Discuss July 2017

discuss@lists.centos.org

108 participants
98 discussions

chkconfig madness CentOS 7
by Mark Haney 11 Jul '17

11 Jul '17

I have a couple of in use C7 boxes that were built with ntsysv and chkconfig for some old packages that needed to start using init.d. (The person setting these up didn't know about systemd creating service files for older packages, so we're stuck with these as-is. Here's my problem: Error unpacking rpm package chkconfig-1.7.2-1.el7.x86_64 error: unpacking of archive failed on file /etc/init.d: cpio: rename chkconfig-1.3.61-4.el7.x86_64 was supposed to be removed but is not! I can't update the entire system because of this boondoggle and I can't come up with a way to resolve this safely on a running system. WTH is going on, and why is this a problem? And how the devil do I fix it? -- Mark Haney Network Engineer at NeoNova 919-460-3330 option 1 mark.haney(a)neonova.net www.neonova.net

2 3

Azure Centos Images
by Andrew Holway 11 Jul '17

11 Jul '17

Hello, I was wondering if there is any plan to support an official image for the Microsoft Azure cloud platform? Currently there is a third party publisher "OpenLogic" providing an Centos image but I don't know who they are. Redhat is providing a RHEL 7.3 template and Canonical is providing Ubuntu. I see that a comprehensive set of AMI's are maintained for Amazon Web services. https://aws.amazon.com/marketplace/seller-profile?id=16cb8b03-256e-4dde-8f3… Cheers, Andrew

1 1

Problem with download from local mirror
by mohsen Abbaspour 11 Jul '17

11 Jul '17

Hello Dear I have lunched a local mirror but, I have a problem when I want to download package from it , I get this error when I run "yum update" failure: repodata/repomd.xml from base: [Errno 256] No more mirrors to try. http://centos.local/7/os/i386/repodata/repomd.xml: [Errno 14] HTTP Error 4 04 - Not Found I do not Find out what is problem? I haved installed centos 7 as Client and want to download package from centos.local server and there is one another , I checked on another PC and get this error http://centos.local/repodata/repomd.xml: [Errno 14] HTTP Error 404 - Not Found Trying other mirror. I saw other mirror but they have not this directory too Tahnk you so much for consideration Best Regards -- Check out my professional profile and connect with me on LinkedIn. http://lnkd.in/RqFEqH

2 3

I found this interesting: amount of evil traffic on the internet
by Fred Smith 11 Jul '17

11 Jul '17

I've just done a little "study" (well, nothing quite that pretentious) of the traffic hitting my router, that gets DROPped the router's firewall. there is a surprisingly (to me, at least) enormous amount of it. over about the last 3 weeks, it has dropped over 65,000 connection attempts. I finally got around to figuring out how to have the router's logging mechanism connect to the rsyslog on my Centos workstation, so I can collect a large body of log entries to review. previously I could see only a few hundred at a time, since the router doesn't have huge storage. Here's just the first few items from the list, listed as port number ordered by total number of hits: DPT=3343 8859 DPT=23 7872 DPT=3344 5984 DPT=6 4925 DPT=68 4291 DPT=9 2625 DPT=3291 2524 DPT=32915 2523 DPT=143 2467 DPT=1433 2377 DPT=445 2037 DPT=33441 1544 DPT=33442 1522 DPT=33440 1511 DPT=33434 1511 DPT=33435 1487 DPT=33436 1486 DPT=33437 1476 DPT=33439 1458 DPT=33438 1439 DPT=80 1068 DPT=33443 1060 DPT=5060 948 Some of those are ports I've never been aware of, such as 3343, which /etc/services lists as "ms-cluster-net". Obviously something on MS systems, and apparently a lot of mal-dudes think it's a great port to hit on, in case it might just happen to be wide open. then there's port 23 (telnet) which at 7872 hits is ample evidence for why everybody who knows anything says to NEVER put a system on the internet with an open telnet port. sigh. Then, even after all this garbage is filtered out, there is another HUGE pile of things hitting my mail server that get filtered out by a variety of filtering techniques including but not limited to greylisting email. (BTW, greylisting was by far the most effective of all the filtering techniques I've found for dropping spam before it ever gets into my mail system. For mail that does get in, SpamBayes works great, once one figures out how to configure it.) If any of you don't believe that the 'net is populated by evil beings, let this be a lesson to ye! Thanks for your time! Fred -- ---- Fred Smith -- fredex(a)fcshome.stoneham.ma.us ----------------------------- "For the word of God is living and active. Sharper than any double-edged sword, it penetrates even to dividing soul and spirit, joints and marrow; it judges the thoughts and attitudes of the heart." ---------------------------- Hebrews 4:12 (niv) ------------------------------

1 0

System Start-Up Issue
by Chris Olson 11 Jul '17

11 Jul '17

We run several Intel-based CentOS machines. They are all at 6.9 or 7.x. One of each OS is Oracle VirtualBox hosted on an up to date Windows 7 system. We use these virtual machines for checkout of new applications before they are loaded on native CentOS platforms. Regular weekly updates are run on all of our CentOS machines. I went on vacation right after an update to one of our virtual CentOS 6.9 systems so it was not restarted for a period of time. Now it will not complete boot-up with the gnome display never fully launched. A progress bar at the bottom of the start-up screen never reaches completion. We have not been able to detect a running system on the network. Two options for stopping the CentOS 6.9 virtual machine have been tried. One is to "power off" and the other is to "send the shutdown message". Both of these options appear to work properly. The shutdown output scrolls by very fast but it looks reasonable and the virtual machine eventually closes. We have also tried suspending boot-up and selecting two previous working kernels. This yields the same result of an incomplete start up. Shutdown of these old kernel systems appears the same as shutdown of the newest kernel. However, we have not been able to determine from any of the shutdown sequences exactly how much of the system was actually running. Having very little experience with such start-up issues, we are at a loss to determine how to salvage the CentOS 6.9 virtual machine. Is there a standard way to start up a system without any extras like gnome to see if we can get a running system? Would it be wise to attempt using yum update after we get a running system to see if issues are corrected? Thanks.

7 11

Differences in CentOS and RHEL systems
by Kumuda G 10 Jul '17

10 Jul '17

Hi, I was looking at the differences between the CentOS and RHEL systems, found that tuned profile is different for these OSes. I have gone through RHEL 7 Performance Tuning Guide to see if there are more such changes, sysctl settings change which are due to tuned profile and did not find any other differences Also took diff of /etc/* config files on RHEL and CentOS installed systems, there are RHEL subscription and bugzilla references which vary So, are there more such system wide differences on CentOS? Regards, Kumuda G

2 1

CentOS 7.3 and e1000e
by Jerry Geis 10 Jul '17

10 Jul '17

Hi All - I have a box running the above. Power was lost long enough that UPS did not work. When power came back on the C7 box boots way faster than the switch and resulted in no network. power cycling the C7 box resulted in network. This even happened a second time. The only way to get the box back was to power cycle. the box is remote and no keyboard and mouse connected. Any thoughts on why the e1000e would not talk to the switch ? The switch is an unmanaged linksys - could not get the model. It auto negotiates to 1G/full. Thanks, for any thoughts. Jerry

6 7

Hardening Apache on CentOS 7
by Nicolas Kovacs 09 Jul '17

09 Jul '17

Hi, Some time ago one of my public servers (running Slackware64 14.0) got attacked and was misused to send phishing emails. This misadventure made me more concerned about security, so I spent the last few weeks catching up on security, reading docs about SELinux and how to use it, etc. I have a public sandbox server running CentOS 7, and I'm currently experimenting quite a lot with Apache and how to secure it. My approach is very much trial-and-error. I've started with these two articles: https://devops.profitbricks.com/tutorials/how-to-harden-the-apache-web-serv… https://www.tecmint.com/apache-security-tips/ I've also discovered the Nikto vulnerability scanner, and I'm playing around with it. Besides all this, I'd be curious to know your approach in securing Apache, the tools you use, maybe the odd do's and don'ts, suggestions, some good books and/or online docs about the subject, etc. Cheers from the sunny South of France, Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : info(a)microlinux.fr Tél. : 04 66 63 10 32

3 2

performance problems with OpenLDAP and multiple simultaneous clients
by John Jasen 09 Jul '17

09 Jul '17

Running CentOS7, with openldap-2.4.40-13.el7. The environment consists of two ldap providers, in mirror mode, serving over a shared virtual IP. Client-facing services are provided by 4 consumers, most of which are accessed over a layer 4 load balancer. Periodically, the consumers encounter some sort of client request(s) which consume all available threads, cause backload threads to spike, and cause slapd to go unresponsive for a long period of time. I've no idea what is causing these events, or if there is anything in the configurations that I can tweak to help. Anyone have any ideas?

1 1

Apache + mod_evasive : problem with test.pl
by Nicolas Kovacs 09 Jul '17

09 Jul '17

Hi, I'm currently experimenting with the mod_evasive module for Apache, to protect the server against potential DoS attacks. Here's what I did so far. # yum install mod_evasive Don't touch mod_evasive's default configuration, just restart Apache. # systemctl restart httpd The package includes a test.pl script supposed to launch a testing DoS attack. Unfortunately this script doesn't seem to work as expected. Here's the only response I get: # perl test.pl HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request HTTP/1.1 400 Bad Request ... According to the various online tutorials I found, this should more look like: # perl test.pl HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK HTTP/1.1 200 OK ... HTTP/1.1 403 Forbidden HTTP/1.1 403 Forbidden HTTP/1.1 403 Forbidden ... I tried this on two sandbox machine, one on my LAN, one on a public server, and both times I got the same result. Any suggestions? Niki -- Microlinux - Solutions informatiques durables 7, place de l'église - 30730 Montpezat Web : http://www.microlinux.fr Mail : info(a)microlinux.fr Tél. : 04 66 63 10 32

2 3

← Newer
1
2
3
4
5
6
7
8
9
10
Older →

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss July 2017