Re: [CentOS] FreeIPA 4.1.1 does not install on Cntos7
2014-11-19 1:28 GMT+01:00 John R Pierce : > On 11/18/2014 4:12 PM, Leon Fauster wrote: > >> Am 18.11.2014 um 17:00 schriebm.r...@5-cent.us: >> >>> >Leon Fauster wrote: >>> >>Am 18.11.2014 um 14:45 schrieb Cosme Faria Corrêa: > >>>We're looking to run freeipa 4.1.1 on CentOS 7. > >>> > >>>1. after include: > >>>* mkosek-freeipa-epel-7.repo > >>>2. Write this: > >>>* yum install freeipa-server > >>>3. I get this error: > >>>* Error: Package: pki-base-10.2.0-3.el7.centos.noarch > >>>(mkosek-freeipa) > >>>* Requires: jackson-jaxrs-json-provider > >>> > >>>I would appreciate any ideas. > >> >>wrong list -> FreeIPA list/site/support channels are more appropriate. >>> > >>> >I disagree - he's trying to yum install a package from, ahh, looks like >>> >epel, and it's got broken dependencies. If anything, it's epel that he >>> >should complain to. >>> >> >> https://copr.fedoraproject.org/coprs/mkosek/freeipa/ >> > > wild guess... maybe he has to enable that repository AND epel for this to > work. This issue has been discussed over at the freeipa-users list. The solution, for now, is to build jackson-jaxrs-json-provider yourself. - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Replacement for NIS/NFS?
On 02/24/2015 01:15 AM, Gordon Messmer wrote: On 02/23/2015 08:22 AM, Niki Kovacs wrote: 1. Users should be manageable through a GUI, probably a web interface, so the client can create, manage and delete them eventually. FreeIPA is a good option, generally. As best I understand it, it's currently available in a Docker container for CentOS. http://seven.centos.org/2014/12/freeipa-4-1-2-and-centos/ I haven't heard about more standard packaging, but that might come along later... ipa-server is available from the base repos in both EL6 (v3.0) and EL7 (v3.3). RHEL7.1 beta ships with version 4.1. EL6 clients are fully compatible with EL7 servers and vice versa. 2. Home directories should be created/deleted automagically under the hood. You can use pam_mkhomedir to create them, but archiving or deleting home directories would be a manual process. You should use pam_oddjob_mkhomedir for that, it requires fewer privileges and integrates nicely with SELinux. 3. Every user should be able to login on any machines and find his or her files and preferences. You can continue using NFS for that. FreeIPA also supports automount/autofs. You should check out the FreeIPA demo (v4.1): http://www.freeipa.org/page/Demo - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] which kernel do people use?
On 10/23/2013 04:44 AM, Keith Keller wrote: > Hi all, > > I'm doing a very informal and unscientific poll: which kernel do you use > on your CentOS machines? Not which version of the CentOS kernel, but > which repository. I use centos-plus on all machines ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] yum update interruption recovery
On 12/04/2013 11:34 PM, Hugh E Cruickshank wrote: > Hi All: > > I am having problems with a CentOS 6.4 box that I was in the process > of doing a yum update to 6.5. Unfortunately the system hung during > the update and I was forced to reboot it and it is now a bit of a mess. > Can someone point me in the direction of any documentation that would > assist in the recovering from this. Run yum-complete-transaction. Source: http://www.redhat.com/archives/rhl-devel-list/2008-September/msg00984.html - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Amavisd start - SOLVED
2013/12/23 Jussi Hirvi > This was connected with SELinux. I disabled SELinux and rebooted > (naughty me), and things are back to normal. > You should turn SELinux back on and run 'restorecon /etc/amavisd.conf' to (re)set the correct SELinux context. - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Elliptic curve on Centos 6.x
2014/1/3 David Benfell > I was unable to find an associated vulnerability in Linux. I trust the > OpenSSL folks would be on top of this faster than you can blink an eye > if it were a current issue. They have not, from what I've seen, > reacted to the revelations. > Interesting read on the openssl-announce list: http://www.mail-archive.com/openssl-announce@openssl.org/msg00127.html Turns out the openssl implementation of Dual_EC_DRBG was broken anyway... - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Need yumex in centos 6.4 -
On 01/27/2014 07:09 PM, Bob Goodwin - Zuni, Virginia, USA wrote: > > On 27/01/14 12:55, Darr247 wrote: >> The secret is giving the list more detail, not just saying "can't get it >> to install xyz"...:) >> >> e.g. what is the output you get from >> # yum install yumex > Well, now it is finally trying to work. I had been trying earlier > without success? > > However it produces a screen full of "trying other mirror." > Do you have a working internet/network connection in VirtualBox? - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Enlightenment and CentOS 6.5
