Re: [CentOS] Re: are RPMForge and EPEL compatible?
On Friday 07 December 2007, Karanbir Singh wrote: > I'd be happy to host the rest of this conversation in > [EMAIL PROTECTED] - which might actually have more people > watching who play a role in these situations ? There is one point that belongs in the user CentOS list (and not on centos-devel) that is relevant to this discussion. And, Johnny, I know it isn't a CentOS issue; it is a CentOS user's issue, however, and this is the only post on this subject I plan to make. If a CentOS user wants KDE-Redhat on CentOS, then that user will be using EPEL (KDE-Redhat now requires it). The incompatibility between EPEL and, say, DAG, means you no longer can mix KDE-Redhat and DAG (which I have done on a few C4 boxes a while back). At some point, due to the EPEL requirement, yum update will quit working. If you happen to have used a DAG package that is incompatible at a low level with EPEL's package of the same program, you have work to do. Noting repository incompatibilities is a user issue; arguing/debating the merits of the repos and trying to collaborate is, as you have correctly noted, a developer issue. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Scalix Doesn't recommend Centos... Use Zimbra instead ; -)
On Thursday 17 January 2008, [EMAIL PROTECTED] wrote: > Notice the '*' next to centos 4 and 5 and then the footnote ? Obviously > they are sadly mistaken, 'cause as we all know they are almost identical to > the Redhat EL 4 and 5 and therefore have almost identical frequency of > updates. They already know; read the forum thread http://www.scalix.com/forums/viewtopic.php?t=9394&postdays=0&postorder=asc&highlight=centos&start=15 In particular, on page 2 of that thread, the Scalix guy Florian says this: "We've started community/evaluation support for CentOS4/5 for 11.3, so that those Fedora users don't have to complain about having to upgrade their operating system with every Scalix upgrade. We'll fully support this for commercial use in the next version. " In other words, as of Scalix 11.4, the next version, CentOS 4 and 5 will be fully supported in production, and 11.3 is supported for eval/community now (no more tweak needed to get it to install). For 'supported' in this context, this means that Scalix will provide real commercial support if you use CentOS 4 or 5; you have, with a little tweak, been able to use Scalix on CentOS 4 and 5 for a long time; I've been using Scalix on CentOS 4 for quite a while now. It's just not 'officially supported' for production by scalix. -- Lamar Owen www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] KStars on CentOS 4.4?
On Thursday 26 July 2007, Lanny Marcus wrote: > Is there an RPM for this? I think it's in the kdeedu package on the FC6 > DVD. My wife is an amateur astronomer and she uses this excellent > program. If upstream isn't including it, can I get it and not break my > CentOS 4.4 system? (Also, I'd like to migrate her and my daughter to > CentOS). TIA, Lanny Use the KDE-Redhat repository; see kde-redhat.sourceforge.net. Note that KDE-Redhat does a forklift upgrade of KDE and will change a large number of packages; this may or may not be desireable for you. I have used and currently use KDE-RedHat with several CentOS 4 installs, to get KStars for us to do telescope control. The KDE in CentOS 4 is quite old, and kstars has improved by leaps and bounds since then. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] HotPlug, eSATA, and /media
Ok, got a quickie. I have an eSATA drive, a 750GB Seagate in an eSATA external enclosure, and a Silicon Image sil3132 ExpressCard controller for my laptop. The disk and controller work great in CentOS 5 (or F7, for that matter), if I specifically mount it. This is not how I want to have to use this drive, however. I want to hotplug it; that is, plug the controller into the laptop, and then plug the drive into the controller, and have it come up just like a USB drive would. It does not currently do that. Anyone here know how to make an eSATA (or a hotplug SATA mobile slide, for that matter) show up in /media, and have all the nice hotplug capabilities USB drives have? That is, KDE brings up the dialog asking what to do with the drive, it can be automounted, etc. Then when going to hot-unplug, I'd use the 'safely remove' context menu entry (just like a USB drive) and it would unmount the drive and unload anything it might need to unload. Anybody have this working? If not, i'm going to figure it out, but didn't want to reinvent the wheel. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] HotPlug, eSATA, and /media
On Friday 03 August 2007, Feizhou wrote: > Lamar Owen wrote: > > I have an eSATA drive, a 750GB Seagate in an eSATA external enclosure, > > and a Silicon Image sil3132 ExpressCard controller for my laptop. The > > disk and controller work great in CentOS 5 (or F7, for that matter), if I > > specifically mount it. > > This is not how I want to have to use this drive, however. > Er...it is not treated like USB disks or CDs or DVDs but as a regular > hard disk. I still remember when USB disks were treated as 'regular' disks, too. Not long ago, in fact. Hotplug should just be hotplug, regardless of interface technology. SATA, and specifically eSATA, is designed for hotplug; the drive handles it, the controller handles it, and in ExpressCard, the bus handles it. When '/dev/sdb1' shows up, with a LABEL=eSATA750GS, then it should (in the ideal) show up in /media/eSATA750GS, whether it's USB, IEEE1394, or eSATA connected. And the system handles the event, it just doesn't do anything with it at present. The sata_sil24 driver supports phy hotplug; should be just some udev rules magic; after all, the USB hotplug does essentially the same thing, and on the SCSI layer just like SATA. And if you've played with eSATA for long, you'll see the use for this in a hurry. eSATA gives you the fastest and best external drive connection currently available; my drive, enclosure, and controller all run at 3Gb/s, and I can get...hmm, hdparm -t gives me between 65 and 90 MB/s read speed consistently, to an external drive. > I guess you will need some scripting... Given that USB disks come in as SCSI, I don't see why a libata disk (which also comes in as SCSI) would need anything beyond what already works for USB. Just wondering if I need to come up with the magic myself, or if someone else has already done this. Of course, I reserve the right to be wrong, but I don't think I'm too far off the mark. I'm looking at the udev rules stuff now, but if anyone has any pointers to specific docs, it would be great to hear it! Following is /var/log/messages for a hot unplug (pulling the eSATA data cable from the controller) followed by a hotplug (plugging it back in a few seconds later), for those who might be interested: ++ HOTUNPLUG Aug 3 20:13:47 localhost kernel: ata3: exception Emask 0x10 SAct 0x0 SErr 0x8 action 0x2 frozen Aug 3 20:13:47 localhost kernel: ata3: (irq_stat 0x01100010, PHY RDY changed) Aug 3 20:13:47 localhost kernel: ata3: soft resetting port Aug 3 20:13:47 localhost kernel: ata3: SATA link down (SStatus 0 SControl 300) Aug 3 20:13:47 localhost kernel: ata3: failed to recover some devices, retrying in 5 secs Aug 3 20:13:52 localhost kernel: ata3: hard resetting port Aug 3 20:13:54 localhost kernel: ata3: SATA link down (SStatus 0 SControl 300) Aug 3 20:13:54 localhost kernel: ata3.00: limiting speed to UDMA/100:PIO3 Aug 3 20:13:54 localhost kernel: ata3: failed to recover some devices, retrying in 5 secs Aug 3 20:13:59 localhost kernel: ata3: hard resetting port Aug 3 20:14:01 localhost kernel: ata3: SATA link down (SStatus 0 SControl 300) Aug 3 20:14:01 localhost kernel: ata3.00: disabled Aug 3 20:14:02 localhost kernel: ata3: EH complete Aug 3 20:14:02 localhost kernel: ata3.00: detaching (SCSI 2:0:0:0) Aug 3 20:14:02 localhost kernel: sd 2:0:0:0: [sdb] Synchronizing SCSI cache Aug 3 20:14:02 localhost kernel: sd 2:0:0:0: [sdb] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK, SUGGEST_OK Aug 3 20:14:02 localhost kernel: sd 2:0:0:0: [sdb] Stopping disk Aug 3 20:14:02 localhost kernel: sd 2:0:0:0: [sdb] START_STOP FAILED Aug 3 20:14:02 localhost kernel: sd 2:0:0:0: [sdb] Result: hostbyte=DID_BAD_TARGET driverbyte=DRIVER_OK, SUGGEST_OK HOTPLUG Aug 3 20:14:18 localhost kernel: ata3: exception Emask 0x10 SAct 0x0 SErr 0x0 action 0x2 frozen Aug 3 20:14:18 localhost kernel: ata3: (irq_stat 0x00800080, device exchanged) Aug 3 20:14:19 localhost kernel: ata3: soft resetting port Aug 3 20:14:19 localhost kernel: ata3: SATA link up 3.0 Gbps (SStatus 123 SControl 300) Aug 3 20:14:19 localhost kernel: ata3.00: ATA-7: ST3750640AS, 3.AAE, max UDMA/133 Aug 3 20:14:19 localhost kernel: ata3.00: 1465149168 sectors, multi 0: LBA48 NCQ (depth 31/32) Aug 3 20:14:19 localhost kernel: ata3.00: configured for UDMA/100 Aug 3 20:14:19 localhost kernel: ata3: EH complete Aug 3 20:14:19 localhost kernel: scsi 2:0:0:0: Direct-Access ATA ST3750640AS 3.AA PQ: 0 AN Aug 3 20:14:19 localhost kernel: sd 2:0:0:0: [sdb] 1465149168 512-byte hardware sectors (750156 MB) Aug 3 20:14:19 localhost kernel: sd 2:0:0:0: [sdb] Write Protect is off Aug 3 20:14:19 localhost kernel: sd 2:0:0:0: [sdb] Write cache: enabled, read cache: enabled, doesn't su pport DPO or FUA Aug 3 20:14:19 localhost kernel: sd
RE: [CentOS] How do I Get Notified of REPO Updates?
From: [EMAIL PROTECTED] on behalf of John Thomas >Anyone have a script to check a repo for updates and list the new files? yum check-update If you don't have the repo configured in yum, you can write a repo config, put it in /etc/yum.repos.d, and set enabled to 0. Then use --enablerepo on it, and it will list the updates that you need (not all available updates, though). If you need something that lists all new updates, whether you need them or not, you have more work to do. But the python code of yum would be a good place to start. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 828-862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hot swap SATA?
On Tuesday 21 August 2007, Feizhou wrote: > Les Mikesell wrote: > > Jim Perrin wrote: > >>> Should it be possible to hot-swap SATA drives with Centos5? > >> Depends on the SATA controller, but yes. If the controller allows, you > >> can hotswap sata drives. > > How are the names supposed to work when one may be missing at bootup and > > added later? > I thought the system would just assign the next available /dev/sdx? > Then there was the post about wanting to be able to pull a SATA/eSATA > disk in and have the system automatically mount whatever filesystem is > on the disk... That was mine. Still working on it. As to the hardware support, the definitive answer is found at www.linux-ata.org As to device naming, use LABEL= to fix that. SCSI device naming on Linux stinks. I'm dinking around with a Ubuntu install right now that is giving me fits because of linux PCI/SCSI weirdness. The boot drive (as set in the BIOS) is probed by the kernel as /dev/sdc. Fun. The setup has two 80GB drives in MD RAID1 (200MB /boot on /dev/md0, and 77GB / on /dev/md1, both on the same drives) and four 250GB drives in 3-disk RAID5 with a hotspare. The drives are spread on three two port controllers (no, I don't have a four or six port controller handy, not an option in this case). Still working grub to get the thing to boot LABEL= does actually have its uses; I migrated a filesystem on a CentOS 4 VM running on one of our two VMware ESX beasts (2x Dell 6950, 4x dual core Opterons, 32GB RAM each, dual 4Gb/s fibre-channel to 2x EMC CLARiiON CX3-10c's with 20TB each) from the internal 3x300GB RAID to a 1.95TB LUN on the CX3. By using LABEL=, I was able to blow the drive away in VI Client on the VM, and boot right up without device ordering problems. But I have also been bitten by the 'LABELs are the same on cloned disks' fun and games What I'm currently doing with the eSATA deal is having an entry in fstab, set to noauto, and using LABEL=, and an icon in KDE to mount it on the desktop. it is not seamless; unmounting is much more of a chore, as KDE has fun with the icon, doesn't enable the context menu 'safely remove' (aka, unmount) option, etc. But it's better than nothing. Just haven't had time to see how to enable SCSI removable support (dig through the udev and hotplug stuff sometime and you'll see what I mean) in libata as yet. With SCSI removable support (which usbstorage implements, which is why it works) the system Just Works properly. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Hot swap SATA?
From: Alfred von Campe >> As to device naming, use LABEL= to fix that. SCSI device naming on >> Linux >> stinks. >Quick question regarding the naming issue (and sorry for hijacking >this thread). My CentOS 4.5 desktop system has two SATA drives: the >boot drive is /dev/hda1 and the second drive is /dev/sda1. /dev/hda is being controlled by a controller that mimics an IDE drive and is being accessed through the kernel's ide layer. /dev/sda is being controlled by a libata-supported controller and is being accessed through the kernel's scsi stack with libata. All IDE and ATA drives under later kernels will be libata supported, and will show up as /dev/sdx drives. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 828-862-5554 www.pari.edu Alfred ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] SATA vs. SAS
From: Peter Arremann >On Wednesday 22 August 2007, Bowie Bailey wrote: > Peter Arremann wrote: >> > On the other hand, data reliability is another issue. >> Why do you say that SATA arrays are less reliable? >Not all drive support cache flushes and handle them correctly - even with NCQ. >Same for some older controllers also have some issues too. >Doesn't show up as a hardware error but as filesystem inconsistency after a >crash. >As I wrote, we haven't had issues yet either. But sun, sgi, ibm and others are >fairly conservative - sun says they still only ships 500GB disks in their >x4500 for that reason. EMC and IBM are shipping Seagate Barracuda ES 750GB drives now. Just bought and installed two CLARiiON CX3-10c's with two DAE3's each, full of 750GB SATA II drives (the interesting thing is that the DAE is still 4Gb/s FC; the SATA carriers have an emulex bridge board translating the FC-AL to SATA II on the carrier; the DAE's are FC all the way). The IBM DS4200 is available with SATA II. I chose EMC due to software features and VMware support 'stuff' even though it was quite a bit more $$ per TB. We have two 20TB systems at this point. Performance is excellent, at least according to bonnie++. I expected random access to suffer due to the 7200 RPM drives (versus what 15K drives would have been), and it did. Block writes from a CentOS 4 VM through ESX's multipathing through two Qlogic 4Gb/s PCIe 4x FC controllers was 125MB/s or so, RAID5 5 drive RAID groups and 1.95TB LUNs. EMC and IBM both made it clear that they consider SATA second tier well below FC; but FC is, of course, much more expensive. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 828-862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
RE: [CentOS] Who does snapshots other than Network Appliance?
