Hi,
On 2.6 kernels, I always used to issue the commands directly:
1) Find what's the host number for the HBA:
ls /sys/class/fc_host/
(You'll have something like host1 or host2, I'll refer to them as
host$NUMBER from now on)
2) Ask the HBA to issue a LIP signal to rescan the FC bus:
echo 1 >/s
On Dec 17, 2007 9:34 AM, Filipe Brandenburger <[EMAIL PROTECTED]> wrote:
> On 2.6 kernels, I always used to issue the commands directly:
>
This was actually introduced in CentOS 4.3 (and upstream RHEL4.3):
http://www.centos.org/docs/4/html/release-notes/as-x86/RELEASE-NOTES-U3-en.ht
On Dec 17, 2007 9:47 AM, Maxim Soldatov <[EMAIL PROTECTED]> wrote:
> I've got strange problem with centos (as well as rhel btw) chrooted
> environment.
That's the behaviour that chroot is supposed to have.
> Yes, I even do not have /etc/ directory inside testcase/ , but id shows
> groups from
Hi,
I'm no SELinux expert, but I think the issue is that under SELinux's
targeted policy, Apache will refuse to write to a directory with etc_t type.
It can, however, write to a directory with the httpd_log_t type, such as
/var/log/httpd. Couldn't you just write the logs to /var/log/httpd instead?
Hi,
Has someone created RPM packages of citadel for CentOS 4 or 5? I would be
interested. If anyone has it in a public repository and would like to share,
please tell me. I looked for it in CentOS base repositories and Rpmforge but
didn't find anything. Anyway, please let me know.
Thanks!
Filipe
Hi,
I was trying to setup winbind on a CentOS 4 host to authenticate to the AD
on my network. My smb.conf is very simple, I'm only setting workgroup,
realm, security, and I'm setting for winbind:
encrypt passwords = yes
winbind separator = +
idmap uid = 1-2
idmap gid = 1-2
Hi,
I used to have exactly the same problem when the machine rebooted in the
middle of an RPM installation or if the rpm process was killed -9.
On Jan 9, 2008 7:41 PM, Kai Schaetzl <[EMAIL PROTECTED]> wrote:
> The process doesn't die, but doesn't seem to do anything
> from that point on. strace
On Jan 11, 2008 2:51 PM, Bart Schaefer <[EMAIL PROTECTED]> wrote:
> With CentOS-5.1, they're dated in UTC *most* of the time,
> but occasionally in the local timezone. This has seriously confused a
> couple of our homegrown process monitoring scripts.
IIRC, the datestamp is put by the process t
Hi,
I saw that yum solved the problem of getting metadata of old mirrors
recently:
http://devel.linux.duke.edu/gitweb/?p=yum.git;a=commit;h=c3d6b0458742a32caf36ff3c6f03f8ef2426
Any chance to get an updated yum in CentOS-plus?
I would report this upstream, if I knew how to...
Tks!
Filipe
On Wed, Mar 5, 2008 at 10:20 AM, Sean Carolan <[EMAIL PROTECTED]> wrote:
> I would like these environment variables to be made available to a
> Perl script so that any "system" commands contained in the perl script
> will inherit them. How do you do this in Perl?
If the variables are exported
On Wed, Mar 5, 2008 at 11:03 AM, Sean Carolan <[EMAIL PROTECTED]> wrote:
> The variables are not exported when I call Perl. This is what I am
> trying to do. How do I get those variables to be available to the
> bash "system" commands within the script?
system("source ~/.keychain/hostname-sh;
On Wed, Mar 5, 2008 at 11:15 AM, Sean Carolan <[EMAIL PROTECTED]> wrote:
> Just so it is clear what I am trying to do, there are some scp and ssh
> commands like:
>
> system ("/usr/bin/scp /tmp/filename server1:/tmp/filename");
>
> we want the scp command to use the running ssh-agent's credenti
On Fri, Mar 7, 2008 at 10:35 AM, Jerry Geis <[EMAIL PROTECTED]> wrote:
> If /proc/cmdline looks like
>
> option1 option2 ... ks=http://192.168.1.8/ks/ks.cfg option3 option 4 ...
>
> How can I get the 192.168.1.8 out of this cmdline.
Cryptic but does the job:
$ cat /tmp/cmdline
option1 option2
On Fri, Mar 7, 2008 at 4:26 PM, Marcelo Roccasalva
<[EMAIL PROTECTED]> wrote:
> If you don't mind replicating empty subdirs:
>
> rsync -va --include "*.avi" --include "*/" --exclude "*" $WORKING
> $WEB_SERVER
The option "--prune-empty-dirs" does the trick!
rsync -av --include '*.pdf' --includ
Hi,
On Sat, Mar 8, 2008 at 8:05 AM, Niki Kovacs <[EMAIL PROTECTED]> wrote:
> I'm currently using SVN for writing some docs with LaTeX, and I wonder
> how I could possible tell SVN to ignore all *.log, *.aux and *.dvi
> files. I know how it can be done for one at a time. Let's say my files
> ar
On Tue, Mar 11, 2008 at 10:33 AM, Therese Trudeau <[EMAIL PROTECTED]> wrote:
> Ah HA! That might be the problem, I'm using the JDBC driver and I don't
> have the
> ODBC driver installed. Do you know where i could download the ODBC driver?
yum search odbc
What you're looking for is the unixOD
Hi!
I was looking at the pictures and devroom of FOSDEM 2008 in
www.centos.org. I was really interested in the presentations related
to CentOS. Would you mind making them available somewhere on the site?
I think that would be great documentation for some of the topics.
In particular, I wonder wha
On Tue, Mar 11, 2008 at 10:28 PM, Akemi Yagi <[EMAIL PROTECTED]> wrote:
> Check out the CentOS wiki. Search fosdem.
Great! Found it at http://wiki.centos.org/Events/Fosdem2008
I guess Karanbir and Dag didn't yet upload their presentations though.
I would be very grateful if they did!
Thanks,
Fi
On Sun, Mar 16, 2008 at 12:08 AM, Sobari Tanuwijaya
<[EMAIL PROTECTED]> wrote:
> I think I can install qmail for the MTA, but I don't know how to prevent
> several person just can send/receive email from the same domain, while
> the other can send/receive email to any address he wants to.
> Any
Hi,
On Tue, Mar 25, 2008 at 2:21 PM, Dan Bongert <[EMAIL PROTECTED]> wrote:
> thoth(3) /tmp> ls
>
> thoth(4) /tmp> echo $?
> 141
141 is SIGPIPE. If the process is killed by a signal, the return code
will be 128+signal number. 141-128=13, and kill -l says: 13) SIGPIPE.
SIGPIPE means that somet
Hi,
On Tue, Mar 25, 2008 at 10:19 PM, Mark Rose <[EMAIL PROTECTED]> wrote:
> I attempted to install the ntfs-3g and fuse rpms, without any success
> (there were numerous dependancies and could not get libc to install)..
You shouldn't try to compile it, just get the RPM for fuse-ntfs-3g
from Rpmfo
On Tue, Apr 1, 2008 at 3:37 PM, vincenzo romero <[EMAIL PROTECTED]> wrote:
> Am running Bind 9 in Cent OS 5.1. I have a DNS server, that:
> - DNS server to hosts in lab.company.com - 192.168.17.x
> - forwards query to company.com - 10.100.x.x.
What is the IP address of your DNS server? What i
On Tue, Apr 1, 2008 at 1:58 PM, Ray Leventhal <[EMAIL PROTECTED]> wrote:
> I just saw this in output from df -h:
> # df -h
> df: `status': No such file or directory
> df: `status': No such file or directory
> Any ideas why the 'status' messages are showing 'No such file or
> directory'? More
Hi,
On Tue, Apr 1, 2008 at 5:15 PM, Ray Leventhal <[EMAIL PROTECTED]> wrote:
> # mount
> ...
