[CentOS] Help viewer issues

[Toralf Lund]

Hi.

Does anyone else have issues with the GNOME help viewer on CentOS 6? I think it 
mostly worked a while back, but after some recent update or the other, I have 
problems like:

 1.  Nothing happens when I click "Desktop User Guide" or "GNOME Desktop Accessibility Guide" or 
"GNOME Desktop System Administration Guide" on the "Help Topics" page.
 2.  If I select "section" links in the column on the left-hand side (under 
"Desktop"), I do get new section headings, but when I select any of these, again, nothing 
happens.
 3.  If I try to open a man page via a command like 'yelp man:man' or 'xdg-open 
man:man', I only get a blank window.

Any ideas about what may be wrong?

- Toralf


[http://www.pgs.com/mediaFiles/Exclaimer%20graphics/PGS_LOGO_RGB_42x53px.jpg]
   Toralf Lund
Senior Software Engineer
Imaging & Engineering | Geoscience & Engineering

Telephone: +47 67 52 64 00
Direct: +47 67 51 57 78
Mobile: +47 91 31 66 91
Email: toralf.l...@pgs.com

A Clearer Image | www.pgs.com


[http://www.pgs.com/mediaFiles/Exclaimer%20graphics/150731-ColourWave-660x14px.jpg]

Address: Lilleakerveien 4C, 0283 Oslo, Norway
Postal Address: P.O.Box 251 Lilleaker, 0216 Oslo, Norway

This e-mail, including any attachments and response string, may contain 
proprietary information which is confidential and may be legally privileged. It 
is for the intended recipient only. If you are not the intended recipient or 
transmission error has misdirected this e-mail, please notify the author by 
return e-mail and delete this message and any attachment immediately. If you 
are not the intended recipient you must not use, disclose, distribute, forward, 
copy, print or rely on this e-mail in any way except as permitted by the author.


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Dr J Austin]

On Tue, 11 Aug 2015, Dr J Austin wrote:




On Tue, 11 Aug 2015, Alexander Dalloz wrote:


Am 11.08.2015 um 22:28 schrieb Dr J Austin:


Hi Alexander

[root@maui:/var/log]$ watch 'tail -n40 maillog

does not quiver when I try to connect


That's suspicious.

Let's exclude it is the client which causes the problem: Connect directly 
to the IMAPS server on CLI.


openssl s_client -connect :993

You hopefully see a greeting message from the IMAP server. Then issue

a1 LOGIN username password

If you see a success message that you logged in, then everything is fine 
with your cyrus-imapd.


Logout by entering

a2 LOGOUT

If you got that far, the troublemaker is Evolution. Can't help you with 
that one as I am not using it. Validate all the account settings to be 
valid.



In coming mail can be seen but nothing about evo connections as far as I
can see

There do seem to be some warnings/errors - they don't look relavant??


Right, irrelevant for your isse.


Many thanks for your help

John



You really should see your user login in this log file.

Alexander



Hmmm

Summary
On the server maui itself
Failure when using IP address but works with name maui for root and fred

On a separate machine paxos
Failure for both IP address and name maui and maui.jaa.org.uk
for both root and ja

However the error messages are different between maui and paxos

John

-
As user fred on the server maui itself
[fred@maui ~]$ openssl s_client -connect 148.197.29.5:993
socket: Connection refused
connect:errno=111

As root on the server maui itself
[root@maui:/var/log]$ openssl s_client -connect 148.197.29.5:993
socket: Connection refused
connect:errno=111

As root on maui using "name"
[root@maui:/var/log]$ openssl s_client -connect maui:993
CONNECTED(0003)
depth=0 C = UK, ST = Hampshire, L = Fareham, CN = maui.jaa.org.uk, 
emailAddress = j...@jaa.org.uk

verify error:num=18:self signed certificate
verify return:1
depth=0 C = UK, ST = Hampshire, L = Fareham, CN = maui.jaa.org.uk, 
emailAddress = j...@jaa.org.uk

verify return:1
---
Certificate chain
0 
s:/C=UK/ST=Hampshire/L=Fareham/CN=maui.jaa.org.uk/emailAddress=j...@jaa.org.uk


i:/C=UK/ST=Hampshire/L=Fareham/CN=maui.jaa.org.uk/emailAddress=j...@jaa.org.uk
---
Server certificate
...
* OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN SASL-IR 
COMPRESS=DEFLATE] maui.jaa.org.uk Cyrus IMAP 
v2.3.16-Fedora-RPM-2.3.16-13.el6_6 server ready

a1 LOGIN username password
al OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED AUTH=PLAIN 
COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS 
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE SCAN 
IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH] User logged in

a2 LOGOUT
* BYE LOGOUT received
a2 OK Completed
read:errno=0


These also work OK
[ja@maui ~]$ openssl s_client -connect maui:993
ja@maui ~ 4$ openssl s_client -connect maui.jaa.org.uk:9 
-

On a separate machine paxos - always fails

As user ja on a separate machine paxos
ja@paxos ~ 1$ openssl s_client -connect 148.197.29.5:993
socket: Bad file descriptor
connect:errno=9

As root on a separate machine paxos
[root@paxos:~]$ openssl s_client -connect 148.197.29.5:993
socket: Bad file descriptor
connect:errno=9

[root@paxos:~]$ openssl s_client -connect maui:993
socket: Bad file descriptor
connect:errno=9

[root@paxos:~]$ openssl s_client -connect maui.jaa.org.uk:993
socket: Bad file descriptor
connect:errno=9

[root@paxos:~]$ exit
logout
ja@paxos ~ 3$ openssl s_client -connect maui:993
socket: Bad file descriptor
connect:errno=9

ja@paxos ~ 4$ openssl s_client -connect maui.jaa.org.uk:993
socket: Bad file descriptor
connect:errno=9



___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos



A little more info about  using s_client on paxos to connect to maui

openssl s_client -connect maui.jaa.org.uk:993

Wireshark shows just one packet each way (to/from port 993)
A request for connection from paxos to maui and a reset from maui to paxos

[Expert Info (Chat/sequence): Connection establish request (SYN): server 
port 993]

...
[Severity level: Chat]
[Group: sequence]


(RST, ACK)
[Expert Info (Warn/sequence): Connection reset (RST]
[Connection reset (RST)]
[Severity level: Warn]
[Group: Sequence]

John

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache mod_perl cross site scripting vulnerability

[Proxy One]

On 2015-Aug-11 19:57, Ellen Shull wrote:
> On Tue, Aug 11, 2015 at 4:46 AM, Proxy One  wrote:
> 
> > I haven't used  but Trustwave still finds me
> > vulnerable.
> >
> [...]
> > Response: HTTP/1.1 404 Not Found
> 
> You clearly aren't serving perl-status; that's a red herring here.

Indeed, I don't have mod_proxy installed. 

> [...]
> > Body: contains '">alert('xss')'
> 
> That's your problem; they're flagging you for an XSS "vulnerability".
> I'm guessing you have a custom 404 page that naively echoes the entire
> request URL as part of the page?  You need to be using
> htmlspecialchars() or HTML::Entities or whatever your
> language/environment has to escape strings for safe inclusion in HTML
> content.

There is PHP generated 404 page. I'll check that with web developer.
What's strange, I'm trying to reproduce this and I don't see that
string. Trustwave support suggested I use Burp Suite and it's repeater
tool. I find some windows machine, installed it and all I see inside
body is "Unable to resolve the request
"perl-status/APR::SockAddr::port".

Is there way to use curl for testing? I'm getting new line because of
the single quote inside string and escaping it with back slash gives me 
bash: syntax error near unexpected token `<'


> There is of course more to it than that (sigh), try for starters:
> https://www.owasp.org/index.php/XSS_%28Cross_Site_Scripting%29_Prevention_Cheat_Sheet

Very nice reading, thanks!
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache mod_perl cross site scripting vulnerability

[Proxy One]

On 2015-Aug-12 07:36, Eero Volotinen wrote:
> How about something like:
> 
> 
> 
>   # disallow public access
>   Order Deny, Allow
>   Deny from all
>   Allow from 127.0.0.1
> 
>   SetHandler perl-script
>   PerlResponseHandler Apache2::Status
>   
> 

Thanks to this I noticed that I don't have mod_perl installed at all. So
even this vulnerability is marked as CVE-2009-0796, it's related to my
404 page. 

Thanks!