From: [EMAIL PROTECTED] on behalf of Scott Ehrlich >Having snapshot technology is great. Who else supports it? EMC supports several levels of snaps with their SnapView layered product. See their product page at http://www.emc.com/products/software/snapview2.jsp We didn't buy it, but that's because we are only doing VMware ESX direct attached hosts, with a single host per CLARiiON, and I'm using VMware's snapshots for those instances where I need snaps. Not getting SnapView meant I could get more terabytes. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 828-862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hot swap SATA?
On Wednesday 22 August 2007, Alfred von Campe wrote: > As far as I know, all drives (2 hard disks and 2 optical drives) are > on the same controller. Well, all 4 are plugged in to the > motherboard of a Lenovo ThinkCentre M55 PC. There is no separate > controller, unless there is more than one on the motherboard itself. Many motherboards that have more than two SATA connectors put two on the SouthBridge's IDE-type controller, and the others on 'something else'. Usually, the 'something else' shows as a SCSI controller in Linux. How many SATA connectors are there? I have seen a few motherboards use the Intel ICH ports as the first two, then put either a Promise or SiliconImage controller on the board to handle the other two or four ports (typically labeled as being 'RAID' ports). The ICH will show as /dev/hdx, and the SiI or Promise will show as /dev/sdx. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Hot swap SATA?
On Thursday 23 August 2007, Alfred von Campe wrote: > The User guide says they are 5 connectors, but I can only see 4. > Three of them are very close to each other, and the fourth one is a > little further away. Wouldn't you know it, my boot drive is > connected to the one that is by itself. Maybe if it had been > connected to one of the other three, it would have been /dev/sda (or / > dev/sdb). Ok, run a 'lspci' and see if it lists two controllers. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Samba and Scalix
On Friday 24 August 2007, Wei Yu wrote: > I think Scalix community edition does not support shared folders. Yes, it does, up to 25 users. Using it here. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] external sata cages that use port multipliers
On Friday 24 August 2007, Feizhou wrote: > Has anyone got such a setup working with Centos? While I haven't invested in one of these boxes yet, it looks like the stock libata doesn't support them. There is, according to linux-ata.org, a patch available. Probably have to search lkml to find it. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package Tracking System
On Tuesday 28 August 2007, Server Gremlin wrote: > I'm used to Debian where I can view a changelog for each *Debian* > specific package. Is there > anything like that in CentOS? rpm -qi --changelog -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Package Tracking System
On Tuesday 28 August 2007, Server Gremlin wrote: > Thanks guys, that is pretty much what I want. But what if I want to see > the changelog for a package that I don't have installed? rpm -qip --changelog This even works with mirror URLS (this is a single line below): rpm -qp --changelog http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-9.2.4-27.0.1.el4.i386.rpm Produces: warning: http://isoredirect.centos.org/centos/4/updates/i386/RPMS/bind-9.2.4-27.0.1.el4.i386.rpm: Header V3 DSA signature: NOKEY, key ID 443e1821 * Thu Jul 19 2007 Adam Tkac 20:9.2.4-27.0.1.el4 - fixed cryptographically weak query id generator (CVE-2007-2926) * Wed Jan 31 2007 Martin Stransky <[EMAIL PROTECTED]> - 20:9.2.4-24.EL4 - fixed a multilib regression .. etc. The yum changelog plugin will work far more smoothly; but if you know the URL to the package, rpm -qp --changelog will work just fine. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: KDE-Repos
On Sunday 09 September 2007, Timothy Kesten wrote: > http://kde-redhat.sourceforge.net/ > There are mentioned yum Repos for REHL. This repository works fine. But, be aware that it replaces large portions of your system, including system libraries. It doesn't touch the kernel, which is one reason I use it on several desktops. It gives you a much updated userland with the stable kernel base. But, if you across a bug in one of the libraries KDE-Rehat replaces, you will hten need to take it up with the KDE-Redhat maintainer and not file it as a bug report in CentOS. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 5 on IA64
On Tuesday 11 September 2007, Karanbir Singh wrote: > Les Bell wrote: > > Any word on s390 and s390x? I don't need it myself, but I've been talking > > to a number of mainframe users recently and they expressed interest. > > Provide access to the hardware, and if someone is interested we can look at > it. > > If hardware access is not a possibility, then machines fast enough to run > the emulators might be an option too. What is the minimum for actual hardware? I have a small s390 here that I've been looking for a reason to power up. What sort of access is needed? -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: centos] CentOS 5 on IA64
On Tuesday 11 September 2007, R P Herrold wrote: > On Tue, 11 Sep 2007, Lamar Owen wrote: > > What is the minimum for actual hardware? I have a small > > s390 here that I've been looking for a reason to power up. > > What sort of access is needed? > > Goodness ... the Stuff you have in your closet at PARI. :-)/ ~ I didn't mention the SUN E5500 and E6500 or the Dec AlphaServer 2100 with quad 275MHz 21164'sor some of the other arcane hardware lying around that's been donated to us (like 1992-vintage Proteon 68020-base Multibus routers; Cisco's only competition to the AGS line back then). > Best as I had roughed out plans for a builder some months ago, > would be access to a console with root access, and a rebooter, > and a side unit (a generic PC box with plenty of HD space, > with a 'crossover cable' network to the s390, and a seperate > interface pointing 'upstream' to reach the outside build > master endpoint), with sufficient space to push images onto > and to pull from Whew. As typical, you have thoroughly thought through things. Let me see if the beast will power up and whether the OS/2 console processor comes up before we make too many plans, though. And, as I mentioned, it is a SMALL s390; but it is the genuine article, Model 3006. As I said, a little box. Its usability will depend entirely upon whether the disks are wiped or not, I would think; but it does still have the disks, at least. A few 18.2GB units, IIRC. If someone would like to donate a midsized 208VAC-capable (single-phase OK, but has to be 208 and not 240, or at least jumperable) UPS to the effort, about a 3000VA unit or so, that would help matters considerably! All my good UPS's are 120VAC at this point (my one good 208VAC unit threw a battery a few weeks ago; 8 12-270 UPS batteries will blow my equipment budget right now, so it is off line and the Cisco 12012 router it served is degraded to standby status on the OC3); while we have a 500KW generator out back, the start delay would be enough to down the box. Or a 48VDC input 3000VA inverter (a pair of 1500's probably would work) with either a 208 or a 240 output; I have plenty of -48VDC power. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS on s390; was: CentOS 5 on IA64
On Friday 14 September 2007, R P Herrold wrote: > On Fri, 14 Sep 2007, Lamar Owen wrote: > > If someone would like to donate a midsized 208VAC-capable > > (single-phase OK, but has to be 208 and not 240, or at least > > jumperable) UPS to the effort, about a 3000VA unit or so, > > that would help matters considerably! > > As it turns out, I _may_ actually have two idle units, which I > think can be so configured, with SNMP card, about which > Liebert kindly donated to the local LUG ( http://www.colug.net/ ), > before Liebert were bought by Emerson Electric (I think -- I > fergit; /me looks at Google -- yup) ... probably need new > batteries, but ... Yeah, I'd just need to know what kind of batteries. If the things ran on 48VDC I know how to make that work with my telecom 48VDC setup, assuming they don't mind the positive ground. If 60VDC I can take the necessary 5 12V 12-270's out of the Controlled Power beast easily enough. > h --- Google Maps says PARI is south and east of the > Smokey Mt Natl Park, on the NC side by what looks like 50 > miles of winding mountain road off I-40 -- probably to cut > down on ambient nearby radio noise, it is kinda out in the > middle of nowhere. Yes, it is. See www.pari.edu for better shots than what you'll find on Google Earth; the GoogleEarth detail is cut back badly. Terraserver has good visuals, though. > Wonder what the freight will be on the chassis' -- I'll go to > the locker, get model numbers, pull the batteries for a part > number, and look into the price of a delivered replacement > set. Freight on the 120V APC SmartUPS 3000RM5U's that I have was a little over $100 each, Old Dominion, batteries included. I got them on eBay for $225 each; got a grant that covered new battery packs, and have five good working units (out of six purchased). Wish I had the twin 225KVA units the site's previous occupants took with them...or the 600V 1320Ah battery bank to bring the 500KVA Piller back upat least they left the three 125KVA Leibert PDU's. I'm going to make the attempt to power the 3006 up tomorrow (I have maintenance windows on Saturdays); we'll see what comes of things then. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[OT] Re: [CentOS] Re: centos] CentOS 5 on IA64
[Veering off-topic; mods, I'll not continue this branch of the thread much longer] On Friday 14 September 2007, John R Pierce wrote: > I've gotten away with running some 208V equipment on a 120V UPS using a > step-up transformer which had a 208V tap (and 220V, 240V). Of course, > 3000VA is going to require a 120V 30A outlet to power said transformer > (and a UPS with 30A output probably needs a 50A circuit to feed it). Input power not a problem; we have a 125KVA Leibert PDU for the server room (about 4,000 square feet raised floor with 30 tons of A/C (Leibert System 3 15 ton x2)). There are a few L21-30R's, L5-30R's, and L6-30R's under the floor. > (googles, oh. 12V 75AH > monsters, online looks like $125 each). > > I'd put said batteries in a > series of battery boxes, and install the whole mess some place like the > basement, with ventilation to prevent accumulation of hydrogen fumes. You've just described the way our 48VDC system is connected, with the exception of the type of battery...we have a bank of 24 C&D KCT-450's for 48VDC, with two Lorain RHM200D50's floating them (cells and rectifiers were donated to us). The cells are in an old munitions building that was on-site (please don't ask; look up our history on www.pari.edu:-)) that we moved from the pistol range to the back of the main building, and ran four 2/0 'jumpers' to. But if someone wanted to support an educational institution and wanted to lease floor space and/or bandwidth (we currently have 100Mb/s to the Internet, and an OC3 to our co-lo in Asheville (also our ISP's PoP; see www.ercbroadband.org) (which is part of the reason my equipment budget is so lean!)), we would love to talk. Perhaps even for CentOS mirroring and/or building. Peter Arremann visited us a while back (by the way, Peter: good article in LJ, and thanks again for the UltraSPARC goodies!); he could fill you in on how it was when he visited. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Re: centos] CentOS 5 on IA64
[Administrivia: should this be on CentOS-devel instead of the regular CentOS list? If so, please redirect.] On Friday 14 September 2007, Lamar Owen wrote: > Whew. As typical, you have thoroughly thought through things. Let me see > if the beast will power up and whether the OS/2 console processor comes up > before we make too many plans, though. And, as I mentioned, it is a SMALL > s390; but it is the genuine article, Model 3006. As I said, a little box. > Its usability will depend entirely upon whether the disks are wiped or not, > I would think; but it does still have the disks, at least. A few 18.2GB > units, IIRC. Ok, my curiosity got the best of me, and so I ran a couple of 208 power cords over to the 3006, hooked up a PS/2 keyboard, mouse, and monitor, and booted the rig. OS/2 comes up just fine, and the P390 tools are all there. Hmm, I get an SSA event; ah, one of the three 18.2GB drives is bad, apparently, and the SSA RAID5 is running in degraded mode. Anybody got an IBM 21L3335 18.2GB SSA hard disk assembly, or know anything about such a beast? If my Torx drivers were here I'd pop the top on the drive shell and see what kind of drive it really is, and see if I have something compatible lying around. The P390 IPL's OK, but my ignorance of the Integrated Server environment is showing, as I'm pretty clueless about getting a console. Oh, and the config is password-protected; have to figure out how to get around that. The PSW windows runs, increments, and I see pretty color bars; for whatever that's worth. In any case, I shut down the P390 with the provided tool, and shut down OS/2. The beast boots; but it will need a drive (it has several empty bays that could take SSA drives, too, if someone had some that wanted to part with them). There are what appears to be two ESCON cards; one has a large DB connector; 50 pins or more, and the other has a duplex fiber connector; looks like FDDI. -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Choosing VPN Server
On Thursday 20 September 2007, Ken Price wrote: > OpenVPN doesn't support IPSec at all. It's an SSL implementation. > You'll want to look at Openswan (http://www.openswan.org/) for IPSec. > PS. The "www" is very important when going to the openswan site. > Their webserver is configured funky. > > For Microsoft compatibility, Poptop and Openswan are your best bets. > Neither are a piece of cake to setup, but I personally find Openswan > easier ... but then I've been using it in a production environment for > 5 or 6 years (was Freeswan). You'll want an L2TP setup, though, for best security, performance, and best compatibility. There are commercial Linux firewall boxes that do this easily; SmoothWall is one. Barring that, install l2tpd (for CentOS 4 it's on Karanbir's CentOS repo; for CentOS 5 I'm not sure, as I don't have extra repos enabled on any of my CentOS 5 boxes). Windows L2TP VPN's are the most secure, being PPP over L2TP over IPsec, without the holes that have plagued PPTP (PPP over L2TP does essentiall the same thing PPTP does, but in a more secure and standard manner). -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to export X displays
On Wednesday 10 October 2007, [EMAIL PROTECTED] wrote: > I think you probably went from Linux to Windows, not from Windows to Linux. > There is an RDP *client* for Linux that works quite well with Windows > Remote Desktop, but RDP/Terminal Services is completely a Microsoft thing. No, there is xrdp which allows a Linux box to serve RDP sessions. See http://xrdp.sourceforge.net/ -- Lamar Owen Chief Information Officer Pisgah Astronomical Research Institute 1 PARI Drive Rosman, NC 28772 (828)862-5554 www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] hardware problem with 5.6
On Friday, January 14, 2011 12:58:47 pm m.r...@5-cent.us wrote: > Dumb question: have you contacted Dell? They *do* support Linux, and RHEL > (at least on their servers). See if they have a driver, or can point you > to one. They also support Ubuntu on certain machines, and RHEL on some if not most Precision Workstations (they have supported RHEL and before that RHL on Precision Workstations for a long time). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Intel DH67BL + CentOS 5.5 IRQ #177 nobody cared
On Wednesday, January 19, 2011 12:35:18 pm Drew Weaver wrote: > The kernel boots fine, and everything works ok until you unplug the monitor > from the DVI port on the motherboard. > > When you unplug the monitor, that IRQ/ACPI message is displayed, and it > screws up the USB and the e1000 card in the system. > > These machines aren't always headless, sometimes we need to plug monitors > into them. Can you disable the video card's use of an IRQ? I've seen that before, where the video card had an IRQ whether the driver needed it or not. If you use a DVI to VGA/analog adapter and unplug an analog monitor, does it still happen? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Troubles for an non-IT beginner
On Wednesday, January 19, 2011 12:55:19 pm Les Mikesell wrote: > And remember that firefox/openoffice are rare exceptions in RHEL/Centos > in that they have had major-version updates since the distro release, > even though they still are far behind 'current' now. How is Firefox 3.6.13 not current (that's what's on my CentOS 5 boxen, straight from the updates)? OOo isn't too terribly old, at 3.1.1 instead of the 3.3 on my F14 box. Yes, these are pretty rare exceptions, but even the other packages will get backports of security fixes where that is possible. FF and OOo are two of the most visible cases where it just wasn't possible. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Wednesday, January 19, 2011 04:26:57 pm Robert Heller wrote: > At Wed, 19 Jan 2011 22:00:21 +0100 CentOS mailing list > wrote: > > On Wed, Jan 19, 2011 at 9:09 PM, John R Pierce wrote: > > > the LiveCD will not install the operating system. It is purely for > > > demo or diagnostic purposes. > > But there comes an option "Install to Hard-disk" after we see the Live > > CD desktop! > I'm guessing this is much the same as the netinstall CD. Or else it > will promptly ask you for installer CD #1 or the installer DVD. Please see https://projects.centos.org/trac/livecd/wiki/InstallToHardDrive Yes, it looks like it works; no, it's not officially supported, and reading the page implies you have to build it yourself. This looks to me like the Fedora LiveCD install method; basically, it copies the LiveCD to the HD and sets things up as if it were installed via kickstart and with the regular installer. I do remember doing a couple of Fedora installs this way; they are fast, that's for sure. There is also a 'Network install' option (see http://wiki.centos.org/Manuals/ReleaseNotes/CentOSLiveCD5.5 ) on the 5.5 LiveCD that works the same as the netinstall ISO. Perhaps that's the Install icon that's being seen here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Wednesday, January 19, 2011 05:09:25 pm m.r...@5-cent.us wrote: > Yeah - I hate the Fedora way. Why not *ask* where you want to install the > liveCD? Why force it into /boot, when until now, *everyone* has kept boot > at about 100M or so? The last one I did from LiveCD was prior to the need for a larger than 100M /boot, and it didn't need to install there. Haven't tried one since then; I guess that was F11. F12 and F13 I did from DVD, and I did the preupgrade thing from F13 to F14 (with the recommended yum distro-sync). I don't currently have a /boot on this laptop, but it has other interesting and difficult oddities associated with it, that are beyond the scope of the CentOS list ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 03:54:45 am Rudi Ahlers wrote: > Yup, and it totally defeats the purpose of what the OP actually wanted > todo. Imagine your account being busy with your year-end books, and > has to run to the toilet (she is a bit sick) now you come and press > CTRL+ALT+Bksp and loose everything she's done. And, if she had a lot > of invoices and statements already processed then she may need to redo > it. Now, how do you explain to your boss that you just cost him > another day with an expensive accountant because you're too ignorant > to properly address the issue? An IT admin should not be accessing the accountant's PC without the accountant or another financial person present, for control reasons (control in the financial, SCI, and auditing sense). There are significant regulatory compliance issues with your specific example :-) Just because it's company data doesn't mean it's open season for any IT admin to access. This is likely why CTRL-ALT-BACKSPACE is off by default, too. If the PC is another IT admin's PC, that's a different story. But even then there are significant accountability issues, as when workstations are left unlocked anyone can come up and then do something as that user. I understand what the OP wants to do, but honestly I think it's a bad idea to do it. If the setting is changed it should be on a per-user basis, since at that point the user can know about it, and there is a degree of informed consent there. There may be a knob to do it, but I think there could be liability issues for tweaking that knob, which essentially changes all user's preferences without their informed consent. I know that I would not do this in my environment, because I don't want that liability. But it definitely depends upon your specific environment. And, yes, users need to log out, and many places do fairly harsh discipline if a workstation isn't either locked or logged out in the user's absence. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 06:02:38 am Giles Coochey wrote: > Data and Accounts are distinct, and the policies regarding their use > should be distinct too. +1. The third 'A' of triple-A (AAA) is accountability. If you share accounts you defeat accountability. This has nothing to do with data access, or user home directory data access; yes, there should be mechanisms in place for monitoring. But those mechanisms need their own accountability, too. The access should be done only by an account authorized to do so. Without accountability, authentication and authorization don't mean a whole lot. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Wednesday, January 19, 2011 06:38:12 pm Scott Robbins wrote: > Boot has to be huge in Fedora for the preupgrade to have a chance of > working--having given up on it several releases ago, I have no idea if > it's been improved or not. This is obviously straying from the topicality of this list, but yes the mechanism has been improved at least between F13 and F14, as I did do a preupgrade on my development/testing box, which will likely go to CentOS 6 or SL6 some time RSN. These are features we're likely to see at some point in EL, so it's useful to have a handle on the caveats that will arise from their use, that's for sure, and that's the only reason in continue the thread. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 09:36:09 am Ross Walker wrote: > With Amazon's cloud services now I guess they'll have to cut it down to 7 > days, or require finger print or retinal eye scans... Fingerprints are too easily faked. Mythbusters did it in a 'Crime and Mythdemeanors' episode a few years ago. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 12:03:27 pm m.r...@5-cent.us wrote: > Lamar Owen wrote: > > Fingerprints are too easily faked. Mythbusters did it in a 'Crime and > > Mythdemeanors' episode a few years ago. > I can beat that: I read, a month or so ago, how a bunch of elementary > school kids discovered that wet Gummi Bears would hold a fingerprint, > *and* (they didn't understand this) have more or less the same electrical > conductivity Gummi bears are a pretty good simulcrum for ballistics gel, which is what MB used. MB did it differently, though, in that they lifted the fingerprint from an object the subject touched, that was not gel. IIRC, it was a CD case. It's a good episode; see https://secure.wikimedia.org/wikipedia/en/wiki/MythBusters_%282006_season%29#Fingerprint_Lock for a synopsis of that portion. (If you're wondering why the link is to an https site well, I'm running HTTPSAnywhere. :-) ) Two-factor security should be standard, really. Fingerprint plus ID card, or fingerprint plus keycode, etc. One factor being something you uniquely have, and the other being either something you have or something you know. Speaking of, with PAM being standard in CentOS, has anyone here done physical security (like datacenter doors and such) where the controller is open source and usable on CentOS? I'd be interested in kitting such a setup for our datacenters here. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Thursday, January 20, 2011 11:52:48 am m.r...@5-cent.us wrote: > Lamar Owen wrote: > > mechanism has been improved at least between F13 and F14, as I did do a > > preupgrade on my development/testing box, which will likely go to CentOS 6 > > or SL6 some time RSN. > > Could you define "improved"? My wish list would include "I (fedora) will > install the o/s in /boot, and then *ask* where you want the rest to go", > so I can tell something like /upgrade in the root filesystem, where I've > got a *TON* more space. Well, since you asked, I'm talking again about a preupgrade; the /boot filesystem on that box is 100MB in size, and the preupgrade worked. It downloaded the install image during the boot of the anaconda upgrader, rather than downloading during the preupgrade run. I don't know which BZ entry it would be, but I'm sure you could look that up. The preupgrade by definition is an in-place upgrade rather than an install. The LiveCD install cannot upgrade (since it's just really duplicating the on-cd filesystem, plus a few other operations) and there aren't any RPMs on the LiveCD to do an upgrade with Having the netinstall option should also give the upgrade option, but I don't recall if the Fedora LiveCD will do a netinstall like the CentOS LiveCD will. But upgrades between EL versions aren't supported, so that's sort of moot. Can you imagine trying to upgrade an FC6 to an F12 in one step? That's essentially what a C5 to C6 upgrade will be like, and it's not going to be easy. And it may not even be directly possible to upgrade; there have been a lot of changes between, including RPM format, disk naming, among a few things. It might be possible to do C5 to F7, to F8, to F9, to F10, to F11, and then to C6. It might even be possible to skip some of those steps; don't know. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Thursday, January 20, 2011 11:53:52 am Parshwa Murdia wrote: > You say for SL6, would it sometimes prove better than stable CentOS? As Les said, it depends by what you consider to be 'better.' I consider them to be roughly equivalent, with SL having some advantages (mostly of perception in my dayjob, for instance) and CentOS having some advantages (long track record of stability and strict adherence to upstream in many ways). I don't consider either to be 'better' in the strict sense of that word; I would simply describe them as 'different' rather than try to qualify a 'better.' See where I work as a dayjob, and then see why Scientific Linux, backed by Fermilab and others, would have a perception advantage. :-) But the binaries are essentially the same, and both are excellent choices. Yet we use CentOS on virtually all of our servers, with very few exceptions. Again, it's not a matter of which is 'better' in any way; when the whole RHEL 3 thing came about, and Red Hat stopped selling boxed sets of Red Hat Linux with RHL9, there were a number of rebuilds that came out. The first one out of the gate (IIRC) was Whitebox, but not by much. So my first EL was a Whitebox 3 install, which is now a CentOS 3 install, and is still running. My second EL was a CentOS 2.1 install, which, again, is still running (libc5 compatability stops here in the EL line; a large commercial libc5 binary-only package is still running on that box). I have done a few SL installs for some researchers who have come here, but, honestly, most of the desktop Linux we use (which isn't much) is Fedora. The servers run CentOS (a mix of 3, 4, and 5) and, well, they just run like clockwork. And I've just stuck with CentOS for the reason of inertia, more than any other. But I monitor both mailing lists; the two distributions aren't in competition, really, and it's good to have both out there. And I've done enough migrating back and forth among the various EL from source distributions to be able to go either way (it's not really hard, unless you use some of the extra packages) and pretty much any time. And they're both from the same upstream source packages. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 01:57:54 pm m.r...@5-cent.us wrote: > We (the Feds) are using PIV cards, which have passkeys, and, of course, > the username. I prefer what I have from my employer: the RSA keyfobs. No > trouble at all, *and* you need the username, keyfob and a pin. Our co-lo site is using fingerprint plus HID Corp cards. I'm not familiar with the RSA keyfobs, though. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 03:11:00 pm Mike McCarty wrote: > That does not preclude access to the machine's content. Anyone > with root access should be able to do that. You shouldn't > have to log in AS THAT USER in order to access the computer's > content. Although I have seen in the case of Windows, installed to NTFS, and set with 'make your files private' when you first set up a password, that if even if you log in as Administrator you can't necessarily see all users' files, at least not through file sharing. It has been a long time since I've put that to the test on the local console. Makes it a pain to do whole machine virus scans from the Administrator account, and makes it a bigger pain to do backups using the semi-documented $ shares when file sharing is enabled in the firewall. I've never experienced that on Linux, but it is possible to set up the SELinux policy in a way that 'ordinary' root can't do everything, that you have to be in a different context. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] How to disable screen locking system-wide?
On Thursday, January 20, 2011 05:53:14 pm Ross Walker wrote: > I haven't heard of someone lifting a latent oil print > and creating a fake out of that. I'm sure with enough ingenuity it can > be done. Let me repeat: that is exactly what MythBusters did in the episode I referenced, 'Crime and Mythdemeanors 2' which aired a few years ago. The print was Grant's, and it was lifted from a CD case, duplicated into ballistics gel using a partially obscured process that included PC board etching and print cleanup in a graphics editor, and successfully opened the fingerprint door lock (as well as logging in to a PC). The narrator in the episode did state that one critical part of the process was omitted to keep that episode from being a HOWTO, but it probably wouldn't take a rocket scientist to figure it out. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Friday, January 21, 2011 01:09:37 am Parshwa Murdia wrote: > What made me > think for this comparison was the simple question why did Fermi Labs > and CERN chose SL and developing but they didn't go for other distros, > keeping in mind always that all the distros have their own pros and > cons but essentially the same security. That question would be best asked on the SL mailing list(s). The SL FAQ just says that many criteria were used. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Friday, January 21, 2011 11:01:01 am Les Mikesell wrote: > The first few RHEL releases sort of looked like the same > pattern where there would be 2 fedora versions replacing the X.0, X.1 > RH's with the 3rd in the set being RHEL, but it didn't stay that way > very long and quickly got to the point where is wasn't worth even > testing on fedora because things would just be completely different in > the next release and there was no effort to maintain hardware > compatibility or user data across the upgrades - or sometimes even for > minor updates. My experience has been considerably different, and I have found Fedora, especially recently, has been more stable than the non-LTS Ubuntu, at least for KDE usage. Once you got past the first release with KDE4, but that happened during my two-year excursion into disappointing KUbuntu-land. I'm told that going from the last KDE3 to the first KDE4 wasn't pleasant; but that was/is just as true with Ubuntu, excepting for the fact that Ubuntu waited just a little longer to go there. I have also seen CentOS (and by extension the upstream) kernels break things, reorder ethernet ports, etc. > And before someone else points it out, I know RH8 and RH9 didn't use the > .0 minor number (perhaps to avoid the buggy connotation) but they were > really more fedora-like and broke more things than users had come to > expect in the the RH tradition. Technically this isn't true. I'm looking at my shelf of boxed sets, and the first one without a .0 was 7. I don't still have my box for RH8, but I do actually have a machine running with RH8 # cat /etc/redhat-release Red Hat Linux release 8.0 (Psyche) I distinctly remember the .0 being there on the box. Some thought, at the time, that RHL7.3 should have been labeled 8.0; RHAS2.1 IIRC is/was based off RHL7.2. But RH 9 was just that; no .0 there. RH only kept up the .0 .1 .2 consistently through 4.x, 5.x, and 6.x; 7 and later were a different beast, and 3.03 and prior were as well. There were more major versions that didn't do that than did. :-) Ubuntu folk have just as many problems; I do support for a couple who use Linux exclusively, and they have a mix of boxes, including an F13, a Ubuntu 8.04, and Ubuntu 9.04, and a Ubuntu 6.06. The upgrade from 6.06 on up is not going to be pleasant. The Ubuntu 9.04 was upgraded to 9.10, and many things broke. I mean, just flat out broke. Sound stopped. Video output stopped. Wireless stopped. On a Dell notebook with Linux support, that shipped with Ubuntu installed. In contrast, I returned to Fedora at F11, and haven't had major issues with moving from 11 to 12 to 13 to 14. In fact, the 13 to 14 experience was rather smooth, particularly for bleeding edge. But that's what Fedora is; bleeding edge, and if that's what you need, that's what you need. Your mileage (and breakage) may vary. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Friday, January 21, 2011 12:34:57 pm m.r...@5-cent.us wrote: > Haven't seen the kernel break things, with the exception of *sigh* NVidia > drivers I've also seen it reorder ethernet ports, but finally found > the simple solution (/etc/sysconfig/network-scripts/ifcfg-ethx, and add > the HWADDR) You use the RPMfusion kmod's, and use the yum plugin to protect them, right? > Lazy! If I fired up my currently-not-running firewall/router at home, it's > got RH9. I'll let the following speak for itself. Read it carefully. It's from a running machine. # cat /etc/redhat-release Red Hat Linux release 5.2 (Apollo) # uname -a Linux localhost.localdomain 2.0.36 #3 Fri Apr 9 15:36:11 EDT 1999 i586 unknown # date Fri Jan 21 13:15:04 EST 2011 # What's that about 'if it ain't broke, don't fix it' at least with boxes that don't have a direct Internet connection..and this box is doing its job, and doing it well, and with the features that meet the need. Yes, it's had a hard drive replacement, a motherboard/CPU replacement, among other things but even back in those days cloning drives was somewhat common. [snip] > mark "that was FC14 that broke X yesterday" Filed a bug report, right? :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Friday, January 21, 2011 01:33:03 pm m.r...@5-cent.us wrote: > Lamar Owen wrote: > > On Friday, January 21, 2011 12:34:57 pm m.r...@5-cent.us wrote: > >> Haven't seen the kernel break things, with the exception of *sigh* > >> NVidia drivers I've also seen it reorder ethernet ports, but > finally found > >> the simple solution (/etc/sysconfig/network-scripts/ifcfg-ethx, and add > >> the HWADDR) > > > > You use the RPMfusion kmod's, and use the yum plugin to protect them, > > right? > > For nVIdia? I've been manually building the driver using the proprietary > kit. One of these days, I'll try the... who is it, rpmforge? that has the > packages? If that works, I'll have a literal handful of machines that I'll > do that for. Sorry, not RPMfusion, but ELrepo. See elrepo.org Install yum-kmod (I have also install yum-kernel-module), then install whichever nvidia kmod you need from elrepo. That should prevent kernel updates until the matching nvidia kmod is available. The yum-kmod and yum-kernel-module plugins are part of regular CentOS, not third-party repos. > > Linux localhost.localdomain 2.0.36 #3 Fri Apr 9 15:36:11 EDT 1999 i586 > > Argh! You're one of *those* Yep. I have a couple of VAXstation 4000's here, and soon will have a smallish SGI multiprocessor box that I'm planning to load CentOS on. I like old kit. If I still had my PDP-8 now that would be interesting. :-) > Right, and it's not online. Big changes, if it ever does go online. Hey, I > was just using my box a year and a half ago. But I built it for its > purpose: no compilers, no X, no diddly-squat, *and* I'd run Bastille Linux > on it. To the best of my knowledge, over 10 years, I'd never had an > intrusion. I have had intrusions; that box actually was originally RH 4.2, but got upgraded after an intrusion (which is when its direct internet went awaybind 4 vulnerability). I've learned from those intrusions; good experience. One was on a Ubuntu box, fully up-to-date at the time. Turns out the password I thought was pretty unique wasn't; and it was a 'strong' password by most tools' estimation, being it had mixed case, numbers, and a punctuation symbol in it; it got infected with a slow-brute-forcer ssh worm, and when I saw the strange ssh traffic I shut it down; got a note about it, too. Now I don't allow outbound port 22 to just anywhere (among a few other things; it's becoming to where I'm tempted to firewall outgoing as aggressively as I firewall incoming, but we still do too many academic 'things' that connect to unusual port numbers.). > > Filed a bug report, right? :-) > > *If* I could pin down the exact cause, and I can't play around with the > machine, since the user needed it *now* Just *now* and not *yesterday* ? :-) But I understand; the goal of filing a report is to file a useful report, and 'it broke' is not a useful report ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] [OT] old kit and kaboodle, obFriday (was:Re: Is it okay?)
