[CentOS] Where are the CentOS 6 security updates?
Today is September 3, 2011. There are no _any_ CentOS 6 security updates for a month (during August). And at the moment, the usage of CentOS 6 as a server platform is irresponsible risk (just for example - there is an uncovered httpd DoS, the same is for Samba, e.t.c). And more and more people start to realize that there is practically no (security) support in CentOS 6. Just look at centos-annou...@centos.org - the only supported version of CentOS now is ... 4, which is almost at its "end of life"!!! How is it possible? How can I advise people to use CentOS in their business and make donations? Maybe I should ask them to pray for updates or so? Do You realise how critical is the situation now? Maybe you should think on what the words "Enterprise" mean. Or maybe You should think how to get back the lost confidence, because too many people now think that CentOS is no more enterprise distribution, not at all! ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] [solved] ICMPv6 messages of type RS
Dear Helmut, Sorry for this letter. I want just to make some aspects of the problem more clear. Joining all-router multicast group is a kernel option. Your host send Router Solicitation requests (it's ICMPv6 code number 133) to the all-routers multicast group. Sending of RS is controlling by the kernel options through sysctl: $ sysctl -a | grep net.ipv6.conf.default.router_solicitations The default number of router solicitation messages to send is 3. You can change it to 0 to disable RS if you want: # sysctl -w "grep net.ipv6.conf.default.router_solicitations=0" and write this option value to /etc/sysctl.conf if You want to preserve the value after the system reboot. There are possibility to manage sysctl via Avahi. There is some security reasons in support of disabling RS in the kernels of Your workstations, esp. if You use unmanaged ethernet switches or managed ones without multicast group management. Where is the problem? It could be almost IPv6 disaster to enable ipv6 forwarding in more than one of Your local stations or servers, especially if the router-enabled kernel is not on router machine (so called "fake router"). If that scenario happens and some or all of Your stations autoconfigure the fake router local-ling address as a default IPv6 nexthop, they'll lost their IPv6 connectivity. I'll recommend You not to use statefull or stateless auto-configuration unless You can manage the access to You multicast groups in the local ethernet. DHCPv6 (as a statefull host configuration) do not solve the problem with fake routers - it uses RS do discover the router too. Best regards Vesselin On 09/06/2011 05:33 PM, Helmut Drodofsky wrote: > > > > > > *Von:* centos-boun...@centos.org [mailto:centos-boun...@centos.org] > *Im Auftrag von *Helmut Drodofsky > *Gesendet:* Dienstag, 6. September 2011 16:03 > *An:* 'CentOS mailing list' > *Betreff:* [CentOS] ICMPv6 messages of type RS > > > > Hallo, > > > > as described by CISCO in > > http://www.cisco.com/web/about/ac123/ac147/archived_issues/ipj_7-2/ipv6_autoconfig.html > > > > a router hast to send ICMPv6 messages of type RS to the all-router > multicast group: ff02::1 and ff02::2 for stateless autoconfiguration. > > > > How can I activate this sending in CentOS? > > > > Best regards > > Helmut > > > > > ___ > CentOS mailing list > CentOS@centos.org > http://lists.centos.org/mailman/listinfo/centos ___ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] trouble building an rpm
Dear Jon,
Install the package rpmdevtools from EPEL repository and setup Your own
build tree in $HOME of some non-root user. Please, avoid any builds as
root and don't build package as Your current (desktop) non-root user.
It's good idea to create user for the packages building. Then setup the
build tree in his $HOME directory (execute rpmdev-setuptree).
I wish You success!
Yours
Vesselin
On 09/12/2011 07:00 PM, Jon Detert wrote:
> i'm a newbie at building rpms. I made a few rpms years ago, but can't now
> make one on Centos 5.
>
> In /usr/local/rpmbuild, there are 5 subdirs: BUILD RPMS SOURCES SPECS
> SRPMS tmp
>
> When I type: rpmbuild -ba /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec
>
> I get 'file not found' errors, for paths in /usr/local/rpmbuild/tmp:
> error: File not found:
> /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d
> error: File not found:
> /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/CentOS-cr.repo
> RPM build errors:
> File not found:
> /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d
> File not found:
> /usr/local/rpmbuild/tmp/centos-release-cr-ihc-buildroot/etc/yum.repos.d/CentOS-cr.repo
>
> All i did was to:
> 1) put a tarball in SOURCES,
> 2) put a spec file in SPECS,
> 3) rpmbuild -ba my spec file
>
> Did I miss a step? If not, here's the contents of my tarball and spec file:
>
> The tarball in SOURCES is named: centos-release-cr-ihc-1.tar.gz
> the contents of which are:
> drwxr-xr-x root/root 0 2011-09-09 15:40:01 centos-release-cr-ihc-1/
> drwxr-xr-x root/root 0 2011-09-09 15:39:57
> centos-release-cr-ihc-1/etc/
> drwxr-xr-x root/root 0 2011-09-09 15:40:39
> centos-release-cr-ihc-1/etc/yum.repos.d/
> -rw-r--r-- root/root 523 2011-09-09 15:35:59
> centos-release-cr-ihc-1/etc/yum.repos.d/CentOS-cr.repo
>
> my spec file is /usr/local/rpmbuild/SPECS/centos-release-cr-ihc.spec
> the contents of which are:
> Summary: Package to set up IHC use of the centos-cr repository
> Name: centos-release-cr-ihc
> Version: 1
> Release: 1
> Source0: centos-release-cr-ihc-1.tar.gz
> License: GPL
> Group: IHC-config
> BuildArch: noarch
> BuildRoot: %{_tmppath}/%{name}-buildroot
> %description
> Package to set up IHC use of the centos-cr repository
> %prep
> %setup -q
> %build
> %install
> install -m 0755 -d /etc/yum.repos.d
> install -m 0755 etc/yum.repos.d/CentOS-cr.repo /etc/yum.repos.d/CentOS-cr.repo
> %clean
> rm -rf $RPM_BUILD_ROOT
> %post
> echo " "
> echo "Yay IHC IS Team!"
> %files
> %dir /etc/yum.repos.d
> /etc/yum.repos.d/CentOS-cr.repo
>
> Thanks,
>
> Jon
> ___
> CentOS mailing list
> CentOS@centos.org
> http://lists.centos.org/mailman/listinfo/centos
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos
