mirror

mirror@lists.centos.org

4577 discussions

Halted Web Server Compromise
by Shawn M. Jones 29 Sep '05

29 Sep '05

I discovered this morning that SELinux had stopped a user from executing commands through my apache web server. He was using a vulnerability in php-pear to get in, which I had patched a few months ago. Unfortunately, I had foolishly not restarted the apache service after the patch, so he started adding interesting scripts to my temp directories. I'm going to perform a partial rebuild of the server. By what I can tell, he was not able to leave his SELinux jail and execute any programs. I've used rpm to validate the MD5 checksums of all package files and verified that the only ones that came back were ones that I had modified. As he was restricted to executing everything as the apache user with a security context of root:system_r:httpd_sys_script_t, he was not able to start any of the back doors or IRC bots that he had placed on the system, but I am concerned about the content accessible to httpd_sys_script_t, so I'm going to remove all web server related material and restore it from backups. What I did not back up was the mirror of CentOS, which I need to rebuild as a precautionary measure. I'm currently removing alias to the CentOS mirror on the server. Please remove me from the CentOS mirrors page until I get the system rebuilt. Sorry for the inconvenience. Sincerely, Shawn M. Jones Admin of the LittleProjects.org site in VA, USA

2 4

add a new centos mirror.
by huang mingyou 27 Sep '05

27 Sep '05

hello,list. I had mirror the centos from the msync.centos.org .I use rsync syncronize the mirror daily.The URL of this mirror is : http://mirrors.vmmatrix.net/centos/,locate of this mirror is ShangHai,China. Bandwidth of this mirror is 200Mbit. the sponsoring organization is Vmmatrix Co., Ltd. our had mirror the kernel,apache,ldp,debian,trustix and join them's mirror list. -- hmy

1 0

Mirror Hosting
by Todd Reed 20 Sep '05

20 Sep '05

I'd like to setup and host a mirror, what are the overall requirements, space requirements, etc? Thanks, Todd

4 5

new mirror
by Bryan Sarpad 16 Sep '05

16 Sep '05

Hello, We have setup a new CentOS mirror that syncs 3 times a day with us-msync.centos.org::CentOS. http://centos-distro.cavecreek.net/ ftp://centos-distro.cavecreek.net/ rsync: centos-distro.cavecreek.net::CentOS City: Phoenix, AZ Bandwidth: 100mbit Sponsor: Cavecreek Web Hosting Bryan Sarpad Cavecreek Wholesale Internet Exchange

1 0

using the --delay-update switch in rsync >= 2.6.4
by Johnny Hughes 15 Sep '05

15 Sep '05

We have upgraded the rsync used on the centos mirrors to a version >= 2.6.4 so that we can use the --delay-updates flag for rsyncing. This flag (if you have rsync >= 2.6.4) will download all the updates, then move them into place ... so for items like yum repos, there is a much shorter time that the repo is not usable during long updates. If you have rsync >= 2.6.4, we recommend you use this switch for CentOS rsyncs. See the below e-mail for info: > > >> While a CVS commit is in progress, for instance, other users still see the previous > > >> state; this is not true for a YUM repository. > > > > >> Hmm. This sounds like the crux of the problem. If the mirroring > > >> software could be tricked into copying the repodata last, wouldn't this > > >> problem (and this thread) go away? > > > > > rsync does not allow you to specify an order, however rsync has 2 options. > > > --delay-updates will update the mirror at the end of the sync, which is > > > near atomic (this is functionality that Jeff Pitman wrote when I needed it > > > for my repository) and you have an atomic-script that comes with rsync > > > that hardlinks the tree, makes updates in that new tree and finally > > > atomically puts it all back. > > > > This one thing right there will help tremendously. Thanks for the pointer > > to --delay-updates (any idea which version of rsync this first appeared?). > > OK guys ... the answer is that is was added in version 2.6.4 of > rsync ... and that is newer than both CentOS-3 and CentOS-4 :( > > BUT - this is such a good feature, we have upgraded the CentOS mirrors > to have version 2.6.6 of rsync from Dag's repo: > > http://dag.wieers.com/packages/rsync/ > > We recommend that if you are rsyncing from centos.org that you get > the .el3 or .el4 version of rsync (depending on the version of your > mirror) from above and then add the --delay-updates switch to your rsync > script when rsyncing from us. > > Many thanks to Dag Wieers for the info on this issue, for submitting the > request to get this included in rsync ... and for his outstanding repos.