On Friday, January 21, 2011 01:29:14 pm John R Pierce wrote: > $ cat /proc/cpuinfo > ... > model name : Pentium III (Katmai) > cpu MHz : 451.031 > ... Being that it's Friday (note that this output isn't snipped; kernel 2.0.36 doesn't grab the CPU frequency apparently!): [root@localhost /root]# cat /proc/cpuinfo processor : 0 cpu : 586 model : AMD-K6(tm) 3D processor vendor_id : AuthenticAMD stepping: M fdiv_bug: no hlt_bug : no f00f_bug: no fpu : yes fpu_exception : yes cpuid : yes wp : yes flags : fpu vme de pse tsc msr mce cx8 syscr pge mmx 3dnow bogomips: 999.42 [root@localhost /root]# I happen to know it's a K6-2 500. I have a few K6-2 300 systems here that would be ideal for a few uses if I could get something a little more modern than the i586 C4 build running on them... for that matter, perhaps I need the i586 C4 build on them They are Agilent ATMProbes that had a custom dual OC12 card complex, with the K6-2 board, which is not PC form-factor compliant, acting as a controller for the specialized atm cell capture/analysis complex. For that matter, I'm looking for a distribution I can put on DiskOnChip and run on some embedded PC104 5x86/133 systems I have. :-) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Friday, January 21, 2011 02:13:54 pm John R Pierce wrote: > The > P3-450 running my network now draws about 70 watts average per my > Kill-A-Watt, which really isn't that bad. Kaill-a-watts are great little devices If you can find a cast-off Nomadix HotSpot gateway, you can save a lot of power and get something more speedy at the same time. It's a custom-labelled Portwell NAD-2050; if you can find one they're neat. Lot less than 70 watts; closer to 10 or 20. Three or five 10/100 ethernet ports, and other options, in a box that's 1 RU high, but smaller than rack width. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] old kit and kaboodle, obFriday
On Friday, January 21, 2011 02:35:40 pm Les Mikesell wrote: > On 1/21/2011 1:28 PM, Lamar Owen wrote: > > For that matter, I'm looking for a distribution I can put on DiskOnChip and > > run on some embedded PC104 5x86/133 systems I have. :-) > Except for things with specialized hardware adapters it just seems > wasteful to power up any old stuff compared to running a virtual machine > on something current and maybe giving it USB access to its own device. Well, in this particular case it's for remote locations that are solar powered. That and the embedded boxen draw 15 watts max and have the RS-485 interfaces I need to work with..oh, and they were free. Ordinarily I would agree; provision a VM, and throw an AnyWhere USB out there and run the USB ports only in the remote, but ethernet-over-fiber connected, location. But I don't need USB; I need RS-232 and RS-485. The little PC-104/ISA boards (Advantech PCA-6144's and PCA 6145's) have ethernet; the 1RU and 2RU cases have RS-485 multiport muxes in them. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] [OT] old kit uses, and security stuff (was:Re: Is it okay?)
On Friday, January 21, 2011 02:35:11 pm m.r...@5-cent.us wrote: > I have a friend with several RISC 6000's, and of course his MicroVAX. You > had a PDP-8? When I was taking an o/s class in the mid-eighties, I was on > a PDP-11/780. *Nice* machine, running RSTS, I think it was. Hmm, I wondernope, simh isn't in EPEL 5 or 6 yet (it's available for F14). See simh.trailing-edge.com and you'll see why I mention it I used simh's MicroVAX module to rescue some disk images from the VS4000's we have (they are controllers for our 7,000 pound 20x20 microdensitometers used for photographic plate scanning; see http://www.pari.edu/library/apda/rooms/ for a little bit of info about what they're for). We want to replace the VS4000's with Linux box(en); since the interface to GAMMAs I and II is CAMAC-over-SCSI plus IEEE-488-over-RS-232 (CAMAC for the digitizer ADC and GPIO; IEEE-488 for the Agilent/HP laser interferometer servo system for the platen drive), I'm considering using the SGI box to control them; if not the SGI box, any generic CentOS box with RS-232 or IEEE-488 and a SCSI adapter will work. (GAMMA = Guide star Automatic Measuring MAchine; used at Space Telescope Science Institute (STScI) to generate the guide star catalog for use with Hubble, as well as for generating the one arcsecond digitized sky survey 102 volume CD set. > Have you looked into Bastille Linux? It's not a distro, it's a set of > scripts to harden a system. Yes; I have tried it out, but it's just another one of those things that I periodically look at and say 'I need to be doing that' I think the first time I looked at it was back before RHEL3, maybe in the RHL7.2 timeframe. It's on the list; somewhere between 'Implement PacketFence (implies writing a module for Cisco Catalyst 5500 and Cisco 7600 and Catalyst 8540 and Catalyst 2948G-L3 and the other old but working oddball Cisco switches and routers in my network)' and 'Implement IPv6 (once the ISP gives me the prefix)'. That is, pretty high up the list, just not in the execution queue yet. > > > about it, too. Now I don't allow outbound port 22 to just anywhere (among > > Ah, no. When I've had a home network with the old machine running, the > *only* place it would accept ssh from was the inside NIC. That's the point; it was an outbound *to* someone else's port 22 brute-forcer. I can count on one hand the number of people who have come here and had me add their server to the 'outbound to port 22' permit ACL on the Cisco border router(s). That way, even when someone gets in, they can't get out, at least not on that port. Yeah, I said when, not if. Someone at some point in time will get in; when that does happen I want to try to mitigate the potential for damage. That is, since I know I cannot possibly prevent all ingress attempts, I can at least make the success as useless as possible. That's part of the reason PacketFence is high on my To Do list. 1 PARI Drive Rosman, NC 28772 http://www.pari.edu ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Is it okay?
On Jan 21, 2011, at 2:37 PM, Lamar Owen wrote: If you can find a cast-off Nomadix HotSpot gateway, you can save a lot of power and get something more speedy at the same time. It's a custom-labelled Portwell NAD-2050; if you can find one they're neat. Lot less than 70 watts; closer to 10 or 20. Just checked it with one of my Kill-a-watts: 17 watts. Cool. smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [OT] old kit and kaboodle, obFriday (was:Re: Is it okay?)
On Friday, January 21, 2011 10:36:00 pm Leonard den Ottolander wrote: > The problem with many of these special purpose distros is that they are > usually poorly maintained wrt updates. A minimal install of a mainstream > distro like CentOS shouldn't take up much more than a GB, and if you put > in some effort to strip out excess packages even half of that. DSL is > really more of a distro to put on embedded hardware. With CentOS 4 i586 available, I like that route best. This keeps even the embedded stuff (that's at least i586) using the same admin interfaces, the same file locations, and in general it keeps things consistent. Consistency in user and admin interfaces is a good thing and helps admin productivity, at least in my case. That's partly the reason I run Fedora on my laptop; I run CentOS on my servers, and having my own machine running something fairly close helps me get things done quicker, and I'm less likely to mistype things. So I'm not likely to use DSL or Puppy or similar on systems that are big enough to run CentOS 4 i586 at the least. Now on really small storage (DiskOnChip for instance) things are completely different, and specialized distributions are useful. But if I have enough storage I'll run C4 (C4 is powering the majority of the servers here at the moment; we're transitioning somewhat slowly to C5 and soon to C6 for those cases that need it). No rush on most of the C4 boxen, though. As mentioned, I still have C3 and C2.1 in production, although that's slowly changing, and I try to be careful. Now, when C4 is no longer supported, the choice of i586 distribution might change. See, i586 distributions are required for some fairly modern hardware, too, like much of the VIA embedded lines, which don't have CMOV. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL-6 vs. CentOS-5.5 (was: Static assignment of, SCSI device names?)
On Wednesday, February 02, 2011 02:06:15 am Chuck Munro wrote: > The real key is to carefully label each SATA cable and its associated > drive. Then the little mapping script can be used to identify the > faulty drive which mdadm reports by its device name. It just occurred > to me that whenever mdadm sends an email report, it can also run a > script which groks out the path info and puts it in the email message. > Problem solved :-) Ok, perhaps I'm dense, but, if this is not a hot-swap bay you're talking about, wouldn't it be easier to have the drive's serial number (or other identifier found on the label) pulled into the e-mail, and compare with the label physically found on the drive, since you're going to have to open the case anyway? Using something like: hdparm -I $DEVICE | grep Serial.Number works here (the regexp Serial.Number matches the string "Serial Number" without requiring the double quotes). Use whatever $DEVICE you need to use, as long as it's on a controller compatible with hdparm usage. I have seen cases with a different Linux distribution where the actual module load order was nondeterministic (modules loaded in parallel); while upstream and the CentOS rebuild try to make things more deterministic, wouldn't it be safer to get a really unique, externally visible identifier from the drive? If the drive has failed to the degree that it won't respond to the query, then query all the good drives in the array for their serial numbers, and use a process of elimination. This, IMO, is more robust than relying on the drive detect order to remain deterministic. If in a hotswap or coldswap bay, do some data access to the array, and see which LED's don't blink; that should correspond to the failed drive. If the bay has secondary LED's, you might be able to blink those, too. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how to move forward/undo/revert/fix re: a failed CentOS 5.5 to SL 5.5 migration ... [SOLVED?]
On Wednesday, February 02, 2011 09:31:43 am Larry Vaden wrote: > "* The host/dig/nslookup utilities queried only servers from > resolv.conf. With this update, the utilities query the servers > specified on command line instead of in resolv.conf and the issue is > resolved. ( BZ#561299)" > > The official release notes imply that the argument on the command line > was ignored and the contents of /etc/resolv.conf were used instead > which should lead to consistent results between the two invocations. I think the release notes do not reflect the actual bug, in this case. The bug text is: "I have noticed that release 5.4 (Final) appears to ignore the server option when using host or nslookup if the host in question is not available. The commands should return no server available as they have in the past but instead decide to query the servers specified in resolv.conf and return results from that." As both of the servers you gave in the message provided results, the queries given do not trigger the actual bug; that is, if the server referenced is not available or does not return a result, *then* it went to the servers in resolv.conf rather than the previous behavior. Fault lies in the writer of the release note bullet point, which does not accurately describe the bug actually fixed. And that explains why 'host www.yahoo.com 208.67.220.220' and 'host www.yahoo.com 8.8.8.8' got completely different answers, as I know OpenDNS does fairly aggressive caching that semi-ignores $TTL, and google (8.8.8.8 is a google DNS server) probably does too. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] RHEL-6 vs. CentOS-5.5
On Wednesday, February 02, 2011 08:04:43 pm Les Mikesell wrote: > I think there are ways that drives can fail that would make them not be > detected > at all - and for an autodetected raid member in a system that has been > rebooted, > not leave much evidence of where it was when it worked. If your slots are > all > full you may still be able to figure it out but it might be a good idea to > save > a copy of the listing when you know everything is working. I'll echo this advice. I guess I'm spoiled to my EMC arrays, which light a yellow LED on the DAE and on the individual drive, as well as telling you which backend bus, which enclosure, and which drive in that enclosure. And the EMC-custom firmware is paranoid about errors. But my personal box is a used SuperMicro dual Xeon I got at the depth of the recession in December 2009, and paid a song and half a dance for it. It had the six bay hotswap SCSI, and I replaced it with the six bay hotswap SATA, put in a used (and cheap) 3Ware 9500S controller, and have a RAID5 of four 250GB drives for the boot and root volumes, and an MD RAID1 pair of 750GB drives for /home. The Supermicro motherboard didn't have SATA ports, but I got a 64-bit PCI-X dual internal SATA/dual eSATA low-profile board with the low-profile bracket to fit the 2U case. Total cost <$500. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
[CentOS] Supermicro, SATA, and palimpsest (was:Re: CentOS Digest, Vol 73, Issue 3)
On Thursday, February 03, 2011 01:38:35 pm Chuck Munro wrote: > On 02/03/2011 09:00 AM, Lamar Owen wrote: > > But my personal box is a used SuperMicro dual Xeon I got at the depth of > > the recession in December 2009 > Less than $500 for a Supermicro box? Holy crap, Batman! Hey, first let me thank you for trimming the rest of the digest out in your reply; that's good stuff. Next, this is an older Supermicro board, P4DP6, and older 32-bit-only Xeon's, 2.8GHz. But it has 4GB of ECC RAM, and the nice 2U Supermicro rack chassis with the six bay trayless drive array. And, again, the total package, except for the drives, which I already had on hand, was less than $500, and that included the 3ware controller and the SiI SATA-2 low profile 64-bit PCI-X board. > I took Les' advice and built a connection map of the 15 drives. The > Disk Utility GUI turned out to be useful once I determined the SATA > breakout cable order and labelled each with its PHY number. Knowing > that lets me use the GUI to clearly identify a failed drive, which shows > up as a PHY#. I'm normally a command-line kinda guy but this utility is > something I really like on RHEL-6. I hope it's the same on CentOS-6. Should be. As far as I know this is the same palimpsest that's in Fedora; not sure of which version is in EL6, though. It does pretty good, even gives you a benchmarking utility, partitioning, formatting, SMART utilities, etc, all in one place. It works reasonably well over an ssh X tunnel, too, and is one reason my standard install now includes at least the X libraries, even on a server. There are other reasons to have a remote GUI on a server, even if you disable the display/desktop manager and GUI login. I use ssh tunneled konqueror a lot, for instance. When you need to do large batches, CLI works best, but for just drilling down into filesystems I do like konqueror, from either KDE3 or KDE4, doesn't really matter that much to me. And it's reasonably fast even over DSL. And my main server management station runs ssh tunneled gkrellm instances from critical servers; it's easy to tell at a glance if something has happened to a server, and it makes for a pretty display in the datacenter during tours, too. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] system clock
On Sunday, February 06, 2011 04:35:48 pm Buz Davis wrote: > I am running CntOS 5 with Gnome. Is > there a simple way to adjust the time? Use system-config-date (in the GNOME menu: System/Administration/Date&Time) Make sure 'System clock uses UTC' is unchecked in the timezone tab if you dual-boot with windows and don't have windows set to that setting. You can set up network stime servers in the 'Network Time Protocol' tab, and you can adjust the date and time easily in the 'Date & Time' tab. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Ken Olsen od DEC, 1927-2011
On Tuesday, February 08, 2011 08:21:38 pm Jay Leafey wrote: > Much as I love Linux, I'd still prefer to be running VMS on an x86 > desktop box! 1.) Get an OpenVMS hobbyist media kit and license for OpenVMS/VAX. 2.) Install simh from a third-party CentOS repository, or from source. ( simh.trailing-edge.com ) 3.) Install OpenVMS/VAX on the simulated MicroVAX simh provides. 4.) Activate your hobbyist license PAK. 5.) Enjoy VMS-ness. (see http://www.wherry.com/gadgets/retrocomputing/vax-simh.html for a little more) Doing that here to re-learn VMS after all these years, since we have a large high-resolution scanner system that is currently using a VAXstation 4000 to drive, via CAMAC-over-SCSI and IEEE-488-over-RS-232, a 7,000 pound microdensitometer aka 'the Guide star Automatic Measuring MAchine' (GAMMA). We're wanting to convert the VAX Fortran and IDL code to run on a CentOS box, possibly a recently donated 20-processor SGI Altix 3700, and possibly a smaller x86/x64_86 box, or even one of the many SPARC boxen I have around here... ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] how will CentOS handle the perftools 1.7 vs. 1.6 issue?
On Thursday, February 10, 2011 06:42:48 am Kai Schaetzl wrote: > Larry, could you please stop spamming this list with problems you see on > the SL list? Thanks. This package isn't even part of CentOS. While google perftools is not a part of either SL or CentOS, it *is* in EPEL, and CentOS users can be users of EPEL; thus it's on-topic for this list, unless it needs to be kept on an EPEL list. I personally would rather the quick report show up here than to have to subscribe to yet another mailing list. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 64 bit php 5.2 huge problem
On Saturday, February 12, 2011 05:18:14 pm Peter Ivanov wrote: > the server worked, but suddenly mysql connectivity dissapeared. > when i try to run any mysql related functionality if givem me the error: > Call to undefined function mysql_connect() Can you connect with the command line mysqlclient? Something fishy is going on; something has changed in your setup, either in the mysql setup or in php.ini. Googling the error message produces 126,000 hits (WITH quotes!). Lots of possibilities. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 64 bit php 5.2 huge problem
On Saturday, February 12, 2011 05:37:00 pm Peter Ivanov wrote: > HI Lamar, > > thanks for the reply. > > I can connect with the > > mysqlclient Can you post the output of yum list | grep ^mysql please? And the output of rpm -V mysql And the output of rpm -ql mysql please? ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 64 bit php 5.2 huge problem
On Saturday, February 12, 2011 05:59:52 pm Peter Ivanov wrote: > Hi Lamar, > > here they are > [root@host ~]# rpm -V mysql > S.5. c /etc/my.cnf > prelink: /usr/bin/my_print_defaults: at least one of file's dependencies > has changed since prelinking > S.?./usr/bin/my_print_defaults [snip] > prelink: /usr/lib64/mysql/libmysqlclient.so.15.0.0: at least one of > file's dependencies has changed since prelinking > S.?./usr/lib64/mysql/libmysqlclient.so.15.0.0 > prelink: /usr/lib64/mysql/libmysqlclient_r.so.15.0.0: at least one of > file's dependencies has changed since prelinking > S.?./usr/lib64/mysql/libmysqlclient_r.so.15.0.0 > S.5. c /etc/my.cnf > I hope this gives a clue It looks like your mysql installation has been corrupted in some way; the ? indicates that the process could not complete for some reason (and that's in the MD5 section), and the S means the size differs. I ran this on a server I have access to, and no such lines were output. You will want to 'ls -l /isr/lib64/mysql/libmysql*' and check permissions and sizes. My gut feel is that the size will turn out to be zero, or something really odd. You can try 'yum reinstall mysql.x86_64' to refresh it. I would do an 'rpm -Va' on the box and see what else is corrupted, and run (from read-only media) a copy of something like rkhunter or checkrootkit. You may have an intruder on your system. Also, here are the md5sums from my setup, of just the x86_64 mysql rpm, which is the same version as yours. You can run the command line at the top for yourself, and hand-compare the md5sums [root@localhost ~]# rpm -ql mysql|xargs md5sum ac3aebcaf6963ab83a099706d0d512f4 /etc/ld.so.conf.d/mysql-x86_64.conf 740258c758e3ef283d2fd5f862bc9e4c /etc/my.cnf 52bcda45f35ffb42a7e032eea9b5655f /usr/bin/msql2mysql b4e80dabbbcd3cad7c88e1337872f435 /usr/bin/my_print_defaults 8405d6d62b45c6645a0a529540c7cfdb /usr/bin/mysql 17b56ddc4639ad47ae48ff2176dab909 /usr/bin/mysql_config b4ef945be869bc738711bdc18bc48f14 /usr/bin/mysql_find_rows eac07b461dd7dfa0eea248d2d08e3da0 /usr/bin/mysql_tableinfo 3c99880d7c4080dacafbec32256b1042 /usr/bin/mysql_waitpid 0afee772423c6d3840726ee8d095d6c6 /usr/bin/mysqlaccess 523e7f51f86d561795dc3626f3cb2bc5 /usr/bin/mysqladmin b47aae44ccc50d67fcdd4ccb482bdb5e /usr/bin/mysqlbinlog 4960f633d8dd1cc9fa7a72b8ae6dfbf7 /usr/bin/mysqlcheck c84e1610e673484c6c819a78b456db49 /usr/bin/mysqldump 250047b2132a66d7a85950980a2f3e33 /usr/bin/mysqlimport 3a41a101b17997bb89089ba8b52a4700 /usr/bin/mysqlshow md5sum: /usr/lib64/mysql: Is a directory e6a5df475ce7bbdf12b6aeab7657b12b /usr/lib64/mysql/libmysqlclient.so.15 e6a5df475ce7bbdf12b6aeab7657b12b /usr/lib64/mysql/libmysqlclient.so.15.0.0 d28d5ea0c03dc17bde8981ec404551ce /usr/lib64/mysql/libmysqlclient_r.so.15 d28d5ea0c03dc17bde8981ec404551ce /usr/lib64/mysql/libmysqlclient_r.so.15.0.0 b657ace1e8d098faf73ce1238cc596e2 /usr/lib64/mysql/mysql_config 26d217110de4bf0620d76084935e0a25 /usr/lib64/mysql/mysqlbug md5sum: /usr/share/doc/mysql-5.0.77: Is a directory 477ab0a4c8ca64b482b3f2a365d0fdfa /usr/share/doc/mysql-5.0.77/COPYING d9ad42b427ace53cb3e752092b040c59 /usr/share/doc/mysql-5.0.77/EXCEPTIONS-CLIENT f042efae8bc01e77901896b6e94843f3 /usr/share/doc/mysql-5.0.77/README ca0fafe8b95c20b3e69b63e51c32c0ad /usr/share/info/mysql.info.gz cc76b6ecb25e7d82d06dc735b5ad82b4 /usr/share/man/man1/my_print_defaults.1.gz da118d1aab5e886c031cc032d71f54ea /usr/share/man/man1/mysql.1.gz 9c31872658e1567cdc999ca282243328 /usr/share/man/man1/mysql_config.1.gz 4d32b2a0280a0306da16b32e273cf56a /usr/share/man/man1/mysql_find_rows.1.gz 0171df50c4b0c760457782fd3818abf8 /usr/share/man/man1/mysql_tableinfo.1.gz 1ed1c10ec19551ab2a28ecf09118c389 /usr/share/man/man1/mysql_waitpid.1.gz 1615660ea4d184e210e15b8584816d54 /usr/share/man/man1/mysqlaccess.1.gz 1bdc7a0175bcc3a3540d1725a159bed7 /usr/share/man/man1/mysqladmin.1.gz ecd3526b77032defc84b26aa85f901c7 /usr/share/man/man1/mysqldump.1.gz 29d81f551a60f283b0ee9a41c8456ec9 /usr/share/man/man1/mysqlshow.1.gz md5sum: /usr/share/mysql: Is a directory md5sum: /usr/share/mysql/charsets: Is a directory 5efa1112115331425740e789d2b4f77e /usr/share/mysql/charsets/Index.xml c17e32bb326c2ea2c39d064219605b15 /usr/share/mysql/charsets/README b8d6f26e44e815ed164fe7ada537c7e9 /usr/share/mysql/charsets/armscii8.xml 381d926414521380a8cb490f0cda4f15 /usr/share/mysql/charsets/ascii.xml 1559a8a48cf98797db00833ada133e90 /usr/share/mysql/charsets/cp1250.xml 71c729b0689a5cbf3169528542c1a192 /usr/share/mysql/charsets/cp1251.xml 91a747ddefc0705f9cf187ef7aebedbf /usr/share/mysql/charsets/cp1256.xml 2d39aa0a3afd5c4373360c5affd09de6 /usr/share/mysql/charsets/cp1257.xml f82f1f41704c4715c2fe3d90f27712ec /usr/share/mysql/charsets/cp850.xml e3a297db9dee58cdccc53f0f33a705d6 /usr/share/mysql/charsets/cp852.xml e6fa1450652d8cea162a480b486b8a17 /usr/share/mysql/charsets/cp866.xml dd31812ea0df98e082e6695ab9524c64 /u
Re: [CentOS] CentOS 64 bit php 5.2 huge problem
On Saturday, February 12, 2011 07:03:59 pm Peter Ivanov wrote: > My mysql.so is about 50K .. is that nornal No; the ones here are three times that size: [root@localhost ~]# ls -l /usr/lib64/mysql/libmysqlclient*.so.15.0.0 -rwxr-xr-x 1 root root 1517784 Nov 3 19:54 /usr/lib64/mysql/libmysqlclient_r.so.15.0.0 -rwxr-xr-x 1 root root 1510224 Nov 3 19:54 /usr/lib64/mysql/libmysqlclient.so.15.0.0 [root@localhost ~]# You need to 'yum reinstall mysql.x86_64' and that will get you all the files you need for that package, and the correct ones. Just sending the one .so file isn't going to help your bigger issue. You may have other problems; that's why I recommend running an rpm -Va, pipe the output to a file, and if you get similar verification errors reinstall the effected packages with yum reinstall. Don't send the output of rpm -Va to the list, however, as it's likely to be large. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 64 bit php 5.2 huge problem
On Feb 12, 2011, at 7:28 PM, Peter Ivanov wrote: PHP Startup: Unable to load dynamic library '/usr/lib64/php/modules/ mysql.so' - libmysqlclient.so.15: cannot open shared object file: No such file or directory in Unknown on line 0 Run ldd /usr/lib64/php/modules/mysql.so and list the output. It should look something like: [root@localhost ~]# ldd /usr/lib64/php/modules/mysql.so libmysqlclient.so.15 => /usr/lib64/mysql/libmysqlclient.so.15 (0x2b180136f000) libc.so.6 => /lib64/libc.so.6 (0x2b18016e) libcrypt.so.1 => /lib64/libcrypt.so.1 (0x2b1801a37000) libnsl.so.1 => /lib64/libnsl.so.1 (0x2b1801c7) libm.so.6 => /lib64/libm.so.6 (0x2b1801e88000) libssl.so.6 => /lib64/libssl.so.6 (0x2b180210b000) libcrypto.so.6 => /lib64/libcrypto.so.6 (0x2b1802358000) libz.so.1 => /usr/lib64/libz.so.1 (0x2b18026a9000) /lib64/ld-linux-x86-64.so.2 (0x003bd6a0) libgssapi_krb5.so.2 => /usr/lib64/libgssapi_krb5.so.2 (0x2b18028bd000) libkrb5.so.3 => /usr/lib64/libkrb5.so.3 (0x2b1802aec000) libcom_err.so.2 => /lib64/libcom_err.so.2 (0x2b1802d81000) libk5crypto.so.3 => /usr/lib64/libk5crypto.so.3 (0x2b1802f83000) libdl.so.2 => /lib64/libdl.so.2 (0x2b18031a9000) libkrb5support.so.0 => /usr/lib64/libkrb5support.so.0 (0x2b18033ad000) libkeyutils.so.1 => /lib64/libkeyutils.so.1 (0x2b18035b5000) libresolv.so.2 => /lib64/libresolv.so.2 (0x2b18037b8000) libselinux.so.1 => /lib64/libselinux.so.1 (0x2b18039cd000) libsepol.so.1 => /lib64/libsepol.so.1 (0x2b1803be6000) [root@localhost ~]# If it can't find libmysqlclient, you can work around the deeper issue by running ln -s /usr/lib64/mysql/libmysqlclient.so.15 /usr/lib64/ libmysqlclient.so.15 and see if that 'fixes' it. smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS 64 bit php 5.2 huge problem
On Feb 12, 2011, at 7:57 PM, Peter Ivanov wrote: ln -s /usr/lib64/mysql/libmysqlclient.so.15 /usr/lib64/ libmysqlclient.so.15 solved my problem is this file link permanent? The fact you have to do that link indicates a deeper issue; did you run the ldd line first, and can you post that output? I found this workaround with Google: http://www.google.com/#sclient=psy&hl=en&q=%22PHP+Startup:+Unable+to+load+dynamic+library+%27%2Fusr%2Flib64%2Fphp%2Fmodules%2Fmysql.so%27+-+libmysqlclient.so.15%3A+cannot+open+shared+object+file%3A+No+such+file+or+directory+in+Unknown+on+line+0%22&aq=f&aqi=&aql=&oq=&pbx=1&bav=on.1,or.&fp=8d0ed00102c914af (That's the full error message text PHP was spitting out). First hit (an old Fedora bug): https://bugzilla.redhat.com/show_bug.cgi?id=176353 This has the workaround, but this is caused by something else going on. In any case, glad that worked, but you really do need to dig a little deeper and see why it did what it did, as the underlying reason is going to come back and bite you otherwise smime.p7s Description: S/MIME cryptographic signature ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any update on 5.6 / 6?
