-interactive way?
For example password is stored in a file and the bash script will source it
instead of manually typing the password.
Please suggest. Thanks in advance.
See the "PASS PHRASE ARGUMENTS" section of the openssl(1) man page for
the various ways openssl can get a password.
--
Pau
example pxe and kickstart surely works too but my idea is that an
new node perfectly fits in every aspect.
Do you mean something like ceph-ansible?
https://docs.ceph.com/projects/ceph-ansible/en/latest/
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
think I'm fully up to
date.
Am I missing something?
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
al RPM
packaging. The same concept applies to the system level gcc, and
therefore libgcc.
Does that mean there might be, say, a python310 or gcc12 stream?
RHEL 8 does not include Tomcat either, so that is not new.
Heh. I guess I should have looked at that. None of our internal Tomcat
use
the base OS but is also a stream. I'm not
sure how that will work.
As of yesterday, "dnf module list" is pretty sparse. I assume that
will change over time.
So far, my overall impression is that it behaves not too differently
from EL8/CentOS 8.
--
Paul Heinlein
now what you're doing with the "Remi" repository,
since it's an unknown to me. Otherwise, your repository list looks
good to me.
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@centos.o
as
I don't know anything about the remi* repositories, so I can't speak
to them. I suspect the redhat.repo file is nothing but comments, but
you'd need to verify its contents.
Otherwise, your *.repo list looks pretty functional.
--
Paul Heinlein
heinl...@madboa.com
ag on, value.
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
y to figure out where exactly the
'PROFILE=SYSTEM' string gets parsed and replaced, so I can't answer
your specific question.
In my case, I don't use any Include or IncludeOptional statements in
the main httpd.conf; it's all there in one file. Obviously, my
sol
In conjunction with other TLS best practices, these settings seem to
do the trick (read: Qualys likes them), albeit while excluding some
older browsers.
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@c
t yes
ForwardX11 yes
ForwardX11Trusted yes
# network settings
Host *.my.net
Compression yes
IdentityFile ~/.ssh/id_ed25519
# defaults
Host *
Compression no
ForwardAgent no
ForwardX11 no
ForwardX11Trusted no
Protocol 2
# = %< =====
--
Paul Heinlein
heinl...@madboa.co
to
stderr or stdout when you logout of jeff? It's fairly rare, but I've
seen logout messages mess up rsync before.
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
y non-commercial. I gain nothing by you visiting
it -- or ignoring it.)
--
Paul Heinlein
heinl...@madboa.com
45.38° N, 122.59° W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
of cases.
In that case, the libxslt stuff may be what you want:
http://xmlsoft.org/libxslt/
The command-line tool is xsltproc.
Again, it's not easy to use, but once you've built a toolchain, it
will be reliable and fairly easy to modify if the source XML schema
change.
--
Pau
/considerations_in_adopting_rhel_8/index#removed-device-drivers_hardware-enablement
My suggestion is that you try finding a driver at http://elrepo.org/.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.
nt. Suggestions to
ditch OpenStack for OtherGreatSolution will be ignored.)
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
ck
[Failed to connect to mirrorlist.centos.org port 80: Permission denied]
Try using an https:// URL.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
clients that need SSL
Certificates?
FWIW: I use the "easy-rsa" package for that (standard in Fedora, for
RHEL/CentOS 7/8 it's in the EPEL 7/8 repository).
I use the easyrsa package as well. It can be found in the OpenVPN
source code, if you need to download it directly.
--
Paul
e /etc/crypto-policies directory tree
Several applications use these policies, so it's worthwhile to take a
look around.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
y guide, they will prove very stable. If not, then
I'll pour one out for CentOS and look elsewhere.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
nnection modify ens192 connection.autoconnect yes
# start ens192 immediately
nmcli connection up ens192
# = %<
Hope that helps.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
htt
it in order to build v9 and
plv8 projects)
Do you mean the libstdc++-devel package? Or prehaps redhat-lsb-cxx?