2 1

Chane of CentOS mirror - new URL
by Kaitsa Maria 14 Sep '05

14 Sep '05

I'd like to inform you that we were maintaing a mirror of CentOS under the URL mirror http://andromeda.ee.teiath.gr/CentOS This has changed to http://mirrors.ee.teiath.gr/CentOS and an ftp of CentOS is available in ftp://mirrors.ee.teiath.gr/pub/CentOS/

1 0

cron lock file
by Silvian Cretu 14 Sep '05

14 Sep '05

Hi! I am now mirroring CentOS and I would like to use lock files so that I don't start multiple connections at the same time. I don't know how to do this... The CentOS Mirroring HowTo 'told' me that this mailing list can help me! Thank you in advance... Silvian Cretu ----------------- http://www.linux360.ro/ http://toxic-chat.sourceforge.net/ http://www.caramida-verde.as.ro/ __________________________________ Yahoo! Mail - PC Magazine Editors' Choice 2005 http://mail.yahoo.com

5 6

Re: [CentOS-mirror] cron lock file
by mirror-admin＠cs.wisc.edu 13 Sep '05

13 Sep '05

Silvian Cretu wrote: >Hi! I am now mirroring CentOS and I would like to use >lock files so that I don't start multiple connections >at the same time. I don't know how to do this... >The CentOS Mirroring HowTo 'told' me that this mailing >list can help me! Thank you in advance... If you want to create a lock file without a race condition, you could use the 'lockfile' command. The man page even shows simple example quasi-script. -- Dave Thompson ( thomas (at) cs.wisc.edu ) Associate Researcher Department of Computer Science University of Wisconsin-Madison http://www.cs.wisc.edu/(twiddle)thomas 1210 West Dayton Street Madison, WI 53706-1685 -- ------- End of Forwarded Message

1 0

os choice help (fwd)
by R P Herrold 13 Sep '05

13 Sep '05

I forward this request, which came in through the security identity, to the proper mailing list. Please assist him. -- Russ herrold ---------- Forwarded message ---------- Date: Wed, 3 Aug 2005 01:51:50 +0430 From: Sales Sign4host <sales(a)sign4host.com> To: security @ centos.org Subject: os chooice help Dear centos security team We have a web server in USA and now we have fedora core2 but we find many security problems on that Now we want to change it to your OS but we are looking for good security OS Our server configuration AMD 64 bit 3000+ 2 GB Ram Plesk Reload 7.5 Control panel And 1200 data transfer 4 ip We will add in feature 500GB extra bandwidth 50 ip with in next 4 month now we have 8 ip We will host around 1800 host on that but all site have average usage Please help us Regards, Sales Team (Iran Head Surfer sign4host.com ) Tel:+989143405341 Web Host & Web Promoter <http://sign4host.com/> http://sign4host.com International Leader in Linux Hosting ! ---------------------------------------- "This e-mail message may contain confidential, proprietary or legally privileged information. It should not be used by anyone who is not the original intended recipient. If you have erroneously received this message, please delete it immediately and notify the sender." ----------------------------------------