On 05/27/2014 04:20 PM, Jeff Layton wrote: > Good morning, > > I've been looking around for binaries for Enlightenment (>= 0.17) for > CentOS 6.5. I've found something called "elementary" from OpenSUSE but > I'm not sure what Elementary really is :) Any suggestions? > > Thanks! > > Jeff > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos > Jeff, haven't tried it myself, but there is an E17 repo available here: http://download.opensuse.org/repositories/X11:/Enlightenment:/E17:/Factory/CentOS_CentOS-6/X11:Enlightenment:E17:Factory.repo Installing Enlightenment should be trivial after adding the repository to your system. - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Miredo for Centos
2014-07-01 15:47 GMT+02:00 Robert Moskowitz : > Is the Miredo server available for Centos? > > A quick check of 'yum install miredo*" came up empty. > > I have miredo for Fedora 20, but I want the server to be Centos... > > thank you. > rpmforge/repoforge has miredo packages available: http://pkgs.org/centos-6/repoforge-x86_64/miredo-1.2.5-1.el6.rf.x86_64.rpm.html - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] corruption of in-memory data detected (xfs)
On Jul 1, 2014 11:02 PM, "Frank Cox" wrote: > > On Tue, 01 Jul 2014 13:09:04 -0700 > Alexandru Cardaniuc wrote: > > > What's the proper way to open a bug for this against CentOS 5 / RHEL 5? > > If you try it with the latest kernel and it works, then I don't think there is any bug to file. Have you seen this: http://marc.info/?l=linux-kernel&m=116476406605998&w=2 It might not even be a bug but a hardware issue... - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS-7 on x86_64
2014-07-07 21:42 GMT+02:00 Darr247 : > On 07 July 2014 @19:26 zulu, m.roth at 5-cent.us wrote: > > Always Learning wrote: > >> Thanking everyone most sincerely for giving us C 7.0. > >> > > I missed that notice over the weekend. 1++ > > Well, not only did I miss it over the weekend, but so did everyone else. > > /i.e./ A copy of the starter message with this post's Subject is not > stored at > http://lists.centos.org/pipermail/centos/2014-July/thread.html > either. > > Someone's pulling our legs, methinks. > It's on centos-announce and seven.centos.org http://lists.centos.org/pipermail/centos-announce/2014-July/020393.html - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [CentOS-announce] Release for CentOS-7 on x86_64
2014-07-07 22:19 GMT+02:00 Max Pyziur : > On Mon, 7 Jul 2014, Always Learning wrote: > > > > > Thanking everyone most sincerely for giving us C 7.0. > > > > > > London, West (near LHR) Dojo ? > > > > > >From what release of Fedora is CentOS7 derived. > > As I understand, > C5 == FC6, > C6 == FC14, > C7 == FC? > Fedora 19 - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] latest freeIPA on CentOS
2014-07-14 17:57 GMT+02:00 Rainer Duffner : > CentOS7 has 3.3 > > I don't know if RedHat will backport it to 6.x like they did previously. > > I think we will start with what is in CentOS 7.0 and see how far we get. > We will even buy RHEL-lics for it. > > I certainly don't want to run Fedora in production - and I don't want > to do the backport for such a complicated piece of software myself. > RH will *not* do a backport of 3.3 to RHEL 6.x. Alexander Bokovoy (from Red Hat) on the freeipa-users list (feb. 17): "RHEL 6.x lacks many of the dependencies required for IPA 3.3. Newer MIT Kerberos (with API and ABI change for KDC database driver and many other changes required for trusts and two-factor authentication), newer Dogtag which relies on several dozens of Java packages and newer tomcat, systemd (we use socket activation and tmpfiles.d a lot), newer SSSD. Kerberos ccache stored in the kernel space (KEYRING ccache type) requires changes at kernel level which are also needed for kerberized NFSv4 for trusts as AD users have large Kerebros tickets when they are members of many groups and so on." - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] latest freeIPA on CentOS
2014-07-14 21:33 GMT+02:00 Les Mikesell : > On Mon, Jul 14, 2014 at 2:02 PM, Jitse Klomp wrote: > > > > >> I certainly don't want to run Fedora in production - and I don't want > >> to do the backport for such a complicated piece of software myself. > >> > > > > RH will *not* do a backport of 3.3 to RHEL 6.x. > > > > Alexander Bokovoy (from Red Hat) on the freeipa-users list (feb. 17): > > "RHEL 6.x lacks many of the dependencies required for IPA 3.3. Newer > > MIT Kerberos (with API and ABI change for KDC database driver and many > > other changes required for trusts and two-factor authentication), newer > > Dogtag which relies on several dozens of Java packages and newer tomcat, > > systemd (we use socket activation and tmpfiles.d a lot), newer SSSD. > > Kerberos ccache stored in the kernel space (KEYRING ccache type) > > requires changes at kernel level which are also needed for kerberized > > NFSv4 for trusts as AD users have large Kerebros tickets when they are > > members of many groups and so on." > > Isn't that the sort of thing that 'software collections' are intended > to provide? It would be encouraging to see something actually built > on top of them. True, but FreeIPA ≥ 3.2 depends on systemd. I don't think it's possible to put that into SCL... - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] EL7, grub-crypt?