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
--dport 22 -s ${GOODIP}/32 -j ACCEPT
iptables -A OUTPUT -p tcp --dport 22 -s 10.0.0.0/24 -j REJECT
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
d not.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
-av -e 'ssh -C' remotehost:remote.file local.file
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
he systemd journal for
its log input by default.
All of the logpath entries in my fail2ban configuration point to
ordinary /var/log/* files. I don't know how fail2ban-systemd repoints
the logpath entries to use inputs from systemd-journald, but I suspect
that's where the mismatch may be
nstall either
PostgreSQL 10 (the default) or 9.6.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
v6, which may simplify things.
Could someone point to a description of working DHCP failover configuration?
I wrote this article a long time ago:
https://www.madboa.com/geek/dhcp-failover/
It worked for me at my last job.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122
0, now 8.1) and CentOS
8 running without difficulty.
I simply made the installation ISO visible to the VM at start time; no
special instructions were necessary to install and re-launch the VM.
I did disable the ksmtuned service, since it does nothing but chew CPU
on a VMWare hypervisor.
-
here think of this?
I usually rely on this list for all things CentOS, so I'd certainly
prefer to see updates for all active CentOS releases published to this
list.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS
mean "Crypto policies"? If so, the update-crypto-policies
utility will probably get you where you want to go.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On Fri, 4 Oct 2019, Paul Heinlein wrote:
Is it possible to mix and match crypto policies using approved tools
in CentOS 8?
Our environment requires a LEGACY setting for OpenSSL so we can
maintain connections with our LDAP servers (which we cannot update
at this time), but I'd
canonical approach if one exists.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
the 'why,' I don't know. Here's the official explanation:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html-single/configuring_and_managing_networking/index#configuring-an-interface-with-static-network-settings-using-ifcfg-files_configuring-ip-networking-with-ifcfg-
pet/ansible/etc -- doesn't work
in that situation.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
spamass-milter can't resubmit a message for each addressee.)
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On Wed, 11 Sep 2019, John Chludzinski wrote:
Ooops! for to:
$ sudo yum install centos-release-scl-rh
Ad-free, non-tracking blog post on using SCL packages:
https://www.madboa.com/blog/2016/08/29/scl-intro/
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122
1 rotate"
Grep for RES_OPTIONS in /sbin/dhclient-script for the gory details.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
I'm not sure if those options are configurable on Mac
and/or Windows workstations.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On Thu, 23 May 2019, Stephen John Smoogen wrote:
On Thu, 23 May 2019 at 16:43, Paul Heinlein wrote:
On Thu, 23 May 2019, Stephen John Smoogen wrote:
I might actually be able to have a workable answer:
alias drf='/usr/bin/df -x tmpfs'
/usr/bin/df \
-x autofs -x binfmt_misc
-x proc -x pstore -x rpc_pipefs -x securityfs \
-x selinuxfs -x sysfs -x tmpfs
:-)
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
> argfile
ls $(< argfile)
I think you're going to need to provide a test case where the quotes
are actually required.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
ents) should be is worrisome
to me. To my eye, something is amiss.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
ied, any new files created within
those directories should inherit the proper ACLs.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
;
E.g.,
[~]$ systemctl status ntpd
● ntpd.service - Network Time Service
Loaded: loaded (/usr/lib/systemd/system/ntpd.service; enabled; vendor
preset: disabled)
It shows the definition file.
--
Paul Heinlein <> heinl...@madboa.com <> http
L on TODO: Invalid argument
-rwxrwx--- 1 heinlein wheel2488 Oct 2 15:13 TODO
If, on the Linux side, I run nfs4_editfacl and do nothing but remove
the 'O' permission symbols, then things clear up.
Has anyone here seen anything like this? My google-fu has failed.
--
Paul He
e text installer and see where that gets you...
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
page.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
sort to it only a couple time.