On Friday, February 18, 2011 02:54:38 pm Ray Van Dolson wrote: > In an industry where one-man companies are not uncommon, you learn to > never read too much into titles. :) True enough. While my title is 'CIO' it probably should be 'IT Department' as I only have a consultant and a group of volunteers to help me out. But the title does open doors that other titles would not open, in those venues where such things count. Bob Hawkins at EMC calls me 'Mr. Make-Do' and I have been tempted to get some cards printed with that title on them On tech lists I find the title to be more of a negative, since the word 'suit' ends up being bandied about.the only time I wear a suit is when the occasion demands (like the Lieutenant Governor of North Carolina is visiting). Otherwise it's mostly 'business casual' and even jeans, depending upon what I'm doing that day. In any case, that's one reason I typically drop the .sig completely on this and other lists, unless the situation warrants. The problem with being essentially a one-man IT department (or a one or two or three man distribution release team) is that can create bottlenecks. And I've found that having help doesn't always reduce the workload or make the work go faster, and I'm sure Karanbir and Johnny and the others doing the release (you know who you are) would agree. Or, to pull out the standard computer science / information systems reference, read 'The Mythical Man-Month' and get enlightened. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any update on 5.6 / 6?
On Friday, February 18, 2011 03:36:58 pm Ray Van Dolson wrote: > Obviously always exceptions but as you alluded to, "know your > audience" is a good rule of thumb. Public Speaking 101. Also 'Linux Distribution 101' in reality; the CentOS audience consists largely of those wanting as close to upstream EL as is possible without the associated monetary costs. CentOS meets a very definite need for, and has a very distinct audience in, those who must have binary-level compatibilty with the upstream EL, bugs and all. And I would hazard to say that most, if not up to 90%, of CentOS users have zero desire for 'release early, release often' but prefer 'release correctly, and release infrequently.' For my servers, I distinctly prefer the latter, since I do run things that require EL binary compatibility and would be seriously problematic were they to break because of an update. If 'release early, release often' is your motto, but you still want EL binary compatibility, then SL is going to be more your thing. If you want bleeding edge and everything fully upstream up to date, give Fedora a whirl (and it'll make you dizzy, which might be a good thing (I run Fedora on my laptop, for instance...)). And those who want to see how things are done in Fedora, the complete process is documented in depth in the Release Engineering SOP wiki page at http://fedoraproject.org/wiki/ReleaseEngineering/SOP For that matter, if you wanted to re-compose an EL6 rebuild, you would actually find it highly educational to do it the Fedora way, since EL6 is somewhat based on F12. The scripts for Fedora are there, and the procedures are there; have fun! The SOP's you would be most interested in would be the Mass Rebuild and the Compose. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any update on 5.6 / 6?
On Friday, February 18, 2011 01:39:48 pm Farkas Levente wrote: > and please don't ask me to why. just to mention some very basic thing > where is the mock config files? and i can ask dozens of such questions > (what is did previously and i'm the only only one who send detail > description how to rebuild rhel-6... A mock config for C5 building was posted, to the Centos-devel list, the appropriate place for such. Here's a link to an archive copy: http://lists.centos.org/pipermail/centos-devel/2007-August/001910.html Read through that thread againshouldn't take too long, since there's only two messages. Note the date, and note the posters. For building a 5.6 of your own this should help, along with the el5 buildsys RPM (which only contains requires for the basic buildsys) that's already been posted about. For building a 6 of your own, the Fedora process, while tuned to a much larger project, uses koji and all that entails, is available and completely open (to the best of my knowledge). The Mass Rebuild scripts live at http://git.fedorahosted.org/git/?p=releng Note that a full koji is fully required by those scripts, but there they are. Far more than just a simple mock config.but that's because of the size of the project, and the fact that it has a distributed build system. There is plenty of documentation on how to do a Fedora rebuild yourself on the Fedora project wiki. And, not to beat a dead horse, but EL6 is based off F12, and thus, once you have comps and a few things, in theory the Fedora infrastructure, loaded with all the buildrequires (a larger package set than the distributed SRPMS) for EL6, would churn out EL6 builds and composes. Now, I mentioned the build requires. Poking around in my local copy of the 6rolling tree of SL, I find that there are packages required to build SL6 that are not part of SL6, and live in a separate directory ( ftp://ftp.scientificlinux.org/linux/scientific/6rolling/build/ to be specific). I don't see the mock config or build scripts, however; perhaps I'm not looking in the right place. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BInd Problem or Update SSL ?
On Friday, February 18, 2011 04:15:28 pm Always Learning wrote: > > From: Larry Vaden > > Our site running Centos 4.8 and 5.5 name servers was hacked with > > the result that www.yahoo.com is now within our /19 and causing > > some grief. > > Don't understand what you mean by 'within our /19'. I think I do; he's an ISP, and apparently someone inside his address block (the CIDR notation /19; his actual block is publicly found by doing a quick nslookup of his domain name, noting the IP address of the DNS server(s) listed, and then a whois of the IP address of the DNS server(s). His /19 shows up) has hacked in some way the zone file(s) or the cache for his nameserver so that his customers, who would ordinarily use his DNS server as their recursive resolver, now see www.yahoo.com (among who knows what others) as pointing to a different address, the one inside his /19 (which I hope he has tracked and duly removed in grand Texas style), for the purpose of phishing. Now whether this was done by actually hacking into his DNS server or by a cache poisoning attack or what, I don't know since those details Larry hasn't made public. And that's ok. A fully up-to-date C4 or C5 should be covered when it comes to those sorts of things, but to prevent such things I would recommend to Larry that he use the great iptables tools that CentOS provides, or use some other iptables configurator, or simple hosts.allow and hosts.deny, to restrict the addresses that can actually ssh into his server, and only allow port 53 UDP and TCP traffic into and out of his DNS servers to his cutsomers. If he has routers/switches with access lists I would apply those as a second layer of traffic filtering, going both ingress and egress relative to his DNS server. A DNS/BIND vulnerability alone won't kill you, other than the previously mentioned cache poisoning attacks (and those are mitigated with other well-known techniques); it's the TCP connection from the vulnerability shellcode back to the attacker's box that is the killer, and that's what the aggressive iptables/acls will do for you. Hmmm, the Bastille hardening script might help you, but I don't know that for sure. DNS servers should only serve DNS, and the only other connections in or out should be tightly controlled. Easier said than done, especially with limited staff and funds, I know, but still the best practice. I say that having had a DNS server hit, on May 1, 1998, with a BIND 4 vulnerability. Got a quick education on BIND best practices, even though it is sometimes is tempting to 'do it later' ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BInd Problem or Update SSL ?
On Saturday, February 19, 2011 12:57:40 am Larry Vaden wrote: > Through this experience, > starting with a hacked or poisoned name server, or, quite frankly, the > perception of one, I have learned what people really see. Having a server hacked is one of the worst things that can happen in IT; not of course as bad as a real heart attack, for sure. Having a server hacked puts you in a wierd mindset, most certainly. If your server was really hacked, I'd start from scratch, and set the new one up more defensively. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] BInd Problem or Update SSL ?
On Saturday, February 19, 2011 01:51:55 am Larry Vaden wrote: > My trust in RedHat went down when I learned they are not shipping all > the SRPMs. Some say it is due to human error. If that is the case, > why should I think they are better at backporting security fixes than > at making sure a manifest of SRPMs is complete and correct? To be fair to Red Hat, it might be different people doing the backporting than are responsible for the packaging. Might not, but might be. And for their purposes a missing build requirement package isn't really a bug, since it builds fine for them, and they get the patched package out to their customers. And their customers won't typically be rebuilding from source RPM. So, like in any other job, the less important tasks and issues go to the bottom of the list, while the more important 'get the deliverable to the customer' takes top spot. They have finite resources; they're going to use those finite resources frugally, and thus stay in business (which everybody using CentOS should want them to do). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Any update on 5.6 / 6?
On Tuesday, February 22, 2011 11:25:45 am Brunner, Brian T. wrote: > We strive to present to the world a BUG-FOR-BUG-IDENTICAL distribution > of the corresponding RHEL release. That's pretty well covered by the line on that page saying: "Under normal circumstances CentOS will NOT add patches to original upstream source packages." ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] security cameras
On Thursday, February 24, 2011 08:25:35 pm Chuck Munro wrote: > Open-source software such as ZoneMinder works with cameras from several > manufacturers, and runs on CentOS. I personally haven't tried it, but I > understand it works well. I'm running a zoneminder instance on CentOS 5 under VMware ESX now; there are a few caveats. First, I didn't find RPM's for ZoneMinder for CentOS for the current version of ZoneMinder. For F12, F13, and F14 they're out there, but niether EPEL/RPMfusion nor RPMforge has them that I could find; but I didn't look in any testing repos, just the production stable ones. Even ATrpms doesn't package ZoneMinder for C5. So I built from source. This has some odd dependencies, for a specific version of libraries needed. It builds ok, but it does take some work to do. I'm tempted to take the Fedora source RPM and try it, one day when I have time to do that, as it will likely need some patching (but I'm not sure of that, since I haven't tried it). Once built and the database configured and the schema loaded, it works fine. However, if you're using a lot of IP cameras and a high frame rate, you need a lot of CPU power. If you set the frame rate to 1 frame per second the CPU utilization with eight or nine cameras isn't too bad; trying to do 5-10 frames per second takes nearly 100% of a dual vCPU VMware ESX instance on our Dell PE6950's (four 2.8GHz dual-core Opterons). ZM can take all kinds of video inputs; it can even 'chain' to another zoneminder instance as if the other zm instance was an IP camera. So you could build a multichannel NTSC or PAL video capture box for cheap CCTV cameras (monochrome CCTV cams with C or CS-mount interchangeable lenses can be had for way less than $100 each), and then chain that to another zoneminder. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] can't create large LVM, even though pvscan shows enough space left
On Friday, February 25, 2011 08:15:34 am Rudi Ahlers wrote: > [root@francois-pc ~]# lvcreate -L 500gig -n 500G freenas > Insufficient free extents (127999) in volume group freenas: 128000 required > How do I actually create a 500GB volume? try lvcreate -l 127999 -n 500G freenas The default '500G' size is 12,800 extents, but you only have 12,799 extents free; which gets rounded *up* to 500G by the free space display. And that's a lower-case 'L' option, not an upper-case 'I' option. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] VMware (was Re: current bind version)
On Friday, February 25, 2011 11:04:23 am Les Mikesell wrote: > RHEL5 was never a 'supported' > platform, so a stable module wasn't included. According to VMware's documentation, RHEL5 was and is a fully supported platform for VMware Server 2.0 (see page 26 of the current 'VMware Server User's Guide' available at vmware.com for confirmation). The binary modules are found, for the x86_64 distribution, in vmware-server-distrib/lib/modules/binary/bld-2.6.18-8.el5-x86_64smp-RHEL5/ VMware Workstation has no issues with the glibc update; VMware is just not properly supporting VMware Server, has nothing to do with Red Hat (Ubuntu is also listed as a supported OS, yet when you do the glibc update that matches the one that causes the issues on RHEL, the same thing happens there). VMware would prefer you run ESX or ESXi instead of 'ye olde' GSX product now known as VMware Server. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualization on the desktop a myth, or a reality?
On Thursday, March 03, 2011 01:20:06 pm Dr. Ed Morbius wrote: > Compare against CIFS/Samba shares or NFS exports bewteen booted > host/guests. You get native filesystem support (under the host/guest as > relevant), and mappings via CIFS/Samba and/or NFS/NIS+. > > The win is still virtualization. There are situations where dual-booting is a necessary thing to do; one of those is low-latency professional audio where accurate timekeeping is required; basically anything that needs the -rt preemptive kernel patches. I actually have need of this, from multiple OS's, and while I've tried the 'run it in VMware' thing with Windows and professional audio applications the results were not satisfactory. There are commercially developed and supported drivers for cross-platform uses put out by Paragon Software; ext[234]fs on Windows and OS X, HFS+ on Linux and Windows, and full NTFS (with lots of utilities) on OS X and Linux. HFS+ would be the preferred filesystem to interchange with Mac OS X, but the in-kernel Linux drivers for HFS have issues; if it's for read-only it's not a problem, but the in-kernel driver is unsafe for anything like a heavy load, with filesystem corruption possible especially when deleting lots of small files. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Centos 6 - What are you looking forward to?
On Thursday, March 03, 2011 03:55:48 pm John R. Dennison wrote: > On Thu, Mar 03, 2011 at 10:11:52AM -0500, Digimer wrote: > > > > How about the rest of you? What are you looking forward to in CentOS 6 > > when it is released? > > The whiners stop whining is what I'm most looking forward to. +10^googolplex ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualization on the desktop a myth, or a reality?
On Thursday, March 03, 2011 03:55:48 pm Les Mikesell wrote: > But you can usually run the one that is picky as the host OS and the > other(s) virtualized. You really don't know what you're talking about in this case, Les. The specific machine that I'm talking about needs access to Harrison Mixbus on OS X with iZotope Alloy, Ozone, and Spectron as AudioUnits, and also access to Ardour (soon Mixbus, once I get some things squared) on Linux with certain specialized LV2 plugins for special tasks. Both environments are time critical. There is also clock sync to outboard processing gear; I'm talking realtime on both OS'es, and virtualization is not a workable option, at least as long as hard realtime under a VM isn't possible. If the iZotope plugins would work as VST's under Linux in a reliable manner I could remove at least part of my need for OS X; well, and once Melodyne for Windows can run under Crossover (haven't tried; don't know). But I still do analysis in Spectre, and that's OS X-only. > Or set up for dual boot, but give your virtual > machine direct access to the partition (VMware can do this - not sure > about the others). Then you only have to boot into the other OS when > you need to run the specific app that doesn't work well in a VM. Again, there are apps on both systems that are needed, and they need to share rather large audio files (multiple tracks of 32-bit floating point audio for many minutes means a number of GB per session). And due to outboard processing, clock sync is a must; in the future, SMPTE timecode will be part of that. And since the workflow between the two operating systems *is* serializable, dual boot is workflow-friendly in this environment, where you might be charging a client significant amounts per hour of time. And it wasn't too awfully hard to set up. And OS X running in VMware Workstation under Linux is rather difficult to do, using direct partition access. Linux/CentOS on VMware Fusion works great, but VMware's timekeeping isn't. > As long as you have access to a network, just connect up a common > nfs/samba share from some other machine. No. That specific machine is not networked, to reduce IRQ load. Every IRQ that can be turned off is turned off. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualization on the desktop a myth, or a reality?
On Thursday, March 03, 2011 04:04:42 pm Rudi Ahlers wrote: > Although it's not there yet, I'm sure we'll get there sooner than expected To be fair to VMware Fusion on OS X, the graphics acceleration is fantastic, running Windows 7 in full Aero mode with no problems. But it still can't keep accurate time. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualization on the desktop a myth, or a reality?
On Thursday, March 03, 2011 04:24:14 pm Dr. Ed Morbius wrote: > I think I addressed that reality. Part of it, yes. > For some needs, you need to be on > bare metal, though whether this is accomplished via multi-booting or > multiple systems (if you're doing professional music editing, presumably > you can justify a dedicated system to that task). It's not the computer portion of a separate dedicated system that would be expensive; it's the audio interfaces, patching, and control surfaces. Much much much easier to dual-boot in a workflow-friendly fashion. It would be decidedly nice to have virtualization running well enough to handle all the needs; but it requires twice the capacity machine to do it. > What surprises me is that there aren't more systems available which > provide separate bare-metal computing environments within a single > enclosure, perhaps with some form of shared storage, perhaps just > integrated networking, to provide this sort of need. We see this in > server space (blade and multi-system enclosures) but rarely if ever in > consumer space. I've thought a bit about options; a ClearCube-type setup might work, and used units aren't expensive. Don't know if blades are available with the expansion options needed, though. Need a PCI slot at minimum. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualization on the desktop a myth, or a reality?
On Thursday, March 03, 2011 04:44:58 pm Les Mikesell wrote: > So there are actually apps that work in Linux that aren't available for > OS X? Yep. For one example, there are the LinuxDSP plugins. There are others. > I'm kind of surprised that a local disk controller would be better in > that respect than a network card. Can be, depending upon the controller's chipset. Networking has somewhat non-deterministic characteristics, even for small networks. And, if you don't need networking to get the job done, why have it? And don't believe what the IRQ-steering docs say; sharing IRQ's with audio interfaces in not going to be reliable (been there, done that, got the ALSA xruns to prove it), at least not the last time I tried it. By cutting out devices completely that need IRQ's, you can gain some control over what IRQ goes where, in terms of the physical PCI slot, that leaving interfaces enabled 'Just Because' will complicate. In one specific example, disabling the ethernet interface on the motherboard of one particular machine, along with some of the other devices like the onboard sound card and modem, I was able to get the video card (nVidia) off the IRQ the audio interface's PCI slot (newer motherboard; only one regular PCI slot in a location conducive to the audio interface) had to have ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] virtualization on the desktop a myth, or a reality?
On Thursday, March 03, 2011 06:55:56 pm Dr. Ed Morbius wrote: > I thought a bit about that when posting earlier. I still disagree WRT > dual-booting. And no, virtualization doesn't need twice the hardware by > a long shot (aggregated load averaging, shared componentry, and a host > of other savings). It needs twice the CPU and twice the RAM to work in a reliable manner for professional low-latency audio production. The DSP in Harrison Mixbus alone needs one whole CPU core pretty much dedicated to it alone; and that's just the DSP engine, and doesn't count the Ardour-based user interface; two cores is a minimum requirement to run Mixbus, as stated clearly on Harrison's website, and as verified independently by myself and others. Otherwise you get xruns, and xruns kill your quality. Not to mention the fact that the GTK GUI goes into erratic comas when you try to single-core it (even with a very fast core this is the case). Don't get me wrong; I have tried this with virtualization; it simply does not work at the latencies required when the track count gets higher. It just doesn't work; xruns will find their way into the audio. And that's on both the host and the guest; guest load can cause the host to xrun. They are after all still sharing the same bus or PCIe fabric, and high track counts at low latency already heavily stress the PCI bus and 1x PCIe lanes, for the audio interface and for the disks; do the bandwidth calculation for yourself for 32 tracks at 96kHz sampling at 24 bits from the audio interface and 32-bit floating point to the disk. And that's bidirectional. So if I'm running two instances of Mixbus, I need a minimum of four cores, and the memory balloon driver that's typically part of the guest's virtualization tools package can cause more problems that it's worth (I'm fighting this now with CentOS 4 (32-bit) under VMware ESX 3.5U5 on a server; I'm getting oom-killer hitting (typically it takes out clamscan, one of the antivirus engines I'm running on that server) after a couple of weeks of uptime, and after eight to twelve hours of oom-killer hitting, the root filesystem goes read-only and a hard reboot of the guest is required to recover; once I get some data on why, I'm going to file a bug report, since it started about two months ago after a long time of reliable uptime; perhaps a kernel or a glibc or a clamav (not in the CentOS repositories, third-party) update destabilized something, but I don't have enough data to be helpful yet). > Audio's pretty easy, as you could select between sources and output (or > input) accordingly. Low-latency audio isn't easy on Linux even on bare metal; I'm talking low-latency audio, where you're overdubbing material and need sub-50ms delay between inputs and outputs. I'm running a Tascam US-224 and a US-428 in the special raw USB mode and have achieved 11ms latencies, but that isn't easy. The preemptive kernel is required for this, and accurate timekeeping is required for this; you even have to turn off CPU frequency scaling to get it to work correctly as the latency goes down. And the audio latency has to be consistent; one reason pulseaudio is typically tossed out completely and JACK is the audio server of choice. And I'm not talking about a small number of ins and outs; with RME Hammerfall equipment and outboard converters you could easily have 32 or more tracks in and that many out running concurrently. You could have Ardour/Mixbus running 40 tracks with 8 or 16 or more recording while the others are playing in an overdub session, and latency must be hard-realtime controlled (otherwise the performers doing the overdub are going to strangle the engineer). Since the DSP plugins are running in real-time as well, you end up with quite a load, and it has to be hard realtime when you get to that many tracks. CentOS is used quite heavily in these circumstances, incidentally, because of the history of reliability and solid version stability; the hard part becomes getting newer versions of software running. The other application I thought about last night is NTP stratum 1 and 2 disciplined clocks where the 1pps output from a GPS receiver is used along with the timecode coming down the serial. I have yet to find any virtualization solution that keeps well enough time to be an NTP server at all, much less stratum 1 or 2. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Updating hardware clock from cron
On Friday, March 04, 2011 03:54:21 pm John R Pierce wrote: > just setup NTP and forget about it, and it will always work right, > unless your system is really badly broken, whereupon, it would be better > to fix it than to continue to hack around like this. For the sake of the archives, VMware guests should be set to sync from the host using the VMware tools functionality, and then the host should run NTP, even and especially on ESX. VMware timekeeping in the guest can be made worse by running NTP inside the guest. This is a well-known VMware issue, and is covered in depth on the VMware knowledgebase. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Updating hardware clock from cron
On Friday, March 04, 2011 04:05:43 pm m.r...@5-cent.us wrote: > Excuse me? The last time I was following this closely, and I think the > last time I looked, about a year ago, they said the opposite, that the > guest, if running Linux, should use ntp. > > Right: > NTP Recommendations > Note: In all cases use NTP instead of VMware Tools periodic time > synchronization. Also, you may need to open the firewall (UDP 123) to > allow NTP traffic. > at Argh, they've changed it. Last I read that page the recommendation was opposite to that. Although I remember the clock=pit part of that, and the divider=10 piece But I remember a couple of years ago reading the opposite about NTP Oh well, just goes to show that best practices change, although I have had fairly good results from VMware with the VMware tools sync, where I did not at that time have good results with NTP in the guest. On ESX 3.0.x and later ESX 3.5. Well, time to go redo some things, I guess. We have a GPS-disciplined physical box as one of the three NTP masters we use ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Will CentOS become obsolete now because of the changes Red Hat is implementing?
On Saturday, March 05, 2011 05:07:10 am Rudi Ahlers wrote: > Can any of the CentOS team please comment on this? One did, and he's quoted in the article referenced. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server hangs on CentOS 5.5
On Tuesday, March 08, 2011 04:44:54 pm Dr. Ed Morbius wrote: > I'd very strongly recommend you configure netconsole. Ok, now this is useful indeed. Thanks for the information, even though I'm not the OP While I suspected the facility might be there, I hadn't really dug for it, but if this will catch things after filesystems go r/o (ext3 journal things, ya know) it could be worth its weight in gold for catching kernel errors from VMware guests (serial console not really an option with the hosts I have, although I'm sure some enterprising soul has figured out how to redirect the VM guest serial port to something else). ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server hangs on CentOS 5.5
On Wednesday, March 09, 2011 03:24:48 am Leen de Braal wrote: > While you open the case, check for the bulging capacitor problem. > Will have the effect you describe, freezing up the system so that even > bios routines don't work (your fans). > If that's the case, replace mainboard. I've seen capacitor problems in the past, and they can be rather interesting. What the caps do is open up (electrically speaking) meaning they no longer can smooth out the ripple in the output of the switching regulator; this ripple is very high frequency due to the switching regulator's design. As the CPU draws more current (which happens when it's loaded, of course, since MOS gates by design consume the most power during the switching period (capacitor charging time constants on the gates of the transistors themselves)), the switching regulator has to supply more current, and if the caps are open they can't smooth out the deeper ripple. I actually had one motherboard blow two caps; one of the cases of one of the blown capacitors was violently ejected off of the 'guts' of the cap, hard enough that it dented the PC's case from the inside. The PC kept running, until it was put under load, then it would lock up. When the second cap blew, about an hour later, the PC hung; it would power up and run POST, and even run the BIOS setup's memory check and health check, but as soon as the CPU was shifted into protect mode as the OS booted it would hard hang due to the CPU's increased current draw overwhelming the ripple absorbing capacity of the remaining good capacitors on the CPU's switching regulator. There's really only one way to determine this, and that's by putting an oscilloscope on the CPU's power supply output rails and looking for ripple while running a CPU burnin program. The hard part of that is actually finding a good place to measure the output, thanks to the typical motherboard's multilayer design. And while with the proper desoldering equipment and training/experience one can re-cap a motherboard, I would not recommend doing so for a critical server, unless you want and can assume personal liability for that server's operation. Better to get a new motherboard with a warranty. For a personal server that if it breaks isn't going to open you up to personal liability, sure, you can re-cap if you'd like and have the patience, time, equipment, and experience necessary to work on 6 to 8 layer PC boards, with may be soldered with RoHS lead-free solder, which requires special techniques. Otherwise, as you said, you can damage the 'vias' (that is, the plated through holes the capacitor leads solder to, which may be used to connect to internal layers that you can't resolder) very easily. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server hangs on CentOS 5.5
On Wednesday, March 09, 2011 10:16:34 am Brunner, Brian T. wrote: > This would be far cheaper than the time spent troubleshooting the > running (sometimes hanging) system. Let me interject here, that from a budgeting standpoint 'cheaper' has to be interpreted in the context of which budget the costs are coming out of. New hardware is capex, and thus would come out of the capital budget, and admin time is opex, and thus would come out of the operating budget. There may be sufficient funds in the operating budget to pay an admin $x,000 but the funds in the capital budget may be insufficient to buy a server costing $y,000, where y=x. And if this is an educational institution, and there are grants involved, it may be the reverse situation. So 'cheaper' only has meaning when the costs are coming out of the same budget. So, yes, while it's easy for a single-budget entity to make this decision, it's not so easy when you have multiple budgets involved with different spending parameters and different funding entities. > Starting with RAM and Power Supply is not random ... They're "The Usual > Suspects". This is a very true statement. Heat and airflow are two others. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server hangs on CentOS 5.5
