Re: [CentOS] firewalld management on a headless server
> -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of Valeri > Galtsev > Sent: den 27 mars 2017 23:43 > To: CentOS mailing list > Subject: Re: [CentOS] firewalld management on a headless server > > > On Mon, March 27, 2017 3:58 pm, Mike wrote: > > I don't think it's going to give you a web-based firewall configuration > > tool. > > Firewall/router system I use is pfSense: > > https://pfsense.org/ > > It has nice web interface for configuration of everything, based on > FreeBSD (very slim, lightweight, small footprint). Has a lot what you may > want to have in router box, including VPN,... If OP is not married to what > he currently uses I would recommend to try pfSense. That reminded me about Smoothwall I used to use a few years back. Wasn't pfsense related to Smoothwall, maybe even a fork? -- //Sorin ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
On 3/27/2017 10:20 PM, Sorin Srbu wrote: That reminded me about Smoothwall I used to use a few years back. Wasn't pfsense related to Smoothwall, maybe even a fork? smoothwall is linux based. m0n0wall was a BSD firewall that pfSense forked from back in 2004. -- john r pierce, recycling bits in santa cruz ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
> -Original Message- > From: CentOS [mailto:centos-boun...@centos.org] On Behalf Of John R Pierce > Sent: den 28 mars 2017 09:28 > To: centos@centos.org > Subject: Re: [CentOS] firewalld management on a headless server > > On 3/27/2017 10:20 PM, Sorin Srbu wrote: > > That reminded me about Smoothwall I used to use a few years back. > > Wasn't pfsense related to Smoothwall, maybe even a fork? > > smoothwall is linux based. > > m0n0wall was a BSD firewall that pfSense forked from back in 2004. Ah, my mistake. Thanks for the heads up. -- //Sorin ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
On Mon, March 27, 2017 17:31, m.r...@5-cent.us wrote: > Mike wrote: >> Nice catch, Mr. Schumacher ---> The following modules are included >> as >> standard with release 1.831 of Webmin. FirewallD firewalld.wbm.gz >> Configure a Linux firewall using FirewallD, by editing allowed >> services and ports. >> >> This is likely the right tool for the job. >> > Webmin used to be considered insecure, and people would scream and > yell if you suggested using it. Has that changed? Webmin is as insecure as the administrator cares to make it. Our host systems' Webmin instances listen on a reserved IP address different from the host's DNS entry and that address is only reachable through the host's firewall from specified IP addresses originating on our internal LAN. Further, Webmin is configured to automatically switch to https and use a certificate generated by our corporate private CA. Our gateway firewall blocks all access to the port assigned to Webmin. One has to tunnel in to one of the pre-determined host addresses to obtain remote access. A separate webmin logon is set in the webmin configuration which has no existence on the host system. Webmin can also be configured to restrict the hours and day that asccess is allowed to specific users but we have not bothered with that. The main known weakness is Webmin's dependency on passwords which for all I know is due to my ignorance. If Webmin does support RSA certificate authentication then I would love to be told where it is configured. However,failing that, very long phase phrases mitigate the password issue somewhat. Further, Webmin does support two-factor authentication using Google or Authy. To my knowledge there are no CVEs reported for Webmin since 2015 and I believe that all known problems are resolved in the present release. Which is not to say that there are no exploits left to be uncovered but then again we can hardly claim that about any software. -- *** e-Mail is NOT a SECURE channel *** Do NOT transmit sensitive data via e-Mail Do NOT open attachments nor follow links sent by e-Mail James B. Byrnemailto:byrn...@harte-lyne.ca Harte & Lyne Limited http://www.harte-lyne.ca 9 Brockley Drive vox: +1 905 561 1241 Hamilton, Ontario fax: +1 905 561 0757 Canada L8E 3C3 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] Using i3 wm under CentOS7
Hi all, Anyone has installed i3 wm under CentOS7? Any samples? I have some doubts about to how to manage battery power, notifications, etc. Thanks -- Greetings, C. L. Martinez ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] firewalld management on a headless server
James B. Byrne wrote: > > On Mon, March 27, 2017 17:31, m.r...@5-cent.us wrote: >> Mike wrote: >>> Nice catch, Mr. Schumacher ---> The following modules are included as standard with release 1.831 of Webmin. FirewallD firewalld.wbm.gz Configure a Linux firewall using FirewallD, by editing allowed services and ports. >>> >>> This is likely the right tool for the job. >>> >> Webmin used to be considered insecure, and people would scream and yell if you suggested using it. Has that changed? > > Webmin is as insecure as the administrator cares to make it. > > Our host systems' Webmin instances listen on a reserved IP address different from the host's DNS entry and that address is only reachable through the host's firewall from specified IP addresses originating on our internal LAN. Further, Webmin is configured to automatically switch to https and use a certificate generated by our corporate private CA. Our gateway firewall blocks all access to the port > assigned to Webmin. One has to tunnel in to one of the pre-determined host addresses to obtain remote