Re: [CentOS] Mail Merge data to a pdf file by overlaying the data on the image
On 2014-05-09 23:27, Gregory P. Ennis wrote: > Everyone, > > I am looking for a utility that I can use to do a mail merge of data to > a pdf image file. The image file does not have any active fields, but > will be just an image file. I would like to overlay names addresses > etc. > > We currently do this with a pcl file by just overlaying the data with > pcl print positions. However, in order to get the pcl file from an > original pdf file we have to use gimp to convert the pdf to pcl file, > and we always lose a little resolution. I was wondering if anyone > knows > of a utility to perform this function without first converting the > image > to a pcl file. > Have you tried pdftk? http://www.pdflabs.com/tools/pdftk-server/ > Thanks, ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 111, Issue 6
Send CentOS-announce mailing list submissions to
centos-annou...@centos.org
To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org
You can reach the person managing the list at
centos-announce-ow...@centos.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."
Today's Topics:
1. CEBA-2014:0479 CentOS 6 mdadm Update (Johnny Hughes)
2. CEBA-2014:0482 CentOS 6 virt-viewer Update (Johnny Hughes)
3. CEBA-2014:0480 CentOS 6 glibc Update (Johnny Hughes)
--
Message: 1
Date: Mon, 12 May 2014 09:09:48 +
From: Johnny Hughes
Subject: [CentOS-announce] CEBA-2014:0479 CentOS 6 mdadm Update
To: centos-annou...@centos.org
Message-ID: <20140512090948.ga31...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2014:0479
Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0479.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
dcb06cb9223e8beb2895b015325541f002cc17e65a4969ae5e8ae4a4cafab646
mdadm-3.2.6-7.el6_5.2.i686.rpm
x86_64:
a345fb7da35c8d6939f8528df57a1d5ddea5a32c5c2e35f0ce7ebb8d1d4fc1ea
mdadm-3.2.6-7.el6_5.2.x86_64.rpm
Source:
790cde83904db3954594552c52d02c7fd7995a96b6af820121a7b4988d9d25dc
mdadm-3.2.6-7.el6_5.2.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
Message: 2
Date: Mon, 12 May 2014 09:10:49 +
From: Johnny Hughes
Subject: [CentOS-announce] CEBA-2014:0482 CentOS 6 virt-viewer Update
To: centos-annou...@centos.org
Message-ID: <20140512091049.ga31...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2014:0482
Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0482.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
05fb9063c98b4a2ec8c8e486e9a14920aae1343d9155e4e03caec34b13f2d1fe
virt-viewer-0.5.6-8.el6_5.2.i686.rpm
x86_64:
2a34e3b003095390204c557e3ad38ad63a927815e34277423b0854563d2f4a16
virt-viewer-0.5.6-8.el6_5.2.x86_64.rpm
Source:
14436b7735f3bb8bea20d4ee331f283d69464c99a270e8ae363c91de534dc8a5
virt-viewer-0.5.6-8.el6_5.2.src.rpm
--
Johnny Hughes
CentOS Project { http://www.centos.org/ }
irc: hughesjr, #cen...@irc.freenode.net
--
Message: 3
Date: Mon, 12 May 2014 09:20:03 +
From: Johnny Hughes
Subject: [CentOS-announce] CEBA-2014:0480 CentOS 6 glibc Update
To: centos-annou...@centos.org
Message-ID: <20140512092003.ga32...@n04.lon1.karan.org>
Content-Type: text/plain; charset=us-ascii
CentOS Errata and Bugfix Advisory 2014:0480
Upstream details at : https://rhn.redhat.com/errata/RHBA-2014-0480.html
The following updated files have been uploaded and are currently
syncing to the mirrors: ( sha256sum Filename )
i386:
61ee3b95a41c3248bf1f6869bb4395bd7ecd5f5458390b0a532aba2e24867cc5
glibc-2.12-1.132.el6_5.1.i686.rpm
51d4dc05d99974de458a504b0898b68f384fe494739ad022753c4c60f6e0d694
glibc-common-2.12-1.132.el6_5.1.i686.rpm
2291ca8dae36ee186e1952b2d97305b0b69db1da636bfeb232e95f8dca86983c
glibc-devel-2.12-1.132.el6_5.1.i686.rpm
bc9e8f1257f5eff0d27524289bb983664e213a8e66ee81831e7230058602556e
glibc-headers-2.12-1.132.el6_5.1.i686.rpm
bf67d3ac8390077100787c4e669c24215b0a594ce0fe6d3d18ddc85765fcbcc2
glibc-static-2.12-1.132.el6_5.1.i686.rpm
94b09ee7111e03c16c74459257b67d974962f8a0f27436a103ce9afa07accdbf
glibc-utils-2.12-1.132.el6_5.1.i686.rpm
ed69e226d681c5c613797eac67f8973824ed44cd8a54804e69ab75f002af69fc
nscd-2.12-1.132.el6_5.1.i686.rpm
x86_64:
61ee3b95a41c3248bf1f6869bb4395bd7ecd5f5458390b0a532aba2e24867cc5
glibc-2.12-1.132.el6_5.1.i686.rpm
23e70f730344720b009071e1397557205523da758de754c6d4f96dd23570bff4
glibc-2.12-1.132.el6_5.1.x86_64.rpm
366c7a05c3dab6c0eb2f3e044834930cfe2e52822ca69c65ba0c2bf5c5217366
glibc-common-2.12-1.132.el6_5.1.x86_64.rpm
2291ca8dae36ee186e1952b2d97305b0b69db1da636bfeb232e95f8dca86983c
glibc-devel-2.12-1.132.el6_5.1.i686.rpm
dd1a75ab2fa5aee65542f277bab51822201ff200fe02c1bd7a674e20527b162c
glibc-devel-2.12-1.132.el6_5.1.x86_64.rpm
2609cf80b2840c0fafc3824e7451c95322a4e0c54bfacf0dee3228015151838e
glibc-headers-2.12-1.132.el6_5.1.x86_64.rpm
bf67d3ac8390077100787c4e669c24215b0a594ce0fe6d3d18ddc85765fcbcc2
glibc-static-2.12-1.132.el6_5.1.i686.rpm
1862effada19be6bb1c6fc5a2218f74dafd7ea7fa62496cbec7d88177a13fb0c
glibc-static-2.12-1.132.el6_5.1.x86_64.rpm
25c607944fc32cd1e7afb059fdf4a3ff5fcbfa326d8658f3a66f541daf34ce6b
glibc-utils-2.12-1.132.el6_5.1.x86_64.rpm
80817131e2d9df5685f3d751061cae77691f35
[CentOS] Change server name in postfix configuration
Hi, A consultant, long gone, set up postfix, dovecot, amavisd and squirrelmail for my wife. It works fine but my wife wants to change the server name from old.com to new.com so the name is more appropriate for her business. My approach would be to use sed to change all occurences of old.com to new.com. Specifically, I used grep to identify the following files where I should make the changes. /etc/postfix/main.cf /etc/dovecot/dovecot.conf /etc/squirrelmail/config.php /etc/amavisd.conf /etc/sysconfig/network (change host name) In addition, there would be an MX record for mail.new.com pointing to the IP of the server. My question is, will this work or will I corrupt my email server? If I mess it up I can always restore it to the original. Thank you, Joe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Change server name in postfix configuration
- Maybe check /etc/hosts. - What about the old domain ? You may not be able to receive e-mails for it. You can think about add the new.com in parallel with old.com on the same server. On Mon, May 12, 2014 at 2:12 PM, Joseph Hesse wrote: > Hi, > A consultant, long gone, set up postfix, dovecot, amavisd and > squirrelmail for my wife. > It works fine but my wife wants to change the server name from old.com > to new.com so the name is more appropriate for her business. > My approach would be to use sed to change all occurences of old.com to > new.com. > Specifically, I used grep to identify the following files where I should > make the changes. > > /etc/postfix/main.cf > /etc/dovecot/dovecot.conf > /etc/squirrelmail/config.php > /etc/amavisd.conf > /etc/sysconfig/network (change host name) > In addition, there would be an MX record for mail.new.com pointing to > the IP of the server. > > My question is, will this work or will I corrupt my email server? If I > mess it up I can always restore it to the original. > > Thank you, > Joe > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] OpenDKIM and SELinux
Following the most recent kernel updates I restarted our outgoing SMTP MTA
which was recently reconfigured to DKIM sign messages using OpenDKIM. This
morning I discovered that Postfix had stopped on that server. Whether it is
related to the Postfix issue or not is yet to be determined but, in the
process of getting things restarted I ran across this error with Open DKIM:
# service opendkim restart
Stopping OpenDKIM Milter: [FAILED]
Starting OpenDKIM Milter: opendkim: /etc/opendkim.conf:
refile:/etc/opendkim/TrustedHosts: dkimf_db_open(): Permission denied
[FAILED]
I check the permissions and ownership on the file and everything seems normal.
