/4/2013 5:09 AM, Carl T. Miller wrote:
> There is a very nice set of instructions available here.
> 

those must be old.  php53 is in the 5.9 base repository, no epel or 
webstatic(?) required


-- 
john r pierce  37N 122W
somewhere on the middle of the left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] php 5.1 to 5.3

2013-10-04 Thread Leon Fauster 
Am 04.10.2013 um 13:51 schrieb Nikos Gatsis - Qbit :
> Hello list
> I'm managing a web server with centos-release-5-9.el5.centos.1.
> I have php-5.1.6-40.el5_9 right now and I'd like to update it to php53.
> I wander if its easy or complicated. If somebody have any instructions
> I'd be very glad!



more important - check your php application!

http://www.php.net/manual/en/migration53.php

http://www.php.net/manual/en/migration52.php 

--
LF


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] php 5.1 to 5.3

2013-10-04 Thread Nikolaos Milas 
On 4/10/2013 5:36 μμ, Leon Fauster wrote:

> Am 04.10.2013 um 13:51 schrieb Nikos Gatsis - Qbit :
>> Hello list
>> I'm managing a web server with centos-release-5-9.el5.centos.1.
>> I have php-5.1.6-40.el5_9 right now and I'd like to update it to php53.
>> I wander if its easy or complicated. If somebody have any instructions
>> I'd be very glad!

I am using http://rpms.famillecollet.com/ and 
http://www.webtatic.com/projects/yum-repository/ for a long time without 
issues.

Nick

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Xorg fills up /var/log/Xorg.0.log with AUDIT messages (up to system crash) [solved]

2013-10-04 Thread Frank Cox 
On Fri, 04 Oct 2013 13:48:01 +0200
Frank Thommen wrote:

> Problem solved: A user had configured his "preferred browser" to be 
> Thunderbird(!).  As soon as he clicked on a link in an email, he ended 
> in an endless loop with TB trying to open the link with the "preferred 
> browser" (aka itself) again and again. This resulted in 40 MB audit 
> loglines/hour in /var/log/Xorg.0.log.

That sounds like something that should be reported to the Thunderbird people.
It probably wouldn't be too difficult for them to make Thunderbird an invalid
selection under that setting.

-- 
MELVILLE THEATRE ~ Real D 3D Digital Cinema ~ www.melvilletheatre.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Samba problem

2013-10-04 Thread Joseph Hesse 
Hello,

I am trying to learn how to use Samba.  I first just want to get it to 
work, then I'll make it better.
I am not concerned about security since everything is on a private network.
I am following the material in "CentOS 6 Linux Server Cookbook" by 
Jonathan Hobson.
I am using two virtual computers with Virtual Box running on Fedora 19.  
Both virtual computers have bridged networking.
One virtual computer is Win7, the other is CentOS 6.4.
They are both up to date. There is only one user, "admin", on the CentOS 
virtual computer.

The Win7 computer can successfully ping the CentOS computer.

My Win7 computer can not see the share on the Samba server.

The command "# testparm" shows no errors.

The command below gives the following error:

[admin@CentOS ~]$ smbclient //CentOS/admin
Enter admin's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
tree connect failed: NT_STATUS_ACCESS_DENIED

My smb.conf file, below, is taken from the book I am using.

Any suggestions or help would be much appreciated.