access. > > A separate webmin logon is set in the webmin configuration which has no existence on the host system. > > Webmin can also be configured to restrict the hours and day that asccess is allowed to specific users but we have not bothered with that. > > The main known weakness is Webmin's dependency on passwords which for all I know is due to my ignorance. If Webmin does support RSA > certificate authentication then I would love to be told where it is configured. However,failing that, very long phase phrases mitigate the password issue somewhat. Further, Webmin does support two-factor authentication using Google or Authy. > > To my knowledge there are no CVEs reported for Webmin since 2015 and I believe that all known problems are resolved in the present release. Which is not to say that there are no exploits left to be uncovered but then again we can hardly claim that about any software. > Thanks for the extended response, James, esp. that last paragraph. I hadn't been following webmin for a number of years - we don't use it here. I did find and use it in a job I was in ten years ago - it was the only way I could get LDAP working, as, at the time, the tools that came with the package were *not* ready for prime time mark PS: Tried reply, James, but it bounced. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] mirror for debug_info repo
Hello all hope all is well. We pull down via rsync from a Centos mirror for general updates/os/etc. I don't see a mirror for debuginfo.centos.org::centos-debuginfo well debuginfo.centos.org. The banner for the site states you should only use this site if you plan to be a public mirror. I have not checked every site on the centos mirror list, checked 10 to 15 in the US, but the only one I found that even had a folder for a debug_info sync stated: "due to size this has been moved to debuginfo.centos.org" I am only syncing debuginfo.centos.org::centos-debuginfo/7/x86_64 and i386. Should I pull from here? Is there a better place? Just trying to do the right thing net/netizen resource usage wise Any help/guidance appreciated thanks all ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6.9 is out
Still only 6.8 on the mirror link you gave near as I can see. And, since I'm still on 32-bit ( no time to move on right now), will a 32-bit be included in 6.9? On Fri, Mar 24, 2017 at 1:11 PM, Johnny Hughes wrote: > On 03/23/2017 06:57 PM, Johnny Hughes wrote: > > On 03/22/2017 05:11 PM, Digimer wrote: > >> On 22/03/17 05:31 PM, Johnny Hughes wrote: > >>> On 03/22/2017 08:27 AM, Phelps, Matthew wrote: > On Wed, Mar 22, 2017 at 9:16 AM, Valeri Galtsev < > galt...@kicp.uchicago.edu> > wrote: > > > > > On Wed, March 22, 2017 7:46 am, Phelps, Matthew wrote: > >> Red Hat released RHEL 6.9 yesterday. > >> > >> Why isn't CentOS 6.9 out yet? :) > >> > > Somebody has to do a hard work, I'm sure. Thanks, guys for the great > work > > you are doing! > > > > Or you as sysadmin know that and just being ironic? > > > > Valeri > > > > To be clear, I was being ironic. Hence the smiley face. > > I just wanted to start a thread for future updates to appear in. > > >>> > >>> There are 270 SRPMs that need to be built .. of those 18 require > >>> modification for branding. All the mods have been applied and a build > >>> consisting of those 270 SRPMs has been queued. > >>> > >>> As of right now (time of writing this mail), we are still building in > >>> pass 1 .. so far 236 of the 270 SRPMs have tried to build, 15 have had > >>> some sort of failure and the rest have built fine. > >>> > >>> Working right now to figure out the failures and will resubmit those > >>> once the first pass of all 270 completes. > >>> > >> > >> Sending a digital $drink... :) > >> > > > > > > OK .. current status on CentOS-6.9 testing: > > > > We have a CR tree (see this link if you don't know what CR is > > http://bit.ly/2mWkdq7 ) > > > > We have been testing this tree for several hours in QA and have made > > some corrections. > > > > If we don't find any deal breaking errors, the plan is to push the CR > > repo to 6.8 tree tomorrow at 1600 UTC .. it will take a couple hours to > > get to all of mirror.centos.org. > > > > So expect some announcements on the CR-Annoucne list tomorrow: > > > > https://lists.centos.org/mailman/listinfo/centos-cr-announce > > > > OK guys, the CR release has happened. > > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos > > -- -- MzK "If evolution is outlawed, only outlaws will evolve." -- Jello Biafra ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL 6.9 is out
>> On Fri, Mar 24, 2017 at 1:11 PM, Johnny Hughes >> wrote: >> >> OK guys, the CR release has happened. >> > Date: Tuesday, March 28, 2017 16:23:32 -0700 > From: Kay Schenk > > Still only 6.8 on the mirror link you gave near as I can see. > And, since I'm still on 32-bit ( no time to move on right now), > will a 32-bit be included in 6.9? > My read, and poking, is that what was released is the CR repo, and that these will be released to production (as 6.9) "shortly". If you enable the CR repo on your 6.x machine I believe you'll see these updates, and can install them if you want to check things out. My experience is that there will likely be a few updates from the CR when the production set is released. If you go to: http://mirror.centos.org/centos/6.8/cr//Packages/ you'll see that there are packages for both 32- and 64-bit, so you should be getting 32-bit updates that will take you up to 6.9. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] sound problems... config?
The www has failed me with this, so I'm trying you guys. Sound worked great out of the box when I installed 7.2... Yay! I could watch all kinds of videos, like on facebook and youtube. And I could listen to most podcasts too. But then something happened. It was either a kernel upgrade or that I installed vlc (for watching videos on DVD) and the whole stack of codecs for it... I don't know exactly when, but at some point I no longer had sound with youtube and other web videos. The videos played fine, just no sound. Note that using vlc, both video and the audio with it play just fine. I need to select the audio driver (from a list in a vlc menu), however, else the sound won't work in vlc either. If I go into the Applications menu, then System Tools -> Settings -> Sound, under "Choose a device for sound output:" there are no devices listed. There used to be. If I run "aplayer file.wav", nothing plays (no sound at all) and I get the error "main:786: audio open error: No such file or directory". If, on the other hand, I run "aplay file.wav -D plughw:0" (i.e., specify the/a device), I do get sound, the file does play. I ran alsa-info.sh and it posted tons of info from it on my setup at http://www.alsa-project.org/db/?f=1dba91886be054df4816000768a0f5b109947a48. Yet it still doesn't tell me what's missing. Anyone here have an idea...? or thoughts about where to look next? tia, ken ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sound problems... config?
On 03/28/2017 05:53 PM, ken wrote: The www has failed me with this, so I'm trying you guys. Sound worked great out of the box when I installed 7.2... Yay! I could watch all kinds of videos, like on facebook and youtube. And I could listen to most podcasts too. But then something happened. It was either a kernel upgrade or that I installed vlc (for watching videos on DVD) and the whole stack of codecs for it... I don't know exactly when, but at some point I no longer had sound with youtube and other web videos. The videos played fine, just no sound. Note that using vlc, both video and the audio with it play just fine. I need to select the audio driver (from a list in a vlc menu), however, else the sound won't work in vlc either. If I go into the Applications menu, then System Tools -> Settings -> Sound, under "Choose a device for sound output:" there are no devices listed. There used to be. If I run "aplayer file.wav", nothing plays (no sound at all) and I get the error "main:786: audio open error: No such file or directory". If, on the other hand, I run "aplay file.wav -D plughw:0" (i.e., specify the/a device), I do get sound, the file does play. I ran alsa-info.sh and it posted tons of info from it on my setup at http://www.alsa-project.org/db/?f=1dba91886be054df4816000768a0f5b109947a48. Yet it still doesn't tell me what's missing. Anyone here have an idea...? or thoughts about where to look next? tia, ken I have similar issue with USB headphones. Worked fine in 7.2 but in 7.3 I frequently have to unplug and plug them back in before it finally is able to be selected from the menus as my output. Once it is selected, it stays selected until next reboot. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] sound problems... config?
On Tue, 28 Mar 2017, Alice Wonder wrote: On 03/28/2017 05:53 PM, ken wrote: The www has failed me with this, so I'm trying you guys. Sound worked great out of the box when I installed 7.2... Yay! I could watch all kinds of videos, like on facebook and youtube. And I could listen to most podcasts too. But then something happened. It was either a kernel upgrade or that I installed vlc (for watching videos on DVD) and the whole stack of codecs for it... I don't know exactly when, but at some point I no longer had sound with youtube and other web videos. The videos played fine, just no sound. Note that using vlc, both video and the audio with it play just fine. I need to select the audio driver (from a list in a vlc menu), however, else the sound won't work in vlc either. If I go into the Applications menu, then System Tools -> Settings -> Sound, under "Choose a device for sound output:" there are no devices listed. There used to be. If I run "aplayer file.wav", nothing plays (no sound at all) and I get the error "main:786: audio open error: No such file or directory". If, on the other hand, I run "aplay file.wav -D plughw:0" (i.e., specify the/a device), I do get sound, the file does play. I ran alsa-info.sh and it posted tons of info from it on my setup at http://www.alsa-project.org/db/?f=1dba91886be054df4816000768a0f5b109947a48. Yet it still doesn't tell me what's missing. Anyone here have an idea...? or thoughts about where to look next? tia, ken I have similar issue with USB headphones. Worked fine in 7.2 but in 7.3 I frequently have to unplug and plug them back in before it finally is able to be selected from the menus as my output. I notice that you have an HDA-Intel. I do as well. By any chance is the last kernel that worked reliably with sound is kernel-3.10.0-229.20.1.el7.x86_64. I find that with kernels newer than kernel-3.10.0-229.20.1.el7.x86_64 the sound card works, but the internal speaker is disabled, but I can plug in headphones and get sound that way. If I boot into kernel-3.10.0-229.20.1.el7.x86_64 with no other modifications to my system, my sound works fine. Barry ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
