Discuss April 2021

discuss@lists.centos.org

76 participants
50 discussions

CentOS-announce Digest, Vol 193, Issue 1
by centos-announce-request＠centos.org 11 Apr '21

11 Apr '21

Send CentOS-announce mailing list submissions to centos-announce(a)centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-request(a)centos.org You can reach the person managing the list at centos-announce-owner(a)centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." … [View More]Today's Topics: 1. CESA-2021:1071 Important CentOS 7 kernel Security Update (Johnny Hughes) 2. CESA-2021:1072 Important CentOS 7 libldb Security Update (Johnny Hughes) ---------------------------------------------------------------------- Message: 1 Date: Sat, 10 Apr 2021 17:09:38 +0000 From: Johnny Hughes <johnny(a)centos.org> To: centos-announce(a)centos.org Subject: [CentOS-announce] CESA-2021:1071 Important CentOS 7 kernel Security Update Message-ID: <20210410170938.GA12184(a)bstore1.rdu2.centos.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2021:1071 Important Upstream details at : https://access.redhat.com/errata/RHSA-2021:1071 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: bfe191b783a11c70daf05fb86e81e2e36d80b7dec5eb2243fa223700ce330824 bpftool-3.10.0-1160.24.1.el7.x86_64.rpm 996ee55268c9971d07d38c3217e0fb813a202d1b838963b6db16217069d193db kernel-3.10.0-1160.24.1.el7.x86_64.rpm 33b524d6eec3fc82a17df2220b596193025c1faf20c5939c4271809681f95803 kernel-abi-whitelists-3.10.0-1160.24.1.el7.noarch.rpm 8764032443efee4dc7bfb0ee1a11749205880cd86b230ad538346b697120c5e7 kernel-debug-3.10.0-1160.24.1.el7.x86_64.rpm e2b80fc90e80e10166a785ab1c718ed12380055d955ab295c5363ad6405fe815 kernel-debug-devel-3.10.0-1160.24.1.el7.x86_64.rpm 52fc84afa30b500c79c2116a67a199c3eba6bbed1b7b171fc4fec483dc2c9f4c kernel-devel-3.10.0-1160.24.1.el7.x86_64.rpm cda402fcb291052201381d37c733af954d30e2e6e3f24e5b636ae67715e8c0d0 kernel-doc-3.10.0-1160.24.1.el7.noarch.rpm 2a69b561a8c58b7ed126929ce0f305827b54da8604e8f662568fc8ec96090f26 kernel-headers-3.10.0-1160.24.1.el7.x86_64.rpm 150b5e83d6acc1e5a6e22bee18216d6c7e0c581dca489071a61aab70eb9b93fb kernel-tools-3.10.0-1160.24.1.el7.x86_64.rpm 540ad2675ab792c4e347811b9c59c9dfa46be5932ed582b6b0748c7a27660973 kernel-tools-libs-3.10.0-1160.24.1.el7.x86_64.rpm 44904175313b13552ac962d42d456dc5d52bface994ef485f56c33f7f6971440 kernel-tools-libs-devel-3.10.0-1160.24.1.el7.x86_64.rpm 9124221e268619f8424d72980a7b256e0e00ba0639fcf0be1387712d145c7416 perf-3.10.0-1160.24.1.el7.x86_64.rpm 2308127baa502197469a17cef0a36622ccd5c528247af648e424284943e73572 python-perf-3.10.0-1160.24.1.el7.x86_64.rpm Source: 6fc0eaf2486a736d0793f6165e07c183bb0c8db2c858bd0dbefc1a2b23a0528b kernel-3.10.0-1160.24.1.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net Twitter: @JohnnyCentOS ------------------------------ Message: 2 Date: Sat, 10 Apr 2021 17:14:31 +0000 From: Johnny Hughes <johnny(a)centos.org> To: centos-announce(a)centos.org Subject: [CentOS-announce] CESA-2021:1072 Important CentOS 7 libldb Security Update Message-ID: <20210410171431.GA12486(a)bstore1.rdu2.centos.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2021:1072 Important Upstream details at : https://access.redhat.com/errata/RHSA-2021:1072 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 67364ca692de365478eee5a94879717c1fae2b7a4ba46d128ec04f0477c8c2b5 ldb-tools-1.5.4-2.el7.x86_64.rpm 36ad5a43df60889dd9c1134cb0e042317befa64f7293f44bc91271fddbbfc7e6 libldb-1.5.4-2.el7.i686.rpm cec370a7441899c3ffcd47f783a0437d9d649fd4a1252c6c317561f431e537c4 libldb-1.5.4-2.el7.x86_64.rpm 359852ce38e0555b23e78c945070ef67c0599138eac0c52de77a819e8fdebce9 libldb-devel-1.5.4-2.el7.i686.rpm 4d0e360eff9294623b345353bcf2cb4623c50a3e2bf31ace6ba05141150d85fd libldb-devel-1.5.4-2.el7.x86_64.rpm 29124a79cce7024da4f024131a66f80d78a70d73c5fafe6456617633e5b83560 pyldb-1.5.4-2.el7.i686.rpm 8043266fac97f3c92dfeaa8fad590469ad37ab990d86e9ece87829bdd9e0c8ae pyldb-1.5.4-2.el7.x86_64.rpm b3dbb953a4dc9b8b5ee95024d51d922488db5a0f0ec2ece9bf47d8d5cbbf24fa pyldb-devel-1.5.4-2.el7.i686.rpm 8f596e23215f48c31a9bb115c327431b21431ac93d7279b39dc998ca0bdfc6b8 pyldb-devel-1.5.4-2.el7.x86_64.rpm Source: e678f1a0df3c67bd8f6319dbe32013a311d6d797b51284ff7d5e254c2f7a1ff5 libldb-1.5.4-2.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #centos(a)irc.freenode.net Twitter: @JohnnyCentOS ------------------------------ Subject: Digest Footer _______________________________________________ CentOS-announce mailing list CentOS-announce(a)centos.org https://lists.centos.org/mailman/listinfo/centos-announce ------------------------------ End of CentOS-announce Digest, Vol 193, Issue 1 *********************************************** [View Less]

1 0

Can't upgrade sssd-*
by Warren Young 09 Apr '21

09 Apr '21

Is anyone else getting this on dnf upgrade? [MIRROR] sssd-proxy-2.3.0-9.el8.x86_64.rpm: Interrupted by header callback: Server reports Content-Length: 9937 but expected size is: 143980 [MIRROR] sssd-proxy-2.3.0-9.el8.x86_64.rpm: Interrupted by header callback: Server reports Content-Length: 9937 but expected size is: 143980 [MIRROR] sssd-proxy-2.3.0-9.el8.x86_64.rpm: Interrupted by header callback: Server reports Content-Length: 9937 but expected size is: 143980 [MIRROR] sssd-proxy-2.3.0-9.… [View More]

5 10

Re: [CentOS] CentOS 8
by Valeri Galtsev 09 Apr '21

09 Apr '21

On 4/9/21 10:47 AM, Binet, Valere (NIH/NIA/IRP) [C] wrote: > The NIST and CIS baselines don't allow su, we have to use sudo on government computers. > Could you enlighten me on the rationale behind that restriction? As, as you already noticed, my [ancient, maybe] reasoning makes me arrive at an opposite conclusion. (but mine is pure security consideration with full trust vested into sysadmin, see below...) On a second guess: it is just for a separation of privileges, and accounting … [View More]of who did what which sudo brings to the table... Right? Thanks in advance. Valeri > Valère Binet > > On 4/9/21, 11:39 AM, "Valeri Galtsev" <galtsev(a)kicp.uchicago.edu> wrote: > > > > On 4/9/21 10:31 AM, Johnny Hughes wrote: > > On 4/9/21 5:18 AM, Steve Clark via CentOS wrote: > >> On 4/8/21 3:50 PM, Tony Schreiner wrote: > >> > >> On Thu, Apr 8, 2021 at 2:33 PM Nicolas Kovacs > >> <info(a)microlinux.fr><mailto:info@microlinux.fr> wrote: > >> > >> > >> > >> Le 08/04/2021 à 18:58, Steve Clark via CentOS a écrit : > >> > >> > >> How do I allow root log in on GDM. > >> > >> > >> > >> tl;dr: you don't. > >> > >> Log in as a non-root user, and when you do need root, either open up a > >> terminal > >> and use 'su -' or (even better) setup your user by making your user a > >> member of > >> the wheel group and then use sudo. > >> > >> Logging in to a GUI as root is *BAD* practice. > >> > >> Cheers, > >> > >> Niki > >> > >> > >> > >> > >> > >> That said - you can do it, by clicking on "Not listed?" and typing root > >> into the user field. > >> > >> Yes I have done that and it immediately comes back to the login screen, > >> I know I am typing the > >> correct passwd, because if I botch the passwd I get a message to that > >> effect. > >> > >> > >> > > > > I would not recommend ever using the GUI as the root user .. it creates > > keys and items that are very dangerous. (gnome key rings, etc) > > > > +1000 > > > You should be able to 'su -' , then use visudo to create a sudo account > > for your user. You can even NOPASSWD your user for using sudo (you may > > or may not want to do that .. if someone gains access to your local > > account, they could then sudo with no passwd). > > > > In the past I even avoided sudo. It yet one more SUID-ed binary on your > machine. Which may add to your potential [local, in general] > vulnerability footprint. su, - making yourself root is more than enough > for regular sysadmin. > > > But, i have never, ever logged in as root on a GUI account directly on a > > machine that I cared about or was keeping live .. just advise, do with > > it what you will. > > > > +1 > > To OP: Do as you wish, and deal with consequences. > > Valeri > > > > > _______________________________________________ > > CentOS mailing list > > CentOS(a)centos.org > > https://lists.centos.org/mailman/listinfo/centos > > > > -- > ++++++++++++++++++++++++++++++++++++++++ > Valeri Galtsev > Sr System Administrator > Department of Astronomy and Astrophysics > Kavli Institute for Cosmological Physics > University of Chicago > Phone: 773-702-4247 > ++++++++++++++++++++++++++++++++++++++++ > _______________________________________________ > CentOS mailing list > CentOS(a)centos.org > https://lists.centos.org/mailman/listinfo/centos > -- ++++++++++++++++++++++++++++++++++++++++ Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247 ++++++++++++++++++++++++++++++++++++++++ [View Less]

3 7

CentOS 8
by Steve Clark 09 Apr '21

09 Apr '21

Hello, How do I allow root log in on GDM. The only people that have access are admins - so I am not worried about someone screwing things up. Thanks, -- Stephen Clark Email Confidentiality Notice: The information contained in this transmission may contain privileged and confidential and/or protected health information (PHI) and may be subject to protection under the law, including the Health Insurance Portability and Accountability Act of 1996, as amended (HIPAA). This transmission is … [View More]

5 6

Re: [CentOS] Automatic clean /tmp folder
by Gestió Servidors 09 Apr '21

09 Apr '21

>>> With these files I supposed that a file with more than 10 days in /tmp >>> would be automatically deleted, but today I have found some files/folders >>> with more than 10 days. >>> >>> What I have done wrong? >> >> The test is on access time, not modification. Have they been read in the last 10 days? > >And note that a GUI file manager might attempt to read every file in a >directory in order to determine its type … [View More]

2 1

Re: [CentOS] Booting from an ISO file in a XFS /boot
by Gestió Servidors 08 Apr '21

08 Apr '21

> Just guessing - loading the grub module for xfs is missing? Also, I have test adding "insmod xfs" in the "menuentry" section of my "iPXE" boot option, but result is the same...

1 0

Booting from an ISO file in a XFS /boot partition
by Gestió Servidors 08 Apr '21

08 Apr '21

Hi, I want to boot with a customized iPXE iso boot file from my GRUB2 menu. My system is running CentOS-7, with /boot formated as XFS filesystem. After copying my iPXE.iso into /boot, I have created a custom GRUB2 file in /etc/grub.d/40_custom like this: menuentry "iPXE" { set isofile="/ipxe.iso" loopback loop (hd0,1)$isofile linux16 (loop)/ipxe.lkrn } After regenerating grub2.cfg with "grub2-mkconfig -o /etc/grub2.cfg , I have rebooted my system,… [View More]

2 1

Re: [CentOS] almalinux?
by Jack Aboutboul 08 Apr '21

08 Apr '21

Thanks Rich for the kind words and Johnny for the support as well. Rich is correct about the non-profit foundation that was setup to facilitate community ownership and involvement. No one party owns or controls AlmaLinux. We don’t view anyone as "the other team” either, and we are glad, and here, to work together with everyone. The way we see it is that we are all family now as well and people have different needs. We are sure CentOS Stream is going to be great for those whose needs it fills … [View More]

1 0

Binutils-2.30-98.el8.aarch64 broken on raspberry Pi4
by Maurice Smulders 07 Apr '21

07 Apr '21

The recent update of binutils/binutils-devel on aarch64 totally breaks gcc. When running gcc over a simple program with main - executing it results in a SIGSEGV, as the _start prologue calls a NULL pointer. I haven't figured out yet how to build a new build using git.centos.org, but I noticed that there is a -99 variant out there... -90 worked fine. What's the quickest way to get this back to being operational? The instructions to build a new package look to be a bit scattered - and how can … [View More]

2 2

almalinux?
by mark 07 Apr '21

07 Apr '21

Anyone looked into almalinux? I was sort of waiting for rocky, but I see from over the weekend on slashdot that almalinux stable is released. mark

15 18

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss April 2021