 
 
> 2015-08-11 14:46 GMT+03:00 Proxy One :
> 
> > Hello,
> >
> > I've failed latest PCI scan because of CVE-2009-0796. Centos 6.7. The
> > Red Hat Security Response Team has rated this issue as having moderate
> > security impact and bug as wontfix.
> >
> > Explanation: The vulnerability affects non default configuration of
> > Apache HTTP web server, i.e cases, when access to Apache::Status and
> > Apache2::Status resources is explicitly allowed via  > /perl-status> httpd.conf configuration directive.  Its occurrence can be
> > prevented by using the default configuration for the Apache HTTP web
> > server (not exporting /perl-status).
> >
> > I haven't used  but Trustwave still finds me
> > vulnerable.
> >
> > Evidence:
> > Request: GET /perl-
> > status/APR::SockAddr::port/">alert('xss') HTTP/1.1
> > Accept: */*
> > User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
> > Host: www.mydomain.com
> > Content-Type: text/html
> > Content-Length: 0
> > Response: HTTP/1.1 404 Not Found
> > Date: Mon, 07 Aug 2015 11:10:21 GMT
> > Server: Apache/2.2.15 (CentOS)
> > X-Powered-By: PHP/5.3.3
> > Set-Cookie: PHPSESSID=kj6bpud7htmbtgaqtcwhsqk7j1; path=/
> >
> > Expires: Thu, 19 Nov 1981 08:52:00 GMT
> > Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-
> > check=0
> > Pragma: no-cache
> > Connection: close
> > Transfer-Encoding: chunked
> > Content-Type: text/html; charset=UTF-8
> > Body: contains '">alert('xss')'
> >
> >
> > How can I get around this?
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Richard]

> Date: Wednesday, August 12, 2015 11:14:29 +0100
> From: Dr J Austin 
> 
> 
> On Tue, 11 Aug 2015, Dr J Austin wrote:
> 
>> 
>> 
>> On Tue, 11 Aug 2015, Alexander Dalloz wrote:
>> 
>>> Am 11.08.2015 um 22:28 schrieb Dr J Austin:
 
 Hi Alexander
 
 [root@maui:/var/log]$ watch 'tail -n40 maillog
 
 does not quiver when I try to connect
>>> 
>>> That's suspicious.
>>> 
>>> Let's exclude it is the client which causes the problem: Connect
>>> directly  to the IMAPS server on CLI.
>>> 
>>> openssl s_client -connect :993
>>> 
>>> You hopefully see a greeting message from the IMAP server. Then
>>> issue
>>> 
>>> a1 LOGIN username password
>>> 
>>> If you see a success message that you logged in, then everything
>>> is fine  with your cyrus-imapd.
>>> 
>>> Logout by entering
>>> 
>>> a2 LOGOUT
>>> 
>>> If you got that far, the troublemaker is Evolution. Can't help
>>> you with  that one as I am not using it. Validate all the
>>> account settings to be  valid.
>>> 
 In coming mail can be seen but nothing about evo connections as
 far as I can see
 
 There do seem to be some warnings/errors - they don't look
 relavant??
>>> 
>>> Right, irrelevant for your isse.
>>> 
 Many thanks for your help
 
 John
 
 
>>> You really should see your user login in this log file.
>>> 
>>> Alexander
>>> 
>> 
>> Hmmm
>> 
>> Summary
>> On the server maui itself
>> Failure when using IP address but works with name maui for root
>> and fred
>> 
>> On a separate machine paxos
>> Failure for both IP address and name maui and maui.jaa.org.uk
>> for both root and ja
>> 
>> However the error messages are different between maui and paxos
>> 
>> John
>> 
>> -
>>  As user fred on the server maui itself
>> [fred@maui ~]$ openssl s_client -connect 148.197.29.5:993
>> socket: Connection refused
>> connect:errno=111
>> 
>> As root on the server maui itself
>> [root@maui:/var/log]$ openssl s_client -connect 148.197.29.5:993
>> socket: Connection refused
>> connect:errno=111
>> -
>> --- As root on maui using "name"
>> [root@maui:/var/log]$ openssl s_client -connect maui:993
>> CONNECTED(0003)
>> depth=0 C = UK, ST = Hampshire, L = Fareham, CN =
>> maui.jaa.org.uk,  emailAddress = j...@jaa.org.uk
>> verify error:num=18:self signed certificate
>> verify return:1
>> depth=0 C = UK, ST = Hampshire, L = Fareham, CN =
>> maui.jaa.org.uk,  emailAddress = j...@jaa.org.uk
>> verify return:1
>> ---
>> Certificate chain
>> 0 
>> s:/C=UK/ST=Hampshire/L=Fareham/CN=maui.jaa.org.uk/emailAddress=ja
>> @jaa.org.uk
>> 
>> i:/C=UK/ST=Hampshire/L=Fareham/CN=maui.jaa.org.uk/emailAddress=ja
>> @jaa.org.uk ---
>> Server certificate
>> ...
>> * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID AUTH=PLAIN SASL-IR 
>> COMPRESS=DEFLATE] maui.jaa.org.uk Cyrus IMAP 
>> v2.3.16-Fedora-RPM-2.3.16-13.el6_6 server ready
>> a1 LOGIN username password
>> al OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED
>> AUTH=PLAIN  COMPRESS=DEFLATE ACL RIGHTS=kxte QUOTA
>> MAILBOX-REFERRALS NAMESPACE UIDPLUS  NO_ATOMIC_RENAME UNSELECT
>> CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ 
>> THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE CATENATE
>> CONDSTORE SCAN  IDLE LISTEXT LIST-SUBSCRIBED X-NETSCAPE URLAUTH]
>> User logged in a2 LOGOUT
>> * BYE LOGOUT received
>> a2 OK Completed
>> read:errno=0
>> 
>> 
>> These also work OK
>> [ja@maui ~]$ openssl s_client -connect maui:993
>> ja@maui ~ 4$ openssl s_client -connect maui.jaa.org.uk:9 
>> -
>>  On a separate machine paxos - always fails
>> 
>> As user ja on a separate machine paxos
>> ja@paxos ~ 1$ openssl s_client -connect 148.197.29.5:993
>> socket: Bad file descriptor
>> connect:errno=9
>> 
>> As root on a separate machine paxos
>> [root@paxos:~]$ openssl s_client -connect 148.197.29.5:993
>> socket: Bad file descriptor
>> connect:errno=9
>> 
>> [root@paxos:~]$ openssl s_client -connect maui:993
>> socket: Bad file descriptor
>> connect:errno=9
>> 
>> [root@paxos:~]$ openssl s_client -connect maui.jaa.org.uk:993
>> socket: Bad file descriptor
>> connect:errno=9
>> 
>> [root@paxos:~]$ exit
>> logout
>> ja@paxos ~ 3$ openssl s_client -connect maui:993
>> socket: Bad file descriptor
>> connect:errno=9
>> 
>> ja@paxos ~ 4$ openssl s_client -connect maui.jaa.org.uk:993
>> socket: Bad file descriptor
>> connect:errno=9
>> 
>> 
>> 
>> ___
>> CentOS mailing list
>> CentOS@centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>> 
> 
> A little more info about  using s_client on paxos to connect to
> maui
> 
> openssl s_client -connect maui.jaa.org.uk:993
> 
> Wireshark shows just one packet each way (to/from port 993)
> A request for connection from paxos to maui and a reset from maui
> to paxos

I don't think that wireshark

[CentOS] CentOS-announce Digest, Vol 126, Issue 5

[centos-announce-request]

Send CentOS-announce mailing list submissions to
centos-annou...@centos.org

To subscribe or unsubscribe via the World Wide Web, visit
http://lists.centos.org/mailman/listinfo/centos-announce
or, via email, send a message with subject or body 'help' to
centos-announce-requ...@centos.org

You can reach the person managing the list at
centos-announce-ow...@centos.org

When replying, please edit your Subject line so it is more specific
than "Re: Contents of CentOS-announce digest..."


Today's Topics:

   1. Release for CentOS-6.7 LiveCD and LiveDVD for i386 and x86_64
  (Fabian Arrotin)
   2. CESA-2015:1586 Critical CentOS 7 firefox Security Update
  (Johnny Hughes)
   3. CESA-2015:1586 Critical CentOS 6 firefox Security Update
  (Johnny Hughes)
   4. Release 1507 of CentOS Linux 7 Rolling ISO Based  Media
  (Johnny Hughes)
   5. CESA-2015:1586 Critical CentOS 5 firefox Security Update
  (Johnny Hughes)


--

Message: 1
Date: Tue, 11 Aug 2015 14:52:50 +0200
From: Fabian Arrotin 
To: centos-annou...@centos.org
Subject: [CentOS-announce] Release for CentOS-6.7 LiveCD and LiveDVD
for i386 and x86_64
Message-ID: <55c9f022.90...@centos.org>
Content-Type: text/plain; charset=utf-8

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1

We are pleased to announce the immediate availability of CentOS-6.7
LiveCD and LiveDVD for the i386 and x86_64 architectures.