1 0

Re: CentOS-mirror Digest, Vol 7, Issue 3
by D. Clough 08 Sep '05

08 Sep '05

On 9/8/05, centos-mirror-request(a)centos.org <centos-mirror-request(a)centos.org> wrote: > Send CentOS-mirror mailing list submissions to > centos-mirror(a)centos.org > > To subscribe or unsubscribe via the World Wide Web, visit > http://lists.centos.org/mailman/listinfo/centos-mirror > or, via email, send a message with subject or body 'help' to > centos-mirror-request(a)centos.org > > You can reach the person managing the list at > centos-mirror-owner(a)centos.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of CentOS-mirror digest..." > > > Today's Topics: > > 1. New CentOS mirror (Brian Moyles) > 2. Re: New CentOS mirror (Martin Hamant) > 3. Re: New CentOS mirror (Mihai Maties) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Wed, 7 Sep 2005 09:01:08 -0500 > From: Brian Moyles <bmoyles(a)playboy.com> > Subject: [CentOS-mirror] New CentOS mirror > To: centos-mirror(a)centos.org > Message-ID: <E0C5113F-BAB7-4E4E-B7CA-8D5C8788CB55(a)playboy.com> > Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed > > http://mirrors.playboy.com/CentOS/ > > Also available by ftp and rsync (see http://mirrors.playboy.com/ for > details) > > DS3 rate limited to 10Mbps, updated twice daily. > > Any questions/concerns should be sent to mirrors(a)playboy.com > > > Thanks! > > > > > Brian Moyles > Playboy Enterprises, Inc. > (312) 373-2086 | bmoyles(a)playboy.com > > > > ------------------------------ > > Message: 2 > Date: Wed, 7 Sep 2005 16:24:01 +0200 > From: Martin Hamant <mh(a)accelance.fr> > Subject: Re: [CentOS-mirror] New CentOS mirror > To: "Mailing list for CentOS mirrors." <centos-mirror(a)centos.org> > Message-ID: <20050907162401.168048f7(a)mh.noc.accelance.net> > Content-Type: text/plain; charset=ISO-8859-1 > > Le Wed, 7 Sep 2005 09:01:08 -0500 > Brian Moyles <bmoyles(a)playboy.com> écrivait: > > > http://mirrors.playboy.com/CentOS/ > > > > Also available by ftp and rsync (see http://mirrors.playboy.com/ for > > details) > > > > DS3 rate limited to 10Mbps, updated twice daily. > > > > Any questions/concerns should be sent to mirrors(a)playboy.com > > > > > > ROFL ! I imagine "mirrors.playboy.com" in my config files and scripts ! > > :-D > > -- > Martin > > > ------------------------------ > > Message: 3 > Date: Wed, 7 Sep 2005 17:45:26 +0300 > From: Mihai Maties <mihai(a)xcyb.org> > Subject: Re: [CentOS-mirror] New CentOS mirror > To: "Mailing list for CentOS mirrors." <centos-mirror(a)centos.org> > Message-ID: <200509071745.27947@xcyb0rg> > Content-Type: text/plain; charset="iso-8859-1" > > On Wednesday 07 September 2005 17:24, Martin Hamant wrote: > > Le Wed, 7 Sep 2005 09:01:08 -0500 > > > > Brian Moyles <bmoyles(a)playboy.com> écrivait: > > > http://mirrors.playboy.com/CentOS/ > > > > > > Also available by ftp and rsync (see http://mirrors.playboy.com/ for > > > details) > > > > > > DS3 rate limited to 10Mbps, updated twice daily. > > > > > > Any questions/concerns should be sent to mirrors(a)playboy.com > > > > ROFL ! I imagine "mirrors.playboy.com" in my config files and scripts ! > > You'll better exercise your explanations to avoid stammering in front of your > girlfriend/wife (in case she stumbles across your config files) :D > > > Mihai > > > -- > This message was scanned for spam and viruses by BitDefender. > For more information please visit http://www.bitdefender.com/ > > > > ------------------------------ > > _______________________________________________ > CentOS-mirror mailing list > CentOS-mirror(a)centos.org > http://lists.centos.org/mailman/listinfo/centos-mirror > > > End of CentOS-mirror Digest, Vol 7, Issue 3 > ******************************************* > "I swear, I only download the kernel updates!" *cough* Nonetheless... glad to see Playboy giving more than... well, you know what... to the Linux users community. ;) -- "Keep yourselves in the love of God, looking for the mercy of our Lord Jesus Christ unto eternal life." -Jude 1:21

1 0

Jump to page:

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

mirror