2014-08-28 1:15 GMT+02:00 Darod Zyree :
> 2014-08-28 0:51 GMT+02:00 David Goldsmith :
>
> > On Aug 27, 2014, at 6:37 PM, Darod Zyree wrote:
> >
> > > 2014-08-27 16:07 GMT+02:00 Baptiste Agasse <
> > baptiste.aga...@lyra-network.com
> > >> :
> > >
> > >>
> > >>
> > >> - Mail original -
> > >>> Hi,
> > >>>
> > >>> Whats the new way of creating sha512 passwords in EL7?
> > >>
> > >>
> > >>
> >
> https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/System_Administrators_Guide/sec-GRUB_2_Password_Protection.html#sec-Password_Encryption
> > >>
> > >>> In Centos6 I used grub-crypt but that does not exist anymore.
> > >>> ___
> > >>> CentOS mailing list
> > >>> CentOS@centos.org
> > >>> http://lists.centos.org/mailman/listinfo/centos
> > >>>
> > >>
> > >> --
> > >> Baptiste AGASSE
> > >> Lyra Network, Service Systèmes et Réseaux
> > >> 109 Rue de l'innovation, 31670 Labège - France
> > >> Tél: (+33)5.67.22.31.87
> > >> Fax: (+33)5.67.22.31.61
> > >> Mail: baptiste.aga...@lyra-network.com
> > >> Site: http://www.lyra-network.com
> > >> ___
> > >> CentOS mailing list
> > >> CentOS@centos.org
> > >> http://lists.centos.org/mailman/listinfo/centos
> > >>
> > >
> > > But this is for creating passwords for grub2, no?
> > >
> > > I was asking (altough might not have been clear enough) on how to get
> the
> > > encrypted values for the shadow file entries.
> > > grub-crypt used to be able to do that, returning with the encrypted
> value
> > > of a given passphrase starting with $6$
> > > ___
> > > CentOS mailing list
> > > CentOS@centos.org
> > > http://lists.centos.org/mailman/listinfo/centos
> >
> >
> > Its the default hash used on EL7 by the “passwd” command.
> >
> > [root@centos7 etc]# grep dgoldsmith /etc/shadow
> > dgoldsmith:$6$IoGARIF2$44lyu/9VjFmGsOW (line truncated)
> >
> > [root@centos7 etc]# tail -3 /etc/login.defs
> > # Use SHA512 to encrypt password.
> > ENCRYPT_METHOD SHA512
> >
> > --
> > David Goldsmith
> >
> >
> > ___
> > CentOS mailing list
> > CentOS@centos.org
> > http://lists.centos.org/mailman/listinfo/centos
> >
> >
> Right, sha512 was default for rhel6 too.
>
>
> Am I failing to understand something?
>
> So, lets say I create a new user account, and it was that password (going
> against all common password policies) to be "tree"
> without using passwd how do i get the sha512 encrypted value of that
> password "tree"
>
This thread on Server Fault[1] suggests the following one-liner:
python -c 'import crypt; print crypt.crypt("tree", "$6$random_salt")'
- Jitse
[1]
http://serverfault.com/questions/330069/how-to-create-an-sha-512-hashed-password-for-shadow
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 remove items on screen
2014-10-06 23:03 GMT+02:00 Frank Cox : > On Mon, 6 Oct 2014 16:53:13 -0400 > Jerry Geis wrote: > > > How can I remove the four items on screen? > > Applications, > > Places > > home > > trash > > Mate allows me to remove those things using dconf-editor. I have check > boxes for computer-icon-visible, home-icon-visible, network-icon-visible, > trash-icon visible and volumes-visible under org-mate-caja-desktop. > > The same set of checkboxes are also available under gnome-nautilus-desktop. Check out gnome-tweak-tool . It allows you to change a lot of 'hidden' options in GNOME. - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 7 Manual Install
> > 2014-11-06 22:15 GMT+01:00 Parvez Halim : > I am following the instructions from the CentOS website to manually install > CentOS 7 (http://wiki.centos.org/HowTos/ManualInstall) but the guide seems > to have some quality issues. I've partitioned the storage fine and now onto > setting up RPM. Unfortunately I am at a loss on how to do this. I am doing > this on VMware Workstation 10 and the host OS is Ubuntu 14.04. > The gist of 'setting up' rpm is mounting a CentOS (dvd)image under /source and cd'ing to /source/Packages. Mind you, the instructions on that wiki are intended for CentOS 5. You would have to improvise quite a lot to get them to work for C7... - Jitse ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