Detailed Release Notes are available at
http://wiki.centos.org/Manuals/ReleaseNotes/CentOSLiveDVD6.7
http://wiki.centos.org/Manuals/ReleaseNotes/CentOSLiveCD6.7

+++
Overview

The CentOS-6.7 LiveDVD and LiveCD are meant to be a Linux environment
suited to be run directly from either Optical media or USB storage
devices. It does not need any persistent storage on a machine, which
also makes it a suitable recovery environment.

The Live media are setup to run as full desktop environments and include
most of the applications used in this role.

+++
Download

SHA256SUMs :

b13e03dc9768178d749855eb5d9a6684d669b945f74a1fecb0a61fa248f2
CentOS-6.7-i386-LiveCD.iso

ff73d6cd00f56ba08a607aab707e5000be5cdc67b5c65a7283c37c24f1b88198
CentOS-6.7-i386-LiveDVD.iso

bc8e102f93982b311b1cfd61218113aa08a3b251bf7b4c4468cdbeb5e80dff0a
CentOS-6.7-x86_64-LiveCD.iso

2f320093024cf586ad256d8ae41bef1fe2c03b79f3854d3e4500d9e76e052c09
CentOS-6.7-x86_64-LiveDVD.iso


The CentOS-6.7 Live media images are released to all external mirrors and
available for download now. List of mirrors is available at these urls :
http://isoredirect.centos.org/centos/6/isos/i386/
http://isoredirect.centos.org/centos/6/isos/x86_64/

Due to the size of these DVDs, torrents have also been released and are
being seeded at this time. The torrents are available at:
http://mirror.centos.org/centos/6/isos/x86_64/CentOS-6.7-x86_64-LiveDVD.torrent
http://mirror.centos.org/centos/6/isos/x86_64/CentOS-6.7-x86_64-LiveCD.torrent
http://mirror.centos.org/centos/6/isos/i386/CentOS-6.7-i386-LiveDVD.torrent
http://mirror.centos.org/centos/6/isos/i386/CentOS-6.7-i386-LiveCD.torrent

Once you download the images, its important to verify contents using the
sha256sum utility, against the published sums here.

+++
Notes

You can now install the Live environment to your hard disk.
Please note that you need more that 512Mb of ram to be able to use
that 'iinstall to hard drive' feature (If you have less than 512Mb of
ram, you can install to disk but in
text-mode, meaning that instead of clicking on the desktop icon, you
have to launch a gnome-terminal and launch the 'liveinst' command from
within the terminal)

There is no upstream Live media product. The Live media produced within
the CentOS Project is based on and around the livemedia tools from the
Fedora Project.

These LiveCD and LiveDVD only contains content found within the primary
CentOS-6 distribution. No package from outside the distribution was
included and
no package has been changed from whats included in the base  distribution.

We appreciate all forms of feedback about these LiveDVD, including
specific application inclusion requests or feature changes in future
releases. The best place to provide this feedback is via the
centos-devel mailing list ( http://lists.centos.org/ ) and feature
requests via the issue tracker ( http://bugs.centos.org/ ).


- -- 

Fabian Arrotin
The CentOS Project | http://www.centos.org
gpg key: 56BEC54E | twitter: @arrfab
-BEGIN PGP SIGNATURE-
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAlXJ8CIACgkQnVkHo1a+xU4mUQCdE/jMS/7Le8yen/8RZ3vRYb6i
+R4An3LbmVQQ9ZIZWSIp41HjYe8wyjRX
=gDx4
-END PGP SIGNATURE-


--

Message: 2
Date: Tue, 11 Aug 2015 20:36:44 +
From: Johnny Hughes 
To: centos-annou...@centos.org
Subject: [CentOS-announce] CESA-2015:1586 Critical CentOS 7 firefox
SecurityUpdate
Message-I

Re: [CentOS] Apache mod_perl cross site scripting vulnerability

[Ellen Shull]

On Wed, Aug 12, 2015 at 3:39 AM, Proxy One  wrote:
> Is there way to use curl for testing? I'm getting new line because of
> the single quote inside string and escaping it with back slash gives me
> bash: syntax error near unexpected token `<'

You can use curl's -K option which lets you stick arguments in a file,
helpful for getting around shell quoting nightmares.  For example make
a file named test-url-file which contains the line
url = http://www.mydomain.com/[bad stuff, don't want this message
tripping over some filter for containing a malicious-looking URL]

then do curl -g -K test-url-file

Note that just gets you around shell interpretation; curl does some of
its own as well.  the -g switch I used there disables its
interpretation of {}[] as special globbing characters.  If you put the
url in double quotes then not only do you have to escape any double
quotes in the string, it also starts interpreting backslash sequences
so you have to double all backslashes--so oddly it's best to just
leave quotes off.

--ln
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd problem with updates to the recent CR

[Jonathan Billings]

On Tue, Aug 11, 2015 at 12:59:58PM -0400, m.r...@5-cent.us wrote:
> So, since I haven't yet found where /var/log/httpd is created, what would
> a default package make the ownership of the directory? Does it expect it
> to be apache:root?

Just a data point:

$ rpm -qp --qf='[%-11{filemodes:perms} %-8{fileusername} %-8{filegroupname} 
%{filenames}\n]' httpd-2.2.15-45.el6.x86_64.rpm | grep /var/log/httpd

drwx--  root root /var/log/httpd

-- 
Jonathan Billings 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Jonathan Billings]

On Tue, Aug 11, 2015 at 11:05:38PM +0200, Alexander Dalloz wrote:
> openssl s_client -connect :993
> 
> You hopefully see a greeting message from the IMAP server. Then issue

I know I'm late to this thread, but a useful tool for testing your
Cyrus IMAP service is the 'imtest' command, which is in the
cyrus-imapd-utils package.

imtest -v -s 

(I used to manage a cyrus murder, a long time ago, and imtest is a
great tool for debugging)

However, your issue sounds more like a network-level problem than a
IMAPd problem.

-- 
Jonathan Billings 
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Odd problem with updates to the recent CR

[Leon Fauster]

Am 12.08.2015 um 14:27 schrieb Jonathan Billings :
> On Tue, Aug 11, 2015 at 12:59:58PM -0400, m.r...@5-cent.us wrote:
>> So, since I haven't yet found where /var/log/httpd is created, what would
>> a default package make the ownership of the directory? Does it expect it
>> to be apache:root?
> 
> Just a data point:
> 
> $ rpm -qp --qf='[%-11{filemodes:perms} %-8{fileusername} %-8{filegroupname} 
> %{filenames}\n]' httpd-2.2.15-45.el6.x86_64.rpm | grep /var/log/httpd
> 
> drwx--  root root /var/log/httpd



httpd do not need access as apache user. the logging is done as "root" 
and for the inet interfaces privileges are dropped to apache:

# LANG=C ls -la /var/log/httpd/
total 1380
drwx-- 2 root root   4096 Aug  9 04:02 .
drwxr-xr-x 6 root root   4096 Aug 12 04:02 ..
-rw-r--r-- 1 root root 149617 Aug 12 14:36 access_log
-rw-r--r-- 1 root root 294039 Aug  9 04:00 access_log.1
-rw-r--r-- 1 root root 298025 Aug  2 04:00 access_log.2
-rw-r--r-- 1 root root 284032 Jul 26 03:59 access_log.3
-rw-r--r-- 1 root root 289967 Jul 19 03:59 access_log.4
-rw-r--r-- 1 root root302 Aug  9 04:02 error_log
-rw-r--r-- 1 root root  11430 Aug  9 04:02 error_log.1
-rw-r--r-- 1 root root   1898 Aug  2 04:02 error_log.2
-rw-r--r-- 1 root root  31327 Jul 26 04:02 error_log.3
-rw-r--r-- 1 root root   1896 Jul 19 04:02 error_log.4

--
LF


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Apache mod_perl cross site scripting vulnerability

[Прокси]

On 2015-Aug-12 05:17, Ellen Shull wrote:
> On Wed, Aug 12, 2015 at 3:39 AM, Proxy One  wrote:
> > Is there way to use curl for testing? I'm getting new line because of
> > the single quote inside string and escaping it with back slash gives me
> > bash: syntax error near unexpected token `<'
> 
> You can use curl's -K option which lets you stick arguments in a file,
> helpful for getting around shell quoting nightmares.  For example make
> a file named test-url-file which contains the line
> url = http://www.mydomain.com/[bad stuff, don't want this message
> tripping over some filter for containing a malicious-looking URL]
> 
> then do curl -g -K test-url-file
> 
> Note that just gets you around shell interpretation; curl does some of
> its own as well.  the -g switch I used there disables its
> interpretation of {}[] as special globbing characters.  If you put the
> url in double quotes then not only do you have to escape any double
> quotes in the string, it also starts interpreting backslash sequences
> so you have to double all backslashes--so oddly it's best to just
> leave quotes off.