I've never tried disabling the cache, so I'm no help there.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
system. I don't
know how if you can set up a central instance across several file
servers or if each filesystem would need its own engine.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
ht
}
The service cfengine3.service is inactive at the moment:
# systemctl is-active cfengine3.service
inactive
I have a problem with the definition of the stringlist/slist "info_list". In
some cases it becomes some kind of "undefined" or at least I'm not able to
print it out in a report (in "r1:").
Two related questions:
Is there any chance that some elements of your info_list become larger
than 4K size limit cfengine places on scalar variables?
Similarly, I wonder if the 4K size limit comes into play when a list
is interpolated into a string, as in your r1 report. I'm merely
speculating; I don't know one way or the other.
Plus, I've never tried defining a slist with a comma after the final
element. I assume that works for you, but I'll just note it for the
record.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
cates should be in
individual files.
My suggestion would be to isolate the CA certificate used to sign your
LDAP server certs, install that as a separate file in
ldap_tls_cacertdir, and run cacertdir_rehash to get the hash correct.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
_
on most of the alerts; they'll ask us if it's important. So
we rarely give out sudo on shared systems and when we do there's some
"extreme vetting" going on.
Also, Python has such a mature virtual-environment setup that more
publicly posted instructions are using that rou
Here's the base query I'm testing:
aws ec2 describe-images \
--owners 410186602215 \
--output text \
--query 'reverse(sort_by(Images, &CreationDate))[?starts_with(Description,
`CentOS Linux 7`)].[ImageId, CreationDate, Description]'
--
Paul Heinlein
hein
etc/crontab, but I'm
still having the same problem. At this stage, I've no idea what to try
next. Any ideas?
In your crontab, try
env PATH="$PATH:/root/bin" bash filename.txt
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
d a BIOS update that supposedly fixes the problem,
but I haven't been able yet to travel to the data center to apply and
test the patch. (No RMM modules in this rack, so I can't attach
virtual boot media. Sigh.)
Anyway, that may not be your problem, but it might be wor
ages that correspond to the saslauthd
failures you've noted:
2017-10-17T10:42:39.099125-04:00 mightymite sendmail[7240]:
v9HEgTgp597220: AUTH failure (LOGIN): authentication failure (-13)
SASL(-13): authentication failure: checkpass failed,
relay=[nnn.nnn.n
ot in the fail-down path.
The short-term answer is to specify nfsvers=4.0 in our autofs
configuration files, which works like a charm.
Like I said, this was an announced change, but the implications
escaped us until now. So this little writeup is just for the record.
--
Paul Heinlein
conf isn't terribly difficult, and the
files there are easy to manage. See the tmpfiles.d(5) man page for
details and examples.
Once your file is in place, you can activate it without messing with
other temp files:
systemd-tmpfiles --create /etc/tmpfiles.d/your.conf
--
Paul Heinlein
heinl..
t I sometimes use
a shell script I wrote for naming PXE configuration files on per-IPv4
bases:
https://github.com/heinlein/pxehex
I don't know if it will help in your case, but I thought I'd pass it
along.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W
iles you want available during %post. Of course, that means you'll
have to hack the repo on your USB drive, so it's not really a
lightweight solution.
--
Paul Heinlein <> heinl...@madboa.com <> https://www.madboa.com/
___
n/init.pre. I have no trouble with spf at all.
Is it possible the problem is with local DNS resolution?
--
Paul Heinlein <> heinl...@madboa.com <> https://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On Tue, 18 Jul 2017, Jonathan Billings wrote:
Also, if your researchers can't write code that performs
checkpoints, they're going to be awfully unhappy when a bug in their
code makes it segfault 199 days into a 200 day run.
+1
--
Paul Heinlein <> heinl...@mad
aking this long...?
Unless you specified non-default options, shred overwrites each file
three times -- and writing 27 TB to an old RAID array will be
extremely slow. Also, shred has a builtin PRNG, and I'm not really
sure how speedy it is.
Still, 12 days seems like a really long time...
-
.el7_3.x86_64
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
On Wed, 24 May 2017, hw wrote:
Paul Heinlein schrieb:
On Tue, 23 May 2017, m.r...@5-cent.us wrote:
> hw wrote:
> >
> > are there packages replacing the ancient perl version in
> > Centos 7 with a more recent one, like 5.24? At least the
> > state feature
-perl524-perl
Name: rh-perl524-perl
Arch: x86_64
Epoch : 4
Version : 5.24.0
Release : 379.el7
Size: 6.0 M
Repo: centos-sclo-rh/x86_64
Summary : Practical Extraction and Report Language
--
Paul Heinlein <> heinl...@madboa.com <> http://ww
On Thu, 4 May 2017, Alexander Dalloz wrote:
Am 04.05.2017 um 18:35 schrieb Paul Heinlein:
The second method is to add an ExecStartPre to
/usr/lib/systemd/system/tomcat.service, e.g.,
Sorry, no. Better not touch the service files in
/usr/lib/systemd/system which ship with the associated
that route, then after editing the service file, do
systemctl daemon-reload
systemctl start tomcat
I'd recommend the tmpfiles route myself, but either will get you where
you want to go.
--
Paul Heinlein <> heinl...@madboa.com <> http
.3 or not.
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
owdupe => true
}
user { 'user2':
uid => 1001, gid => 2000, ...,
allowdupe => true
}
In YAML-ese, I guess you'd just add
accounts::users:
user1:
allowdupe: 'true'
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
, in case you're ever interested, I've written a script that
generates suitable IPv4-based filenames for pre-default usage:
https://github.com/heinlein/pxehex
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
Ce
Install what you need, then you have a couple choices about how to use
the SCL for Python 3.5. For your choices, see
https://www.madboa.com/blog/2016/08/29/scl-intro/
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
Ce
Mar 14 10:26:33 systemd: Dependency failed for /export/1.
Why is this running? The systems' been up for 10 days, and I didn't set up
such a job.
Any chance there's a configuration-management bit that didn't get
changed, like a puppet rule or somesuch?
--
Paul Hein
y characters a shell might misinterpret (*, !,
<, >, &, ...), make sure you enclose it in quotation marks.
What have you seen in your logs (usually /var/log/maillog on CentOS
systems)? If sendmail is having trouble setting up TLS/SSL, it will
let you know!
You may have to post the
On Wed, 8 Mar 2017, Mark Weaver wrote:
On 03/08/2017 11:00 AM, Paul Heinlein wrote:
On Wed, 8 Mar 2017, Mark Weaver wrote:
> Hello all,
>
> I've been googling my brains out since yesterday looking for
> up-to-date information on this matter, and have found
>
toolchain, which includes spamassassin, clavav, and opendmarc. Below
my .sig, I've included the shell script I use for that.
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
#!/bin/sh
#
# start/stop SMTP to
-intro/
(There's no advertising on my site and I make no revenue from it.)
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
a new microcode_ctl package, a CentOS update
will follow quickly.
The obverse is true too: without a RHEL release, a CentOS update will
not follow.
You can manually download and install Petr Oros' test package, and you
can badger Red Hat, but those are your only realistic options.
--
Pau
s "current." That allows a package in the
updates repository to be installed over one currently installed on
your system.
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
DEV bs=512 count=4
done
%end
This will execute prior to anaconda trying to partition the disk. Note
that it will erase or obfuscate all data on the disk(s) so it's
definitely unsuited for systems on which you want to retain data.
--
Paul Heinlein
heinl...@madboa.com
On Thu, 4 Aug 2016, Valeri Galtsev wrote:
On Thu, August 4, 2016 7:13 pm, Paul Heinlein wrote:
On Thu, 4 Aug 2016, Valeri Galtsev wrote:
At least one snag I hit consistently with CentOS 7 kickstart is:
it drops me into human decision as far as wiping hard drive and
creating custom (or
=/usr/bin/bash
# DANGER: will remove all volume groups
for VG in $(vgs -o vg_name --noheadings); do
vgremove -f "$VG"
done
%end
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
might benefit from
different management cycles; that'd also be a case where multiple
exports might be a good idea. That said, I've never managed an
exported filesystem consisting of different arrays; we've always
exported at the RAID level or below.