Thank you,
Joe Hesse

[global]
unix charset = UTF-8
dos charset = CP932
workgroup = WORKGROUP
server string = CentOS
netbios name = CentOS
dns proxy = no
wins support = no
interfaces = 127.0.0.0/8 192.168.0.0/24 eth0
bind interfaces only = no
log file = /var/log/samba/log.%m
max log size = 1000
syslog only = no
syslog = 0
panic action = /usr/share/samba/panic-action %d
security = user
encrypt passwords = true
passdb backend = tdbsam
obey pam restrictions = yes
unix password sync = yes
passwd program = /usr/bin/passwd %u
passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\
spassword:* %n\n *password\supdated\ssuccessfully* .
pam password change = yes
map to guest = bad user
usershare allow guests = no
domain master = no
local master = no
preferred master = no
os level = 8
[homes]
comment = Home Directories
browseable = yes
writable = yes
valid users = %S
create mask =0755
directory mask =0755
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Earl Ramirez 
On Fri, 2013-10-04 at 14:11 -0500, Joseph Hesse wrote:
> Hello,
> 
> I am trying to learn how to use Samba.  I first just want to get it to 
> work, then I'll make it better.
> I am not concerned about security since everything is on a private network.
> I am following the material in "CentOS 6 Linux Server Cookbook" by 
> Jonathan Hobson.
> I am using two virtual computers with Virtual Box running on Fedora 19.  
> Both virtual computers have bridged networking.
> One virtual computer is Win7, the other is CentOS 6.4.
> They are both up to date. There is only one user, "admin", on the CentOS 
> virtual computer.
> 
> The Win7 computer can successfully ping the CentOS computer.
> 
> My Win7 computer can not see the share on the Samba server.
> 
> The command "# testparm" shows no errors.
> 
> The command below gives the following error:
> 
> [admin@CentOS ~]$ smbclient //CentOS/admin
> Enter admin's password:
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
> tree connect failed: NT_STATUS_ACCESS_DENIED
> 
> My smb.conf file, below, is taken from the book I am using.
> 
> Any suggestions or help would be much appreciated.
> 
> Thank you,
> Joe Hesse
> 
> [global]
> unix charset = UTF-8
> dos charset = CP932
> workgroup = WORKGROUP
> server string = CentOS
> netbios name = CentOS
> dns proxy = no
> wins support = no
> interfaces = 127.0.0.0/8 192.168.0.0/24 eth0
> bind interfaces only = no
> log file = /var/log/samba/log.%m
> max log size = 1000
> syslog only = no
> syslog = 0
> panic action = /usr/share/samba/panic-action %d
> security = user
> encrypt passwords = true
> passdb backend = tdbsam
> obey pam restrictions = yes
> unix password sync = yes
> passwd program = /usr/bin/passwd %u
> passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\
> spassword:* %n\n *password\supdated\ssuccessfully* .
> pam password change = yes
> map to guest = bad user
> usershare allow guests = no
> domain master = no
> local master = no
> preferred master = no
> os level = 8
> [homes]
> comment = Home Directories
> browseable = yes
> writable = yes
> valid users = %S
> create mask =0755
> directory mask =0755
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

Hello Joseph,

Is the samba service runing?

$ service smb start
$ service nmb start

You will also need to configure the firewall for the following ports,
137, 138, 139 and 445.



-- 


Kind Regards
Earl Ramirez
GPG Key: http://trinipino.com/PublicKey.asc


signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Joseph Hesse 
On 10/04/2013 02:15 PM, Earl Ramirez wrote:
> On Fri, 2013-10-04 at 14:11 -0500, Joseph Hesse wrote:
>> Hello,
>>
>> I am trying to learn how to use Samba.  I first just want to get it to
>> work, then I'll make it better.
>> I am not concerned about security since everything is on a private network.
>> I am following the material in "CentOS 6 Linux Server Cookbook" by
>> Jonathan Hobson.
>> I am using two virtual computers with Virtual Box running on Fedora 19.
>> Both virtual computers have bridged networking.
>> One virtual computer is Win7, the other is CentOS 6.4.
>> They are both up to date. There is only one user, "admin", on the CentOS
>> virtual computer.
>>
>> The Win7 computer can successfully ping the CentOS computer.
>>
>> My Win7 computer can not see the share on the Samba server.
>>
>> The command "# testparm" shows no errors.
>>
>> The command below gives the following error:
>>
>> [admin@CentOS ~]$ smbclient //CentOS/admin
>> Enter admin's password:
>> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
>> tree connect failed: NT_STATUS_ACCESS_DENIED
>>
>> My smb.conf file, below, is taken from the book I am using.
>>
>> Any suggestions or help would be much appreciated.
>>
>> Thank you,
>> Joe Hesse
>>
>> [global]
>> unix charset = UTF-8
>> dos charset = CP932
>> workgroup = WORKGROUP
>> server string = CentOS
>> netbios name = CentOS
>> dns proxy = no
>> wins support = no
>> interfaces = 127.0.0.0/8 192.168.0.0/24 eth0
>> bind interfaces only = no
>> log file = /var/log/samba/log.%m
>> max log size = 1000
>> syslog only = no
>> syslog = 0
>> panic action = /usr/share/samba/panic-action %d
>> security = user
>> encrypt passwords = true
>> passdb backend = tdbsam
>> obey pam restrictions = yes
>> unix password sync = yes
>> passwd program = /usr/bin/passwd %u
>> passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\
>> spassword:* %n\n *password\supdated\ssuccessfully* .
>> pam password change = yes
>> map to guest = bad user
>> usershare allow guests = no
>> domain master = no
>> local master = no
>> preferred master = no
>> os level = 8
>> [homes]
>> comment = Home Directories
>> browseable = yes
>> writable = yes
>> valid users = %S
>> create mask =0755
>> directory mask =0755
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
> Hello Joseph,
>
> Is the samba service runing?
>
> $ service smb start
> $ service nmb start
>
> You will also need to configure the firewall for the following ports,
> 137, 138, 139 and 445.
>
>
>
>
>
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
Both services are running.  I checked with "service smb status" and 
"service nmb status"  Also checked with chkconfig --list
The ports are open.  I checked with "system-config-firewall" and the 
ports for Samba and Samba Client are open.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Xorg fills up /var/log/Xorg.0.log with AUDIT messages (up to system crash) [solved]

2013-10-04 Thread g 

hi frank,

On 10/04/2013 12:12 PM, Frank Cox wrote:
> On Fri, 04 Oct 2013 13:48:01 +0200
> Frank Thommen wrote:
>
>> Problem solved: A user had configured his "preferred browser" to be
>> Thunderbird(!).  As soon as he clicked on a link in an email, he ended
>> in an endless loop with TB trying to open the link with the "preferred
>> browser" (aka itself) again and again. This resulted in 40 MB audit
>> loglines/hour in /var/log/Xorg.0.log.
>
> That sounds like something that should be reported to the Thunderbird people.
> It probably wouldn't be too difficult for them to make Thunderbird an invalid
> selection under that setting.

maybe not.

thunderbird has add-ons 'thunderbrowse' and 'thunder!box'.

they are supposed to make thunderbird work like


-- 

peace out.

in a world with out fences, who needs gates.

tc.hago.

g
.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Earl Ramirez 
On Fri, 2013-10-04 at 14:27 -0500, Joseph Hesse wrote:
> On 10/04/2013 02:15 PM, Earl Ramirez wrote:
> > On Fri, 2013-10-04 at 14:11 -0500, Joseph Hesse wrote:
> >> Hello,
> >>
> >> I am trying to learn how to use Samba.  I first just want to get it to
> >> work, then I'll make it better.
> >> I am not concerned about security since everything is on a private network.
> >> I am following the material in "CentOS 6 Linux Server Cookbook" by
> >> Jonathan Hobson.
> >> I am using two virtual computers with Virtual Box running on Fedora 19.
> >> Both virtual computers have bridged networking.
> >> One virtual computer is Win7, the other is CentOS 6.4.
> >> They are both up to date. There is only one user, "admin", on the CentOS
> >> virtual computer.
> >>
> >> The Win7 computer can successfully ping the CentOS computer.
> >>
> >> My Win7 computer can not see the share on the Samba server.
> >>
> >> The command "# testparm" shows no errors.
> >>
> >> The command below gives the following error:
> >>
> >> [admin@CentOS ~]$ smbclient //CentOS/admin
> >> Enter admin's password:
> >> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
> >> tree connect failed: NT_STATUS_ACCESS_DENIED
> >>
> >> My smb.conf file, below, is taken from the book I am using.
> >>
> >> Any suggestions or help would be much appreciated.
> >>
> >> Thank you,
> >> Joe Hesse
> >>
> >> [global]
> >> unix charset = UTF-8
> >> dos charset = CP932
> >> workgroup = WORKGROUP
> >> server string = CentOS
> >> netbios name = CentOS
> >> dns proxy = no
> >> wins support = no
> >> interfaces = 127.0.0.0/8 192.168.0.0/24 eth0
> >> bind interfaces only = no
> >> log file = /var/log/samba/log.%m
> >> max log size = 1000
> >> syslog only = no
> >> syslog = 0
> >> panic action = /usr/share/samba/panic-action %d
> >> security = user
> >> encrypt passwords = true
> >> passdb backend = tdbsam
> >> obey pam restrictions = yes
> >> unix password sync = yes
> >> passwd program = /usr/bin/passwd %u
> >> passwd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\
> >> spassword:* %n\n *password\supdated\ssuccessfully* .
> >> pam password change = yes
> >> map to guest = bad user
> >> usershare allow guests = no
> >> domain master = no
> >> local master = no
> >> preferred master = no
> >> os level = 8
> >> [homes]
> >> comment = Home Directories
> >> browseable = yes
> >> writable = yes
> >> valid users = %S
> >> create mask =0755
> >> directory mask =0755
> >> ___
> >> CentOS mailing list
> >> CentOS@centos.org
> >> http://lists.centos.org/mailman/listinfo/centos
> > Hello Joseph,
> >
> > Is the samba service runing?
> >
> > $ service smb start
> > $ service nmb start
> >
> > You will also need to configure the firewall for the following ports,
> > 137, 138, 139 and 445.
> >
> >
> >
> >
> >
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> Both services are running.  I checked with "service smb status" and 
> "service nmb status"  Also checked with chkconfig --list
> The ports are open.  I checked with "system-config-firewall" and the 
> ports for Samba and Samba Client are open.
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos


Did you create the a samba account "admin", to test you can do the
following 
$ smbclient -L localhost -U  "sambausername"

You will also need to check the SELinux label for the directory that you
are sharing.




Kind Regards
Earl Ramirez
GPG Key: http://trinipino.com/PublicKey.asc


signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread John R Pierce 
On 10/4/2013 12:11 PM, Joseph Hesse wrote:
> security = user


you'll need to run

 smbpasswd -a admin

on the samba server, and give the 'admin' SMB user a password. Samba 
can't use the unix /etc/password|shadow combination as the hashes used 
by SMB aren't compatible.


-- 
john r pierce  37N 122W
somewhere on the middle of the left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] "Enterprise Class Hard Drive" - Scam Warning

2013-10-04 Thread Eliezer Croitoru 
Hey,

I was wondering about enterprise class drives:
Do you really expect the drive to be shipped to you before even a basic
validation test?
Do you understand that a basic spindown to the car is needed to make
sure that all the parts are fine and the car actually works??
I would try to imagine myself this:
Hmm OK this is your new car "bam: Hoo we forgot to start the engine and
make sure that you have a bit of gas to make it to the next gas station"
hoo and "sorry this is the first time we turn the switch on since the
assembly of the car so feel free to test it for us.."

Eliezer

On 10/02/2013 07:24 PM, Steve Brooks wrote:
> 
> Hi All,
> 
> I know many of us here manage RAID on our Centos based servers so this may 
> be of interest to us all.
> 
> I ordered three new "Enterprise hard drives" this month from a well known 
> UK online retailer. The drives arrived as new in their anti-static 
> packaging. Before using one of the drives in a mission critical hardware 
> raid I checked the SMART attributes and was amazed at what I saw; see a 
> few of the attributes listed below
> 
>1 Raw_Read_Error_Rate 0x002f   200   200   051Pre-fail  -   2600
>9 Power_On_Hours  0x0032   098   097   000Old_age   -   2106
>   12 Power_Cycle_Count   0x0032   100   100   000Old_age   - 80
> 198 Offline_Uncorrectable   0x0030   196   196   000Old_age   -398
> 200 Multi_Zone_Error_Rate   0x0008   180   180   000Old_age   -   4077
> 
> 
> So for a brand new packaged drive this was a bit of a surprise. "2106" 
> power on hours, obviously should be zero for a new drive and "398" 
> "Offline_Uncorrectable sectors" this is a well used and faulty drive. I 
> contacted the (very well known) manufacturer of the drive and asked for 
> information on the serial number. I was told the serial number of the 
> drive was region specific to the USA and should not even be in the UK. I 
> opened and tested the second and third drives with similar results. I was 
> told two of the drives had already been returned under warranty and 
> replaced with new drives. Wow... I was also told by the online retailer 
> this is known as a grey import and is not that uncommon..
> 
> So it may be a good policy to check the SMART attributes of drives before 
> deployment!
> 
> Cheers, Steve
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
> 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Joseph Hesse 
On 10/04/2013 02:39 PM, John R Pierce wrote:
> On 10/4/2013 12:11 PM, Joseph Hesse wrote:
>> security = user
>
> you'll need to run
>
>   smbpasswd -a admin
>
> on the samba server, and give the 'admin' SMB user a password. Samba
> can't use the unix /etc/password|shadow combination as the hashes used
> by SMB aren't compatible.
>
>
I used "smbpasswd "to assign a Samba password to user "admin".  My Win7 
virtual machine still couldn't see the share.  It is my impression that 
the smb.conf file in the book I am using allows passwordless access to 
the shares.

Also, if it helps, here is some more output.

