Discuss

discuss@lists.centos.org

34753 discussions

Re: [CentOS] Configuring BIND to answer to two domain names (four IP addresses)
by Dotan Cohen 27 Sep '10

27 Sep '10

On Mon, Sep 27, 2010 at 13:27, Brent L. Bates <blbates(a)vigyan.com> wrote: > Just noticed something. Have your serial number reflect the date you > last updated the file. That way you will know when you last changed it. For > example, today is September 27, 2010, if you were making your first update > today, make the serial number 2010092701. I add on 2 digits at the end in > case I need to make more than one change in one day. Changing it 10 times in > one day isn't likely, but just in case that isn't enough, I know *I* will not > be making more than 100 changes in one day. Serial numbers ALWAYS have to > increase with each change. That is the way other name servers know they need > to update their information. If the serial number is bigger than what they > have stored, then they know they need to download the new information. If you > plan on updating the DNS information more than 100 times a day, you will need > to give yourself some extra digits. I hope this is of some help. > I think that the fine manual mentioned something about if one hundreds edits were done in a single day, then it is time to go home and get some sleep! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com

1 0

Re: [CentOS] CentOS, Firefox, and Java Plugin
by ken 27 Sep '10

27 Sep '10

CCing the CentOS group on this... maybe someone there knows how to handle the error. On 09/23/2010 03:19 PM ken wrote: > On 09/23/2010 01:29 PM Mathieu Baudier wrote: >>> As it turns out, I don't have the Argeo version. If I'm still >>> having >> But you have the java browser plugin? Sorry to not answer this part in my previous email. I wanted to search around to see if I could get the answer for myself... and it hasn't been easy. Apparently I don't have the java plugin browser installed. I've tried to install it using the rpm.bin file at <http://java.com/en/download/linux_manual.jsp?locale=en&host=java.com>, but it's erroring out: "/bin/sh: bad interpreter: Text file busy". I've never seen that error before. >> >> Can you please send me the output of your 'java -version' command >> please? > > # java -version > java version "1.6.0_0" > OpenJDK Runtime Environment (IcedTea6 1.6) (rhel-1.13.b16.el5-i386) > OpenJDK Client VM (build 14.0-b16, mixed mode) > > -- Find research and analysis on US healthcare, health insurance, and health policy at: <http://healthpolicydaily.blogspot.com/>