--
Paul Heinle
erver. I've never had trouble with SATA. This is the
first time with an SAS drive.
mixing SAS and SATA on the same backplane can be problematic,
depending on the system.
Yep.
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
,
* timely patching,
* good service monitoring combined with a remediation plan should
things go awry,
* good crypto configuration,
* etc., etc.
In other words, packet filtering is a good start toward a secure
system, but no more than that.
--
Paul Heinlein <> heinl...@madboa.com <>
se there's no redundancy,
but that's a bug, not a feature.)
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
the OpenVPN distribution
tarball or at GitHub:
https://github.com/OpenVPN/easy-rsa
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
sing one:
Any chance that the Windows client is spinning trying to backup cygwin
files, specifically /var/log/lastlog?
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
e is complex -- true.
Documentation lengthy ... lack real substance -- often true.
I've found the best tutorial for cfengine's language to be the
standard cfengine library (cfengine_stdlib.cf). It shows some best
practices and neat tricks that the documentation really doesn't
explain.
ging four systems, I'll spend less time
over the life-cycle of those hosts spinning up puppet or cfengine than
I will managing those systems by hand. Other admins may have a
different opinion, but that's what I've discovered.
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 12
On Fri, 22 Apr 2016, Digimer wrote:
Then you would use pacemaker to manage the floating IP, fence
(stonith) a lost node, and promote drbd->mount FS->start nfsd->start
floating IP.
My favorite acronym: stonith -- shoot the other node in the head.
--
Paul Heinlein
heinl...@madboa.com
Netscape SSL server : Yes
Netscape SSL server CA : No
Anyway, those are the extensions that should do away with these errors:
> Mon Apr 18 05:34:50 2016 VERIFY OK: depth=1, C=US, ST=California, L=San
> Francisco, OU=Certificate Authority, O=, CN=X.X.X
> Mon Apr 18 05:34:50 2016
epth=1, C=US, ST=California, L=San
Francisco, OU=Certificate Authority, O=, CN=X.X.X
Mon Apr 18 05:34:50 2016 Certificate does not have key usage extension
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS ma
onfigure correctly.
To paraphrase The Princess Bride: Security is pain. Anyone who says
differently is selling something.
--
Paul Heinlein <> heinl...@madboa.com <> http://www.madboa.com/
___
CentOS mailing list
CentOS@centos.org
https://lists.centos.org/mailman/listinfo/centos
for Perl 5.16
and 5.20:
https://www.softwarecollections.org/en/scls/?search=perl
I can't speak for Perl 6, but a cursory search suggests that neither
CentOS 6 nor 7 have readily available packages.
--
Paul Heinlein <> heinl...@madboa.com <> http
your
original post, I see
systemd: Found device /dev/mapper/vg00-rootdev.
systemd: Starting File System Check on /dev/mapper/vg00-rootdev...
It's only after that's complete that I get device-specific messages
like
systemd: Found device ST9600204SS.
So I'm intere
read
directory for multi: /home/rgm/public_html/biby/
If SELinux is working, then do
setsebool -P httpd_enable_homedirs on
--
Paul Heinlein
heinl...@madboa.com
45°38' N, 122°6' W___
CentOS mailing list
CentOS@centos.org
https://lists.
ptables
v1.4.21: Set fail2ban-sshd doesn't exist.
Things to check:
* the output of "ipset -l -n" to see if you have any ip sets
defined
* that the fail2ban-firewalld rpm is installed
* that firewalld.service and fail2ban.service are both enabled
and running
--
Paul Heinlein
hei
On Wed, 2 Dec 2015, Lamar Owen wrote:
Heads-up to everyone: CR is getting CentOS 7.1511 (aka '7.2')
packages. just updated using CR,
Did the same update on a virtual host at Digital Ocean. No problems
whatsoever.
--
Paul Heinlein
heinl...@madboa.com
45°38
1 - 100 of 443 matches
Mail list logo