> st0 on status type unknown (rw)
> /dev/st0 on status type unknown (rw)
Well, obviously these are the two that are causing the problem. st0
seems to be tape drive, but this should never be mounted, a
On Tue, Apr 1, 2008 at 6:22 PM, vincenzo romero <[EMAIL PROTECTED]> wrote:
> zone "company.com." IN {
> type forward;
> forwarders {10.100.1.24 port 53;
> };
In myhost.lab.company.com you probably want to do a forward of all
requests to ns.company.com, that would
On Thu, Apr 10, 2008 at 7:39 AM, Frank Büttner <[EMAIL PROTECTED]> wrote:
> > Perhaps you should do:
> > wget -r http://www.foo.bar/sample
>
> Hm,
> this will download the whole www.foo.bar site:(
Add -np (no parent).
You should also probably add a slash after the directory in the website:
wge
On Mon, Apr 14, 2008 at 9:34 AM, Jerry Geis <[EMAIL PROTECTED]> wrote:
> How do I get the output of my make to show on the console and also in my
> logfile?
Use "script". Type "script logfile.txt", it will open a new shell.
After that, everything you type and the output of commands will go to
the
On Tue, Apr 15, 2008 at 12:36 PM, Eric B. <[EMAIL PROTECTED]> wrote:
> Is there anything that works similarly for the iproute2 ruleset? I can't
> seem to find anything in /etc/init.d/network except for references to static
> routes using /sbin/route, which isn't good enough if one wants to use
On Tue, Apr 15, 2008 at 3:48 PM, Eric B. <[EMAIL PROTECTED]> wrote:
> The last question then is if there is a way to add "ip rule" rules to
> specify which routing table to use based on packet information.
> ex: ip rule add fwmark 3 table 3
>
> Are any of the network scripts able to handle thi
On Tue, Apr 15, 2008 at 4:36 PM, Eric B. <[EMAIL PROTECTED]> wrote:
> Am I missing something obvious somewhere? Or do you have a different
> version of ifup-routes? I'm running CentOS4 with the latest patches
I'm running CentOS5 here, that's probably new in CentOS5.
You may consider appen
On Tue, Apr 15, 2008 at 5:33 PM, Timothy Murphy <[EMAIL PROTECTED]> wrote:
> Unfortunately, I have not been able to set it up
> to allow local machines to access the internet.
Did you enable routing? The output of "cat
/proc/sys/net/ipv4/ip_forward" must be 1, otherwise the server won't
route pa
On Tue, Apr 15, 2008 at 7:53 PM, Tito Valentin <[EMAIL PROTECTED]> wrote:
> I still have problems installing even after I have removed the old mysql:
>
> [EMAIL PROTECTED] tmp]# rpm -Uvh mysql-5.0.48-2.el4.centos.i386.rpm
> error: Failed dependencies:
> mysql-libs = 5.0.48-2.el4.centos is n
On Tue, Apr 22, 2008 at 5:07 AM, Simon Jolle <[EMAIL PROTECTED]> wrote:
> The problem is that other hosts are able to synchronize the time from
> our servers. How to disable that?
Which other hosts? Other hosts in the same subnet as dns1 and dns2?
If that is the problem, maybe you should try ch
On Tue, Apr 22, 2008 at 10:56 PM, Matt Shields <[EMAIL PROTECTED]> wrote:
> On Tue, Apr 22, 2008 at 10:23 PM, Clint Dilks <[EMAIL PROTECTED]> wrote:
> > I am wondering if many people are using software that acts as a password
> > safe. And if so can you recommend any software in particular?
>
>
On Wed, Apr 23, 2008 at 11:27 AM, Paul Heinlein <[EMAIL PROTECTED]> wrote:
> On Wed, 23 Apr 2008, Clint Dilks wrote:
> > I am wondering if many people are using software that acts as a password
> > safe. And if so can you recommend any software in particular?
>
> I just use gpg with a Makefile wra
On Fri, Apr 25, 2008 at 1:46 PM, Kevin Faulkner <[EMAIL PROTECTED]> wrote:
> Perhaps you could run iotop find out if there is a process chewing up your
> hard disks. You aren't just limited to top, you can also use vmstat and
> iostat in this situation.
I also recommend dstat (http://dag.wieers.c
Hi,
On Thu, May 8, 2008 at 6:00 PM, Rudi Ahlers <[EMAIL PROTECTED]> wrote:
> Exception in thread "main" java.lang.OutOfMemoryError: Cannot create
It looks like it's running out of memory when starting more threads.
Did you check if you have enough memory in this server to run Tomcat?
I think you
Hi,
On Thu, May 8, 2008 at 4:38 PM, John R Pierce <[EMAIL PROTECTED]> wrote:
> coworker wants to download a module with all its dependencies, for use in
> updating an offline system... CentOS 5.latest ...
>
> [EMAIL PROTECTED] home]# yumdownloader --resolve gcc
...
> File "/usr/lib/python2.4/si
Hi,
On Fri, May 9, 2008 at 9:06 AM, Rudi Ahlers <[EMAIL PROTECTED]> wrote:
> Mem: 1048576k total, 799828k used, 248748k free,0k buffers
> Swap:0k total,0k used,0k free,0k cached
You have no swap on the machine! Try adding it. You can do that by
creati
2008/5/9 Ralph Angenendt <[EMAIL PROTECTED]>:
> Can you give us the bug number for that?
https://bugzilla.redhat.com/show_bug.cgi?id=445773
It was closed as duplicate of another bug this morning, I don't know
if I would agree with that.
Filipe
___
CentO
On Sun, May 11, 2008 at 5:56 AM, happymaster23 <[EMAIL PROTECTED]> wrote:
> but its impossible to break my server
These days it's very hard to state that. I would not bet any money on
it. The only way to be really sure the server cannot be hacked is to
disconnect the network cables (and maybe the
Hi,
On Sun, May 11, 2008 at 5:26 AM, Ned Slider <[EMAIL PROTECTED]> wrote:
> I have the following entries, below, in today's log file (for yesterday,
> 10th May).
>
> I don't run the automated yum-updated and didn't run a yum update
> yesterday, and no packages were installed. Obviously the entr
Hi,
On Sun, May 11, 2008 at 10:24 AM, Robert Nichols
<[EMAIL PROTECTED]> wrote:
> I fixed that problem for yum by editing /etc/logrotate.d/yum and changing
> "size 30k" to "size 10k". For CentOS, a 10 kilobyte log file is enough
> to hold several months of yum activity, but small enough that t
Hi,
On Wed, May 14, 2008 at 9:37 AM, Alfred von Campe <[EMAIL PROTECTED]> wrote:
> First, I can not find kermit (or ckermit) in any of the repos (base, extras,
> centosplus, rpmforge). On my 4.6 systems, /usr/bin/kermit was provided by
> the package ckermit in the base repo. That package appears
Hi,
On Thu, May 15, 2008 at 8:45 PM, Chris Boyd <[EMAIL PROTECTED]> wrote:
> CNAMEs require two dips into the DNS (one to get the CNAME, another to look
> up the IP), and so can be much slower if you are the victim of a slow
> resolver.
Not true (AFAIR). If I remember correctly, if the informatio
On Fri, May 16, 2008 at 9:18 AM, Jerry Geis <[EMAIL PROTECTED]> wrote:
> Somehow the VIM start screen is in the -f file... Not sure how that happened
> but glad its gone.
What do you mean? When you type "vim" on the terminal it tries to open
the file named "-f"?
If that's the case, check the ".vi
On Fri, May 16, 2008 at 8:30 AM, John <[EMAIL PROTECTED]> wrote:
> We just encountered several serious Out of Memory Problems caused by the
> file 4.17-9.0.1.EL5 utility on our mail Gateway. CentOS 5.1 kept it self
> alive by killing it parent process Amavisd-new. Manually restarting
> Amavisd-new
On Fri, May 16, 2008 at 11:59 AM, Ned Slider <[EMAIL PROTECTED]> wrote:
> Johnny Tan wrote:
>> I saw this in Logwatch today for one of my servers:
>
> Checking /var/log/yum.log for entries 1
> year ago should confirm this.
As this bit me once and I've just seen two people bitten by it again,
I've
And another pet peeve of mine with logrotate:
https://bugzilla.redhat.com/show_bug.cgi?id=447022
Once after an unclean reboot I got a corrupted
/var/lib/logrotate.status, and after that logrotate just stopped
working. The thing was that the server generated hundreds of megs per
hour of log, and wi
On Sun, May 18, 2008 at 10:44 AM, cjzjm100 <[EMAIL PROTECTED]> wrote:
> Hi guys! today i tried to install the latest stardict.
> ...
> If i install the software from source code,how can i uninstall it?
You should try to always stick to RPMs when using RHEL/CentOS. There
are several advantages to i
On Tue, May 20, 2008 at 3:46 PM, Alfred von Campe <[EMAIL PROTECTED]> wrote:
> I have 30 identical Lenovo desktop systems running CentOS 5.1. On one of
> those systems the clock is running slow (5+ minutes from yesterday to this
> morning and another minute since this morning) despite the fact tha
On Tue, May 20, 2008 at 8:53 PM, Alfred von Campe <[EMAIL PROTECTED]> wrote:
> # ntpq -np
> remote refid st t when poll reach delay offset
> jitter
> ==
> 10.101.32.104 67.128.71.65 3 u 689 1
On Wed, May 21, 2008 at 9:48 AM, carlopmart <[EMAIL PROTECTED]> wrote:
> <[EMAIL PROTECTED]>: delivery via localhost[127.0.0.1]:10025: 250 2.0.0 Ok:
>queued as D61DDEC962
> content_filter = imss:localhost:10025
Did you check if this could be related to whatever is running on port
10025? How i
On Thu, May 22, 2008 at 12:01 PM, Warren Young <[EMAIL PROTECTED]> wrote:
> At any rate, RAID-10 shouldn't be *slower*.
I've actually seen equipments where RAID-10 was slower for reading
than RAID-5 with the same number of disks. RAID-10 depends on the
ability of the controller of balancing reads
On Fri, May 23, 2008 at 6:23 AM, James Pearson
<[EMAIL PROTECTED]> wrote:
> Mag Gam wrote:
>> Thanks Jim. Since, 802.3ad requires switch settings does it perform better
>> than other modes? Does anyone have any benchmarks?
>
> I haven't done any benchmarks - but as I've managed to get 200+Mbyte/s r
Try to change this in your /etc/ssh/sshd_config:
If in CentOS 5, change:
AddressFamily any
to:
AddressFamily inet
If in CentOS 4, change:
ListenAddress ::
to:
ListenAddress
Uncomment those lines if needed.
Change:
GSSAPIAuthentication yes
to:
GSSAPIAuthentication no
Change:
UseDNS yes
to:
On Fri, May 23, 2008 at 12:25 PM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> In terms of Cisco ACL's, how does
> iptables work, does it simply continue processing until it sees something
> explicitly
> denying if the default policy is ACCEPT, versus DROP, will it continue
> processing until
>
On Sat, May 24, 2008 at 2:49 AM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> Appreciate the help, but I think I am still unsure of that last point.
> If the default policy for INPUT is DROP, and a rule "allowing" traffic
> is not matched, once it gets to the end it performs the default policy
> a
On Sun, May 25, 2008 at 2:02 PM, Jason Pyeron <[EMAIL PROTECTED]> wrote:
>> Try to change this in your /etc/ssh/sshd_config:
>>
>> Change:
>>
>> UseDNS yes
>> to:
>> UseDNS no
>
> Okay that fixed it, but why? I used nslookup and set my server to the same
> as /etc/resolv.conf. There were no delays,
On Tue, May 27, 2008 at 11:12 AM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> I wondered if I could include the "external" view in the first view,
> or I suppose I can simply copy the details from the second view
> into the first, but that forces me to keep it updated in two places...
Use includ
On Tue, May 27, 2008 at 9:33 PM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> Is it feasible to write protect the /etc/sysconfig/iptables file so nothing
> can overwrite it, such that at least the config is persistent through a
> reboot? If not, is there a better way to accomplish this?
chmod a=r
On Wed, May 28, 2008 at 10:39 AM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> I have edited ip forwarding in /etc/sysctl.conf yet when I issue a
> #service network restart I see it get set back to 0.
> Why is that?
What exactly did you add to /etc/sysctl.conf?
Do you have any errors when you ru
On Thu, May 29, 2008 at 3:14 PM, Alfred von Campe <[EMAIL PROTECTED]> wrote:
> write(2, "The program \'gnome-terminal\' rec"..., 592) = 592
This looks interesting, but unfortunately you cut the message too
short to know what it was saying... You might find it in
/var/log/Xorg.0.log, but I wouldn'
On Thu, May 29, 2008 at 8:58 PM, Filipe Brandenburger
<[EMAIL PROTECTED]> wrote:
> On Thu, May 29, 2008 at 3:14 PM, Alfred von Campe <[EMAIL PROTECTED]> wrote:
>> write(2, "The program \'gnome-terminal\' rec"..., 592) = 592
>
> This looks interes
On Fri, May 30, 2008 at 12:33 PM, Craig White <[EMAIL PROTECTED]> wrote:
> where I'm taking the 'id:' field from each record and inserting an
> underscore and the id into the 'attributes' label directly above.
Just for fun, this is a one-line sed script that would change that file:
sed -n -e '/^a
On Fri, May 30, 2008 at 4:37 PM, Robert Moskowitz <[EMAIL PROTECTED]> wrote:
> I am getting errors with changing the group owner. Huh?
>
> So I try to just use mkdir to create a directory on the flash drive. The
> directory has a group of root ???
>
> OK why can't I set the group to something oth
On Sat, May 31, 2008 at 7:40 AM, sbeam <[EMAIL PROTECTED]> wrote:
> We have a near-identical system I am thinking of bringing in as a
> DRBD/Heartbeat companion. One solution may be to use csync2
> [http://oss.linbit.com/csync2/] on /etc and /usr/local (the only areas that
> will differ from the st
NSA guides on hardening RHEL5. Should be applicable to CentOS5 as well.
http://www.nsa.gov/snac/downloads_redhat.cfm?MenuID=scg10.3.1.1
I read about this on /. some weeks ago, but I just skimmed through it,
so I can't say how effective I think it is. I thought it would be
useful to point to it on
On Sat, May 31, 2008 at 7:40 AM, sbeam <[EMAIL PROTECTED]> wrote:
> I have an existing in-production LAMP server running Centos 5.1...
>
> We have a near-identical system I am thinking of bringing in as a
> DRBD/Heartbeat companion...
Why don't you consider using MySQL master-slave replication? It
On Mon, Jun 2, 2008 at 8:18 AM, Bent Terp <[EMAIL PROTECTED]> wrote:
> Interesting, I thought that XFS was fairly safe for use. What would
> you recommend for filesystems in the 50-500 terabyte range?
I would recommend you split it in several smaller (2-4TB) filesystems.
Most applications would su
On Mon, Jun 2, 2008 at 12:13 PM, Ray Leventhal <[EMAIL PROTECTED]> wrote:
> Hi all,
>
> Advance apologies for being slightly OT.
>
> Has anyone had successes with installing gphpedit on CentOS 5? There don't
> seem to be any rpms avail for our distro and I'm far too new to roll my own.
>
> Thanks
Hi all,
I just installed a CentOS 5 machine from Kickstart. I configure NSS
and PAM to lookup and authenticate users from LDAP with authconfig. On
my LDAP I also have some automount configuration, but I'm not running
automount on this server. SELinux is installed and enforcing.
Whenever I try to
On Thu, Jun 5, 2008 at 2:05 PM, Timothy Selivanow
<[EMAIL PROTECTED]> wrote:
> things like 'put' and 'get', etc.), the connection hangs. If you wait a
> bit it returns with a "425 Failed to establish connection". I've tried
Is the FTP client behind NAT? If it is then active FTP won't work,
since
2008/6/5 Manuel Enrique Chavez Manzano <[EMAIL PROTECTED]>:
> from wich repo can I download Mysqlnavigator??
Have you tried the RPM from Sourceforge?
http://sourceforge.net/project/showfiles.php?group_id=21623&package_id=37304
HTH,
Filipe
___
CentOS
On Thu, Jun 5, 2008 at 6:02 PM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> I need to setup a proxy that does transparent auth to AD, does anyone
> have experience or suggestions for a setup that will run in CentOS? I came
> across an article on integrating Squid with Windows AD for auth but it
>
On Fri, Jun 6, 2008 at 5:00 PM, Manuel Enrique Chavez Manzano
<[EMAIL PROTECTED]> wrote:
> yes I have tried there, I have the packeage but when I tried to install
> it it asked for dependencies, and what I want is to install it by yum.
# yum localinstall xxx.rpm
This will try to pull the dependen
Hi,
For the record, I found and fixed the problem.
I had some users with their home wrongly set on LDAP. One of them had
the home set to /usr/local/whatever and a /bin/sh shell, and another
had /colossus/users/herusername as home. The script "genhomedircon"
(which apparently is run by RPM every t
Hi,
My boss asked me to harden a CentOS box by removing "hacker" tools,
such as nmap, tcpdump, nc (netcat), telnet, etc.
I would like to know which list of packages would you remove from a
base install. I would appreciate if someone could point me to a
"standard" way of doing this. I know there a
On Fri, Jun 6, 2008 at 7:54 PM, Luke S Crawford <[EMAIL PROTECTED]> wrote:
> Removing network tools does not make it harder to break into the box,
> however, it can make it harder to do something with it once you are in.
That's the idea.
> (also, [not] installing the programs just
> means that if
On Fri, Jun 6, 2008 at 10:09 PM, Jim Wildman <[EMAIL PROTECTED]> wrote:
> Better, google for "tiny centos" and build a new box with the minimum on it.
Hmmm, that looks exactly like what I'm looking for! I'm actually
trying to find someone who has already done the tough work and could
give me some
Hi,
Is anyone chrooting users that connect through SSH?
I looked for it on Google and I basically saw several methods:
- OpenSSH 5 supports ChrootDirectory (FC9 apparently has RPMs that
probably could be rebuilt under CentOS 5)
- There seem to be several patches for OpenSSH 4.x to do the chroot,
On Sat, Jun 7, 2008 at 12:18 AM, Eric Wood <[EMAIL PROTECTED]> wrote:
> Just the other week sshd 4.9 enabled chroot for the first time I think.
> Fairly new stuff. You'll have to roll your own rpm for CentOS as it will
> be unlikely that they roll it - probably not even for 5.2 either.
Yeah, I w
On Fri, Jun 6, 2008 at 9:30 PM, Thomas Dukes <[EMAIL PROTECTED]> wrote:
> Does any one have current rpms for Zoneminder-1.23.3? I can't get the
> source to compile on 4.6.
FC9 has 1.22.3. It probably shouldn't be hard to extract the specfile,
edit it to use the 1.23.3 sources and try to rebuild i
On Fri, Jun 6, 2008 at 10:58 PM, Jerry Geis <[EMAIL PROTECTED]> wrote:
> What might I look at changing to ensure my initrd is made correctly.
Try copying /etc/modprobe.conf from the production machine to the
machine where you built your kernel and then run mkinitrd again.
You might also try to pl
On Sun, Jun 8, 2008 at 5:32 PM, Fabian Arrotin
<[EMAIL PROTECTED]> wrote:
> It does it transparently in the way that for M$ Internet Explorer it will
> never ask a username/password , but it will for everything else.
Actually, you can configure Firefox on Windows to authenticate using
Windows cred
On Mon, Jun 9, 2008 at 8:31 PM, Joseph L. Casale
<[EMAIL PROTECTED]> wrote:
> How does one view the dm-{n} names wrt the actual dev names?
> I assume it involves dmsetup but I cant figure it out. I am using iostat
> to track some busy disk io and don't know which dm-{n} to watch :)
Try ls -l /dev/
If conntrack can track the TFTP sessions, then you should be able to
filter it using -m state in iptables.
iptables -A ... -m state --state ESTABLISHED,RELATED -j ACCEPT
iptables -A ... -m state --state NEW -p udp --dport 69 -j ACCEPT
You can have one rule in INPUT and the other in OUTPUT, or bot
Hi,
I have a setup with two CentOS 5 machines running OpenLDAP 2.3.x,
right now the primary uses slurpd to send the updates to the second
server, and the second server is using "updatedn" to allow updates
(from what I understand! I'm no OpenLDAP guru here.) Clients are using
pam_ldap and nss_ldap
On Tue, Jun 17, 2008 at 6:51 PM, Les Mikesell <[EMAIL PROTECTED]> wrote:
> I'd like to have it use it's original IP as the source for outbound
> connections.
> Where do you control that?
I didn't try it, but you probably can control that with the "ip route"
command when you create a route to a s
On Wed, Jun 18, 2008 at 4:28 PM, John Thomas
<[EMAIL PROTECTED]> wrote:
> I use NX and find it amazing. I downloaded the RPMs from nomachine.com
> because I had not found that they are built in one of the repos (testing if
> memory serves).
I second that.
NX works over SSH so its connection is e
On Wed, Jun 18, 2008 at 5:45 PM, Herta Van den Eynde
<[EMAIL PROTECTED]> wrote:
> Joshua previously suggested SELinux might have something to do with
> it, but being new to it, I didn't know what to do with that info.
>
> I'll need to read up on what this means exactly. I originally
> untarred the
On Fri, Jun 20, 2008 at 9:54 AM, Rob Lines <[EMAIL PROTECTED]> wrote:
> I would like to continue to see these messages but I would like to
> see them put else where but looking through the documentation for syslog I
> couldn't find any way to separate just those messages out.
I also have the same
I noticed that behaviour too.
Since then, whenever I start a new thread, just after sending the
message I click on "see sent message" (or something to that effect)
and then I tag it with "centos" or whatever tag is appropriate for
that list. Apart from the [CentOS] tag on the subject, that fixes i
Hi,
It's been long since I don't write Proxy rules, but IIRC you have to
match /s on the left side and on the right side.
On Sun, Jul 6, 2008 at 6:24 AM, ankush grover <[EMAIL PROTECTED]> wrote:
> ProxyPass /testdiaryhttp://testdiary.example.com/
> ProxyPassReverse /testdiary
Hi,
On Sun, Jul 6, 2008 at 9:12 AM, Nabin Limbu <[EMAIL PROTECTED]> wrote:
> For GRE tunneling, how can I specify the
> parameters for tunneling device, so that I ifup-tunnel will automatically
> read and start the interface and I don't have to write the below scripts
> in my start-up file.
Appar
Hi,
On Sun, Jul 6, 2008 at 6:36 AM, William L. Maltby
<[EMAIL PROTECTED]> wrote:
>> > If it's a boot drive, remember to rebuild your initrd and modify the
>> > init file to ignore lvm lock failures with the new VG name. Otherwise
>> > you'll be fighting some more battles.
>>
>> Yes, I remember get
On Sun, Jul 6, 2008 at 3:28 PM, William L. Maltby
<[EMAIL PROTECTED]> wrote:
> He is trying to copy an existing install, transport the drive and boot.
> Until he gets a boot that allows the new root to be detected *as* the
> new root, I don't know if that would work.
You can actually do that by us
Hey,
On Sun, Jul 6, 2008 at 7:39 PM, Ian Forde <[EMAIL PROTECTED]> wrote:
> In fact, here's the output... (IP, hostname, and Mac info changed...)
>
> [EMAIL PROTECTED] etc]# dhcpd
> Internet Systems Consortium DHCP Server V3.0.5-RedHat
> Copyright 2004-2006 Internet Systems Consortium.
> All right
On Tue, Jul 8, 2008 at 11:53 AM, Jerry Geis <[EMAIL PROTECTED]> wrote:
> Is there a procedure to use an 8GIG thumbdrive to copy the centos 5.2 dvd
> contents to the thumbdrive then run isolinux (or something like it) and be
> able to
> use the thumbdrive as the install media?
Look for a file name
On Wed, Jul 9, 2008 at 1:57 PM, Hywel Richards <[EMAIL PROTECTED]> wrote:
> LD_LIBRARY_PATH=. LD_PROFILE=libmy.so ./mymain
...
> $ sprof libmy.so /var/tmp/libmy.so.profile
> sprof: failed to load shared object `libmy.so'
Acutally I have no idea of what sprof is or does, but from the error
me
1 - 100 of 523 matches
Mail list logo