7 15

Bugzilla 3.6.2 + sendmail + SELinux
by Mathieu Baudier 27 Sep '10

27 Sep '10

Hello, I have deployed Bugzilla 3.6.2 on CentOS 5 (with rpmforge perl-* packages) and I have a problem with SELinux preventing mail being sent via sendmail. (see SELinux reports below, especially the second one) When SELinux is in permissive mode, mail sending from Bugzilla is working properly. Has anybody got recent Bugzilla to work with SELinux on CentOS? Thanks in advance! Mathieu -------------------------------------------------------------------------------- Summary: SELinux is preventing the sendmail from using potentially mislabeled files ./spool (var_spool_t). Detailed Description: SELinux has denied the sendmail access to potentially mislabeled files ./spool. This means that SELinux will not allow httpd to use these files. Many third party apps install html files in directories that SELinux policy cannot predict. These directories have to be labeled with a file context which httpd can access. Allowing Access: If you want to change the file context of ./spool so that the httpd daemon can access it, you need to execute it using chcon -t httpd_sys_content_t './spool'. You can look at the httpd_selinux man page for additional information. Additional Information: Source Context system_u:system_r:httpd_bugzilla_script_t Target Context system_u:object_r:var_spool_t Target Objects ./spool [ dir ] Source sendmail Source Path /usr/sbin/sendmail.sendmail Port <Unknown> Host <Unknown> Source RPM Packages sendmail-8.13.8-8.el5 Target RPM Packages Policy RPM selinux-policy-2.4.6-279.el5_5.1 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name httpd_bad_labels Host Name www Platform Linux www 2.6.18-194.11.4.el5 #1 SMP Tue Sep 21 05:04:09 EDT 2010 x86_64 x86_64 Alert Count 1 First Seen Mon Sep 27 02:07:43 2010 Last Seen Mon Sep 27 02:07:43 2010 Local ID 24372577-2d4c-4bbe-be6b-ea9100b7c3ed Line Numbers 11701, 11702 Raw Audit Messages type=AVC msg=audit(1285546063.60:15): avc: denied { search } for pid=3420 comm="sendmail" name="spool" dev=dm-2 ino=158722 scontext=system_u:system_r:httpd_bugzilla_script_t:s0 tcontext=system_u:object_r:var_spool_t:s0 tclass=dir type=SYSCALL msg=audit(1285546063.60:15): arch=c000003e syscall=80 success=no exit=-13 a0=7fffeddf6060 a1=17 a2=fff a3=0 items=0 ppid=3418 pid=3420 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=51 sgid=51 fsgid=51 tty=(none) ses=4294967295 comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:httpd_bugzilla_script_t:s0 key=(null) -------------------------------------------------------------------------------- Summary: SELinux is preventing sendmail (httpd_bugzilla_script_t) "create" to <Unknown> (httpd_bugzilla_script_t). Detailed Description: SELinux denied access requested by sendmail. It is not expected that this access is required by sendmail and this access may signal an intrusion attempt. It is also possible that the specific version or configuration of the application is causing it to require additional access. Allowing Access: You can generate a local policy module to allow this access - see FAQ (http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385) Or you can disable SELinux protection altogether. Disabling SELinux protection is not recommended. Please file a bug report (http://bugzilla.redhat.com/bugzilla/enter_bug.cgi) against this package. Additional Information: Source Context system_u:system_r:httpd_bugzilla_script_t Target Context system_u:system_r:httpd_bugzilla_script_t Target Objects None [ unix_dgram_socket ] Source sendmail Source Path /usr/sbin/sendmail.sendmail Port <Unknown> Host <Unknown> Source RPM Packages sendmail-8.13.8-8.el5 Target RPM Packages Policy RPM selinux-policy-2.4.6-279.el5_5.1 Selinux Enabled True Policy Type targeted MLS Enabled True Enforcing Mode Enforcing Plugin Name catchall Host Name www Platform Linux www 2.6.18-194.11.4.el5 #1 SMP Tue Sep 21 05:04:09 EDT 2010 x86_64 x86_64 Alert Count 1 First Seen Mon Sep 27 02:07:43 2010 Last Seen Mon Sep 27 02:07:43 2010 Local ID f7aa29e4-40d9-4184-904e-4dfb93c57ea7 Line Numbers 11703, 11704 Raw Audit Messages type=AVC msg=audit(1285546063.61:16): avc: denied { create } for pid=3420 comm="sendmail" scontext=system_u:system_r:httpd_bugzilla_script_t:s0 tcontext=system_u:system_r:httpd_bugzilla_script_t:s0 tclass=unix_dgram_socket type=SYSCALL msg=audit(1285546063.61:16): arch=c000003e syscall=41 success=no exit=-13 a0=1 a1=2 a2=0 a3=7373696d72655020 items=0 ppid=3418 pid=3420 auid=4294967295 uid=48 gid=48 euid=48 suid=48 fsuid=48 egid=51 sgid=51 fsgid=51 tty=(none) ses=4294967295 comm="sendmail" exe="/usr/sbin/sendmail.sendmail" subj=system_u:system_r:httpd_bugzilla_script_t:s0 key=(null)

2 3

Raid 10 questions...2 drive
by Tom Bishop 27 Sep '10

27 Sep '10

I have been reading lots of stuff but trying to find out if a raid10 2drive setup is any better/worse than a normal raid 1 setup....I have to 1Tb drives for my data and a seperate system drive, I am only interested in doing raid on my data... So i setup my initial test like this.... mdadm -v --create /dev/md0 --chunk 1024 --level=raid10 --raid-devices=2 /dev/sdb1 /dev/sdc1 I have also read about near and far but was going to play with this and was wondering if anyone had any insights for 2 drives setup...Thanks...

12 19

operating system upgrade/reinstall
by Zhiyong Zhang 27 Sep '10

27 Sep '10

Hello, I am planning to upgrade the operating system from CentOS4.8 to the latest CentOS5. Is there a detailed, step by step instruction on the installation/.upgrade procedure? Thank you very much for any suggestions and advices, Sincerely, Zhiyong

2 1

couple questions about initrd.img
by Robert P. J. Day 27 Sep '10

27 Sep '10

here's hoping this is on topic. as part of the extra goodies i'm going to give my RHEL/centos basic admin class this week, i'm going to get them to open up the standard initrd.img file and see what's inside. i just did that myself and have a couple simple questions. first, while the cpio archive physically contains a number of basic /dev special files, the top-level "init" script runs "mknod" to create them all, anyway. not a big deal, but is it fair to say that populating the initrd.img with those initial /dev files is redundant since init creates them all, anyway? also, i note that that "init" script appears to call a couple scripts/commands that don't exist in the initrd, such as hotplug and mkblkdevs. again, not a big deal but if i show the students what's in that initrd, chances are someone's going to notice the above and ask about it, so i might as well have an answer. thanks. rday -- ======================================================================== Robert P. J. Day Waterloo, Ontario, CANADA Top-notch, inexpensive online Linux/OSS/kernel courses http://crashcourse.ca Twitter: http://twitter.com/rpjday LinkedIn: http://ca.linkedin.com/in/rpjday ========================================================================

2 1

Re: [CentOS] dev.centos.org backuppc package
by Jason Pyeron 27 Sep '10

27 Sep '10

> -----Original Message----- > From: Jason Pyeron > Sent: Sunday, September 26, 2010 1:02 > To: CentOS mailing list > Subject: dev.centos.org backuppc package > > I have a few updates to fix some bugs. > Do attachments get striped? -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.

2 1

Configuring BIND to answer to two domain names (four IP addresses)
by Dotan Cohen 26 Sep '10

26 Sep '10

On a CentOS 5 server, I am having a hard time configuring BIND to answer to 4 IP addresses for 2 domain names. Currently, I have four IP addresses, for sake of discussion they are: 1.1.1.1 1.1.1.2 1.1.1.3 1.1.1.4 Additionally, I have two domain names. For sake of discussion: exampleA.com exampleB.com My goal is to have 1.1.1.1 & 1.1.1.2 as the nameservers for exampleA.com, and 1.1.1.3 & 1.1.1.4 as the nameservers for exampleB.com. Apache is running on this machine, and should of course serve pages for the sites. I think that I've got the apache configuration down, but the BIND configuration is eluding me. I've read the following fine manual, but I am still stuck: http://www.centos.org/docs/5/html/Deployment_Guide-en-US/ch-bind.html Additionally, I have googled for "how to configure bind for multiple domain names" and the like, but I see no mention of the IP addresses configuration. Can I simply configure any IP address that the server answers to as the nameservers? What am I missing? Thank you in advance! -- Dotan Cohen http://gibberish.co.il http://what-is-what.com

8 42

Mock on 5.5 x86_64 failing with Could not find useradd in chroot, maybe the install failed?
by Jason Pyeron 25 Sep '10

25 Sep '10

I am atempting to work with some rpms in the c5-testing repo. When I add: [c5-testing] name=CentOS-5 Testing baseurl=http://dev.centos.org/centos/5/testing/x86_64/ gpgcheck=1 gpgkey=http://dev.centos.org/centos/RPM-GPG-KEY-CentOS-testing to centos-5-x86_64.cfg, saving as centos-5-x86_64-testdev.cfg I get the aformentioned error. Example [mockbuild@localhost ~]$ mock -r centos-5-x86_64-testdev.cfg init init clean prep This may take a while Could not find useradd in chroot, maybe the install failed? ending done -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- - - - Jason Pyeron PD Inc. http://www.pdinc.us - - Principal Consultant 10 West 24th Street #100 - - +1 (443) 269-1555 x333 Baltimore, Maryland 21218 - - - -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- This message is copyright PD Inc, subject to license 20080407P00.

1 1

ca-bundle.crt expired
by Timothy Murphy 25 Sep '10

25 Sep '10

I notice that the certificate /etc/pki/tls/certs/ca-bundle.crt on my CentOS-5.5 system expired on 7 Jan 2010, although the openssl-0.9.8e-12.el5_4.6 package was updated in March. What is the point of this certificate? -- Timothy Murphy e-mail: gayleard /at/ eircom.net tel: +353-86-2336090, +353-1-2842366 s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland

1 0

Jump to page:

2026

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Discuss