[root@CentOS ~]# smbclient -L localhost -U
Enter root's password:
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]

 Sharename   Type  Comment
 -     ---
 homes   Disk  Home Directories
 IPC$IPC   IPC Service (CentOS)
Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]

 Server   Comment
 ----
 CENTOS   CentOS
 WIN7VM

 WorkgroupMaster
 ----
 WORKGROUPWIN7VM

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] "Enterprise Class Hard Drive" - Scam Warning

2013-10-04 Thread Peter 
On 10/05/2013 11:39 AM, Eliezer Croitoru wrote:
> Hey,
> 
> I was wondering about enterprise class drives:
> Do you really expect the drive to be shipped to you before even a basic
> validation test?

I would expect 24 or maybe 48 hours for a burn-in, but not 87 days.


Peter
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Les Mikesell 
On Fri, Oct 4, 2013 at 6:27 PM, Joseph Hesse  wrote:
>
>>> security = user
>>
>> you'll need to run
>>
>>   smbpasswd -a admin
>>
>> on the samba server, and give the 'admin' SMB user a password. Samba
>> can't use the unix /etc/password|shadow combination as the hashes used
>> by SMB aren't compatible.
>>
>>
> I used "smbpasswd "to assign a Samba password to user "admin".  My Win7
> virtual machine still couldn't see the share.  It is my impression that
> the smb.conf file in the book I am using allows passwordless access to
> the shares.

Passwordless?  I don't think so.  Are you using 'connect as different
user' when you try to map the share?  If you aren't authenticating as
the 'admin' user you won't even see the home share for that user.   If
you are logged in as admin on the windows box in the same workgroup it
might just happen to work without re authenticating.

-- 
Les Mikesell
   lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Earl Ramirez 
On Fri, 2013-10-04 at 18:27 -0500, Joseph Hesse wrote:
> On 10/04/2013 02:39 PM, John R Pierce wrote:
> > On 10/4/2013 12:11 PM, Joseph Hesse wrote:
> >> security = user
> >
> > you'll need to run
> >
> >   smbpasswd -a admin
> >
> > on the samba server, and give the 'admin' SMB user a password. Samba
> > can't use the unix /etc/password|shadow combination as the hashes used
> > by SMB aren't compatible.
> >
> >
> I used "smbpasswd "to assign a Samba password to user "admin".  My Win7 
> virtual machine still couldn't see the share.  It is my impression that 
> the smb.conf file in the book I am using allows passwordless access to 
> the shares.

Are you able to authenticate to the samba server from the Windows 7
machine? 

> Also, if it helps, here is some more output.
> 
> [root@CentOS ~]# smbclient -L localhost -U
> Enter root's password:
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
> 
>  Sharename   Type  Comment
>  -     ---
>  homes   Disk  Home Directories
>  IPC$IPC   IPC Service (CentOS)
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
> 
>  Server   Comment
>  ----
>  CENTOS   CentOS
>  WIN7VM
> 
>  WorkgroupMaster
>  ----
>  WORKGROUPWIN7VM

What is the out put from smbclient -L localhost -U admin?

I saw that you have the home directory enabled, by default SELinux does
not permit access to the home directory, unless you enable the boolean

$ sudo setsebool -P samba_enable_home_dirs on

When you try to access the samba share from the windows 7 machine, what
is happening? Are you being prompt for the credentials?

If you do not have a backup of the smb.conf file, I have placed a copy
from a clean install [0]

[0] http://trinipino.com/share/smb.conf
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

-- 


Kind Regards
Earl Ramirez
GPG Key: http://trinipino.com/PublicKey.asc


signature.asc
Description: This is a digitally signed message part
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Chris Weisiger 
You can connect to a samba share without user or password authentication. 
That's how I have my server setup at my house. I dont know the settings off 
hand but illpost them shortly

-Original Message-
From: Earl Ramirez
Sent: 10/04/13 8:35 PM
To: CentOS mailing list
Subject: Re: [CentOS] Samba problem

On Fri, 2013-10-04 at 18:27 -0500, Joseph Hesse wrote:
> On 10/04/2013 02:39 PM, John R Pierce wrote:
> > On 10/4/2013 12:11 PM, Joseph Hesse wrote:
> >> security = user
> >
> > you'll need to run
> >
> >   smbpasswd -a admin
> >
> > on the samba server, and give the 'admin' SMB user a password. Samba
> > can't use the unix /etc/password|shadow combination as the hashes used
> > by SMB aren't compatible.
> >
> >
> I used "smbpasswd "to assign a Samba password to user "admin".  My Win7 
> virtual machine still couldn't see the share.  It is my impression that 
> the smb.conf file in the book I am using allows passwordless access to 
> the shares.

Are you able to authenticate to the samba server from the Windows 7
machine? 

> Also, if it helps, here is some more output.
> 
> [root@CentOS ~]# smbclient -L localhost -U
> Enter root's password:
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
> 
>  Sharename   Type  Comment
>  -     ---
>  homes   Disk  Home Directories
>  IPC$IPC   IPC Service (CentOS)
> Domain=[WORKGROUP] OS=[Unix] Server=[Samba 3.6.9-151.el6_4.1]
> 
>  Server   Comment
>  ----
>  CENTOS   CentOS
>  WIN7VM
> 
>  WorkgroupMaster
>  ----
>  WORKGROUPWIN7VM

What is the out put from smbclient -L localhost -U admin?

I saw that you have the home directory enabled, by default SELinux does
not permit access to the home directory, unless you enable the boolean

$ sudo setsebool -P samba_enable_home_dirs on

When you try to access the samba share from the windows 7 machine, what
is happening? Are you being prompt for the credentials?

If you do not have a backup of the smb.conf file, I have placed a copy
from a clean install [0]

[0] http://trinipino.com/share/smb.conf
> 
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos

-- 


Kind Regards
Earl Ramirez
GPG Key: http://trinipino.com/PublicKey.asc
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Les Mikesell 
On Fri, Oct 4, 2013 at 8:44 PM, Chris Weisiger  wrote:
> You can connect to a samba share without user or password authentication. 
> That's how I have my server setup at my house. I dont know the settings off 
> hand but illpost them shortly
>

You can set a share to publc or guest ok = yes.  But then you won't
see the home share of some other user.

-- 
  Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Chris Weisiger 
You can set "security = share"

I had mine set to see the user share but I changed my setup

-Original Message- 
From: Les Mikesell
Sent: Friday, October 04, 2013 8:54 PM
To: CentOS mailing list
Subject: Re: [CentOS] Samba problem

On Fri, Oct 4, 2013 at 8:44 PM, Chris Weisiger  
wrote:
> You can connect to a samba share without user or password authentication. 
> That's how I have my server setup at my house. I dont know the settings 
> off hand but illpost them shortly
>

You can set a share to publc or guest ok = yes.  But then you won't
see the home share of some other user.

-- 
  Les Mikesell
 lesmikes...@gmail.com
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread John R Pierce 
On 10/4/2013 9:27 PM, Chris Weisiger wrote:
> You can set "security = share"
>
> I had mine set to see the user share but I changed my setup

are share passwords even supported anymore?  that was the default mode 
for windows 3.x and 95-98 sharing, each share could have two passwords, 
one for read-only and one for write, and there was no concept of a user.

what Ive always found works adequately is to create a smbpassword for 
each windows user, with the same password as they log onto their 
desktop.  then windows will just autoconnect.  if you have unix clients, 
use nfs, not smb!!

what works *best* is to have active directory or another ldap+kerberos 
implementation, and have all your windows systems joined to the domain 
and users logging onto domain accounts.  THEN you share to the domain 
accounts and its all good.

windows 7 and newer default to requiring more strict encryption and 
authentication, which older systems may not provide by default.


--
john r pierce  37N 122W
somewhere on the middle of the left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Samba problem

2013-10-04 Thread Chris Weisiger 
when I set it to share I don’t need a passwordits configure like an 
anonymous file server. but I can tune the settings in actual shared section 
of the conf file

-Original Message- 
From: John R Pierce
Sent: Friday, October 04, 2013 11:43 PM
To: centos@centos.org
Subject: Re: [CentOS] Samba problem

On 10/4/2013 9:27 PM, Chris Weisiger wrote:
> You can set "security = share"
>
> I had mine set to see the user share but I changed my setup

are share passwords even supported anymore?  that was the default mode
for windows 3.x and 95-98 sharing, each share could have two passwords,
one for read-only and one for write, and there was no concept of a user.

what Ive always found works adequately is to create a smbpassword for
each windows user, with the same password as they log onto their
desktop.  then windows will just autoconnect.  if you have unix clients,
use nfs, not smb!!

what works *best* is to have active directory or another ldap+kerberos
implementation, and have all your windows systems joined to the domain
and users logging onto domain accounts.  THEN you share to the domain
accounts and its all good.

windows 7 and newer default to requiring more strict encryption and
authentication, which older systems may not provide by default.


--
john r pierce  37N 122W
somewhere on the middle of the left coast

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos 

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos