Discuss March 2009

discuss@lists.centos.org

264 participants
245 discussions

Being Green, Time to make the servers sleep!
by James Bensley 21 Mar '09

21 Mar '09

Shadies and Mentlemen; I am trying to be green and put our backup servers to sleep during the day and have them wake on LAN and fire back up at night for our nightly backups as "sleep" is a sort of low power usage mode. (At this point I would be curious to know the different levels of sleep, what can I achieve? Does my server just drop into a low power state, or can I stop the hard drives as well?) I am wondering if it is achievable to script the process of putting a server to sleep so I can cron tab its behind! I would assume it would be possible but I don't know how, does anyone have any idea? -----BEGIN GEEK CODE BLOCK----- Version: 3.1 GIT/MU/U dpu s: a--> C++>$ U+> L++> B-> P+> E?> W+++>$ N K W++ O M++>$ V- PS+++ PE++ Y+ PGP t 5 X+ R- tv+ b+> DI D+++ G+ e(+++++) h--(++) r++ z++ ------END GEEK CODE BLOCK------

7 10

fetchmail SSL protoco; issue
by Louis Lagendijk 21 Mar '09

21 Mar '09

I am using fetchmail to collect mail from some secondary mail accounts, among which is hotmail. So far I have used hotwayd to fetch the mail from hotmail using httpmail. Hotmail now supports pop3 access, so I decided to change fetchnail to fetch the mail directly over pop3. This works, but whatever I try, I get an error message when I run fetchmail: Invalid SSL protocol 'SSLv23' specified, using default (SSLv23). Invalid SSL protocol '' specified, using default (SSLv23). The relevant part of my .fetchmailrc is included below (userids and password changed for privacy reasons :-) poll pop3.live.com port 995 proto pop3 user xxxxx(a)hotmail.com password yyyyyy no keep ssl sslproto ssl23 fetchall to myuserid The error message remains almost the same when I remove the sslproto option, only the second line is printed My mail is correctly fetched however. For gmail I use the same setup, but do not get any errors there. Anybody got this working WITHOUT error messages? What am I doing wrong? Louis

2 1

Centos 5.2 ,5.3 and GFS2
by FM 21 Mar '09

21 Mar '09

Hello, I will create a Xen cluster and using GFS2 (with conga, ...) to create a new Xen cluster. I know that GFS2 is prod ready since RHEL 5.3. Do you know whent Centos 5.3 will be ready ? Can I install my GFS2 FS with centos 5.2 and then "simply" upgrade to 5.3 without reinstallation ? Tx

3 2

How to configure Xmanager to CentOS?
by madunix 21 Mar '09

21 Mar '09

Can any help in this issue, it would be really appreciated. I did the following, but it didnt help.... For XDMCP connection to Red Hat 5 EL 1. XDM Configuration 1. Change runlevel to 5 Open/etc/inittab and set the initial runlevel to 5 as following: id:5:initdefault: 2. Enable XDMCP For GDM: Open /etc/gdm/custom.conf and set the Enable entry to 1 in the [xdmcp] section as following. [xdmcp] Enable=1 For KDM: Open /usr/share/config/kdm/Xaccess and remove the initial "#" character for the following line: #* #any host can get a login window ==> * #any host can get a login window Open /usr/share/config/kdm/kdmrc and set the Enable entry to true in the [xdmcp] section as following. [xdmcp] Enable=true 2. Firewall (TCP/UDP Ports) Configuration Open UDP port 177 from the PC to the remote host direction. Open incoming TCP ports 6000~6010 from the remote host to your PC. 3. Reboot the remote host and start Xmanager # init 3; init 5

1 0

pam_access.so restrictions not working - syntax errors?
by Dirk H. Schulz 20 Mar '09

20 Mar '09

Hi folks, I want to restrict root access via ssh to certain (internal) hosts. That is what pam_access.so is for, I thought, so I configured: in /etc/security/access.conf I added (nothing in there before): + : root : 192.168.123.0/24 10.72.0.0/16 - : root : ALL in /etc/pam.d/ssh I added at the end: account required pam_access.so Then I restarted the ssh server. Basically, this kinda works. Cron suddenly had no right to do it's job, so I had to add + : root : LOCAL to /etc/security/access.conf But there still is no restriction on ssh logins by root - I can still login from anywhere. Next I tried putting it in one line in /etc/security/access.conf: - : root : ALL EXCEPT LOCAL 192.168.123.0/24 10.72.0.0/16 That did not change anything, still I can log in via ssh. I am stuck. According to documentation and the examples on the net this should be the right syntax. And, by the way, in my /etc/ssh/ sshd_config I have "UsePAM yes". Any help or hint is appreciated. Dirk

2 1

pam_ldap and nss_ldap failover
by Paul Heinlein 20 Mar '09

20 Mar '09

I'm (finally) getting around to putting a backup LDAP authentication server on my network. The backup uses syncrepl to grab the database, and to my eyes both LDAP servers answer read queries identically. I'm testing the client side of this configuration on virtual CentOS 5 i386 machine. /etc/ldap.conf reads ----- %< ----- base dc=DOMAIN,dc=com timelimit 30 bind_timelimit 30 idle_timelimit 300 nss_initgroups_ignoreusers root,ldap,named,[... trimmed ...] uri ldap://ldap1.DOMAIN.com ldap://ldap2.DOMAIN.com ssl start_tls tls_cacertdir /etc/openldap/cacerts pam_password md5 ----- %< ----- The client will bind to whichever server is listed first after the 'uri' directive. In the config snippet, it's 'ldap1' -- but it works the other way too. If the first-listed server goes away, the client never seems to try to find or bind to the second-listed server (where "never" == my patience limit of about an hour). Once the first-listed server goes away, all password authentication fails, though getent passwd and getent group still work (presumably because of nscd). Has anyone else experienced this or, more importantly, figured out a way to get failover to work in a reasonable timeframe? -- Paul Heinlein <> heinlein(a)madboa.com <> http://www.madboa.com/

2 2

stty and sockets
by Jerry Geis 20 Mar '09

20 Mar '09

With local com ports I can use stty to inspect the port settings. Is there a similiar method with a socket connection? I have an odd situation happening where my data collection program that is working on 3 machines is not working on the 4th. The program opens a socket to remote RS232 device no data is recieved. strangely though if I "telnet IP port" to the device it will send the data on this 4th unit. (odd that it works on 3 units but not the 1). I was thinking there must be something different with the way telnet is setting up the socket than I am setting up the socket. Is there a command or method that can inspect socket options like I can with stty for RS232 lines? If so how? Thanks, Jerry

2 2

wireshark
by Jerry Geis 20 Mar '09

20 Mar '09

I did a "yum -y install wireshark" and it was successful. After the is type "wireshark" and nothing. Is there a problem with this package or am I missing something. Jerry

4 4

CentOS-announce Digest, Vol 49, Issue 9
by centos-announce-request＠centos.org 20 Mar '09

20 Mar '09

Send CentOS-announce mailing list submissions to centos-announce(a)centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request(a)centos.org You can reach the person managing the list at centos-announce-owner(a)centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2009:0341 Moderate CentOS 3 ia64 curl - security update (Pasi Pirhonen) 2. CESA-2009:0341 Moderate CentOS 4 ia64 curl - security update (Pasi Pirhonen) 3. CESA-2009:0345 Moderate CentOS 3 ia64 ghostscript - security update (Pasi Pirhonen) 4. CESA-2009:0345 Moderate CentOS 4 ia64 ghostscript - security update (Pasi Pirhonen) 5. CESA-2009:0341 Moderate CentOS 3 s390(x) curl - security update (Pasi Pirhonen) 6. CESA-2009:0341 Moderate CentOS 4 s390(x) curl - security update (Pasi Pirhonen) 7. CESA-2009:0345 Moderate CentOS 3 s390(x) ghostscript - security update (Pasi Pirhonen) 8. CESA-2009:0345 Moderate CentOS 4 s390(x) ghostscript - security update (Pasi Pirhonen) 9. CESA-2009:0341 Moderate CentOS 3 i386 curl - security update (Tru Huynh) 10. CESA-2009:0341 Moderate CentOS 3 x86_64 curl - security update (Tru Huynh) 11. CESA-2009:0345 Moderate CentOS 3 i386 ghostscript - security update (Tru Huynh) 12. CESA-2009:0345 Moderate CentOS 3 x86_64 ghostscript - security update (Tru Huynh) ---------------------------------------------------------------------- Message: 1 Date: Thu, 19 Mar 2009 18:55:16 +0200 From: Pasi Pirhonen <upi(a)centos.fi> Subject: [CentOS-announce] CESA-2009:0341 Moderate CentOS 3 ia64 curl - security update To: centos-announce(a)centos.org Message-ID: <20090319165516.GV23300(a)centos.fi> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory 2009:0341 https://rhn.redhat.com/errata/RHSA-2009-0341.html The following updated files have been uploaded and are currently syncing to the mirrors: ia64: updates/ia64/RPMS/curl-7.10.6-9.rhel3.ia64.rpm updates/ia64/RPMS/curl-devel-7.10.6-9.rhel3.ia64.rpm -- Pasi Pirhonen - upi(a)iki.fi - http://pasi.pirhonen.eu/ Top-postings silently ignored

1 0

minimal installation - kickstart error
by Tom Brown 20 Mar '09

20 Mar '09

Hi I have inherited some kickstarts that attempt to remove some packages that at some point its been deemed they are not required. I am migrating all this over to cobbler but trying to get to the bottom of this error that although the kickstart completes sshd cant start as the package nss is not installed. It fails with this Installing nss - 3.11.99.5-2.el5.centos.x86_64 error: %pre(nss-3.11.99.5-2.el5.centos.x86_64) scriptlet failed, exit status 255 error: install: %pre scriptlet failed (2), skipping nss-3.11.99.5-2.el5.centos Which seems to happen due to this error while loading shared libraries: libssl3.so yum tells me # yum provides libssl3.so nss.i386 : Network Security Services nss.i386 : Network Security Services so # yum search "Network Security Services" nss.i386 : Network Security Services nss-tools.x86_64 : Tools for the Network Security Services nss-devel.x86_64 : Development libraries for Network Security Services nss.x86_64 : Network Security Services nss-devel.i386 : Development libraries for Network Security Services nss-tools.x86_64 : Tools for the Network Security Services mod_nss.x86_64 : SSL/TLS module for the Apache HTTP server nss.i386 : Network Security Services But anyone know what package messing this up as from what i can see nothing there is being 'removed' in the kickstart - below is a full list of packages removed in the kickstart thanks for any tips tom # individual packages to remove -acpid -apmd -aspell -aspell-en -at -autofs -bc -beecrypt -binutils -bluez-bluefw -bluez-hcidump -bluez-libs -bluez-utils -cpio -crash -cryptsetup -cups -cups-libs -cyrus-sasl -cyrus-sasl-md5 -cyrus-sasl-plain -dhclient -dhcpv6_client -dmraid -dosfstools -dump -ed -eject -fbset -finger -ftp -gpm -hesiod -irda-utils -isdn4k-utils -lftp -lha -logwatch -lrzsz -mailcap -minicom -mtools -mtr -mt-st -nano -nc -netconfig -NetworkManager -ntsysv -pam_smb -parted -pax -pcmcia-cs -pinfo -quota -rdate -rdist -redhat-logos -rmt -rp-pppoe -rsh -sendmail -slang -stunnel -system-config-mouse -system-config-network-tui -system-config-securitylevel-tui -talk -tcsh -up2date -vconfig -wireless-tools -wvdial -xinetd -ypbind -yp-tools

1 1

← Newer
1
...
8
9
10
11
12
13
14
...
25
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss March 2009