Thanks, it works! I was able to reproduce problem and was able to see
how my changes affected response from the server.

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Dr J Austin]

On Wed, 12 Aug 2015, Richard wrote:



I don't think that wireshark adds much to this. Unless you had a
proxy in the middle, the "connection refused" responses already
indicated that your connections were getting to the/a server, it's
just refusing the connections.

Connections by name, especially short forms, are suspect unless you
can be very certain of how they are being resolved (i.e., what
IPnumber you end up trying to connect to). There is no reason that
using root to connect to port 993 would work when a normal user
doesn't. An IMAP server either accepts the initial connection from a
machine or not - it doesn't know or care what type of user is
originating the connection.

You may want to look into what you were able to connect to via:

  openssl s_client -connect maui:993

I'd start by looking up what "maui" resolves to.

I just looked up maui.jaa.org.uk. It (currently) resolves to
213.152.52.233, not the 148.197 you seemed to be using above. I
realize you may have some form of dynamic dns going here, but
thought I'd mention it.


Could you try (as root) two slightly different version of my earlier
netstat commands:

   netstat -pnlA inet | egrep ':993|:143'

   netstat -pnlA inet6 | egrep ':993|:143'


the addition of "A inet/inet6" will show whether it is listening via
ipv4 (inet) or ipv6 (inet6) on the imap port



Hi Richard

I have been working at trying to get cyrus to listen on 148.197.29.5 
interface instead of the localhost - I have failed


Whenever I add things to /etc/cyrus.conf such as
imaps   cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1

[root@maui:~]$ service cyrus-imapd restart

[root@maui:~]$ ps -ef|grep cyr
cyrus22187 1  0 13:26 ?00:00:00 idled
cyrus28044 1  0 13:54 ?00:00:00 
/usr/lib/cyrus-imapd/cyrus-master -d

cyrus28048 1  0 13:54 ?00:00:00 idled
cyrus28050 28044  0 13:54 ?00:00:00 imapd
cyrus28051 28044  0 13:54 ?00:00:00 pop3d
cyrus28052 28044  0 13:54 ?00:00:00 pop3d -s
cyrus28053 28044  0 13:54 ?00:00:00 lmtpd -a
cyrus28054 28044  0 13:54 ?00:00:00 imapd
cyrus28055 28044  0 13:54 ?00:00:00 pop3d
cyrus28058 28044  0 13:54 ?00:00:00 imapd
cyrus28059 28044  0 13:54 ?00:00:00 imapd
cyrus28060 28044  0 13:54 ?00:00:00 imapd
cyrus28061 28044  1 13:54 ?00:00:00 pop3d
root 28063 11348  0 13:54 pts/200:00:00 grep cyr

Then no "imapd -s" appears

I have tried all sorts of combinations in cyrus.conf but all fail
to LISTEN on 148.197.29.5

I have tried taking maui out of /etc/hosts

My IP addresses are a bit odd - but I have been using 148.197.29.0/24 for 
so long, ...

They have never escaped as far as I know!
client machine
ja@paxos ~ 1$ host 148.197.29.5
5.29.197.148.in-addr.arpa domain name pointer maui.jaa.org.uk.
ja@paxos ~ 2$ host maui
maui.jaa.org.uk has address 148.197.29.5

server machine
[root@maui:/etc/pki/cyrus-imapd]$ host maui
maui.jaa.org.uk has address 148.197.29.5
---
With these lines in cyrus.conf
  imap  cmd="imapd" listen="imap" prefork=5
#  imapscmd="imapd -s" listen="imaps" prefork=1
  imaps cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1
  pop3  cmd="pop3d" listen="pop3" prefork=3
  pop3s cmd="pop3d -s" listen="pop3s" prefork=1
  sieve cmd="timsieved" listen="sieve" prefork=0

your two netstat lines show
[root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet | egrep ':993|:143'
udp0  0 0.0.0.0:143 0.0.0.0:* 
1465/portreserve
udp0  0 0.0.0.0:993 0.0.0.0:* 
1465/portreserve


[root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet6 | egrep ':993|:143'
tcp0  0 :::143  :::* 
LISTEN  29460/cyrus-master


--
With
  imap  cmd="imapd" listen="imap" prefork=5
  imaps cmd="imapd -s" listen="imaps" prefork=1
#  imaps		cmd="imapd -s" listen="[148.197.29.5]:imaps" 
prefork=1

  pop3  cmd="pop3d" listen="pop3" prefork=3
  pop3s cmd="pop3d -s" listen="pop3s" prefork=1
  sieve cmd="timsieved" listen="sieve" prefork=0

[root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet | egrep ':993|:143'
udp0  0 0.0.0.0:143 0.0.0.0:* 
1465/portreserve
udp0  0 0.0.0.0:993 0.0.0.0:* 
1465/portreserve

[root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet6 | egrep ':993|:143'
tcp0  0 :::993  :::* 
LISTEN  30596/cyrus-master
tcp0  0 :::143  :::* 
LISTEN  30596/cyrus-master


Why will cyrus not listen on 148.197.29.5 ?

John

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/cen

Re: [CentOS] Odd problem with updates to the recent CR

[m . roth]

Jonathan Billings wrote:
> On Tue, Aug 11, 2015 at 12:59:58PM -0400, m.r...@5-cent.us wrote:
>> So, since I haven't yet found where /var/log/httpd is created, what
>> would
>> a default package make the ownership of the directory? Does it expect it
>> to be apache:root?
>
> Just a data point:
>
> $ rpm -qp --qf='[%-11{filemodes:perms} %-8{fileusername}
> %-8{filegroupname} %{filenames}\n]' httpd-2.2.15-45.el6.x86_64.rpm | grep
> /var/log/httpd
>
> drwx--  root root /var/log/httpd
>
Yeah, well, SiteMinder runs as a child of the httpd started by service
start, so it runs as apache.

Ask me how much I think of SiteMinder... offlist, if you want the rant

  mark !@#$@!#$!@#~!@

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Richard]

 Original Message 
> Date: Wednesday, August 12, 2015 14:16:03 +0100
> From: Dr J Austin 
> 
> On Wed, 12 Aug 2015, Richard wrote:
> 
>> 
>> I don't think that wireshark adds much to this. Unless you had a
>> proxy in the middle, the "connection refused" responses already
>> indicated that your connections were getting to the/a server, it's
>> just refusing the connections.
>> 
>> Connections by name, especially short forms, are suspect unless
>> you can be very certain of how they are being resolved (i.e., what
>> IPnumber you end up trying to connect to). There is no reason that
>> using root to connect to port 993 would work when a normal user
>> doesn't. An IMAP server either accepts the initial connection
>> from a machine or not - it doesn't know or care what type of user
>> is originating the connection.
>> 
>> You may want to look into what you were able to connect to via:
>> 
>>   openssl s_client -connect maui:993
>> 
>> I'd start by looking up what "maui" resolves to.
>> 
>> I just looked up maui.jaa.org.uk. It (currently) resolves to
>> 213.152.52.233, not the 148.197 you seemed to be using above. I
>> realize you may have some form of dynamic dns going here, but
>> thought I'd mention it.
>> 
>> 
>> Could you try (as root) two slightly different version of my
>> earlier netstat commands:
>> 
>>netstat -pnlA inet | egrep ':993|:143'
>> 
>>netstat -pnlA inet6 | egrep ':993|:143'
>> 
>> 
>> the addition of "A inet/inet6" will show whether it is listening
>> via ipv4 (inet) or ipv6 (inet6) on the imap port
> 
> 
> Hi Richard
> 
> I have been working at trying to get cyrus to listen on
> 148.197.29.5 interface instead of the localhost - I have failed
> 
> Whenever I add things to /etc/cyrus.conf such as
> imaps cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1
> 
> [root@maui:~]$ service cyrus-imapd restart
> 
> [root@maui:~]$ ps -ef|grep cyr
> cyrus22187 1  0 13:26 ?00:00:00 idled
> cyrus28044 1  0 13:54 ?00:00:00
> /usr/lib/cyrus-imapd/cyrus-master -d
> cyrus28048 1  0 13:54 ?00:00:00 idled
> cyrus28050 28044  0 13:54 ?00:00:00 imapd
> cyrus28051 28044  0 13:54 ?00:00:00 pop3d
> cyrus28052 28044  0 13:54 ?00:00:00 pop3d -s
> cyrus28053 28044  0 13:54 ?00:00:00 lmtpd -a
> cyrus28054 28044  0 13:54 ?00:00:00 imapd
> cyrus28055 28044  0 13:54 ?00:00:00 pop3d
> cyrus28058 28044  0 13:54 ?00:00:00 imapd
> cyrus28059 28044  0 13:54 ?00:00:00 imapd
> cyrus28060 28044  0 13:54 ?00:00:00 imapd
> cyrus28061 28044  1 13:54 ?00:00:00 pop3d
> root 28063 11348  0 13:54 pts/200:00:00 grep cyr
> 
> Then no "imapd -s" appears
> 
> I have tried all sorts of combinations in cyrus.conf but all fail
> to LISTEN on 148.197.29.5
> 
> I have tried taking maui out of /etc/hosts
> 
> My IP addresses are a bit odd - but I have been using
> 148.197.29.0/24 for so long, ...
> They have never escaped as far as I know!
> client machine
> ja@paxos ~ 1$ host 148.197.29.5
> 5.29.197.148.in-addr.arpa domain name pointer maui.jaa.org.uk.
> ja@paxos ~ 2$ host maui
> maui.jaa.org.uk has address 148.197.29.5
> 
> server machine
> [root@maui:/etc/pki/cyrus-imapd]$ host maui
> maui.jaa.org.uk has address 148.197.29.5
> --
> -
> With these lines in cyrus.conf
>imap   cmd="imapd" listen="imap" prefork=5
>#  imaps   cmd="imapd -s" listen="imaps" prefork=1
>imaps  cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1
>pop3   cmd="pop3d" listen="pop3" prefork=3
>pop3s  cmd="pop3d -s" listen="pop3s" prefork=1
>sieve  cmd="timsieved" listen="sieve" prefork=0
> 
> your two netstat lines show
> [root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet | egrep
> ':993|:143'
> udp0  0 0.0.0.0:143 0.0.0.0:*
> 1465/portreserve
> udp0  0 0.0.0.0:993 0.0.0.0:*
> 1465/portreserve
> 
> [root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet6 | egrep
> ':993|:143'
> tcp0  0 :::143  :::* LISTEN
> 29460/cyrus-master
> 
> --
> 
> With
>imap   cmd="imapd" listen="imap" prefork=5
>imaps  cmd="imapd -s" listen="imaps" prefork=1
>#  imaps   cmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1
>pop3   cmd="pop3d" listen="pop3" prefork=3
>pop3s  cmd="pop3d -s" listen="pop3s" prefork=1
>sieve  cmd="timsieved" listen="sieve" prefork=0
> 
> [root@maui:/etc/pki/cyrus-imapd]$ netstat -pnlA inet | egrep
> ':993|:143'
> udp0  0 0.0.0.0:143 0.0.0.0:*
> 1465/portreserve
> udp0  0 0.0.0.0:993 0.0.0.0

Re: [CentOS] Odd problem with updates to the recent CR

[Richard]

> Date: Wednesday, August 12, 2015 09:28:59 -0400
> From: m.r...@5-cent.us
>
> Jonathan Billings wrote:
>> On Tue, Aug 11, 2015 at 12:59:58PM -0400, m.r...@5-cent.us wrote:
>>> So, since I haven't yet found where /var/log/httpd is created,
>>> what would
>>> a default package make the ownership of the directory? Does it
>>> expect it to be apache:root?
>> 
>> Just a data point:
>> 
>> $ rpm -qp --qf='[%-11{filemodes:perms} %-8{fileusername}
>> %-8{filegroupname} %{filenames}\n]'
>> httpd-2.2.15-45.el6.x86_64.rpm | grep /var/log/httpd
>> 
>> drwx--  root root /var/log/httpd
>> 
> Yeah, well, SiteMinder runs as a child of the httpd started by
> service start, so it runs as apache.
> 
> Ask me how much I think of SiteMinder... offlist, if you want the
> rant
> 
>   mark !@#$@!#$!@#~!@
> 

That's "fine" (within context), but then it shouldn't be able to
write to files in the /var/log/httpd directory. [from something you
posted I got the sense that it owned that directory, which is even
worse (especially for a "security tool"), if that was correct.]

Assuming any ability to configure things, change it's logging to an
application-specific directory.

The long-and-short is that at some point someone/thing changed the
permissions (and maybe ownerships) on /var/log/httpd from the
defaults. [something that i would have assumed would have gone into
your change-management system.]

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Alexander Dalloz]

Am 12.08.2015 um 15:16 schrieb Dr J Austin:

Hi Richard

I have been working at trying to get cyrus to listen on 148.197.29.5
interface instead of the localhost - I have failed

Whenever I add things to /etc/cyrus.conf such as
imapscmd="imapd -s" listen="[148.197.29.5]:imaps" prefork=1


No square brackets around the ip address.


[root@maui:~]$ service cyrus-imapd restart

[root@maui:~]$ ps -ef|grep cyr
cyrus22187 1  0 13:26 ?00:00:00 idled
cyrus28044 1  0 13:54 ?00:00:00
/usr/lib/cyrus-imapd/cyrus-master -d
cyrus28048 1  0 13:54 ?00:00:00 idled
cyrus28050 28044  0 13:54 ?00:00:00 imapd
cyrus28051 28044  0 13:54 ?00:00:00 pop3d
cyrus28052 28044  0 13:54 ?00:00:00 pop3d -s
cyrus28053 28044  0 13:54 ?00:00:00 lmtpd -a
cyrus28054 28044  0 13:54 ?00:00:00 imapd
cyrus28055 28044  0 13:54 ?00:00:00 pop3d
cyrus28058 28044  0 13:54 ?00:00:00 imapd
cyrus28059 28044  0 13:54 ?00:00:00 imapd
cyrus28060 28044  0 13:54 ?00:00:00 imapd
cyrus28061 28044  1 13:54 ?00:00:00 pop3d
root 28063 11348  0 13:54 pts/200:00:00 grep cyr

Then no "imapd -s" appears

I have tried all sorts of combinations in cyrus.conf but all fail
to LISTEN on 148.197.29.5


Make sure the IP address 148.197.29.5 is definitely up on any of the 
system's devices. Verify running "ip address list".


[ ... ]


Why will cyrus not listen on 148.197.29.5 ?


I am sure it is because that IP address isn't bound to any device.


John


Alexander

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Dr J Austin]

On Wed, 12 Aug 2015, Alexander Dalloz wrote:



I have been working at trying to get cyrus to listen on 148.197.29.5
interface instead of the localhost - I have failed




No square brackets around the ip address.


  imap  cmd="imapd" listen="imap" prefork=5
#  imapscmd="imapd -s" listen="imaps" prefork=1
  imaps cmd="imapd -s" listen="148.197.29.5:imaps" prefork=1
  pop3  cmd="pop3d" listen="pop3" prefork=3

[root@maui:/var/log]$ gedit /etc/cyrus.conf
[root@maui:/var/log]$ service cyrus-imapd stop
Shutting down cyrus-imapd: [  OK  ]
Exporting cyrus-imapd databases:   [  OK  ]
[root@maui:/var/log]$ service cyrus-imapd start
Importing cyrus-imapd databases:   [  OK  ]
Starting cyrus-imapd:  [  OK  ]
[root@maui:/var/log]$ ps -ef|grep cyrus
cyrus31699 1  0 19:13 ?00:00:00 
/usr/lib/cyrus-imapd/cyrus-master -d

cyrus31703 1  0 19:13 ?00:00:00 idled
cyrus31705 31699  0 19:13 ?00:00:00 imapd
cyrus31706 31699  0 19:13 ?00:00:00 pop3d
cyrus31707 31699  0 19:13 ?00:00:00 pop3d -s
cyrus31708 31699  0 19:13 ?00:00:00 lmtpd -a
cyrus31709 31699  0 19:13 ?00:00:00 imapd
cyrus31710 31699  0 19:13 ?00:00:00 pop3d
cyrus31712 31699  0 19:13 ?00:00:00 imapd
cyrus31713 31699  0 19:13 ?00:00:00 imapd
cyrus31714 31699  0 19:13 ?00:00:00 imapd
cyrus31715 31699  0 19:13 ?00:00:00 pop3d
root 31717  3627  0 19:13 pts/100:00:00 grep cyrus
[root@maui:/var/log]$ ip a l
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
   valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state 
UP qlen 1000

link/ether 00:30:1b:a0:4d:cc brd ff:ff:ff:ff:ff:ff
inet 148.197.29.5/24 brd 148.197.29.255 scope global eth0
inet6 fe80::230:1bff:fea0:4dcc/64 scope link
   valid_lft forever preferred_lft forever


Then no "imapd -s" appears

I have tried all sorts of combinations in cyrus.conf but all fail
to LISTEN on 148.197.29.5


Make sure the IP address 148.197.29.5 is definitely up on any of the system's 
devices. Verify running "ip address list".


See above


Why will cyrus not listen on 148.197.29.5 ?


I am sure it is because that IP address isn't bound to any device.


I must be missing something very obvious !

John

A few extra tests

[root@maui:/var/log]$ nmap -A -T4 -p 993 127.0.0.1

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-12 19:23 BST
Nmap scan report for localhost.localdomain (127.0.0.1)
Host is up (0.49s latency).
PORTSTATE  SERVICE VERSION
993/tcp closed imaps
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results at 
http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2.12 seconds

[root@maui:/var/log]$ nmap -A -T4 -p 993 148.197.29.5

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-12 19:23 BST
Nmap scan report for maui.jaa.org.uk (148.197.29.5)
Host is up (0.51s latency).
PORTSTATE  SERVICE VERSION
993/tcp closed imaps
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results at 
http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2.16 seconds

[root@maui:/var/log]$ nmap -A -T4 -p 993 maui

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-12 19:20 BST
Nmap scan report for maui (127.0.0.1)
Host is up (0.52s latency).
Other addresses for maui (not scanned): 127.0.0.1 148.197.29.5
rDNS record for 127.0.0.1: localhost.localdomain
PORTSTATE  SERVICE VERSION
993/tcp closed imaps
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results at 
http://nmap.org/submit/ .

Nmap done: 1 IP address (1 host up) scanned in 2.14 seconds



From another machine

[root@paxos:~]$ nmap -A -T4 -p 993 maui

Starting Nmap 6.47 ( http://nmap.org ) at 2015-08-12 19:27 BST
Nmap scan report for maui (148.197.29.5)
Host is up (0.00016s latency).
PORTSTATE  SERVICE VERSION
993/tcp closed imaps
MAC Address: 00:30:1B:A0:4D:CC (Shuttle)
Too many fingerprints match this host to give specific OS details
Network Distance: 1 hop

TRACEROUTE
HOP RTT ADDRESS
1   0.16 ms 148.197.29.5

OS and Service detection performed. Please report any incorrect results at 
http://nmap.org/submit/ .

Nmap do

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Alexander Dalloz]

Am 12.08.2015 um 20:29 schrieb Dr J Austin:



On Wed, 12 Aug 2015, Alexander Dalloz wrote:



I have been working at trying to get cyrus to listen on 148.197.29.5
interface instead of the localhost - I have failed




No square brackets around the ip address.


   imapcmd="imapd" listen="imap" prefork=5
#  imapscmd="imapd -s" listen="imaps" prefork=1
   imapscmd="imapd -s" listen="148.197.29.5:imaps" prefork=1


That limits the listener to bind to only the specific IP address and not 
to all interfaces including localhost.



   pop3cmd="pop3d" listen="pop3" prefork=3

[root@maui:/var/log]$ gedit /etc/cyrus.conf
[root@maui:/var/log]$ service cyrus-imapd stop
Shutting down cyrus-imapd: [  OK  ]
Exporting cyrus-imapd databases:   [  OK  ]
[root@maui:/var/log]$ service cyrus-imapd start
Importing cyrus-imapd databases:   [  OK  ]
Starting cyrus-imapd:  [  OK  ]


What gets being logged at exactly that point? cyrus-imapd logs 
information at service start.


Please provide the content of /etc/imapd.conf.


[root@maui:/var/log]$ ps -ef|grep cyrus
cyrus31699 1  0 19:13 ?00:00:00
/usr/lib/cyrus-imapd/cyrus-master -d
cyrus31703 1  0 19:13 ?00:00:00 idled
cyrus31705 31699  0 19:13 ?00:00:00 imapd
cyrus31706 31699  0 19:13 ?00:00:00 pop3d
cyrus31707 31699  0 19:13 ?00:00:00 pop3d -s
cyrus31708 31699  0 19:13 ?00:00:00 lmtpd -a
cyrus31709 31699  0 19:13 ?00:00:00 imapd
cyrus31710 31699  0 19:13 ?00:00:00 pop3d
cyrus31712 31699  0 19:13 ?00:00:00 imapd
cyrus31713 31699  0 19:13 ?00:00:00 imapd
cyrus31714 31699  0 19:13 ?00:00:00 imapd
cyrus31715 31699  0 19:13 ?00:00:00 pop3d
root 31717  3627  0 19:13 pts/100:00:00 grep cyrus
[root@maui:/var/log]$ ip a l
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN
 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
 inet 127.0.0.1/8 scope host lo
 inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast
state UP qlen 1000
 link/ether 00:30:1b:a0:4d:cc brd ff:ff:ff:ff:ff:ff
 inet 148.197.29.5/24 brd 148.197.29.255 scope global eth0
 inet6 fe80::230:1bff:fea0:4dcc/64 scope link
valid_lft forever preferred_lft forever


Ok, IP 148.197.29.5 is set for interface eth0.


Then no "imapd -s" appears

I have tried all sorts of combinations in cyrus.conf but all fail
to LISTEN on 148.197.29.5


Make sure the IP address 148.197.29.5 is definitely up on any of the
system's devices. Verify running "ip address list".


See above


Why will cyrus not listen on 148.197.29.5 ?


I am sure it is because that IP address isn't bound to any device.


I must be missing something very obvious !

John

A few extra tests

[root@maui:/var/log]$ nmap -A -T4 -p 993 127.0.0.1


You configured the imaps service not to bind to localhost.


Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-12 19:23 BST
Nmap scan report for localhost.localdomain (127.0.0.1)
Host is up (0.49s latency).
PORTSTATE  SERVICE VERSION
993/tcp closed imaps
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results
at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2.12 seconds

[root@maui:/var/log]$ nmap -A -T4 -p 993 148.197.29.5

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-12 19:23 BST
Nmap scan report for maui.jaa.org.uk (148.197.29.5)
Host is up (0.51s latency).
PORTSTATE  SERVICE VERSION
993/tcp closed imaps
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results
at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2.16 seconds

[root@maui:/var/log]$ nmap -A -T4 -p 993 maui

Starting Nmap 5.51 ( http://nmap.org ) at 2015-08-12 19:20 BST
Nmap scan report for maui (127.0.0.1)
Host is up (0.52s latency).
Other addresses for maui (not scanned): 127.0.0.1 148.197.29.5
rDNS record for 127.0.0.1: localhost.localdomain


What did you configure in your DNS and set in /etc/hosts? Please provide 
last one.



PORTSTATE  SERVICE VERSION
993/tcp closed imaps
Too many fingerprints match this host to give specific OS details
Network Distance: 0 hops

OS and Service detection performed. Please report any incorrect results
at http://nmap.org/submit/ .
Nmap done: 1 IP address (1 host up) scanned in 2.14 seconds


 From another machine
[root@paxos:~]$ nmap -A -T4 -p 

[CentOS] OT: bareos (F/OSS fork of bacula)

[m . roth]

I'm trying to get this up and running, and have run into something that
isn't clear in the docs: volumes are part of pools, I get, but I see that
the limit to the number of volumes is 100. Is this a drop-dead
can't-go-beyond? If I have > 100 clients to back up, do they all go to one
volume, or to individual volumes?

  mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] how do I stop automount of Hitichi Lifestudio USB drive

[Michael Hennebry]

Most of the time, if I plug a USB drive into my computer,
gnome/centos/whatever will ask me what I want to do with it.
With a Hitachi Lifestudio, all the partitions mount without asking me.

How do I stop that behavior?

My suspicion is that the same kind of
mechanism is what makes candy drops work.
So far as I know, my backup drive is not candy,
but I would still like to be able to control my computer.

--
Michael   henne...@web.cs.ndsu.nodak.edu
"SCSI is NOT magic. There are *fundamental technical
reasons* why it is necessary to sacrifice a young
goat to your SCSI chain now and then."   --   John Woods
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how do I stop automount of Hitichi Lifestudio USB drive

[Fred Smith]

On Wed, Aug 12, 2015 at 03:34:53PM -0500, Michael Hennebry wrote:
> 
> Most of the time, if I plug a USB drive into my computer,
> gnome/centos/whatever will ask me what I want to do with it.
> With a Hitachi Lifestudio, all the partitions mount without asking me.
> 
> How do I stop that behavior?
> 
> My suspicion is that the same kind of
> mechanism is what makes candy drops work.
> So far as I know, my backup drive is not candy,
> but I would still like to be able to control my computer.

Not sure, but if  you made entries for it in /etc/fstab that
explicitly said not to mount, that might do the trick.

It looks as if the "noauto" option should do the trick.

Fred
-- 
 Fred Smith -- fre...@fcshome.stoneham.ma.us -
"Not everyone who says to me, 'Lord, Lord,' will enter the kingdom of
 heaven, but only he who does the will of my Father who is in heaven."
-- Matthew 7:21 (niv) -
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how do I stop automount of Hitichi Lifestudio USB drive

[Michael Hennebry]

On Wed, 12 Aug 2015, Fred Smith wrote:


On Wed, Aug 12, 2015 at 03:34:53PM -0500, Michael Hennebry wrote:


Most of the time, if I plug a USB drive into my computer,
gnome/centos/whatever will ask me what I want to do with it.
With a Hitachi Lifestudio, all the partitions mount without asking me.

How do I stop that behavior?



Not sure, but if  you made entries for it in /etc/fstab that
explicitly said not to mount, that might do the trick.

It looks as if the "noauto" option should do the trick.


That might work.
I could add 30 entries to fstab:  /dev/sd[cde][1-9]

My suspicion is that whatever is mounting the drive
is treating it special and might ignore fstab.
Ideally I'd learn the the name of the automounter and what database to edit.


--
Michael   henne...@web.cs.ndsu.nodak.edu
"SCSI is NOT magic. There are *fundamental technical
reasons* why it is necessary to sacrifice a young
goat to your SCSI chain now and then."   --   John Woods
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Dr J Austin]

Many thanks to Alexander, Richard, Jonathan and m.roth

The Magic incandation !

portrelease dovecot
service cyrus-imapd restart

[root@maui:/etc/named]$ cat /etc/portreserve/dovecot
imap
imaps
pop3
pop3s

My total ignorance of portrelease/portreserve has been a bit
of a problem!

Now to fix it permanently and get evolution back in one piece

But why was cyrus able to use imap, pop3 & pop3S but not imaps?

John


!This showe it up!



That limits the listener to bind to only the specific IP

Yes - that made it easy to tell if imapd was running on 148.197.29.5
by just doing ps -ef|grep cyrus 

What gets being logged at exactly that point? cyrus-imapd logs information at 
service start.



[root@maui:/var/log]$ cat  maillog
just after running
service cyrus-imapd restart

Aug 12 21:33:17 maui cvt_cyrusdb[2753]: skiplist: checkpointed 
/var/lib/imap/deliver.db.skiplist (630 records, 64416 bytes) in 0 seconds

Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: starting txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
... maybe 200 lines like this 
!

Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui cvt_cyrusdb[3352]: mystore: reusing txn 2147483651
Aug 12 21:33:19 maui master[3384]: setrlimit: Unable to set file 
descriptors limit to -1: Operation not permitted

Aug 12 21:33:19 maui master[3384]: retrying with 4096 (current max)
Aug 12 21:33:19 maui master[3384]: process started
Aug 12 21:33:19 maui master[3385]: about to exec 
/usr/lib/cyrus-imapd/ctl_cyrusdb

Aug 12 21:33:19 maui ctl_cyrusdb[3385]: recovering cyrus databases
Aug 12 21:33:19 maui ctl_cyrusdb[3385]: skiplist: checkpointed 
/var/lib/imap/mailboxes.db (9 records, 756 bytes) in 0 seconds
Aug 12 21:33:19 maui ctl_cyrusdb[3385]: skiplist: checkpointed 
/var/lib/imap/annotations.db (0 records, 144 bytes) in 0 seconds

Aug 12 21:33:19 maui ctl_cyrusdb[3385]: done recovering cyrus databases
Aug 12 21:33:19 maui master[3387]: about to exec 
/usr/lib/cyrus-imapd/idled
Aug 12 21:33:19 maui master[3384]: unable to create imaps listener socket: 
Address already in use 
!
Aug 12 21:33:19 maui master[3384]: unable to setsocketopt(IP_TOS): 
Operation not supported

Aug 12 21:33:19 maui master[3384]: ready for work
Aug 12 21:33:19 maui master[3389]: about to exec 
/usr/lib/cyrus-imapd/ctl_cyrusdb
Aug 12 21:33:19 maui master[3392]: about to exec 
/usr/lib/cyrus-imapd/pop3d

Aug 12 21:33:19 maui ctl_cyrusdb[3389]: checkpointing cyrus databases
Aug 12 21:33:19 maui master[3390]: about to exec 
/usr/lib/cyrus-imapd/imapd
Aug 12 21:33:19 maui master[3391]: about to exec 
/usr/lib/cyrus-imapd/pop3d
Aug 12 21:33:19 maui master[3393]: about to exec 
/usr/lib/cyrus-imapd/lmtpd

Aug 12 21:33:19 maui lmtpunix[3393]: executed
Aug 12 21:33:19 maui pop3s[3392]: executed
Aug 12 21:33:19 maui ctl_cyrusdb[3389]: archiving database file: 
/var/lib/imap/annotations.db

Aug 12 21:33:19 maui imap[3390]: executed
Aug 12 21:33:19 maui pop3[3391]: executed
Aug 12 21:33:19 maui ctl_cyrusdb[3389]: archiving log file: 
/var/lib/imap/db/log.01
Aug 12 21:33:19 maui ctl_cyrusdb[3389]: archiving log file: 
/var/lib/imap/db/log.01
Aug 12 21:33:19 maui ctl_cyrusdb[3389]: archiving database file: 
/var/lib/imap/mailboxes.db
Aug 12 21:33:19 maui ctl_cyrusdb[3389]: archiving log file: 
/var/lib/imap/db/log.01
Aug 12 21:33:19 maui ctl_cyrusdb[3389]: archiving log file: 
/var/lib/imap/db/log.01

Aug 12 21:33:19 maui ctl_cyrusdb[3389]: done checkpointing cyrus databases
Aug 12 21:33:19 maui master[3384]: process 3389 exited, status 0
Aug 12 21:33:19 maui master[3394]: about to exec 
/usr/lib/cyrus-imapd/imapd
Aug 12 21:33:19 maui master[3395]: about to exec 
/usr/lib/cyrus-imapd/pop3d

Aug 12 21:33:19 maui pop3[3395]: executed
Aug 12 21:33:19 maui imap[3394]: executed
[root@maui:/var/log]$





Please provide the content of /etc/imapd.conf.


[root@maui:/etc/named]$ cat /etc/imapd.conf
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
admins: cyrus
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem
tls_ca_file: /

Re: [CentOS] how do I stop automount of Hitichi Lifestudio USB drive

[m . roth]

Michael Hennebry wrote:
> On Wed, 12 Aug 2015, Fred Smith wrote:
>
>> On Wed, Aug 12, 2015 at 03:34:53PM -0500, Michael Hennebry wrote:
>>>
>>> Most of the time, if I plug a USB drive into my computer,
>>> gnome/centos/whatever will ask me what I want to do with it.
>>> With a Hitachi Lifestudio, all the partitions mount without asking me.
>>>
>>> How do I stop that behavior?
>
>> Not sure, but if  you made entries for it in /etc/fstab that
>> explicitly said not to mount, that might do the trick.
>>
>> It looks as if the "noauto" option should do the trick.
>
> That might work.
> I could add 30 entries to fstab:  /dev/sd[cde][1-9]
>
> My suspicion is that whatever is mounting the drive
> is treating it special and might ignore fstab.
> Ideally I'd learn the the name of the automounter and what database to
> edit.

autofs is what's mounting it. But if you turn it off, you'll have to
manually mount anything that's not in /etc/fstab.

Sounds like gnome's trying to be WinDoze

  mark

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Dr J Austin]

> My dns lookup (against either of the hosteurope.com nameservers
> listed for jaa.org.uk) is showing the following for the maui FQDN.
> 
>maui.jaa.org.uk.   14400   IN  A   213.152.52.233
> 
> and I'm getting:
> 
>   5.29.197.148.in-addr.arpa. 80184 IN PTR adarwash1.ee.port.ac.uk
> 
> for the rDNS of 148.197.29.5.
> 
> As you can see from the netstat output, cyrus is listening (on all
> interfaces), but only on ipv6. It doesn't appear to be listening on
> any interface on ipv4. You do have portreserve "holding" the IMAP
> ipv4 ports. It's possible that it's not releasing them to cyrus. You
> may want to look at the man page for that application, and see that
> it knows about cyrus (mine is only set up to "hold" things for cups).
> 
> I would also suggest looking at your yum.log to see if cyrus was
> updated with the .6->.7 update. If so, look for "rpmnew" or "rpmold"
> config files. In my experience it is uncommon for updates to move
> current configs out, unless they are incompatible with a new release
> (and when they do you should find an "rpmold"). 
> 
> I've never touched cyrus, so can't be of much help trying to
> (re-)configure it (but I'd look at portreserve first).
> 
> 
Richard - you were right!

It was portreserve !

