Discuss August 2011

discuss@lists.centos.org

222 participants
209 discussions

Mount --bind source / mountpoint out of sync
by Trey Dockendorf 22 Aug '11

22 Aug '11

I have a shared web server that users can SSH / SFTP into to access their web content. Each users home directory is in a change root, and I use "mount -o bind" to put their respective webpage's document root into their home directory. Recently I was made aware that the contents of the mount's source are not the same as the mount point's, which I don't see how that is possible. The file system is 3 virtual disks...each part of the same volume group. I have three LVMs, "/" , "/chroot" , and "/var". Here's the entry in /etc/fstab... /var/www/example.com /chroot/home/user1/example.com none defaults,bind 0 0 The mount is active, yet running a recursive diff between "/var/www/ example.com" and "/chroot/home/user1/example.com" shows numerous differences. Here's "mount" output ------------------ /dev/mapper/VolGroup00-LogVol00 on / type ext3 (rw) proc on /proc type proc (rw) sysfs on /sys type sysfs (rw) devpts on /dev/pts type devpts (rw,gid=5,mode=620) /dev/sda1 on /boot type ext3 (rw) tmpfs on /dev/shm type tmpfs (rw) none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw) /dev/mapper/VolGroup00-lv_chroot on /chroot type ext3 (rw) /var/www/example.com on /chroot/home/user1/example.com type none (rw,bind) /dev/mapper/VolGroup00-lv_var on /var type ext3 (rw) I honestly have no idea how this is possible. Is using "mount -o bind" not the best method to give a chrooted user access to a single directory outside the chroot? Would it be better to leave the web root in the chroot and have Apache (outside chroot) reference that location? Thanks - Trey

3 3

Does anyone know if I can reconfigure a PERC H700 without rebooting?
by Kevin Thorpe 22 Aug '11

22 Aug '11

Hi all, I have a server which is really difficult to restart because of usage requirements and the fact that it's in a co-lo rack so miles away. I've added a couple of drives which I'd like to bring up and add to LVM but the config I know is in the PERC BIOS and requires a reboot. Can the config be changed in the openmanage suite and if so can someone point me in the right direction? thanks

6 5

Intel 82599 driver?
by Lars Hecking 22 Aug '11

22 Aug '11

Which version of the ixgbe driver is included in 5.6? I went through all the RHEL5 release notes, but they only ever state that the driver was updated, not which devices was added. This device is not supported up to CentOS 5.5 (2.0.44-k2), but the latest driver from the Intel web site works fine (3.2.10). 05:00.0 Ethernet controller: Intel Corporation Unknown device 151c (rev 01) 05:00.0 0200: 8086:151c (rev 01) Subsystem: 8086:a03c Flags: bus master, fast devsel, latency 0, IRQ 170 Memory at de400000 (64-bit, non-prefetchable) [size=2M] I/O ports at ecc0 [size=32] Memory at de3f8000 (64-bit, non-prefetchable) [size=16K] Expansion ROM at de200000 [disabled] [size=1M] Capabilities: [40] Power Management version 3 Capabilities: [50] Message Signalled Interrupts: 64bit+ Queue=0/0 Enable- Capabilities: [70] MSI-X: Enable+ Mask- TabSize=64 Capabilities: [a0] Express Endpoint IRQ 0 Capabilities: [e0] Vital Product Data Capabilities: [100] Advanced Error Reporting Capabilities: [140] Device Serial Number 2c-cf-9a-ff-ff-21-1b-00 Capabilities: [150] Unknown (14) Capabilities: [160] Unknown (16)

7 15

Determine high i/o reads/write directories
by Robert Arkiletian 22 Aug '11

22 Aug '11

I have a DRBL server, basically an nfs fileserver, which I am rebuilding. I want to put the high i/o directories on a separate raid array for performance. Currently everything is under / in one raid array. How can I tell which directories, obviously other than /home, are getting high reads and/or writes? Any tools to measure i/o per directory? Thanks -- Robert Arkiletian Eric Hamber Secondary, Vancouver, Canada

4 4

Apache Changing IPtables C 5.6 via Apache
by Always Learning 22 Aug '11

22 Aug '11

When a web site is attacked, so far by unsuccessful hackers, my error routine adds the attackers IP address, prefixed by 'deny', to that web site's .htaccess file. It works and the attacker, on second and subsequent attacks, gets a 403 error response. I want to extend the exclusion ability to every web site hosted on a server. My preferred method is iptables. However, when breaking-out of a PHP script on a web page and running a normal iptables command, for example: iptables -A 3temp -s 1.2.3.4 -j DROP iptables responds with: iptables v1.3.5: can't initialize iptables table `filter': Permission denied (you must be root) Executing 'whoami' confirms Apache is the user. Giving Apache group rw on the /etc/sysconfig/iptables and ensuring the /sbin/iptables is executable by all, fails to resolve the problem. Is there any method of running iptables from an Apache originated process ? Thank you. -- With best regards, Paul. England, EU.

10 17

.XXX Domain Name / Trade Mark Protection
by Always Learning 22 Aug '11

22 Aug '11

A new .xxx domain suffix for sexual content is becoming available. If you have a cherished Trade Mark or brand name and do not want relish having your_domain_name.xxx being available to Cyber Squatters or the 'porn trade' you can block the issuing of that .xxx domain name for a single payment of USD $200 - $300. The blocking application period is from 7 September 2011 until 28 October 2011. The details of where to apply were not disclosed. .xxx will cost about USD $75 yearly. Source: Law Now mailing list CMS Cameron McKenna, London, England 19 August 2011. -- With best regards, Paul. England, EU.

5 9

Multipath w/ iscsi
by Joseph L. Casale 22 Aug '11

22 Aug '11

I have several CentOS 6 boxes that mount iscsi based luns and use mpath. They all had problems shutting down as a result of unused maps not getting flushed as the system halted. After examining the init scripts, netfs, iscsi and multipathd all had the correct order but mpath failed to flush these maps and the system waited indefinitely. In the meantime I hacked this by adding a `/sbin/multipath -F` at the end of the stop clause in the init script. I seriously doubt this problems exists w/o being the result of my error in configuration. Anyone know what the required mpath config might be in this scenario where the block devices all disappear once netfs unmounts and iscsi stops? Thanks! jlc

2 2

help with gpg
by Jerry Geis 21 Aug '11

21 Aug '11

Under Centos 5 I ran this command: gpg --passphrase-file /home/myuser/pass_phrase.txt -c ../Versions/program.x86_64.tgz and this worked fine. On CentOS 6 running the same command prompts me for the passphrase. Thats exactly what I dont want to have happen. I have the pass phrase I want in the file. After some searching it says I need to start the daemon like "gpg-agent --daemon" take the output: GPG_AGENT_INFO=/tmp/gpg-x4WH7K/S.gpg-agent:19156:1; export GPG_AGENT_INFO; and use it - which I did. Then when I run my command above I still get prompted for the pass phrase. What am I not doing correct? I just want a simple phrase on a file that someone has to know before they can extract it. Nothing special going on.... Thanks, Jerry

2 3

Centos6 - Logwatch not mailing on 64bit
by david 21 Aug '11

21 Aug '11

Folks Logwatch is doing its thing properly on my 32-bit servers, delivering the report by mail to my root account once a day sometime around 3:30am. On the 64-bit systems, no mail is occurring. From the "cron" log on a 64-bit system, there are lines like: cron-20110821:Aug 21 03:36:23 XXX run-parts(/etc/cron.daily)[9727]: finished 0logwatch (where "XXX" stands for the server name) but no report is sent. If I run logtwatch manually, by simply typing logwatch as root, I get the mail. Is this a known issue? Is there some information I could supply that would help identify the reason? To the best of my knowledge, I made no changes to the logwatch configuration. Thanks David Kurn

2 4

CentOS-announce Digest, Vol 78, Issue 4
by centos-announce-request＠centos.org 21 Aug '11

21 Aug '11

Send CentOS-announce mailing list submissions to centos-announce(a)centos.org To subscribe or unsubscribe via the World Wide Web, visit http://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request(a)centos.org You can reach the person managing the list at centos-announce-owner(a)centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2011:1187 Moderate CentOS 4 i386 dovecot - security update (Tru Huynh) 2. CESA-2011:1187 Moderate CentOS 4 x86_64 dovecot - security update (Tru Huynh) 3. CEBA-2011:1185 CentOS 4 i386 lvm2 bug fix update (Tru Huynh) 4. CEBA-2011:1185 CentOS 4 x86_64 lvm2 bug fix update (Tru Huynh) ---------------------------------------------------------------------- Message: 1 Date: Fri, 19 Aug 2011 14:26:31 +0200 From: Tru Huynh <tru(a)centos.org> Subject: [CentOS-announce] CESA-2011:1187 Moderate CentOS 4 i386 dovecot - security update To: centos-announce(a)centos.org Message-ID: <20110819122631.GA18674(a)sillage.bis.pasteur.fr> Content-Type: text/plain; charset="us-ascii" CentOS Errata and Security Advisory CESA-2011:1187 dovecot security update for CentOS 4 i386: https://rhn.redhat.com/errata/RHSA-2011-1187.html The following updated file has been uploaded and is currently syncing to the mirrors: i386: updates/i386/RPMS/dovecot-0.99.11-10.EL4.i386.rpm source: updates/SRPMS/dovecot-0.99.11-10.EL4.src.rpm You may update your CentOS-4 i386 installations by running the command: yum update dovecot Tru -- Tru Huynh (mirrors, CentOS i386/x86_64 Package Maintenance) http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xBEFA581B

1 0

← Newer
1
...
6
7
8
9
10
11
12
...
21
Older →

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss August 2011