I then checked audit2why and got this:
audit2allow: error: no such option: --
[root@inet08 opendkim]# audit2why -l -a
type=AVC msg=audit(1399898848.286:2317): avc: denied { dac_read_search } for
pid=15213 comm="opendkim" capability=2
scontext=unconfined_u:system_r:dkim_milter_t:s0
tcontext=unconfined_u:system_r:dkim_milter_t:s0 tclass=capability
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow
this access.
type=AVC msg=audit(1399898848.286:2317): avc: denied { dac_override } for
pid=15213 comm="opendkim" capability=1
scontext=unconfined_u:system_r:dkim_milter_t:s0
tcontext=unconfined_u:system_r:dkim_milter_t:s0 tclass=capability
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow
this access.
We have been using dkim for a little while now and our dmarc records indicate
that messages from our domains should be signed so this problem needed an
immediate fix or workaround. What I ended up with was this .te file that
generates an SEModule which at least gets the service running. What else it
opens us up to I am not sure so I would appreciate some commentary on how I
should proceed to obtain a permanent fix:
module localOpenDKIMmod 1.0;
require {
type dkim_milter_t;
class capability { dac_read_search dac_override };
}
#= dkim_milter_t ==
allow dkim_milter_t self:capability { dac_read_search dac_override };
--
*** E-Mail is NOT a SECURE channel ***
James B. Byrnemailto:byrn...@harte-lyne.ca
Harte & Lyne Limited http://www.harte-lyne.ca
9 Brockley Drive vox: +1 905 561 1241
Hamilton, Ontario fax: +1 905 561 0757
Canada L8E 3C3
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Change server name in postfix configuration
Am 12.05.2014 um 14:56 schrieb Laurent CREPET : > > On Mon, May 12, 2014 at 2:12 PM, Joseph Hesse wrote: > >> A consultant, long gone, set up postfix, dovecot, amavisd and >> squirrelmail for my wife. >> It works fine but my wife wants to change the server name from old.com >> to new.com so the name is more appropriate for her business. >> My approach would be to use sed to change all occurences of old.com to >> new.com. >> Specifically, I used grep to identify the following files where I should >> make the changes. >> >> /etc/postfix/main.cf >> /etc/dovecot/dovecot.conf >> /etc/squirrelmail/config.php >> /etc/amavisd.conf >> /etc/sysconfig/network (change host name) >> In addition, there would be an MX record for mail.new.com pointing to >> the IP of the server. >> >> My question is, will this work or will I corrupt my email server? If I >> mess it up I can always restore it to the original. >> > - Maybe check /etc/hosts. > - What about the old domain ? You may not be able to receive e-mails for > it. You can think about add the new.com in parallel with old.com on the > same server. Check also your hosting name (e.g. httpd service). BTW - the MX entry can still have the old name and accepting new.com-mails. Furthermore - take care if SSL/TLS is in use. Certificates are connected to domainnames. -- LF ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenDKIM and SELinux
On 05/12/2014 09:17 AM, James B. Byrne wrote:
> Following the most recent kernel updates I restarted our outgoing SMTP MTA
> which was recently reconfigured to DKIM sign messages using OpenDKIM. This
> morning I discovered that Postfix had stopped on that server. Whether it is
> related to the Postfix issue or not is yet to be determined but, in the
> process of getting things restarted I ran across this error with Open DKIM:
>
> # service opendkim restart
> Stopping OpenDKIM Milter: [FAILED]
> Starting OpenDKIM Milter: opendkim: /etc/opendkim.conf:
> refile:/etc/opendkim/TrustedHosts: dkimf_db_open(): Permission denied
>[FAILED]
>
> I check the permissions and ownership on the file and everything seems normal.
> I then checked audit2why and got this:
>
> audit2allow: error: no such option: --
> [root@inet08 opendkim]# audit2why -l -a
> type=AVC msg=audit(1399898848.286:2317): avc: denied { dac_read_search } for
> pid=15213 comm="opendkim" capability=2
> scontext=unconfined_u:system_r:dkim_milter_t:s0
> tcontext=unconfined_u:system_r:dkim_milter_t:s0 tclass=capability
> Was caused by:
> Missing type enforcement (TE) allow rule.
>
> You can use audit2allow to generate a loadable module to allow
> this access.
>
> type=AVC msg=audit(1399898848.286:2317): avc: denied { dac_override } for
> pid=15213 comm="opendkim" capability=1
> scontext=unconfined_u:system_r:dkim_milter_t:s0
> tcontext=unconfined_u:system_r:dkim_milter_t:s0 tclass=capability
> Was caused by:
> Missing type enforcement (TE) allow rule.
>
> You can use audit2allow to generate a loadable module to allow
> this access.
>
>
>
> We have been using dkim for a little while now and our dmarc records indicate
> that messages from our domains should be signed so this problem needed an
> immediate fix or workaround. What I ended up with was this .te file that
> generates an SEModule which at least gets the service running. What else it
> opens us up to I am not sure so I would appreciate some commentary on how I
> should proceed to obtain a permanent fix:
>
>
>
> module localOpenDKIMmod 1.0;
>
> require {
> type dkim_milter_t;
> class capability { dac_read_search dac_override };
> }
>
> #= dkim_milter_t ==
> allow dkim_milter_t self:capability { dac_read_search dac_override };
>
>
>
dac_read_search and dac_override are usually bad to add. They typically
mean the permission flags on the file in question is two tight for a
root process to read/use.
Loosing up the group/other permissions would probably allow a root
process to read the object without requiring these capabities.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] OpenDKIM and SELinux
On 05/12/2014 01:26 PM, Daniel J Walsh wrote:
> On 05/12/2014 09:17 AM, James B. Byrne wrote:
>> Following the most recent kernel updates I restarted our outgoing SMTP MTA
>> which was recently reconfigured to DKIM sign messages using OpenDKIM. This
>> morning I discovered that Postfix had stopped on that server. Whether it is
>> related to the Postfix issue or not is yet to be determined but, in the
>> process of getting things restarted I ran across this error with Open DKIM:
>>
>> # service opendkim restart
>> Stopping OpenDKIM Milter: [FAILED]
>> Starting OpenDKIM Milter: opendkim: /etc/opendkim.conf:
>> refile:/etc/opendkim/TrustedHosts: dkimf_db_open(): Permission denied
>>[FAILED]
>>
>> I check the permissions and ownership on the file and everything seems
>> normal.
>> I then checked audit2why and got this:
>>
>> audit2allow: error: no such option: --
>> [root@inet08 opendkim]# audit2why -l -a
>> type=AVC msg=audit(1399898848.286:2317): avc: denied { dac_read_search }
>> for
>> pid=15213 comm="opendkim" capability=2
>> scontext=unconfined_u:system_r:dkim_milter_t:s0
>> tcontext=unconfined_u:system_r:dkim_milter_t:s0 tclass=capability
>> Was caused by:
>> Missing type enforcement (TE) allow rule.
>>
>> You can use audit2allow to generate a loadable module to allow
>> this access.
>>
>> type=AVC msg=audit(1399898848.286:2317): avc: denied { dac_override } for
>> pid=15213 comm="opendkim" capability=1
>> scontext=unconfined_u:system_r:dkim_milter_t:s0
>> tcontext=unconfined_u:system_r:dkim_milter_t:s0 tclass=capability
>> Was caused by:
>> Missing type enforcement (TE) allow rule.
>>
>> You can use audit2allow to generate a loadable module to allow
>> this access.
>>
>>
>>
>> We have been using dkim for a little while now and our dmarc records indicate
>> that messages from our domains should be signed so this problem needed an
>> immediate fix or workaround. What I ended up with was this .te file that
>> generates an SEModule which at least gets the service running. What else it
>> opens us up to I am not sure so I would appreciate some commentary on how I
>> should proceed to obtain a permanent fix:
>>
>>
>>
>> module localOpenDKIMmod 1.0;
>>
>> require {
>> type dkim_milter_t;
>> class capability { dac_read_search dac_override };
>> }
>>
>> #= dkim_milter_t ==
>> allow dkim_milter_t self:capability { dac_read_search dac_override };
>>
>>
>>
> dac_read_search and dac_override are usually bad to add. They typically
> mean the permission flags on the file in question is two tight for a
> root process to read/use.
>
> Loosing up the group/other permissions would probably allow a root
> process to read the object without requiring these capabities.
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
I just wrote a quick blog on this.
https://danwalsh.livejournal.com/69478.html
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
[CentOS] Xnest and gnome
I still don't like gnome Got a user who wants the "whole gnome experience" (i.e., he can't deal w/ the command line), so I'm testing this: I'm running 6.5, KDE. On the server, I've installed both Xnest, "Gnome Desktop Environment", and "X Window System". Xnest works fine, I can start xclock, or an xterm, but if I try DISPLAY=:1, I see the taskbar and top bar start to appear on the Xnest window, and then it crashes. Most recently, I've been using Xnest -query hostname :1 to start I *suspect* it has something to do with .Xauthority or something in my home directory, NFS mounted, of course, on both my workstation and the server, but Any clues or suggestions? The messages when it crashes start with: Error: (9) Connection ":1.246" is not allowed to own the service "org.freedesktop.NetworkManagerUserSettings" due to security policies in the configuration file Xlib: extension "RANDR" missing on display ":1". Xlib: extension "RANDR" missing on display ":1". Xlib: extension "DPMS" missing on display ":1". X Error of failed request: BadMatch (invalid parameter attributes) Major opcode of failed request: 73 (X_GetImage) Serial number of failed request: 5764 Current serial number in output stream: 5764 gnome-panel: Fatal IO error 0 (Success) on X server :1. mark ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Heads up on local root escalation
Remember to be especially aware if you have systems that can potentially have code uploaded and run (ftp to httpd vhost or improper php config and file ownership/permissions). This does not affect el5 ... an el6 update is pending. https://access.redhat.com/security/cve/CVE-2014-0196 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Heads up on local root escalation
On 2014-05-12, James Hogarth wrote: > > This does not affect el5 ... an el6 update is pending. > > https://access.redhat.com/security/cve/CVE-2014-0196 Are there any mitigation steps we can take? I've chased down some of the links looking for any, but haven't had success yet. --keith -- kkel...@wombat.san-francisco.ca.us ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Heads up on local root escalation
On Mon, May 12, 2014 at 11:23 AM, Keith Keller wrote: > On 2014-05-12, James Hogarth wrote: >> >> This does not affect el5 ... an el6 update is pending. >> >> https://access.redhat.com/security/cve/CVE-2014-0196 > > Are there any mitigation steps we can take? I've chased down some of > the links looking for any, but haven't had success yet. According to the upstream BZ 1094232, there is a patch from kernel.org: https://git.kernel.org/cgit/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=4291086b1f081b869c6d79e5b7441633dc3ace00 The file to patch in the RHEL/CentOS kernel seems to be drivers/char/n_tty.c If the next kernel update does not have the fix, I can add it to the centosplus kernel. Akemi ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] SSSD Passwd change problem
Hi, I have sssd set up and it mostly works how I would expect, but the ldap_chpass_uri does not seem to work correctly with the passwd command. I have two configs, one working and one not: Working: ldap_uri = ldap://ldap.example.com ldap_chpass_uri = ldap://ldap.example.com Non Working: ldap_uri = ldap://ldap3.example.com,ldap://ldap2.example.com,ldap:// ldap.example.com ldap_chpass_uri = ldap://ldap.example.com ldap.example.com is the master ldap server, and the other two are read-only consumers. I have the clients set up with sssd to use their local ldap replication, except for changing their password. With the non working config the only thing I have changed is the ldap_uri. The behavior seems like it is not using the ldap_chpass_uri directive. I can post more of the config files if needed. When I use the passwd command to update a password, the first config snippet works as expected, whereas the second does not. Any ideas? Thanks, Eric Falbe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] SSSD Passwd change problem
On 12/05/2014 10:02 PM, Eric Falbe wrote: > Hi, > > I have sssd set up and it mostly works how I would expect, but the > ldap_chpass_uri does not seem to work correctly with the passwd > command. > > I have two configs, one working and one not: > > Working: > ldap_uri = ldap://ldap.example.com > ldap_chpass_uri = ldap://ldap.example.com > > Non Working: > ldap_uri = ldap://ldap3.example.com,ldap://ldap2.example.com,ldap:// > ldap.example.com > ldap_chpass_uri = ldap://ldap.example.com > > ldap.example.com is the master ldap server, and the other two are > read-only > consumers. I have the clients set up with sssd to use their local ldap > replication, except for changing their password. With the non working > config the only thing I have changed is the ldap_uri. > > The behavior seems like it is not using the ldap_chpass_uri directive. > I > can post more of the config files if needed. > > When I use the passwd command to update a password, the first config > snippet works as expected, whereas the second does not. Any ideas? > > Thanks, > Eric Falbe Hello, do you have this line: chpass_provider = ldap Regards, ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Heads up on local root escalation
On 2014-05-12, Akemi Yagi wrote: > > According to the upstream BZ 1094232, there is a patch from kernel.org: > > https://git.kernel.org/cgit/linux/kernel/git/gregkh/tty.git/commit/?h=tty-linus&id=4291086b1f081b869c6d79e5b7441633dc3ace00 Actually, I was wondering about mitigation along the lines of blacklisting a module, tuning a sysctl parameter, or some other mitigation that wouldn't require a new kernel. Perhaps such mitigation isn't even possible with this issue. --keith -- kkel...@wombat.san-francisco.ca.us ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Samba problem
Hello, My only hard drive failed on a private server so I had to replace it and reinstall Centos 6.5 and Samba. My smb.conf file is OK according to "testparm". I configured smb and nmb, with chkconfig, to start when the system boots. After the system boots if I do "service nmb status" I get the response "nmbd dead but pid file exists". I can delete the pid file manually and start nmb with "service nmb start". The problem is that when the system shuts down and restarts I still find that "nmbd dead but pid file exists". Any suggestions on how to fix the problem would be much appreciated. Thank you, Joe ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba problem
Em 12-05-2014 18:33, Joseph Hesse escreveu: > Hello, > > My only hard drive failed on a private server so I had to replace it and > reinstall Centos 6.5 and Samba. > My smb.conf file is OK according to "testparm". > I configured smb and nmb, with chkconfig, to start when the system boots. > > After the system boots if I do "service nmb status" I get the response > "nmbd dead but pid file exists". > I can delete the pid file manually and start nmb with "service nmb start". > The problem is that when the system shuts down and restarts I still find > that "nmbd dead but pid file exists". > > Any suggestions on how to fix the problem would be much appreciated. Tried looking at samba logs at /var/log/samba/ or even /var/log/messages for related logs? Out in the blue is hard to guess how to fix because we don't know what's broken.. You may want to: 1. tail -f /var/log/samba/* /var/log/messages | less 2. service nmb restart 3. service nmb status if it's dead again, check the tail output Cheers, Marcelo ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Change server name in postfix configuration
The change host name in /etc/sysconfig/network is really the primary one, unless it has been hardcoded into main.cf The main.cf entries you should concern yourself with is myhostname (defaults to actual hostname if missing) and mydestination which is the list of domains you accept mail for. I'd suggest just adding the new domain to mydestination is likely all you need. It's also possible that you old.com is setup as a virtual domain, in which case you need to add your new.com to that list instead. The info at http://www.postfix.org/documentation.html is quite good. If I were you I'd go through main.cf and look at each parameter in http://www.postfix.org/postconf.5.html and see what it does, so you know what you are changing. dave On Tue, May 13, 2014 at 12:11 AM, Leon Fauster wrote: > Am 12.05.2014 um 14:56 schrieb Laurent CREPET : > > > > On Mon, May 12, 2014 at 2:12 PM, Joseph Hesse > wrote: > > > >> A consultant, long gone, set up postfix, dovecot, amavisd and > >> squirrelmail for my wife. > >> It works fine but my wife wants to change the server name from old.com > >> to new.com so the name is more appropriate for her business. > >> My approach would be to use sed to change all occurences of old.com to > >> new.com. > >> Specifically, I used grep to identify the following files where I should > >> make the changes. > >> > >> /etc/postfix/main.cf > >> /etc/dovecot/dovecot.conf > >> /etc/squirrelmail/config.php > >> /etc/amavisd.conf > >> /etc/sysconfig/network (change host name) > >> In addition, there would be an MX record for mail.new.com pointing to > >> the IP of the server. > >> > >> My question is, will this work or will I corrupt my email server? If I > >> mess it up I can always restore it to the original. > >> > > - Maybe check /etc/hosts. > > - What about the old domain ? You may not be able to receive e-mails for > > it. You can think about add the new.com in parallel with old.com on the > > same server. > > > Check also your hosting name (e.g. httpd service). > > BTW - the MX entry can still have the old name and accepting new.com-mails. > > Furthermore - take care if SSL/TLS is in use. Certificates are connected > to domainnames. > > -- > LF > > > > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] find with exclude directory
Why not copy the directory elsewhere, then delete the rest and move it
back? You'd take a copy of it anyway, if it is important, right?
Cheers,
Cliff
On Mon, May 12, 2014 at 4:44 AM, Tim Dunphy wrote:
> Thanks. But what if I want to turn that statement into one that will delete
> everything it finds? I need to preserve the contents of that directory.
>
> As in : find / -path '/usr/local/digitalplatform/*' -prune -o -name
> "*varnish*" -exec rm -rfv {} \;
>
> I'm thinking the grep -v would be a visual thing, but the above statement
> would delete everything including the varnish files in the digitalplatform
> directory.
>
>
>
>
> On Sun, May 11, 2014 at 12:39 PM, Hal Wigoda wrote:
>
> > Just grep it out.
> >
> > find . -print | grep -v digitalplatform
> >
> > -v excludes
> >
> > On Sun, May 11, 2014 at 11:33 AM, Tim Dunphy
> wrote:
> > > Hey all,
> > >
> > > I'm trying to do a find of all files with the phrase 'varnish' in the
> > > name, but want to exclude a user home directory called
> > > /usr/local/digitalplatform.
> > >
> > > Here's what I was able to come up with:
> > >
> > > find / -path '/usr/local/digitalplatform/*' -prune -o -name "*varnish*"
> > >
> > > Which results in this:
> > >
> > > [root@uszmpwsls014lb ~]# find / -path '/usr/local/digitalplatform/*'
> > -prune
> > > -o -name "*varnish*" | grep digitalplatform
> > > /usr/local/digitalplatform/.bash_logout
> > > /usr/local/digitalplatform/varnish-2.1.5.tar.gz
> > > /usr/local/digitalplatform/.viminfo
> > > /usr/local/digitalplatform/.ssh
> > > /usr/local/digitalplatform/varnish-1360.tar.gz
> > > /usr/local/digitalplatform/.emacs
> > > /usr/local/digitalplatform/varnishncsa-init
> > > /usr/local/digitalplatform/varnish-sysconfig-stg
> > > /usr/local/digitalplatform/memcached-1.4.7.tar.gz
> > > /usr/local/digitalplatform/.bash_profile
> > > /usr/local/digitalplatform/.mozilla
> > > /usr/local/digitalplatform/.subversion
> > > /usr/local/digitalplatform/.bashrc
> > > /usr/local/digitalplatform/.zshrc
> > > /usr/local/digitalplatform/varnish-sysconfig
> > > /usr/local/digitalplatform/default.vcl
> > > /usr/local/digitalplatform/1360-apache-stage.tar.gz
> > > /usr/local/digitalplatform/.bash_history
> > > /usr/local/digitalplatform/memcached-1.4.7
> > > /usr/local/digitalplatform/httpd.conf
> > > /usr/local/digitalplatform/varnish-2.1.5
> > > /usr/local/digitalplatform/varnish_reload_vcl
> > > /usr/local/digitalplatform/varnish-prod.tar.gz
> > > /usr/local/digitalplatform/varnish-init
> > > /usr/local/digitalplatform/1360-stage-apache.tar.gz
> > >
> > >
> > > I'd like to know what I'm doing wrong, and how I can best achieve the
> > > desired results?
> > >
> > > Thanks
> > > Tim
> > >
> > >
> > >
> > > --
> > > GPG me!!
> > >
> > > gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
> > > ___
> > > CentOS mailing list
> > > CentOS@centos.org
> > > http://lists.centos.org/mailman/listinfo/centos
> >
> >
> >
> > --
> > -
> > Hal Wigoda
> > Chicago
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
>
>
>
> --
> GPG me!!
>
> gpg --keyserver pool.sks-keyservers.net --recv-keys F186197B
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Change server name in postfix configuration
yes it's working. but do it care fully, if you made any mistake you will find error in maillog. On Tue, May 13, 2014 at 5:32 AM, David Beveridge wrote: > The change host name in /etc/sysconfig/network is really the primary one, > unless it has been hardcoded into main.cf > The main.cf entries you should concern yourself with is myhostname > (defaults to actual hostname if missing) and mydestination which is the > list of domains you accept mail for. > > I'd suggest just adding the new domain to mydestination is likely all you > need. > It's also possible that you old.com is setup as a virtual domain, in which > case you need to add your new.com to that list instead. > > The info at http://www.postfix.org/documentation.html is quite good. > If I were you I'd go through main.cf and look at each parameter in > http://www.postfix.org/postconf.5.html and see what it does, so you know > what you are changing. > > dave > > > On Tue, May 13, 2014 at 12:11 AM, Leon Fauster > wrote: > > > Am 12.05.2014 um 14:56 schrieb Laurent CREPET : > > > > > > On Mon, May 12, 2014 at 2:12 PM, Joseph Hesse > > wrote: > > > > > >> A consultant, long gone, set up postfix, dovecot, amavisd and > > >> squirrelmail for my wife. > > >> It works fine but my wife wants to change the server name from > old.com > > >> to new.com so the name is more appropriate for her business. > > >> My approach would be to use sed to change all occurences of old.comto > > >> new.com. > > >> Specifically, I used grep to identify the following files where I > should > > >> make the changes. > > >> > > >> /etc/postfix/main.cf > > >> /etc/dovecot/dovecot.conf > > >> /etc/squirrelmail/config.php > > >> /etc/amavisd.conf > > >> /etc/sysconfig/network (change host name) > > >> In addition, there would be an MX record for mail.new.com pointing to > > >> the IP of the server. > > >> > > >> My question is, will this work or will I corrupt my email server? If I > > >> mess it up I can always restore it to the original. > > >> > > > - Maybe check /etc/hosts. > > > - What about the old domain ? You may not be able to receive e-mails > for > > > it. You can think about add the new.com in parallel with old.com on > the > > > same server. > > > > > > Check also your hosting name (e.g. httpd service). > > > > BTW - the MX entry can still have the old name and accepting > new.com-mails. > > > > Furthermore - take care if SSL/TLS is in use. Certificates are connected > > to domainnames. > > > > -- > > LF > > > > > > > > > > > > ___ > > CentOS mailing list > > CentOS@centos.org > > http://lists.centos.org/mailman/listinfo/centos > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > -- Asif Murad Khan Cell: +880-1713-114230 ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Heads up on local root escalation
On 12 May 2014 22:15, "Keith Keller" wrote: > Actually, I was wondering about mitigation along the lines of > blacklisting a module, tuning a sysctl parameter, or some other > mitigation that wouldn't require a new kernel. Perhaps such mitigation > isn't even possible with this issue. > Yeah I've not seen any mitigations that would work for CentOS. I wonder if a systemtap module would be feasible like that one a few months or so ago. For the time being I guess that doubly vigilant is important. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] find with exclude directory
> On Mon, May 12, 2014 at 4:44 AM, Tim Dunphy wrote:
>
>> Thanks. But what if I want to turn that statement into one that will delete
>> everything it finds? I need to preserve the contents of that directory.
>>
>> As in : find / -path '/usr/local/digitalplatform/*' -prune -o -name
>> "*varnish*" -exec rm -rfv {} \;
>>
try something along the lines of:
find / -regex '.*varnish.*' ! -regex '/usr/local/digitalplatform/.*'
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