On Wednesday, March 09, 2011 10:48:29 am m.r...@5-cent.us wrote: > Lamar Owen wrote: > > Heat and airflow are two others. > Hmmm... has the a/c been changed lately? Or maybe stuff outside the rack > been moved, and so obstructed the airflow? To followup a little, I had a motherboard one time, with a factory-installed CPU, heatsink, and fan, that would not run for more than four or five hours before hanging. This motherboard was in a system that was donated to us as being 'flaky' so I don't know the warranty status or what the original owner had or had not done, but it did have a factory seal sticker strip between the heatsink and the CPU and the motherboard socket, and that sticker was tamper-evident type, and there had been no tampering. I decided I would refresh the heatsink compound, and, since even if it were still covered by the warranty that would have only been valid for the original purchaser. So I pulled the sticker strip, which left little 'voids' on things, and pulled the heatsink. At that point I laughed so hard I cried, as the heatsink still had the clear plastic protector film between the CPU and the heatsink compound. From the factory. I pulled the film, reinstalled the heatsink, and that system is and has been for several years rock-solid stable. The issue of dust buildup follows from the heat and airflow. There is another potential culprit, though, especially if this system has been in a raised floor environment, that some might find odd. That culprit, or, rather, those culprits, are zinc whiskers. Also, the metal components in the electronics themselves can exude whiskers; see the wikipedia article on the subject for more information ( https://secure.wikimedia.org/wikipedia/en/wiki/Whisker_%28metallurgy%29 ) ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server hangs on CentOS 5.5
On Wednesday, March 09, 2011 11:45:06 am Les Mikesell wrote: > And if you are running Centos the one thing you > don't need is to pay for extra licenses to cover the backup/development > instances. And this is significant, and really highlights the reasoning of the CentOS team in 'bug-for'bug' binary compatibility with the upstream EL. That is, in your hypothetical 'three of everything' approach you'd run a fully entitled copy of the upstream on the production unit, and save costs by running CentOS on the backup and the backup backup. This is another fine financial point, and I'll not use the semi-derogatory 'bean counters' thing, because some money really is cheaper than other money, and I'm not making that up, it is reality. In particular, capital can be donated, but rarely will opex be donation-driven. I have quite a bit of donated capital here, capital that I don't have replacement capex budget for. Also, many grants are awarded with 'capex-only' stipulations in the awards; it is a violation of the grant agreement to use that grant money on opex. Likewise, there are some grants that have exactly the opposite stipulation, and there are a few that have both, and have further direct versus indirect opex stipulations. The point is that CentOS saves on opex; not personnel opex, but subscription opex. Support subscriptions are opex, not capex. And while that fine of a point might be lost to some, it is a point I deal with on virtually a daily basis. I literally have to think about that distinction, and the various grant stipulations for monies that fund my salary, when filling out my biweekly timesheet; though salaried I am, that salary is funded between several grants, and most of those have different direct versus indirect cost budgets. And helping keep things simpler is something that CentOS has helped me in significant ways. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] kernel vulnerabilities
On Wednesday, March 09, 2011 11:48:55 am Peter Kjellström wrote: > The kernel you're expecting is not an update for 5.5 but a part of 5.6. 5.6 > (along with 4.9 and 6.0) is currently being built and tested by the CentOS > team. Minor correction: 4.9 is released: [root@localhost ~]# cat /etc/redhat-release CentOS release 4.9 (Final) [root@localhost ~]#uname -a Linux localhost.localdomain 2.6.9-100.EL #1 Fri Feb 18 01:29:32 EST 2011 i686 athlon i386 GNU/Linux SL has also just released their first alpha for their 4.9; see the SL lists for more information. CentOS took the path of getting the updates for 4 and 5 done before 6; thus CentOS 4.9 is fully out there now. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Server hangs on CentOS 5.5
On Thursday, March 10, 2011 05:35:29 am Rudi Ahlers wrote: > I prefer to use a dust blower instead. It doesn't risk pulling loose > components with "dry" or loose "soldering" I use both: antistatic canned air to blow the dust and a metal-tubed vacuum rested on a part of the case away from any boards to grab the dust that's being blown. Works great, and you don't 'recycle' the dust. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Admin stuff
On Monday, March 21, 2011 05:55:48 pm Alain Péan wrote: > Le 21/03/2011 22:53, Greg Bailey a écrit : > > On 3/21/2011 2:52 PM, m.r...@5-cent.us wrote: > >> Is there something odd going on? The question about the errors in mcelog > >> just showed up *again*, and it's the original that I answered this > >> Is anyone else seeing this, or is it my host's mailserver? > > I'm getting lots of repeated mailing list messages as well... > Same thing. Whew, glad I'm not the only one seeing it. I have been working on the amavisd-milter setup here (a sharp increase in spam level to one person here; went from a few spam per day to 10-15 spam per *minute* this afternoon) and was somewhat concerned that I had broken something pretty badly ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Duplicate Mails
On Monday, March 21, 2011 07:53:04 pm Max Hetrick wrote: > If anyone is using Thunderbird, there's a handy add-on called Remove > Duplicate Messages on Mozilla's add-on site. As a pointer, the kmail I'm using, from within Kontact, also can do de-duplication; click 'Folder' then 'Remove Duplicate Messages.' Ctrl-* is the listed keyboard shortcut. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Some relevant information
On Wednesday, March 23, 2011 09:56:34 am Nico Kadel-Garcia wrote: > Understood. I'd like to replicate or examine the error. "Building it > yourself", without that access to your unique build environment or a > way to gracefully replicate it, represents dozens or hundreds of > man-hours for each contributor who'd like to help. That's a little > hard to do right now. He's given out his build system requirements. Last I saw it was 'C5.5 fully updated' (which I take to be 'with all the current public updates') but, no, you can grep the archives for yourself for the mock version he said. I read that message; it gave enough information to get started. And to replicate the error you have to do the work; there is no shortcut, and if you don't have time to put that many hours into it (like me; I don't have that kind of time right now either) then you can't replicate it. Besides, it's already fixed in the C5 tree, so replication is not really useful at the moment, at least not to CentOS, I would think. > Ohh. Then I guess all the "requests for help" in the last few months > were looking for something else? Yes, they were. None of the requests for help I saw included 'help us build or re-tool the buildsystem' as part of the request. Requests were made for help with specific tasks; building or source control for changed specs was not found in any of those requests. If you're going to help someone, you have to help that someone in the areas that that someone wants help; if you go to the auto mechanic and ask for an oil change it doesn't help for that mechanic to go ahead and do an engine overhaul just because the mechanic would rather help by doing an engine overhaul, even if an oil change *is* a side-effect of an engine overhaul. > Fine. Then show *US* how you're doing it. Publish the /etc/mock/ files > you use, He has done this. More than once, now, in the CentOS-devel list. Go read the archives; it's all there. > and provide some visibibility to the bootstrapping you're > allegedly using for CentOS 6, and we'd love to help on this and future > releases. Ok, let's try this again. The bootstrapping of the buildroots is a process that isn't really finished until the last package is built and tested as binary compatible If all the packages aren't built, or if all the packages have not passed QA, then the full bootstrap is not known. Bootstrapping a major version bump for a distribution is a really a one-time event, I would think, and the specifics of that bootstrap likely will not be usable (the general way of going about it will be) as such on the next major version. Bootstrapping a from-source rebuild is at the moment, and as far as I know, the least documented of the steps involved, but at the same time information has been posted as to the initial seed for the rebuild, and for the bootstrapping start point. While I could do the legwork and post the link for you in the archives, I think you should go find it yourself. > The build components in the "build" repository, for example, > are pretty old and clearly out of date. Point us to the current > versions, please! How do you know that those are not the current versions for building and QAing C4.x and C5.x? For C6 they're not going to publish until they have proven working versions. C4 and C5 are old enough and build scripts for old base distributions don't need changing for every release if the old version still works, no? The CentOS developers did not ask for (that I saw, at least) and at this point in time apparently neither want nor need help with the build piece; we have some promises that the process will be better documented for C6, and we'll not see that document until it is known that the process works to a fully-released conclusion. So hold on to your hat, be patient, and wait on the release or go build it yourself for already published documents/e-mails. It is doable. Once you do it be sure to publish your results. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing IMA (Integrity Measurement Architecture) on CentOS 5.5
On Thursday, March 24, 2011 07:46:11 am Andreas Calvo wrote: > I'm trying to install IMA (http://linux-ima.sourceforge.net/) on > CentOS 5.5, but the shipped kernel does not support it. > One solution is to install a 2.6.30 kernel, but I don't really like this idea. > Does anybody has tried to install it? You could rebuild the RHEMRG RT kernel from source RPM, which is a 2.6.33 kernel: ftp://ftp.redhat.com/redhat/linux/enterprise/5Server/en/RHEMRG/SRPMS/kernel-rt-2.6.33.7-rt29.55.el5rt.src.rpm ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Installing IMA (Integrity Measurement Architecture) on CentOS 5.5
On Thursday, March 24, 2011 10:30:43 am Akemi Yagi wrote: > Building and installing the RT kernel is a bit involving. Yep, but it is an upstream-supported option. I've been working with the CCRMA RT kernel for a long time now in professional low-latency audio, so the RT kernel and I get along ok. > If what is > needed is a newer version of kernel, I suggest giving ELRepo's > kernel-ml a try: Ok, that's good information, and thanks for pointer, as I wasn't aware ELRepo had such. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Remote-logging nginx? (or other non-syslog-enabled stuff)
On Thursday, March 24, 2011 04:23:38 pm Dr. Ed Morbius wrote: > I'm looking for suggestions as to a good general method of > remote-logging services such as nginx or anything else which doesn't > support syslog natively. logger It's part of util-linux, and should be on every CentOS box, unless something is bad wrong It can take its stdin and syslog to any loglevel and facility, and can do so over any socket. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Remote-logging nginx? (or other non-syslog-enabled stuff)
On Thursday, March 24, 2011 04:44:00 pm Dr. Ed Morbius wrote: > on 16:35 Thu 24 Mar, Lamar Owen (lo...@pari.edu) wrote: > > On Thursday, March 24, 2011 04:23:38 pm Dr. Ed Morbius wrote: > > > I'm looking for suggestions as to a good general method of > > > remote-logging services such as nginx or anything else which doesn't > > > support syslog natively. > > > > logger > > I'm familiar with it. Have you tried it? Prior to PostgreSQL supporting syslog I used it to pipe PostgreSQL output to syslog. Worked fine. > So: as part of a robust production system solution, how would I, say, > avoid retransmitting old log data? Timestamps, good NTP setup, and log deduplication. Better to have retransmitted than to never have transmitted at all. Or, in the specific case of nginx, use the syslog patch from Marlon de Boer. But nginx is not in the CentOS repos that I can see; logger is, however, and the general usage of logger in the CentOS context would be on-topic. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Remote-logging nginx? (or other non-syslog-enabled stuff)
On Thursday, March 24, 2011 05:37:41 pm Dr. Ed Morbius wrote: > on 17:14 Thu 24 Mar, Lamar Owen (lo...@pari.edu) wrote: > > Prior to PostgreSQL supporting syslog I used [logger] to > > pipe PostgreSQL output to syslog. Worked fine. > I haven't, looking at it. It is one option that is definitely in vanilla CentOS. > OK. Any pointers on configuration are greatly appreciated. Docs, etc. Whew. Large scale remote syslog operation is a large subject; I've never had anything large-enough scale to need more than logwatch or site-grown scripts to do processing. The biggest thing to do is set up NTP and have three reference time sources (three so that if one is wrong you know which one). Otherwise, log correlation is impossible. > Yeah, we're aware of that (I mentioned this in my first post to the > thread). Yep, that you did. > We've got a locally-compiled version of nginx, so patching isn't out of > the question. Just looking at all our options. While CentOS doesn't provide nginx itself, it does provide tools for dealing with logs; I saw several things doing a 'yum list | grep log' (I know there's easier ways of doing that; that's just the way I prefer to go about it). Also try grepping a yum list for 'watch' as I remember some logwatching stuff. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Remote-logging nginx? (or other non-syslog-enabled stuff)
On Thursday, March 24, 2011 06:52:24 pm Dr. Ed Morbius wrote: > Right, and the general solution also generalizes to other tools. > Postgresql (which we aren't using currently) also has its own log > handler (a small frustration of mine with the database). PostgreSQL has had syslog support since version 7.x, with programmable facility information in /var/lib/pgsql/data/postgresql.conf. It's commented out by default; looking at a C4 server that has 7.4.30: #syslog = 0 # range 0-2; 0=stdout; 1=both; 2=syslog #syslog_facility = 'LOCAL0' #syslog_ident = 'postgres' (I don't have syslogging enabled for that box for PostgreSQL) Sometimes it's still nice to see the stdout and stderr, though. And I don't recall when or if remote support was added; 7.4 was the last version I actively maintained the RPMs for, and the 8.x databases I have running aren't using syslog. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] The delays on CentOS 5.6 are causing EPEL incompatibilities
On Friday, March 25, 2011 09:55:34 pm Nico Kadel-Garcia wrote: > I'm speaking up for our CentOS repackagers here. That kind of > bootstrapping takes cycles and practice, and double checking. In > theory, they could. Our CentOS rebuilders have exposed a few > dependencies for which the SRPM's are not published (and which our > favorite upstream vendor is fixing them, but they *don't have to!!!*. > That's not part of a GPL license, it's just good free software > practice.) Let me speak up for our CentOS devs too, as the upstream doesn't have to bootstrap in this way. Their bootstrap dates from Mother's Day. Fedora likewise; they have a previous version, and rolling binaries that are pretty well depsolved already. The rebuilders are the ones who have it more difficult, as they have to reproduce a build sequence from a known snapshot point (the last public beta). And the *distribution* as a whole is not covered by the license you might think it is. Les, the upstream source RPMs aren't even the "source source" for the upstream build; SRPMS are just a by product of the build of the binaries from source in an SCM (managed by Red Hat's koji), and in theory, given the same identical environment that built the upstream binaries they will re-build to the same binary. The environment is the hard thing to replicate, since it is a moving target, and each build changes it slightly. It's questionable if upstream could exactly replicate it from their own source RPM's without significant effort (that is, outside of koji). To their credit they fix those sort of bugs in due time, but as mentioned they are not bound by any license to do so, since the binary build environment isn't part of the 'source code.' Karanbir and Johnny have both posted at length about this issue; Russ as well. What's interesting is the length of time it's taking SL as well to get 4.9 and 5.6 out in GA, as well as CentOS with a GA for 5.6 and 6.0. It seems to be pretty soon due, at least 5.6. As it stands, SL has a GA 6.0, and CentOS has a GA 4.9. I like many others am waiting for that middle piece, a GA 5.6. But I'd rather have it correctly done than quickly done if I have to choose. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] {OT] Re: Installing IMA (Integrity Measurement Architecture) on CentOS 5.5
On Friday, March 25, 2011 03:35:29 pm Les Mikesell wrote: > If 'get there' is defined as all redundant copies being in a consistent > state, then you'll fail at this point in transactional mode in the > fairly likely event that you have a network blip between the db master > and slave(s) or one of them is down. Puh-lease. TCP has solved that problem; look into the new algorithms and techniques PostgreSQL 9 brings to the ACID table. Networks at layer 3 are expected to blip; TCP at layer 4 makes it a reliable stream. Or if it goes down both endpoints know it went down, and the database engine has a choice whether to abort and rollback or wait on a retry. Replay write-ahead logs are another way to deal with this. ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