Many thanks for the advice

John
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] C6.7 evolution to cyrus imap(s) fails

[Richard]

> Date: Wednesday, August 12, 2015 22:22:22 +0100
> From: Dr J Austin 
>
> 
> Many thanks to Alexander, Richard, Jonathan and m.roth
> 
> The Magic incandation !
> 
> portrelease dovecot
> service cyrus-imapd restart
> 
> [root@maui:/etc/named]$ cat /etc/portreserve/dovecot
> imap
> imaps
> pop3
> pop3s
> 
> My total ignorance of portrelease/portreserve has been a bit
> of a problem!
> 
> Now to fix it permanently and get evolution back in one piece
> 
> But why was cyrus able to use imap, pop3 & pop3S but not imaps?
> 
> John
> 
> 

Look in /etc/portreserve/ and look at the files there (both the
names on the files and their contents). That will give you a sense
of what services are covered. Your previous netstat output indicated
that portreserve was "holding" both 143 (imap) and 993 (imaps).
Since we were focusing on imap I didn't ask for netstat for other
ports, so don't know what else it might have been "holding".

  [snip ... ]


> --
> --
>> What did you configure in your DNS and set in /etc/hosts? Please
>> provide last  one.
>> 
> I am running a DNS server on maui that is updated by DHCP as
> required
> The zone file looks like this at the moment
> IPs between range   148.197.29.129  148.197.29.253  ;
> are dynamic, the rest are fixed
> 
> [root@maui:/var/named/chroot/var/named/dynamic]$ cat
> jaa.org.uk.zone
> $ORIGIN .
> $TTL 86400  ; 1 day
> jaa.org.uk  IN SOA  maui.jaa.org.uk. ja.jaa.org.uk. (
>  200714349  ; serial
>  7200   ; refresh (2 hours)
>  300; retry (5 minutes)
>  604800 ; expire (1 week)
>  60 ; minimum (1 minute)
>  )
>  NS  maui.jaa.org.uk.
>  MX  10 maui.jaa.org.uk.
> $ORIGIN jaa.org.uk.
> $TTL 43200  ; 12 hours
> android-54f4af51ba23308b A  148.197.29.251
>  TXT
> "31d805ae3efb12d6a37351a28b581c9142"
> $TTL 86400  ; 1 day
> draytek A   148.197.29.254
> $TTL 43200  ; 12 hours
> ferrari A   148.197.29.183
>  TXT
> "310fc27c6e505544502e0a12fb2192d64a"
> $TTL 86400  ; 1 day
> mauiA   148.197.29.5
> $TTL 43200  ; 12 hours
> paxos   A   148.197.29.159
>  TXT
> "315dff374b9faae33e5457b537bb671bd9"
> $TTL 86400  ; 1 day
> zyxel   A   148.197.29.2
> ---
> [root@maui:/etc/named]$ cat /etc/hosts
> 127.0.0.1   localhost.localdomain   localhost maui
># 127.0.0.1  localhost.localdomain   localhost
> ::1 maui.jaa.org.uk mauilocalhost6.localdomain6 localhost6
> 148.197.29.5maui.jaa.org.uk maui
> 

I'm not certain where that's coming from. That will all work
internally (assuming internal consistency), but the outside world
has a rather different view.

The information returned by whois for jaa.org.uk (which has your
name as registrant) shows:

   Name servers:
ns.hosteurope.com
ns2.hosteurope.com

as the nameservers for that domain.

If you do a "dig" against either of those servers for your maui host:

  dig @ns.hosteurope.com maui.jaa.org.uk

you get:

  maui.jaa.org.uk.  14400   IN  A   213.152.52.233

An rDNS lookup on that IPnumber returns:

  233.52.152.213.in-addr.arpa. 56246 IN PTR jaa.org.uk.

while the rDNS on 148.197.29.5 returns:

  5.29.197.148.in-addr.arpa. 50161 IN   PTR adarwash1.ee.port.ac.uk

which matches the forward lookup:

  adarwash1.ee.port.ac.uk. 86400IN  A   148.197.29.5

So, the outside world has a rather different view of what your
ipnumber(s) are than you seem to be getting/using internally. 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] OT: bareos (F/OSS fork of bacula)

[Valeri Galtsev]

On Wed, August 12, 2015 3:12 pm, m.r...@5-cent.us wrote:
> I'm trying to get this up and running, and have run into something that
> isn't clear in the docs: volumes are part of pools, I get, but I see that
> the limit to the number of volumes is 100. Is this a drop-dead
> can't-go-beyond? If I have > 100 clients to back up, do they all go to one
> volume, or to individual volumes?
>

I set it up originally a while back (and it was brain racking exercise),
and it works seamlessly since, so I'm really rusted on the definitions. It
probably is a restriction how many volumes you can have open
simultaneously for jobs. In my case volumes are files ( <= 50Gb - my
restriction for volume size) on big RAIDs, even a single RAID (I have 6
currenly attached to the server box) contains over 1000 volumes. For
flexibility, I set all clients with their individual volumes, job names,
pool names, etc, and even these volumes are stored into individual
directories one container directory per client. For each client I have on
the server two config files (one for storage daemon and one for director)
- all these client files are included in the main sd or dir config files
in the following manner:

# Read client directory for config files. Remember to bconsole "reload"
after adding a client.
@|"sh -c 'cat /usr/local/etc/bacula/conf.d/clients/*.conf'"

(Hm, ignore my comment, I usually restart sd and dir daemons to re-read
configs after adding client).

I hope this helps.

Valeri



Valeri Galtsev
Sr System Administrator
Department of Astronomy and Astrophysics
Kavli Institute for Cosmological Physics
University of Chicago
Phone: 773-702-4247

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] Skype Issue

[Mark LaPierre]

Hey Y'all,

Seems my Skype installation has stopped working.

I have skype-4.3.0.37-2.el6.i686.rpm from the Nux repo.

[mlapier@peach ~]$ skype %U
(:27070): Gtk-WARNING **: Unable to locate theme engine in
module_path: "clearlooks",
Gtk-Message: Failed to load module "canberra-gtk-module"
Gtk-Message: Failed to load module "pk-gtk-module"

I checked the yum log.  Other than the 6.7 upgrade these are all the
transactions I see.

Aug 09 20:32:28 Updated: firefox-38.1.1-1.el6.centos.x86_64
Aug 11 20:58:39 Updated: firefox-38.2.0-4.el6.centos.x86_64
Aug 11 20:58:40 Updated: flash-plugin-11.2.202.508-release.x86_64
Aug 11 20:58:49 Updated: google-chrome-stable-44.0.2403.155-1.x86_64
Aug 12 17:29:49 Installed: opus-1.1-1.el6.x86_64

The issue did not begin with the 6.7 upgrade.

Does anyone have any idea how to fix the issue?

-- 
_
   °v°
  /(_)\
   ^ ^  Mark LaPierre
Registered Linux user No #267004
https://linuxcounter.net/

___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] how do I stop automount of Hitichi Lifestudio USB drive

[Jonathan Billings]

On Aug 12, 2015, at 5:22 PM, m.r...@5-cent.us wrote:
> autofs is what's mounting it. But if you turn it off, you'll have to
> manually mount anything that's not in /etc/fstab.
> 
> Sounds like gnome's trying to be WinDoze

Its not ‘autofs’ specifically (which is a simple thing) but udev talking to 
udisks, allowing your login session to use udisks to mount the volumes if 
allowed by PolicyKit, speaking through dbus.

Yeah.

--
Jonathan Billings 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

Re: [CentOS] Skype Issue

[Jonathan Billings]

On Aug 12, 2015, at 8:14 PM, Mark LaPierre  wrote:
> [mlapier@peach ~]$ skype %U
> (:27070): Gtk-WARNING **: Unable to locate theme engine in
> module_path: "clearlooks",
> Gtk-Message: Failed to load module "canberra-gtk-module"
> Gtk-Message: Failed to load module "pk-gtk-module"

Since skype is a 32-bit package, figure out what files include a file called 
"canberra-gtk-module*”.  On my CentOS7 system, it’s either the libcanberra-gtk2 
or libcanberra-gtk3, but I bet on centos6 it’s just the gtk2 one.  You probably 
need the 32-bit libcanberra-gtk2 package.  Repeat with pk-gtk-module.

The problem is that it’s not strictly Required for Skype to have the entire 
32-bit graphical environment installed, but it appears that it’s necessary to 
have parts of gtk installed as 32-bit.

--
Jonathan Billings 


___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos

[CentOS] unpatched local root on centos 5?

[Eero Volotinen]

Hi List,

Looks like this affects on centos 5 and is unpatched like on rhel 5?

https://access.redhat.com/articles/1537873

Trying to test if this affects on centos 5. can someone compile this
exploit on centos 5?
https://www.qualys.com/research/security-advisories/roothelper.c

any ideas how to compile it on centos 5?

--
Eero
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos